annotate deploy/osx/notarize.sh @ 2596:04d381f0d89a tip

Default branch is now named default on git as well as hg, in case we ever want to switch to mirroring in the other direction
author Chris Cannam
date Thu, 27 Aug 2020 15:58:56 +0100 (2020-08-27)
parents ab2d0fe8f0b7
children
rev   line source
Chris@2066 1 #!/bin/bash
Chris@2066 2
Chris@2354 3 ## The following assumes we have generated an app password at
Chris@2354 4 ## appleid.apple.com and then stored it to keychain id "altool" using
Chris@2354 5 ## e.g.
Chris@2354 6 ## security add-generic-password -a "cannam+apple@all-day-breakfast.com" \
Chris@2354 7 ## -w "generated-app-password" -s "altool"
Chris@2354 8
Chris@2374 9 ## NB to verify:
Chris@2374 10 # spctl -a -v "/Applications/Application.app"
Chris@2354 11
Chris@2374 12 user="cannam+apple@all-day-breakfast.com"
Chris@2374 13 bundleid="org.sonicvisualiser.SonicVisualiser"
Chris@2066 14
Chris@2374 15 set -e
Chris@2066 16
Chris@2374 17 dmg="$1"
Chris@2066 18
Chris@2374 19 if [ ! -f "$dmg" ] || [ -n "$2" ]; then
Chris@2374 20 echo "Usage: $0 <dmg>"
Chris@2374 21 echo " e.g. $0 MyApplication-1.0.dmg"
Chris@2374 22 exit 2
Chris@2374 23 fi
Chris@2066 24
Chris@2374 25 set -u
Chris@2066 26
Chris@2374 27 echo
Chris@2374 28 echo "Uploading for notarization..."
Chris@2066 29
Chris@2374 30 uuidfile=.notarization-uuid
Chris@2392 31 statfile=.notarization-status
Chris@2392 32 rm -f "$uuidfile" "$statfile"
Chris@2066 33
Chris@2374 34 xcrun altool --notarize-app \
Chris@2374 35 -f "$dmg" \
Chris@2374 36 --primary-bundle-id "$bundleid" \
Chris@2374 37 -u "$user" \
Chris@2374 38 -p @keychain:altool 2>&1 | tee "$uuidfile"
Chris@2066 39
Chris@2374 40 uuid=$(cat "$uuidfile" | grep RequestUUID | awk '{ print $3; }')
Chris@2374 41
Chris@2374 42 if [ -z "$uuid" ]; then
Chris@2374 43 echo
Chris@2374 44 echo "Failed (no UUID returned, check output)"
Chris@2374 45 exit 1
Chris@2374 46 fi
Chris@2374 47
Chris@2374 48 echo "Done, UUID is $uuid"
Chris@2374 49
Chris@2374 50 echo
Chris@2374 51 echo "Waiting and checking for completion..."
Chris@2374 52
Chris@2374 53 while true ; do
Chris@2374 54 sleep 30
Chris@2392 55
Chris@2392 56 xcrun altool --notarization-info \
Chris@2392 57 "$uuid" \
Chris@2392 58 -u "$user" \
Chris@2392 59 -p @keychain:altool 2>&1 | tee "$statfile"
Chris@2392 60
Chris@2392 61 if grep -q 'Package Approved' "$statfile"; then
Chris@2374 62 echo
Chris@2374 63 echo "Approved! Status output is:"
Chris@2392 64 cat "$statfile"
Chris@2374 65 break
Chris@2392 66 elif grep -q 'in progress' "$statfile" ; then
Chris@2374 67 echo
Chris@2374 68 echo "Still in progress... Status output is:"
Chris@2392 69 cat "$statfile"
Chris@2374 70 echo "Waiting..."
Chris@2374 71 else
Chris@2374 72 echo
Chris@2374 73 echo "Failure or unknown status in output:"
Chris@2392 74 cat "$statfile"
Chris@2374 75 exit 2
Chris@2374 76 fi
Chris@2374 77 done
Chris@2374 78
Chris@2374 79 echo
Chris@2374 80 echo "Stapling to package..."
Chris@2374 81
Chris@2374 82 xcrun stapler staple "$dmg" || exit 1
Chris@2374 83