annotate deploy/osx/notarize.sh @ 2354:ec88bcdc5a5b

Update notarization notes
author Chris Cannam
date Wed, 09 Oct 2019 15:29:49 +0100
parents 6e9a125ac5f3
children 9ca6872a5d0f
rev   line source
Chris@2066 1 #!/bin/bash
Chris@2066 2
Chris@2066 3 # This is just a scrapbook for the mo
Chris@2066 4
Chris@2066 5 ## Before this, we need to open Application Loader and log in to the
Chris@2066 6 ## right iTunes Connect account
Chris@2066 7
Chris@2354 8 ## Looks like the workflow has changed to using app-specific
Chris@2354 9 ## passwords, for 2FA reasons. See
Chris@2354 10 ## https://developer.apple.com/documentation/xcode/notarizing_your_app_before_distribution/customizing_the_notarization_workflow?language=objc
Chris@2354 11
Chris@2354 12 ## The following assumes we have generated an app password at
Chris@2354 13 ## appleid.apple.com and then stored it to keychain id "altool" using
Chris@2354 14 ## e.g.
Chris@2354 15 ## security add-generic-password -a "cannam+apple@all-day-breakfast.com" \
Chris@2354 16 ## -w "generated-app-password" -s "altool"
Chris@2354 17
Chris@2354 18 ## todo: script this
Chris@2354 19
Chris@2354 20 # xcrun altool --notarize-app -f "Sonic Visualiser-4.0-pre2.dmg" --primary-bundle-id org.sonicvisualiser.SonicVisualiser -u "cannam+apple@all-day-breakfast.com" -p @keychain:altool
Chris@2066 21
Chris@2066 22 ## That churns for a while and then dumps out a UUID
Chris@2066 23
Chris@2354 24 # xcrun altool --notarization-info UUID -u "cannam+apple@all-day-breakfast.com" -p @keychain:altool
Chris@2066 25
Chris@2066 26 ## Returns "in progress" at first, then eventually a failure report
Chris@2066 27 ## with a URL that can be retrieved as JSON payload using wget. An
Chris@2066 28 ## email is also sent to the iTunes Connect account holder when it
Chris@2066 29 ## completes
Chris@2066 30
Chris@2066 31 # xcrun stapler staple -v "Sonic Visualiser-3.2.dmg"
Chris@2066 32
Chris@2066 33 # spctl -a -v "/Applications/Sonic Visualiser.app"
Chris@2066 34
Chris@2066 35
Chris@2066 36