Mercurial > hg > sonic-visualiser

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/deploy/osx/deploy-and-package.sh	Wed Oct 16 13:50:06 2019 +0100
@@ -0,0 +1,74 @@
+#!/bin/bash
+
+set -eu
+
+app="Sonic Visualiser"
+
+version=`perl -p -e 's/^[^"]*"([^"]*)".*$/$1/' version.h`
+
+source="$app.app"
+volume="$app"-"$version"
+target="$volume"/"$app".app
+dmg="$app"-"$version".dmg
+
+if [ -d "$volume" ]; then
+    echo "Target directory $volume already exists, not overwriting"
+    exit 2
+fi
+
+if [ -f "$dmg" ]; then
+    echo "Target disc image $dmg already exists, not overwriting"
+    exit 2
+fi
+
+echo
+echo "(Re-)running deploy script..."
+
+deploy/osx/deploy.sh "$app" || exit 1
+
+echo
+echo "Making target tree."
+
+mkdir "$volume" || exit 1
+
+ln -s /Applications "$volume"/Applications
+cp README.md "$volume/README.txt"
+cp README.OSC "$volume/README-OSC.txt"
+cp COPYING "$volume/COPYING.txt"
+cp CHANGELOG "$volume/CHANGELOG.txt"
+cp CITATION "$volume/CITATION.txt"
+cp -rp "$source" "$target"
+
+# update file timestamps so as to make the build date apparent
+find "$volume" -exec touch \{\} \;
+
+echo "Done"
+
+echo
+echo "Code-signing volume..."
+
+deploy/osx/sign.sh "$volume" || exit 1
+
+echo "Done"
+
+echo
+echo "Making dmg..."
+
+rm -f "$dmg"
+
+hdiutil create -srcfolder "$volume" "$dmg" -volname "$volume" -fs HFS+ &&
+	rm -r "$volume"
+
+echo "Done"
+
+echo
+echo "Signing dmg..."
+
+codesign -s "Developer ID Application: Chris Cannam" -fv "$dmg"
+
+echo
+echo "Submitting dmg for notarization..."
+
+deploy/osx/notarize.sh "$dmg" || exit 1
+
+echo "Done"
--- a/deploy/osx/deploy.sh	Wed Oct 16 13:05:51 2019 +0100
+++ b/deploy/osx/deploy.sh	Wed Oct 16 13:50:06 2019 +0100
@@ -3,20 +3,23 @@
 set -e

 # Execute this from the top-level directory of the project (the one
-# that contains the .app bundle).  Supply the name of the .app bundle
-# as argument (the target will use $app.app regardless, but we need
-# to know the source)
+# that contains the .app bundle).  Supply the name of the application
+# as argument.
+#
+# This now performs *only* the app deployment step - copying in
+# libraries and setting up paths etc. It does not create a
+# package. Use deploy-and-package.sh for that.

-source="$1"
-dmg="$2"
-if [ -z "$source" ] || [ ! -d "$source" ] || [ -z "$dmg" ]; then
-	echo "Usage: $0 <source.app> <target-dmg-basename>"
-	echo "  e.g. $0 MyApplication.app MyApplication"
- 	echo "  Version number and .dmg will be appended automatically,"
-        echo "  but the .app name must include .app"
+app="$1"
+source="$app.app"
+
+if [ -z "$app" ] || [ ! -d "$source" ] || [ -n "$2" ]; then
+	echo "Usage: $0 <app>"
+	echo "  e.g. $0 MyApplication"
+ 	echo "  The app bundle must exist in ./<app>.app."
+	echo "  Version number will be extracted from version.h."
 	exit 2
 fi
-app=`basename "$source" .app`

 set -u

@@ -54,6 +57,10 @@
 cp piper-vamp-simple-server "$source"/Contents/MacOS/

 echo
+echo "Copying in lproj directories containing InfoPlist.strings translation files."
+cp -r i18n/*.lproj "$source"/Contents/Resources/
+
+echo
 echo "Writing version $bundleVersion in to bundle."
 echo "(This should be a three-part number: major.minor.point)"

@@ -61,49 +68,3 @@
     > "$source"/Contents/Info.plist

 echo "Done: check $source/Contents/Info.plist for sanity please"
-
-echo
-echo "Copying in lproj directories containing InfoPlist.strings translation files."
-cp -r i18n/*.lproj "$source"/Contents/Resources/
-
-echo
-echo "Making target tree."
-
-volume="$app"-"$version"
-target="$volume"/"$app".app
-dmg="$dmg"-"$version".dmg
-
-mkdir "$volume" || exit 1
-
-ln -s /Applications "$volume"/Applications
-cp README.md "$volume/README.txt"
-cp README.OSC "$volume/README-OSC.txt"
-cp COPYING "$volume/COPYING.txt"
-cp CHANGELOG "$volume/CHANGELOG.txt"
-cp CITATION "$volume/CITATION.txt"
-cp -rp "$source" "$target"
-
-# update file timestamps so as to make the build date apparent
-find "$volume" -exec touch \{\} \;
-
-echo "Done"
-
-echo
-echo "Code-signing volume..."
-
-deploy/osx/sign.sh "$volume" || exit 1
-
-echo "Done"
-
-echo
-echo "Making dmg..."
-
-hdiutil create -srcfolder "$volume" "$dmg" -volname "$volume" -fs HFS+ &&
-	rm -r "$volume"
-
-echo
-echo "Signing dmg..."
-
-codesign -s "Developer ID Application: Chris Cannam" -fv "$dmg"
-
-echo "Done"
--- a/deploy/osx/notarize.sh	Wed Oct 16 13:05:51 2019 +0100
+++ b/deploy/osx/notarize.sh	Wed Oct 16 13:50:06 2019 +0100
@@ -1,36 +1,77 @@
 #!/bin/bash

-# This is just a scrapbook for the mo
-
-## Before this, we need to open Application Loader and log in to the
-## right iTunes Connect account
-
-## Looks like the workflow has changed to using app-specific
-## passwords, for 2FA reasons.  See
-## https://developer.apple.com/documentation/xcode/notarizing_your_app_before_distribution/customizing_the_notarization_workflow?language=objc
-
 ## The following assumes we have generated an app password at
 ## appleid.apple.com and then stored it to keychain id "altool" using
 ## e.g.
 ## security add-generic-password -a "cannam+apple@all-day-breakfast.com" \
 ##   -w "generated-app-password" -s "altool"

-## todo: script this
+## NB to verify:
+# spctl -a -v "/Applications/Application.app"

-# xcrun altool --notarize-app -f "Sonic Visualiser-4.0-pre2.dmg" --primary-bundle-id org.sonicvisualiser.SonicVisualiser -u "cannam+apple@all-day-breakfast.com" -p @keychain:altool
+user="cannam+apple@all-day-breakfast.com"
+bundleid="org.sonicvisualiser.SonicVisualiser"

-## That churns for a while and then dumps out a UUID
+set -e

-# xcrun altool --notarization-info UUID -u "cannam+apple@all-day-breakfast.com" -p @keychain:altool
+dmg="$1"

-## Returns "in progress" at first, then eventually a failure report
-## with a URL that can be retrieved as JSON payload using wget. An
-## email is also sent to the iTunes Connect account holder when it
-## completes
+if [ ! -f "$dmg" ] || [ -n "$2" ]; then
+    echo "Usage: $0 <dmg>"
+    echo "  e.g. $0 MyApplication-1.0.dmg"
+    exit 2
+fi

-# xcrun stapler staple -v "Sonic Visualiser-3.2.dmg"
+set -u

-# spctl -a -v "/Applications/Sonic Visualiser.app"
+echo
+echo "Uploading for notarization..."

+uuidfile=.notarization-uuid
+rm -f "$uuidfile"

+xcrun altool --notarize-app \
+    -f "$dmg" \
+    --primary-bundle-id "$bundleid" \
+    -u "$user" \
+    -p @keychain:altool 2>&1 | tee "$uuidfile"

+uuid=$(cat "$uuidfile" | grep RequestUUID | awk '{ print $3; }')
+
+if [ -z "$uuid" ]; then
+    echo
+    echo "Failed (no UUID returned, check output)"
+    exit 1
+fi
+
+echo "Done, UUID is $uuid"
+
+echo
+echo "Waiting and checking for completion..."
+
+while true ; do
+    sleep 30
+    status=$(xcrun altool --notarization-info "$uuid" -u "$user" -p @keychain:altool 2>&1)
+    if echo "$status" | grep -q 'Package Approved' ; then
+	echo
+	echo "Approved! Status output is:"
+	echo "$status"
+	break
+    elif echo "$status" | grep -q 'in progress' ; then
+	echo
+	echo "Still in progress... Status output is:"
+	echo "$status"
+	echo "Waiting..."
+    else
+	echo
+	echo "Failure or unknown status in output:"
+	echo "$status"
+	exit 2
+    fi
+done
+
+echo
+echo "Stapling to package..."
+
+xcrun stapler staple "$dmg" || exit 1
+
--- a/deploy/osx/sign.sh	Wed Oct 16 13:05:51 2019 +0100
+++ b/deploy/osx/sign.sh	Wed Oct 16 13:50:06 2019 +0100
@@ -23,8 +23,5 @@
     done
     codesign -s "Developer ID Application: Chris Cannam" -fv --deep "$app/Contents/MacOS/Sonic Visualiser"
     codesign -s "Developer ID Application: Chris Cannam" -fv --deep "$app"
-#    codesign -s "Developer ID Application: Chris Cannam" -fv --deep \
-#         --requirements '=designated =>  identifier "org.sonicvisualiser.SonicVisualiser" and ( (anchor apple generic and    certificate leaf[field.1.2.840.113635.100.6.1.9] ) or (anchor apple generic and    certificate 1[field.1.2.840.113635.100.6.2.6]  and    certificate leaf[field.1.2.840.113635.100.6.1.13] and    certificate leaf[subject.OU] = "M2H8666U82"))' \
-#         "$app"
 done