Mercurial > hg > tony

annotate deploy/osx/notarize.sh @ 698:ee97c742d184 tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Default branch is now named default on git as well as hg, in case we ever want to switch to mirroring in the other direction
author Chris Cannam
date Thu, 27 Aug 2020 15:58:43 +0100
parents fe1a77d4aeaa
children
rev   line source
Chris@619 1 #!/bin/bash
Chris@619 2
Chris@619 3 ## The following assumes we have generated an app password at
Chris@619 4 ## appleid.apple.com and then stored it to keychain id "altool" using
Chris@619 5 ## e.g.
Chris@619 6 ## security add-generic-password -a "cannam+apple@all-day-breakfast.com" \
Chris@619 7 ## -w "generated-app-password" -s "altool"
Chris@619 8
Chris@619 9 ## NB to verify:
Chris@619 10 # spctl -a -v "/Applications/Application.app"
Chris@619 11
Chris@619 12 user="cannam+apple@all-day-breakfast.com"
Chris@619 13 bundleid="uk.ac.qmul.eecs.c4dm.Tony"
Chris@619 14
Chris@619 15 set -e
Chris@619 16
Chris@619 17 dmg="$1"
Chris@619 18
Chris@619 19 if [ ! -f "$dmg" ] || [ -n "$2" ]; then
Chris@619 20 echo "Usage: $0 <dmg>"
Chris@619 21 echo " e.g. $0 MyApplication-1.0.dmg"
Chris@619 22 exit 2
Chris@619 23 fi
Chris@619 24
Chris@619 25 set -u
Chris@619 26
Chris@619 27 echo
Chris@619 28 echo "Uploading for notarization..."
Chris@619 29
Chris@619 30 uuidfile=.notarization-uuid
Chris@619 31 rm -f "$uuidfile"
Chris@619 32
Chris@619 33 xcrun altool --notarize-app \
Chris@619 34 -f "$dmg" \
Chris@619 35 --primary-bundle-id "$bundleid" \
Chris@619 36 -u "$user" \
Chris@619 37 -p @keychain:altool 2>&1 | tee "$uuidfile"
Chris@619 38
Chris@619 39 uuid=$(cat "$uuidfile" | grep RequestUUID | awk '{ print $3; }')
Chris@619 40
Chris@619 41 if [ -z "$uuid" ]; then
Chris@619 42 echo
Chris@619 43 echo "Failed (no UUID returned, check output)"
Chris@619 44 exit 1
Chris@619 45 fi
Chris@619 46
Chris@619 47 echo "Done, UUID is $uuid"
Chris@619 48
Chris@619 49 echo
Chris@619 50 echo "Waiting and checking for completion..."
Chris@619 51
Chris@619 52 while true ; do
Chris@619 53 sleep 30
Chris@619 54 status=$(xcrun altool --notarization-info "$uuid" -u "$user" -p @keychain:altool 2>&1)
Chris@619 55 if echo "$status" | grep -q 'Package Approved' ; then
Chris@619 56 echo
Chris@619 57 echo "Approved! Status output is:"
Chris@619 58 echo "$status"
Chris@619 59 break
Chris@619 60 elif echo "$status" | grep -q 'in progress' ; then
Chris@619 61 echo
Chris@619 62 echo "Still in progress... Status output is:"
Chris@619 63 echo "$status"
Chris@619 64 echo "Waiting..."
Chris@619 65 else
Chris@619 66 echo
Chris@619 67 echo "Failure or unknown status in output:"
Chris@619 68 echo "$status"
Chris@619 69 exit 2
Chris@619 70 fi
Chris@619 71 done
Chris@619 72
Chris@619 73 echo
Chris@619 74 echo "Stapling to package..."
Chris@619 75
Chris@619 76 xcrun stapler staple "$dmg" || exit 1
Chris@619 77