Chris@100: #!/bin/bash 
Chris@62: 
Chris@437: set -eu
Chris@437: 
Chris@62: # Execute this from the top-level directory of the project (the one
Chris@62: # that contains the .app bundle).  Supply the name of the .app bundle
Chris@62: # as argument
Chris@62: dir="$1"
Chris@62: if [ -z "$dir" ] || [ ! -d "$dir" ]; then
Chris@62: 	echo "Usage: $0 <pkgdir>"
Chris@62: 	echo "Where pkgdir is the directory containing <MyApplication>.app"
Chris@62: 	echo "All .app bundles in pkgdir will be signed"
Chris@62: 	exit 2
Chris@62: fi
Chris@544: 
Chris@589: if /bin/false; then
cannam@567: 
Chris@589:     echo
Chris@589:     echo "Experimentally attempting sandboxing + hardened runtime (this won't work)"
Chris@589:     echo
Chris@589: 
Chris@589:     entitlements=deploy/osx/Entitlements.plist
Chris@589: 
Chris@589:     for app in "$dir"/*.app; do
Chris@589: 	find "$app" -name \*.dylib -print | while read fr; do
Chris@589: 	    codesign -s "Developer ID Application: Chris Cannam" -fv --deep --options runtime "$fr"
Chris@589: 	done
Chris@589: 	codesign -s "Developer ID Application: Chris Cannam" -fv --deep --options runtime --entitlements "$entitlements" "$app/Contents/MacOS/Tony"
Chris@589: 	codesign -s "Developer ID Application: Chris Cannam" -fv --deep --options runtime --entitlements "$entitlements" "$app"
Chris@100:     done
Chris@62: 
Chris@589: else
Chris@589: 
Chris@589:     echo
Chris@589:     echo "Not applying sandboxing or hardened runtime"
Chris@589:     echo
Chris@589: 
Chris@589:     for app in "$dir"/*.app; do
Chris@589: 	find "$app" -name \*.dylib -print | while read fr; do
Chris@589: 	    codesign -s "Developer ID Application: Chris Cannam" -fv --deep "$fr"
Chris@589: 	done
Chris@589: 	codesign -s "Developer ID Application: Chris Cannam" -fv --deep "$app/Contents/MacOS/Tony"
Chris@589: 	codesign -s "Developer ID Application: Chris Cannam" -fv --deep "$app"
Chris@589:     done
Chris@589: 
Chris@589: fi
Chris@589: