Chris@619: #!/bin/bash Chris@619: Chris@619: ## The following assumes we have generated an app password at Chris@619: ## appleid.apple.com and then stored it to keychain id "altool" using Chris@619: ## e.g. Chris@619: ## security add-generic-password -a "cannam+apple@all-day-breakfast.com" \ Chris@619: ## -w "generated-app-password" -s "altool" Chris@619: Chris@619: ## NB to verify: Chris@619: # spctl -a -v "/Applications/Application.app" Chris@619: Chris@619: user="cannam+apple@all-day-breakfast.com" Chris@619: bundleid="uk.ac.qmul.eecs.c4dm.Tony" Chris@619: Chris@619: set -e Chris@619: Chris@619: dmg="$1" Chris@619: Chris@619: if [ ! -f "$dmg" ] || [ -n "$2" ]; then Chris@619: echo "Usage: $0 " Chris@619: echo " e.g. $0 MyApplication-1.0.dmg" Chris@619: exit 2 Chris@619: fi Chris@619: Chris@619: set -u Chris@619: Chris@619: echo Chris@619: echo "Uploading for notarization..." Chris@619: Chris@619: uuidfile=.notarization-uuid Chris@619: rm -f "$uuidfile" Chris@619: Chris@619: xcrun altool --notarize-app \ Chris@619: -f "$dmg" \ Chris@619: --primary-bundle-id "$bundleid" \ Chris@619: -u "$user" \ Chris@619: -p @keychain:altool 2>&1 | tee "$uuidfile" Chris@619: Chris@619: uuid=$(cat "$uuidfile" | grep RequestUUID | awk '{ print $3; }') Chris@619: Chris@619: if [ -z "$uuid" ]; then Chris@619: echo Chris@619: echo "Failed (no UUID returned, check output)" Chris@619: exit 1 Chris@619: fi Chris@619: Chris@619: echo "Done, UUID is $uuid" Chris@619: Chris@619: echo Chris@619: echo "Waiting and checking for completion..." Chris@619: Chris@619: while true ; do Chris@619: sleep 30 Chris@619: status=$(xcrun altool --notarization-info "$uuid" -u "$user" -p @keychain:altool 2>&1) Chris@619: if echo "$status" | grep -q 'Package Approved' ; then Chris@619: echo Chris@619: echo "Approved! Status output is:" Chris@619: echo "$status" Chris@619: break Chris@619: elif echo "$status" | grep -q 'in progress' ; then Chris@619: echo Chris@619: echo "Still in progress... Status output is:" Chris@619: echo "$status" Chris@619: echo "Waiting..." Chris@619: else Chris@619: echo Chris@619: echo "Failure or unknown status in output:" Chris@619: echo "$status" Chris@619: exit 2 Chris@619: fi Chris@619: done Chris@619: Chris@619: echo Chris@619: echo "Stapling to package..." Chris@619: Chris@619: xcrun stapler staple "$dmg" || exit 1 Chris@619: