Home Explore Help
Sign In
SMusatov
/
flameshot
mirror of https://github.com/flameshot-org/flameshot.git
1
0
Fork 0
Files
Branch: master
Branches Tags
flameshot
/
packaging
/
macos
/
sign_qtapp.sh

sign_qtapp.sh 2.5 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980 
  1. #!/bin/bash
    2. 

  2. # Inspired by
    3. 

  3. # https://localazy.com/blog/how-to-automatically-sign-macos-apps-using-github-actions
    4. 

  4. # https://forum.qt.io/topic/96652/how-to-notarize-qt-application-on-macos/18
    5. 

  5. 

  6. # Get the following variables from the MacOS-pack.yaml:
    7. 

  7. # APP_NAME
    8. 

  8. # APPLE_DEV_IDENTITY
    9. 

  9. # APPLE_DEV_USER
    10. 

  10. # APPLE_DEV_PASS
    11. 

  11. 

  12. # For the Community (if no Apple Developer ID available)
    13. 

  13. if [[ "${APPLE_DEV_IDENTITY}" == "" ]]; then
    14. 

  14.   echo "WARNING: No credentials for signing found"
    15. 

  15.   echo "WARNING: dmg package won't be signed and notarized"
    16. 

  16.   echo "--> Start packaging process"
    17. 

  17.   "$(brew --prefix qt5)/bin/macdeployqt" "${APP_NAME}.app" -dmg
    18. 

  18.   echo "--> Update dmg package links"
    19. 

  19.   "./${HELPERS_SCRIPTS_PATH}/update_package.sh"
    20. 

  20.   exit 0
    21. 

  21. fi
    22. 

  22. 

  23. echo "--> Start application signing process"
    24. 

  24. codesign --sign "${APPLE_DEV_IDENTITY}" --verbose --deep "${APP_NAME}.app"
    25. 

  25. 

  26. echo "--> Start packaging process"
    27. 

  27. "$(brew --prefix qt5)/bin/macdeployqt" "${APP_NAME}.app" -dmg -sign-for-notarization="${APPLE_DEV_IDENTITY}"
    28. 

  28. 

  29. echo "--> Update dmg package links"
    30. 

  30. "./${HELPERS_SCRIPTS_PATH}/update_package.sh"
    31. 

  31. 

  32. echo "--> Start dmg signing process"
    33. 

  33. codesign --sign "${APPLE_DEV_IDENTITY}" --verbose --deep "${APP_NAME}.dmg"
    34. 

  34. 

  35. echo "--> Start Notarization process"
    36. 

  36. response=$(xcrun altool -t osx -f "${APP_NAME}.dmg" --primary-bundle-id "org.namecheap.${APP_NAME}" --notarize-app -u "${APPLE_DEV_USER}" -p "${APPLE_DEV_PASS}")
    37. 

  37. requestUUID=$(echo "${response}" | tr ' ' '\n' | tail -1)
    38. 

  38. 

  39. for ((ATTEMPT=5; ATTEMPT>=1; ATTEMPT--))
    40. 

  40. do
    41. 

  41.   echo "--> Checking notarization status"
    42. 

  42.   statusCheckResponse=$(xcrun altool --notarization-info "${requestUUID}" -u "${APPLE_DEV_USER}" -p "${APPLE_DEV_PASS}")
    43. 

  43. 

  44.   isSuccess=$(echo "${statusCheckResponse}" | grep "success")
    45. 

  45.   isFailure=$(echo "${statusCheckResponse}" | grep "invalid")
    46. 

  46. 

  47.   if [[ "${isSuccess}" != "" ]]; then
    48. 

  48.     echo "Notarization done!"
    49. 

  49.     xcrun stapler staple "${APP_NAME}.dmg"
    50. 

  50.     EXIT_CODE=$?
    51. 

  51.     if [ ${EXIT_CODE} -ne 0 ]; then
    52. 

  52.       echo "Stapler failed!"
    53. 

  53.       exit ${EXIT_CODE}
    54. 

  54.     fi
    55. 

  55.     echo "Stapler done!"
    56. 

  56.     break
    57. 

  57.   fi
    58. 

  58.   if [[ "${isFailure}" != "" ]]; then
    59. 

  59.     echo "${statusCheckResponse}"
    60. 

  60.     echo "Notarization failed"
    61. 

  61.     exit 1
    62. 

  62.   fi
    63. 

  63. 

  64.   echo "Notarization not finished yet, sleep 2m then check again..."
    65. 

  65.   for num in {1..12}
    66. 

  66.   do
    67. 

  67.     sleep 10
    68. 

  68.     echo "Elapsed: ${num}0 sec"
    69. 

  69.   done
    70. 

  70. done
    71. 

  71. 

  72. if [[ "${ATTEMPT}" == 0 ]]; then
    73. 

  73.   export NOTARIZATION_CHECK="false"
    74. 

  74.   echo "::warning Notarization check failed"
    75. 

  75. else
    76. 

  76.   export NOTARIZATION_CHECK="true"
    77. 

  77. fi
    78. 

  78. 

  79. echo "--> Start verify signing process"
    80. 

  80. codesign -dv --verbose=4 "${APP_NAME}.dmg"
    81.