diff --git a/gogio/build_info.go b/gogio/build_info.go index e2a7706..19b867f 100644 --- a/gogio/build_info.go +++ b/gogio/build_info.go @@ -12,19 +12,22 @@ import ( ) type buildInfo struct { - appID string - archs []string - ldflags string - minsdk int - name string - pkgDir string - pkgPath string - iconPath string - tags string - target string - version int - key string - password string + appID string + archs []string + ldflags string + minsdk int + name string + pkgDir string + pkgPath string + iconPath string + tags string + target string + version int + key string + password string + notaryAppleID string + notaryPassword string + notaryTeamID string } func newBuildInfo(pkgPath string) (*buildInfo, error) { @@ -42,19 +45,22 @@ func newBuildInfo(pkgPath string) (*buildInfo, error) { appName = *name } bi := &buildInfo{ - appID: appID, - archs: getArchs(), - ldflags: getLdFlags(appID), - minsdk: *minsdk, - name: appName, - pkgDir: pkgMetadata.Dir, - pkgPath: pkgPath, - iconPath: appIcon, - tags: *extraTags, - target: *target, - version: *version, - key: *signKey, - password: *signPass, + appID: appID, + archs: getArchs(), + ldflags: getLdFlags(appID), + minsdk: *minsdk, + name: appName, + pkgDir: pkgMetadata.Dir, + pkgPath: pkgPath, + iconPath: appIcon, + tags: *extraTags, + target: *target, + version: *version, + key: *signKey, + password: *signPass, + notaryAppleID: *notaryID, + notaryPassword: *notaryPass, + notaryTeamID: *notaryTeamID, } return bi, nil } diff --git a/gogio/help.go b/gogio/help.go index 625c13d..2561c2b 100644 --- a/gogio/help.go +++ b/gogio/help.go @@ -68,4 +68,13 @@ The -signkey flag specifies the path of the keystore, used for signing Android a or specifies the name of key on Keychain to sign MacOS app. The -signpass flag specifies the password of the keystore, ignored if -signkey is not provided. + +The -notaryid flag specifies the Apple ID to use for notarization of MacOS app. + +The -notarypass flag specifies the password of the Apple ID, ignored if -notaryid is not +provided. That must be an app-specific password, see https://support.apple.com/en-us/HT204397 +for details. If not provided, the password will be prompted. + +The -notaryteamid flag specifies the team ID to use for notarization of MacOS app, ignored if +-notaryid is not provided. ` diff --git a/gogio/macosbuild.go b/gogio/macosbuild.go index a5f3e88..88e9463 100644 --- a/gogio/macosbuild.go +++ b/gogio/macosbuild.go @@ -56,11 +56,17 @@ func buildMac(tmpDir string, bi *buildInfo) error { } } - if err := dittozip(tmpDest, finalDest+".zip"); err != nil { + if err := dittozip(tmpDest, tmpDest+".zip"); err != nil { return err } - if err := dittounzip(finalDest+".zip", finalDest); err != nil { + if bi.notaryAppleID != "" { + if err := builder.notarize(bi, tmpDest+".zip"); err != nil { + return err + } + } + + if err := dittounzip(tmpDest+".zip", finalDest); err != nil { return err } } @@ -222,6 +228,25 @@ func (b *macBuilder) signProgram(buildInfo *buildInfo, binDest string, name stri return err } +func (b *macBuilder) notarize(buildInfo *buildInfo, binDest string) error { + cmd := exec.Command( + "xcrun", + "notarytool", + "submit", + binDest, + "--apple-id", buildInfo.notaryAppleID, + "--team-id", buildInfo.notaryTeamID, + "--wait", + ) + + if buildInfo.notaryPassword != "" { + cmd.Args = append(cmd.Args, "--password", buildInfo.notaryPassword) + } + + _, err := runCmd(cmd) + return err +} + func dittozip(input, output string) error { cmd := exec.Command("ditto", "-c", "-k", "-X", "--rsrc", input, output) diff --git a/gogio/main.go b/gogio/main.go index d3e31f7..a0c382f 100644 --- a/gogio/main.go +++ b/gogio/main.go @@ -38,6 +38,9 @@ var ( iconPath = flag.String("icon", "", "specify an icon for iOS and Android") signKey = flag.String("signkey", "", "specify the path of the keystore to be used to sign Android apk files.") signPass = flag.String("signpass", "", "specify the password to decrypt the signkey.") + notaryID = flag.String("notaryid", "", "specify the apple id to use for notarization.") + notaryPass = flag.String("notarypass", "", "specify app-specific password of the Apple ID to be used for notarization.") + notaryTeamID = flag.String("notaryteamid", "", "specify the team id to use for notarization.") ) func main() {