forked from joejulian/gio-cmd
gogio: [macOS] add notarizing
Now, it's possible to notarize the app, using -notaryid, -notarypass and -notaryteamid flags. Those flags are similar to -signkey and -signpass. Signed-off-by: inkeliz <inkeliz@inkeliz.com>
This commit is contained in:
+32
-26
@@ -12,19 +12,22 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
type buildInfo struct {
|
type buildInfo struct {
|
||||||
appID string
|
appID string
|
||||||
archs []string
|
archs []string
|
||||||
ldflags string
|
ldflags string
|
||||||
minsdk int
|
minsdk int
|
||||||
name string
|
name string
|
||||||
pkgDir string
|
pkgDir string
|
||||||
pkgPath string
|
pkgPath string
|
||||||
iconPath string
|
iconPath string
|
||||||
tags string
|
tags string
|
||||||
target string
|
target string
|
||||||
version int
|
version int
|
||||||
key string
|
key string
|
||||||
password string
|
password string
|
||||||
|
notaryAppleID string
|
||||||
|
notaryPassword string
|
||||||
|
notaryTeamID string
|
||||||
}
|
}
|
||||||
|
|
||||||
func newBuildInfo(pkgPath string) (*buildInfo, error) {
|
func newBuildInfo(pkgPath string) (*buildInfo, error) {
|
||||||
@@ -42,19 +45,22 @@ func newBuildInfo(pkgPath string) (*buildInfo, error) {
|
|||||||
appName = *name
|
appName = *name
|
||||||
}
|
}
|
||||||
bi := &buildInfo{
|
bi := &buildInfo{
|
||||||
appID: appID,
|
appID: appID,
|
||||||
archs: getArchs(),
|
archs: getArchs(),
|
||||||
ldflags: getLdFlags(appID),
|
ldflags: getLdFlags(appID),
|
||||||
minsdk: *minsdk,
|
minsdk: *minsdk,
|
||||||
name: appName,
|
name: appName,
|
||||||
pkgDir: pkgMetadata.Dir,
|
pkgDir: pkgMetadata.Dir,
|
||||||
pkgPath: pkgPath,
|
pkgPath: pkgPath,
|
||||||
iconPath: appIcon,
|
iconPath: appIcon,
|
||||||
tags: *extraTags,
|
tags: *extraTags,
|
||||||
target: *target,
|
target: *target,
|
||||||
version: *version,
|
version: *version,
|
||||||
key: *signKey,
|
key: *signKey,
|
||||||
password: *signPass,
|
password: *signPass,
|
||||||
|
notaryAppleID: *notaryID,
|
||||||
|
notaryPassword: *notaryPass,
|
||||||
|
notaryTeamID: *notaryTeamID,
|
||||||
}
|
}
|
||||||
return bi, nil
|
return bi, nil
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -68,4 +68,13 @@ The -signkey flag specifies the path of the keystore, used for signing Android a
|
|||||||
or specifies the name of key on Keychain to sign MacOS app.
|
or specifies the name of key on Keychain to sign MacOS app.
|
||||||
|
|
||||||
The -signpass flag specifies the password of the keystore, ignored if -signkey is not provided.
|
The -signpass flag specifies the password of the keystore, ignored if -signkey is not provided.
|
||||||
|
|
||||||
|
The -notaryid flag specifies the Apple ID to use for notarization of MacOS app.
|
||||||
|
|
||||||
|
The -notarypass flag specifies the password of the Apple ID, ignored if -notaryid is not
|
||||||
|
provided. That must be an app-specific password, see https://support.apple.com/en-us/HT204397
|
||||||
|
for details. If not provided, the password will be prompted.
|
||||||
|
|
||||||
|
The -notaryteamid flag specifies the team ID to use for notarization of MacOS app, ignored if
|
||||||
|
-notaryid is not provided.
|
||||||
`
|
`
|
||||||
|
|||||||
+27
-2
@@ -56,11 +56,17 @@ func buildMac(tmpDir string, bi *buildInfo) error {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := dittozip(tmpDest, finalDest+".zip"); err != nil {
|
if err := dittozip(tmpDest, tmpDest+".zip"); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := dittounzip(finalDest+".zip", finalDest); err != nil {
|
if bi.notaryAppleID != "" {
|
||||||
|
if err := builder.notarize(bi, tmpDest+".zip"); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := dittounzip(tmpDest+".zip", finalDest); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -222,6 +228,25 @@ func (b *macBuilder) signProgram(buildInfo *buildInfo, binDest string, name stri
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (b *macBuilder) notarize(buildInfo *buildInfo, binDest string) error {
|
||||||
|
cmd := exec.Command(
|
||||||
|
"xcrun",
|
||||||
|
"notarytool",
|
||||||
|
"submit",
|
||||||
|
binDest,
|
||||||
|
"--apple-id", buildInfo.notaryAppleID,
|
||||||
|
"--team-id", buildInfo.notaryTeamID,
|
||||||
|
"--wait",
|
||||||
|
)
|
||||||
|
|
||||||
|
if buildInfo.notaryPassword != "" {
|
||||||
|
cmd.Args = append(cmd.Args, "--password", buildInfo.notaryPassword)
|
||||||
|
}
|
||||||
|
|
||||||
|
_, err := runCmd(cmd)
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
func dittozip(input, output string) error {
|
func dittozip(input, output string) error {
|
||||||
cmd := exec.Command("ditto", "-c", "-k", "-X", "--rsrc", input, output)
|
cmd := exec.Command("ditto", "-c", "-k", "-X", "--rsrc", input, output)
|
||||||
|
|
||||||
|
|||||||
@@ -38,6 +38,9 @@ var (
|
|||||||
iconPath = flag.String("icon", "", "specify an icon for iOS and Android")
|
iconPath = flag.String("icon", "", "specify an icon for iOS and Android")
|
||||||
signKey = flag.String("signkey", "", "specify the path of the keystore to be used to sign Android apk files.")
|
signKey = flag.String("signkey", "", "specify the path of the keystore to be used to sign Android apk files.")
|
||||||
signPass = flag.String("signpass", "", "specify the password to decrypt the signkey.")
|
signPass = flag.String("signpass", "", "specify the password to decrypt the signkey.")
|
||||||
|
notaryID = flag.String("notaryid", "", "specify the apple id to use for notarization.")
|
||||||
|
notaryPass = flag.String("notarypass", "", "specify app-specific password of the Apple ID to be used for notarization.")
|
||||||
|
notaryTeamID = flag.String("notaryteamid", "", "specify the team id to use for notarization.")
|
||||||
)
|
)
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
|
|||||||
Reference in New Issue
Block a user