mirror of
https://gitlab.com/kelteseth/ScreenPlay.git
synced 2024-11-25 12:13:00 +01:00
WIP add macos dmg signing
This commit is contained in:
parent
3657ebb026
commit
0cd141a12b
@ -22,7 +22,7 @@ function(copy_recursive SOURCE_PATH DESTINATION_PATH REGEX)
|
|||||||
file(RELATIVE_PATH RELATIVE_FILE_PATH ${SOURCE_PATH} ${file})
|
file(RELATIVE_PATH RELATIVE_FILE_PATH ${SOURCE_PATH} ${file})
|
||||||
get_filename_component(FOLDER ${RELATIVE_FILE_PATH} DIRECTORY ${SOURCE_PATH})
|
get_filename_component(FOLDER ${RELATIVE_FILE_PATH} DIRECTORY ${SOURCE_PATH})
|
||||||
file(MAKE_DIRECTORY ${DESTINATION_PATH}/${FOLDER} )
|
file(MAKE_DIRECTORY ${DESTINATION_PATH}/${FOLDER} )
|
||||||
message(STATUS "${file} - ${DESTINATION_PATH}/${RELATIVE_FILE_PATH}")
|
#message(STATUS "${file} - ${DESTINATION_PATH}/${RELATIVE_FILE_PATH}")
|
||||||
configure_file(${file} "${DESTINATION_PATH}/${RELATIVE_FILE_PATH}" COPYONLY)
|
configure_file(${file} "${DESTINATION_PATH}/${RELATIVE_FILE_PATH}" COPYONLY)
|
||||||
endforeach()
|
endforeach()
|
||||||
|
|
||||||
|
@ -119,4 +119,24 @@ Run the follwoing if you get an signing error:
|
|||||||
Error: HTTP status code: 403. A required agreement is missing or has expired. This request requires an in-effect agreement that has not been signed or has expired. Ensure your team has signed the necessary legal agreements and that they are not expired.
|
Error: HTTP status code: 403. A required agreement is missing or has expired. This request requires an in-effect agreement that has not been signed or has expired. Ensure your team has signed the necessary legal agreements and that they are not expired.
|
||||||
```
|
```
|
||||||
|
|
||||||
Go to [appstoreconnect.apple.com](https://appstoreconnect.apple.com) and accept the updated 'Apple Developer Program License Agreement'.
|
Go to [appstoreconnect.apple.com](https://appstoreconnect.apple.com) and accept the updated 'Apple Developer Program License Agreement'.
|
||||||
|
|
||||||
|
## Dmg signing
|
||||||
|
Ensure you have both a Developer ID Application certificate and a Developer ID Installer certificate in your Keychain. You can check this in the Keychain Access app.
|
||||||
|
- Developer ID Application Certificate:
|
||||||
|
- Used for code signing the application itself. This ensures that the app is from a known developer and hasn't been tampered with since it was signed.
|
||||||
|
- Developer ID Installer Certificate:
|
||||||
|
- Used specifically for signing installer packages like PKG files or disk images (DMGs). This is separate from the application certificate and is specifically for the installer.
|
||||||
|
1. Check Your Certificates at https://developer.apple.com/account/resources/certificates/list and create a new one `Mac Installer Distribution
|
||||||
|
This certificate is used to sign your app's Installer Package for submission to the Mac App Store.`
|
||||||
|
2. `Upload a Certificate Signing Request`. To manually generate a Certificate, you need a Certificate Signing Request (CSR) file from your Mac. https://developer.apple.com/help/account/create-certificates/create-a-certificate-signing-request
|
||||||
|
1. Launch Keychain Access located in /Applications/Utilities.
|
||||||
|
1. Choose Keychain Access > Certificate Assistant > Request a Certificate from a Certificate Authority.
|
||||||
|
1. In the Certificate Assistant dialog, enter an email address in the User Email Address field.
|
||||||
|
1. In the Common Name field, enter a name for the key (for example, Gita Kumar Dev Key).
|
||||||
|
1. Leave the CA Email Address field empty.
|
||||||
|
1. Choose “Saved to disk,” call it something like `CertificateSigningRequest_Tachiom_Installer_Certificate` then click Continue.
|
||||||
|
3. Download the new certificate
|
||||||
|
4. Download your certificate to your Mac, then double click the .cer file to install in Keychain Access. IMPORTANT: Select `Keychan: Login` in the dropdown! Make sure to save a backup copy of your private and public keys somewhere secure.
|
||||||
|
- The "login" keychain is tied to your user account and unlocks when you log in, making it a convenient location for development-related certificates. The "System" keychain is more restrictive and requires admin permissions for access, while the "Local Items" keychain is specific to iCloud Keychain items.
|
||||||
|
5. This should now be displayed like `3rd Party Mac Developer Installer: Elias Steurer (V887LHYKRH)` and be valid one year.
|
@ -78,10 +78,26 @@ def execute(
|
|||||||
print(f"⏱️ build_installer_duration: {build_installer_duration}s")
|
print(f"⏱️ build_installer_duration: {build_installer_duration}s")
|
||||||
|
|
||||||
if platform.system() == "Darwin":
|
if platform.system() == "Darwin":
|
||||||
|
# TODO FIX installer signing
|
||||||
|
return
|
||||||
if (build_config.sign_osx):
|
if (build_config.sign_osx):
|
||||||
|
# Base directory
|
||||||
|
base_dir = Path(build_config.build_folder)
|
||||||
|
|
||||||
|
# Paths for the original and new filenames
|
||||||
|
original_file = base_dir / 'ScreenPlay-Installer-ScreenPlayComponent.dmg'
|
||||||
|
new_file = base_dir / 'ScreenPlay-Installer.dmg'
|
||||||
|
|
||||||
|
# Renaming the file
|
||||||
|
try:
|
||||||
|
original_file.rename(new_file)
|
||||||
|
print(f"File renamed successfully to {new_file}")
|
||||||
|
except OSError as error:
|
||||||
|
print(f"Error: {error}")
|
||||||
|
|
||||||
print(
|
print(
|
||||||
f"Sign ScreenPlay-installer.dmg at: {build_config.bin_dir}")
|
f"Sign ScreenPlay-installer.dmg at: {new_file}")
|
||||||
macos_sign.sign_dmg(build_config=build_config)
|
macos_sign.sign_dmg(build_config)
|
||||||
|
|
||||||
# Create a zip file of the build
|
# Create a zip file of the build
|
||||||
if platform.system() != "Darwin":
|
if platform.system() != "Darwin":
|
||||||
|
@ -48,7 +48,7 @@ def sign(build_config: BuildConfig):
|
|||||||
|
|
||||||
def sign_dmg(build_config: BuildConfig):
|
def sign_dmg(build_config: BuildConfig):
|
||||||
# Sign the DMG
|
# Sign the DMG
|
||||||
run("codesign -f -s \"Developer ID Application: Elias Steurer (V887LHYKRH)\" --timestamp --options \"runtime\" -f --deep \"ScreenPlay-Installer.dmg\"", cwd=build_config.build_folder)
|
run("codesign -f -s \"3rd Party Mac Developer Installer: Elias Steurer (V887LHYKRH)\" --timestamp -f --deep \"ScreenPlay-Installer.dmg\"", cwd=build_config.build_folder)
|
||||||
|
|
||||||
# Verify the DMG's signature
|
# Verify the DMG's signature
|
||||||
run("codesign --verify --verbose=4 \"ScreenPlay-Installer.dmg\"",
|
run("codesign --verify --verbose=4 \"ScreenPlay-Installer.dmg\"",
|
||||||
|
Loading…
Reference in New Issue
Block a user