From 325c47f87bea690c4ba47ac271435f5f642039f8 Mon Sep 17 00:00:00 2001 From: Elias Steurer Date: Thu, 24 Aug 2023 16:17:48 +0200 Subject: [PATCH] Move BuildConfig and BuildResult into dedicated files this fixed the circular dependency in the build_and_publish script than internally imports the macos_sign --- Tools/build.py | 58 ++++---------------------------------- Tools/build_and_publish.py | 6 ++-- Tools/build_config.py | 29 +++++++++++++++++++ Tools/build_result.py | 20 +++++++++++++ Tools/macos_sign.py | 47 ++++++++++++++++-------------- 5 files changed, 85 insertions(+), 75 deletions(-) create mode 100644 Tools/build_config.py create mode 100644 Tools/build_result.py diff --git a/Tools/build.py b/Tools/build.py index 76ba3469..6a91d87d 100755 --- a/Tools/build.py +++ b/Tools/build.py @@ -8,6 +8,8 @@ import argparse import time import zipfile import defines +from build_result import BuildResult +from build_config import BuildConfig from typing import Tuple from pathlib import Path import macos_sign @@ -25,55 +27,6 @@ def clean_build_dir(build_dir): build_dir.mkdir(parents=True, exist_ok=True) -class BuildResult: - # Windows example with absolute paths: - # [...]/build-x64-windows-release/ - build: Path - # [...]/build-x64-windows-release/bin - bin: Path - # [...]/build-x64-windows-release/ScreenPlay-Installer.exe - installer: Path - # [...]/build-x64-windows-release/ScreenPlay-Installer.zip - installer_zip: Path - # [...]/build-x64-windows-release/ScreenPlay-0.X.0-RCX-x64-windows-release.zip - build_zip: Path - # [...]/build-x64-windows-release/ScreenPlay-0.X.0-RCX-x64-windows-release.txt :sha256, needed for scoop - build_hash: Path - # x64, arm64, universal - build_arch: str - - -class BuildConfig: - root_path: str - cmake_osx_architectures: str - cmake_target_triplet: str - package: bool - osx_bundle: str - package_command: str - executable_file_ending: str - # qt_* use either aqt or from the maintenance tool - qt_path: str # C:\Qt - qt_bin_path: str # C:\Qt\6.3.2\msvc2019_64 - qt_version: str - qt_ifw_version: str - ifw_root_path: str - cmake_toolchain_file: str - aqt_install_qt_packages: str - aqt_install_tool_packages: str - executable_file_ending: str - build_folder: str - bin_dir: str - screenplay_version: str - # CMake variables need str: "ON" or "OFF" - build_steam: str - build_tests: str - build_deploy: str - build_type: str - build_architecture: str - create_installer: str - sign_osx: bool - - def execute( build_config: BuildConfig ) -> BuildResult: @@ -114,11 +67,12 @@ def execute( step_time = time.time() build_installer(build_config, build_result) build_installer_duration = time.time() - step_time - print(f"⏱️ build_installer_duration: {build_installer_duration}s") - + print(f"⏱️ build_installer_duration: {build_installer_duration}s") + if platform.system() == "Darwin": if (build_config.sign_osx): - print(f"Sign ScreenPlay-installer.dmg at: {build_config.bin_dir}") + print( + f"Sign ScreenPlay-installer.dmg at: {build_config.bin_dir}") macos_sign.sign_dmg(build_config=build_config) # Create a zip file of the build diff --git a/Tools/build_and_publish.py b/Tools/build_and_publish.py index 3ee955b2..a04b3df6 100644 --- a/Tools/build_and_publish.py +++ b/Tools/build_and_publish.py @@ -9,6 +9,8 @@ from pathlib import Path import platform import paramiko import defines +from build_result import BuildResult +from build_config import BuildConfig from util import sftp_exists, get_latest_git_tag, parse_semver, semver_to_string from sys import stdout @@ -51,9 +53,9 @@ if __name__ == "__main__": print("No git tags found.") exit(-1) - build_result = build.BuildResult() + build_result = BuildResult() - build_config = build.BuildConfig() + build_config = BuildConfig() build_config.qt_version = defines.QT_VERSION build_config.qt_ifw_version = defines.QT_IFW_VERSION build_config.build_steam = "ON" diff --git a/Tools/build_config.py b/Tools/build_config.py new file mode 100644 index 00000000..0241c29b --- /dev/null +++ b/Tools/build_config.py @@ -0,0 +1,29 @@ +class BuildConfig: + root_path: str + cmake_osx_architectures: str + cmake_target_triplet: str + package: bool + osx_bundle: str + package_command: str + executable_file_ending: str + # qt_* use either aqt or from the maintenance tool + qt_path: str # C:\Qt + qt_bin_path: str # C:\Qt\6.3.2\msvc2019_64 + qt_version: str + qt_ifw_version: str + ifw_root_path: str + cmake_toolchain_file: str + aqt_install_qt_packages: str + aqt_install_tool_packages: str + executable_file_ending: str + build_folder: str + bin_dir: str + screenplay_version: str + # CMake variables need str: "ON" or "OFF" + build_steam: str + build_tests: str + build_deploy: str + build_type: str + build_architecture: str + create_installer: str + sign_osx: bool diff --git a/Tools/build_result.py b/Tools/build_result.py new file mode 100644 index 00000000..d253123b --- /dev/null +++ b/Tools/build_result.py @@ -0,0 +1,20 @@ + +from pathlib import Path + + +class BuildResult: + # Windows example with absolute paths: + # [...]/build-x64-windows-release/ + build: Path + # [...]/build-x64-windows-release/bin + bin: Path + # [...]/build-x64-windows-release/ScreenPlay-Installer.exe + installer: Path + # [...]/build-x64-windows-release/ScreenPlay-Installer.zip + installer_zip: Path + # [...]/build-x64-windows-release/ScreenPlay-0.X.0-RCX-x64-windows-release.zip + build_zip: Path + # [...]/build-x64-windows-release/ScreenPlay-0.X.0-RCX-x64-windows-release.txt :sha256, needed for scoop + build_hash: Path + # x64, arm64, universal + build_arch: str diff --git a/Tools/macos_sign.py b/Tools/macos_sign.py index 360dce00..49ba8ce4 100644 --- a/Tools/macos_sign.py +++ b/Tools/macos_sign.py @@ -1,34 +1,32 @@ #!/usr/bin/python3 # SPDX-License-Identifier: LicenseRef-EliasSteurerTachiom OR AGPL-3.0-only -from build import BuildConfig -from util import run +from build_config import BuildConfig +from util import run from sys import stdout -import time - stdout.reconfigure(encoding='utf-8') def sign(build_config: BuildConfig): print("Run codedesign") - #run("codesign -f -s 'Developer ID Application: Elias Steurer (V887LHYKRH)' --verbose --force --timestamp --options 'runtime' -f --entitlements '../../ScreenPlay/entitlements.plist' 'ScreenPlay.app/' ", + # run("codesign -f -s 'Developer ID Application: Elias Steurer (V887LHYKRH)' --verbose --force --timestamp --options 'runtime' -f --entitlements '../../ScreenPlay/entitlements.plist' 'ScreenPlay.app/' ", # cwd=build_config.bin_dir) # Do not use --deep https://developer.apple.com/forums/thread/129980 # base_sign_command = "codesign -s \"Developer ID Application: Elias Steurer (V887LHYKRH)\" --verbose --force --timestamp --options \"runtime\" \"ScreenPlay.app/Contents/MacOS/{app}\"" # run(base_sign_command.format(app="ffmpeg"), cwd=build_config.bin_dir) # run(base_sign_command.format(app="ffprobe"), cwd=build_config.bin_dir) - run("codesign --deep -s \"Developer ID Application: Elias Steurer (V887LHYKRH)\" --verbose --force --timestamp --options \"runtime\" --entitlements \"../../ScreenPlay/entitlements.plist\" \"ScreenPlay.app/\"", + run("codesign --deep -s \"Developer ID Application: Elias Steurer (V887LHYKRH)\" --verbose --force --timestamp --options \"runtime\" --entitlements \"../../ScreenPlay/entitlements.plist\" \"ScreenPlay.app/\"", cwd=build_config.bin_dir) - print("Run codedesign verify") - run("codesign --verify --verbose=4 'ScreenPlay.app/'", + run("codesign --verify --verbose=4 'ScreenPlay.app/'", cwd=build_config.bin_dir) # Note the profile is the one name of the first step of (App Store Connect API) in the macOSSigning.md # xcrun notarytool submit "ScreenPlay.app.zip" --keychain-profile "ScreenPlay" --wait # xcrun stapler staple "ScreenPlay.app" print("Packing .apps for upload") - run("ditto -c -k --keepParent 'ScreenPlay.app' 'ScreenPlay.app.zip'", cwd=build_config.bin_dir) + run("ditto -c -k --keepParent 'ScreenPlay.app' 'ScreenPlay.app.zip'", + cwd=build_config.bin_dir) # run this if you get an error: # `xcrun notarytool log --apple-id "xxxxx@xxxx.com" --password "xxxx-xxxx-xxxx-xxxx" --team-id "xxxxxxxxxxx" ` @@ -36,7 +34,8 @@ def sign(build_config: BuildConfig): # id: xxxxxx-xxxxxx-xxxx-xxxxx-xxxxx # status: Invalid print("Run xcnotary submit") - run("xcrun notarytool submit --keychain-profile 'ScreenPlay' ScreenPlay.app.zip --wait", cwd=build_config.bin_dir) + run("xcrun notarytool submit --keychain-profile 'ScreenPlay' ScreenPlay.app.zip --wait", + cwd=build_config.bin_dir) print("Run stapler staple") run("xcrun stapler staple ScreenPlay.app", cwd=build_config.bin_dir) @@ -46,24 +45,30 @@ def sign(build_config: BuildConfig): print("Remove ScreenPlay.app.zip.") run("rm ScreenPlay.app.zip", cwd=build_config.bin_dir) + def sign_dmg(build_config: BuildConfig): # Sign the DMG run("codesign -f -s \"Developer ID Application: Elias Steurer (V887LHYKRH)\" --timestamp --options \"runtime\" -f --deep \"ScreenPlay-Installer.dmg\"", cwd=build_config.build_folder) - + # Verify the DMG's signature - run("codesign --verify --verbose=4 \"ScreenPlay-Installer.dmg\"", cwd=build_config.build_folder) - + run("codesign --verify --verbose=4 \"ScreenPlay-Installer.dmg\"", + cwd=build_config.build_folder) + # Pack the DMG for notarization - run("ditto -c -k --keepParent ScreenPlay-Installer.dmg ScreenPlay-Installer.dmg.zip", cwd=build_config.build_folder) - + run("ditto -c -k --keepParent ScreenPlay-Installer.dmg ScreenPlay-Installer.dmg.zip", + cwd=build_config.build_folder) + # Notarize the DMG using notarytool - run("xcrun notarytool submit ScreenPlay-Installer.dmg.zip --keychain-profile 'ScreenPlay' --wait", cwd=build_config.build_folder) - + run("xcrun notarytool submit ScreenPlay-Installer.dmg.zip --keychain-profile 'ScreenPlay' --wait", + cwd=build_config.build_folder) + # Staple the notarization ticket to the DMG - run("xcrun stapler staple ScreenPlay-Installer.dmg", cwd=build_config.build_folder) - + run("xcrun stapler staple ScreenPlay-Installer.dmg", + cwd=build_config.build_folder) + # Check the notarization status for the DMG - run("spctl --assess --verbose \"ScreenPlay-Installer.dmg\"", cwd=build_config.build_folder) - + run("spctl --assess --verbose \"ScreenPlay-Installer.dmg\"", + cwd=build_config.build_folder) + # Clean up the zip file run("rm ScreenPlay-Installer.dmg.zip", cwd=build_config.build_folder)