[16776] | 1 | #!/bin/bash
|
---|
| 2 |
|
---|
| 3 | set -Eeou pipefail
|
---|
| 4 |
|
---|
| 5 | # Don't show one time passwords
|
---|
| 6 | set +x
|
---|
| 7 |
|
---|
| 8 | SIGNING_KEY_NAME="Developer ID Application: FOSSGIS e.V. (P8AAAGN2AM)"
|
---|
| 9 | IMPORT_AND_UNLOCK_KEYCHAIN=${IMPORT_AND_UNLOCK_KEYCHAIN:-1}
|
---|
| 10 |
|
---|
| 11 | if [ -z "${1-}" ]
|
---|
| 12 | then
|
---|
| 13 | echo "Usage: $0 josm_revision"
|
---|
| 14 | exit 1
|
---|
| 15 | fi
|
---|
| 16 |
|
---|
| 17 | echo "Building JOSM.app"
|
---|
| 18 |
|
---|
| 19 | jpackage -n "JOSM" --input dist --main-jar josm-custom.jar \
|
---|
| 20 | --main-class org.openstreetmap.josm.gui.MainApplication \
|
---|
[17236] | 21 | --icon ./native/macosx/JOSM.icns --type app-image --dest dist \
|
---|
[16776] | 22 | --java-options "-Xmx8192m" --app-version $1 \
|
---|
| 23 | --copyright "JOSM, and all its integral parts, are released under the GNU General Public License v2 or later" \
|
---|
| 24 | --vendor "https://josm.openstreetmap.de" \
|
---|
| 25 | --file-associations native/macosx/bz2.properties \
|
---|
| 26 | --file-associations native/macosx/geojson.properties \
|
---|
| 27 | --file-associations native/macosx/gpx.properties \
|
---|
| 28 | --file-associations native/macosx/gz.properties \
|
---|
| 29 | --file-associations native/macosx/jos.properties \
|
---|
| 30 | --file-associations native/macosx/joz.properties \
|
---|
| 31 | --file-associations native/macosx/osm.properties \
|
---|
| 32 | --file-associations native/macosx/zip.properties \
|
---|
| 33 | --add-modules java.base,java.datatransfer,java.desktop,java.logging,java.management,java.naming,java.net.http,java.prefs,java.rmi,java.scripting,java.sql,java.transaction.xa,java.xml,jdk.crypto.ec,jdk.jfr,jdk.jsobject,jdk.unsupported,jdk.unsupported.desktop,jdk.xml.dom
|
---|
| 34 |
|
---|
| 35 | echo "Building done."
|
---|
| 36 |
|
---|
| 37 | if [[ $IMPORT_AND_UNLOCK_KEYCHAIN == 1 ]]; then
|
---|
| 38 | if [ -z "$CERT_MACOS_P12" ]
|
---|
| 39 | then
|
---|
| 40 | echo "CERT_MACOS_P12 must be set in the environment. Won't sign app."
|
---|
| 41 | exit 1
|
---|
| 42 | fi
|
---|
| 43 |
|
---|
| 44 |
|
---|
| 45 | if [ -z "$CERT_MACOS_PW" ]
|
---|
| 46 | then
|
---|
| 47 | echo "CERT_MACOS_P12 must be set in the environment. Won't sign app."
|
---|
| 48 | exit 1
|
---|
| 49 | fi
|
---|
| 50 |
|
---|
| 51 | echo "Preparing certificates/keychain for signing…"
|
---|
| 52 |
|
---|
| 53 | KEYCHAIN=build.keychain
|
---|
| 54 | KEYCHAIN_PW=`head /dev/urandom | base64 | head -c 20`
|
---|
| 55 | CERTIFICATE_P12=certificate.p12
|
---|
| 56 |
|
---|
| 57 | echo $CERT_MACOS_P12 | base64 --decode > $CERTIFICATE_P12
|
---|
| 58 | security create-keychain -p $KEYCHAIN_PW $KEYCHAIN
|
---|
| 59 | security default-keychain -s $KEYCHAIN
|
---|
| 60 | security unlock-keychain -p $KEYCHAIN_PW $KEYCHAIN
|
---|
| 61 | security import $CERTIFICATE_P12 -k $KEYCHAIN -P $CERT_MACOS_PW -T /usr/bin/codesign
|
---|
| 62 | security set-key-partition-list -S apple-tool:,apple: -s -k $KEYCHAIN_PW $KEYCHAIN
|
---|
| 63 | rm $CERTIFICATE_P12
|
---|
| 64 |
|
---|
| 65 | echo "Signing preparation done."
|
---|
| 66 | fi
|
---|
| 67 |
|
---|
| 68 | echo "Signing App Bundle…"
|
---|
| 69 |
|
---|
| 70 | codesign -vvv --timestamp --options runtime --deep --force --sign "$SIGNING_KEY_NAME" \
|
---|
| 71 | dist/JOSM.app/Contents/MacOS/JOSM \
|
---|
| 72 | dist/JOSM.app/Contents/MacOS/libapplauncher.dylib \
|
---|
| 73 | dist/JOSM.app/Contents/runtime/Contents/Home/lib/*.jar \
|
---|
| 74 | dist/JOSM.app/Contents/runtime/Contents/Home/lib/*.dylib \
|
---|
| 75 | dist/JOSM.app/Contents/runtime/Contents/MacOS/libjli.dylib
|
---|
| 76 |
|
---|
| 77 | codesign -vvv --timestamp --entitlements native/macosx/josm.entitlements --options runtime --force --sign "$SIGNING_KEY_NAME" dist/JOSM.app
|
---|
| 78 |
|
---|
| 79 | codesign -vvv dist/JOSM.app
|
---|
| 80 |
|
---|
| 81 | echo "Preparing for notarization"
|
---|
[17236] | 82 | ditto -c -k --zlibCompressionLevel 9 --keepParent dist/JOSM.app dist/JOSM.zip
|
---|
[16776] | 83 |
|
---|
| 84 | echo "Uploading to Apple"
|
---|
| 85 | xcrun altool --notarize-app -f dist/JOSM.zip -p "$APPLE_ID_PW" -u "thomas.skowron@fossgis.de" --primary-bundle-id de.openstreetmap.josm
|
---|