source: josm/trunk/native/macosx/macos-jpackage.sh@ 17487

Last change on this file since 17487 was 17487, checked in by GerdP, 4 years ago

see #20257:macOS build process fixes and improvements

  • Property svn:executable set to *
File size: 3.3 KB
Line 
1#!/bin/bash
2
3## Expected environment, passed from GitHub secrets:
4# https://docs.github.com/en/free-pro-team@latest/actions/reference/encrypted-secrets
5# APPLE_ID_PW Password for the Apple ID
6# CERT_MACOS_P12 Certificate used for code signing, base64 encoded
7# CERT_MACOS_PW Password for that certificate
8
9set -Eeou pipefail
10
11# Don't show one time passwords
12set +x
13
14APPLE_ID="thomas.skowron@fossgis.de"
15IMPORT_AND_UNLOCK_KEYCHAIN=${IMPORT_AND_UNLOCK_KEYCHAIN:-1}
16
17if [ -z "${1-}" ]
18then
19 echo "Usage: $0 josm_revision"
20 exit 1
21fi
22
23echo "Building JOSM.app"
24
25mkdir app
26
27if [ -z "$CERT_MACOS_P12" ] || [ -z "$CERT_MACOS_PW" ] || [ -z "$APPLE_ID_PW" ]
28then
29 echo "CERT_MACOS_P12, CERT_MACOS_PW and APPLE_ID_PW are not set in the environment."
30 echo "I will create a JOSM.app but I won't attempt to sign and notarize it."
31 SIGNAPP=false
32else
33 echo "Preparing certificates/keychain for signing…"
34
35 KEYCHAIN=build.keychain
36 KEYCHAINPATH=~/Library/Keychains/$KEYCHAIN-db
37 KEYCHAIN_PW=$(head /dev/urandom | base64 | head -c 20)
38 CERTIFICATE_P12=certificate.p12
39
40 echo "$CERT_MACOS_P12" | base64 --decode > $CERTIFICATE_P12
41 security create-keychain -p "$KEYCHAIN_PW" $KEYCHAIN
42 security default-keychain -s $KEYCHAIN
43 security unlock-keychain -p "$KEYCHAIN_PW" $KEYCHAIN
44 security import $CERTIFICATE_P12 -k $KEYCHAIN -P "$CERT_MACOS_PW" -T /usr/bin/codesign
45 security set-key-partition-list -S apple-tool:,apple: -s -k "$KEYCHAIN_PW" $KEYCHAIN
46 rm $CERTIFICATE_P12
47 SIGNAPP=true
48 echo "Signing preparation done."
49fi
50
51if $SIGNAPP; then
52 JPACKAGEOPTIONS="--mac-sign --mac-signing-keychain $KEYCHAINPATH"
53else
54 JPACKAGEOPTIONS=""
55fi
56
57echo "Building and signin app"
58 jpackage $JPACKAGEOPTIONS -n "JOSM" --input dist --main-jar josm-custom.jar \
59 --main-class org.openstreetmap.josm.gui.MainApplication \
60 --icon ./native/macosx/JOSM.icns --type app-image --dest app \
61 --java-options "-Xmx8192m" \
62 --app-version "$1" \
63 --copyright "JOSM, and all its integral parts, are released under the GNU General Public License v2 or later" \
64 --vendor "https://josm.openstreetmap.de" \
65 --mac-sign \
66 --mac-package-identifier de.openstreetmap.josm \
67 --mac-package-signing-prefix de.openstreetmap.josm \
68 --mac-signing-keychain $KEYCHAINPATH \
69 --file-associations native/macosx/bz2.properties \
70 --file-associations native/macosx/geojson.properties \
71 --file-associations native/macosx/gpx.properties \
72 --file-associations native/macosx/gz.properties \
73 --file-associations native/macosx/jos.properties \
74 --file-associations native/macosx/joz.properties \
75 --file-associations native/macosx/osm.properties \
76 --file-associations native/macosx/zip.properties \
77 --add-modules java.base,java.datatransfer,java.desktop,java.logging,java.management,java.naming,java.net.http,java.prefs,java.rmi,java.scripting,java.sql,java.transaction.xa,java.xml,jdk.crypto.ec,jdk.jfr,jdk.jsobject,jdk.unsupported,jdk.unsupported.desktop,jdk.xml.dom
78
79echo "Building done."
80
81if $SIGNAPP; then
82 echo "Preparing for notarization"
83 ditto -c -k --zlibCompressionLevel 9 --keepParent app/JOSM.app app/JOSM.zip
84
85 echo "Uploading to Apple"
86 xcrun altool --notarize-app -f app/JOSM.zip -p "$APPLE_ID_PW" -u "$APPLE_ID" --primary-bundle-id de.openstreetmap.josm
87fi
Note: See TracBrowser for help on using the repository browser.