source: josm/trunk/native/macosx/macos-jpackage.sh @ 17487

Last change on this file since 17487 was 17487, checked in by GerdP, 3 years ago

see #20257:macOS build process fixes and improvements
  • Property svn:executable set to *
File size: 3.3 KB
Line 
1#!/bin/bash
2
3## Expected environment, passed from GitHub secrets:
4# https://docs.github.com/en/free-pro-team@latest/actions/reference/encrypted-secrets
5# APPLE_ID_PW     Password for the Apple ID
6# CERT_MACOS_P12  Certificate used for code signing, base64 encoded
7# CERT_MACOS_PW   Password for that certificate
8
9set -Eeou pipefail
10
11# Don't show one time passwords
12set +x
13
14APPLE_ID="thomas.skowron@fossgis.de"
15IMPORT_AND_UNLOCK_KEYCHAIN=${IMPORT_AND_UNLOCK_KEYCHAIN:-1}
16
17if [ -z "${1-}" ]
18then
19    echo "Usage: $0 josm_revision"
20    exit 1
21fi
22
23echo "Building JOSM.app"
24
25mkdir app
26
27if [ -z "$CERT_MACOS_P12" ] || [ -z "$CERT_MACOS_PW" ] || [ -z "$APPLE_ID_PW" ]
28then
29    echo "CERT_MACOS_P12, CERT_MACOS_PW and APPLE_ID_PW are not set in the environment."
30    echo "I will create a JOSM.app but I won't attempt to sign and notarize it."
31    SIGNAPP=false
32else
33    echo "Preparing certificates/keychain for signing…"
34
35    KEYCHAIN=build.keychain
36    KEYCHAINPATH=~/Library/Keychains/$KEYCHAIN-db
37    KEYCHAIN_PW=$(head /dev/urandom | base64 | head -c 20)
38    CERTIFICATE_P12=certificate.p12
39
40    echo "$CERT_MACOS_P12" | base64 --decode > $CERTIFICATE_P12
41    security create-keychain -p "$KEYCHAIN_PW" $KEYCHAIN
42    security default-keychain -s $KEYCHAIN
43    security unlock-keychain -p "$KEYCHAIN_PW" $KEYCHAIN
44    security import $CERTIFICATE_P12 -k $KEYCHAIN -P "$CERT_MACOS_PW" -T /usr/bin/codesign
45    security set-key-partition-list -S apple-tool:,apple: -s -k "$KEYCHAIN_PW" $KEYCHAIN
46    rm $CERTIFICATE_P12
47    SIGNAPP=true
48    echo "Signing preparation done."
49fi
50
51if $SIGNAPP; then
52  JPACKAGEOPTIONS="--mac-sign --mac-signing-keychain $KEYCHAINPATH"
53else
54  JPACKAGEOPTIONS=""
55fi
56
57echo "Building and signin app"
58    jpackage $JPACKAGEOPTIONS -n "JOSM" --input dist --main-jar josm-custom.jar \
59    --main-class org.openstreetmap.josm.gui.MainApplication \
60    --icon ./native/macosx/JOSM.icns --type app-image --dest app \
61    --java-options "-Xmx8192m" \
62    --app-version "$1" \
63    --copyright "JOSM, and all its integral parts, are released under the GNU General Public License v2 or later" \
64    --vendor "https://josm.openstreetmap.de" \
65    --mac-sign \
66    --mac-package-identifier de.openstreetmap.josm \
67    --mac-package-signing-prefix de.openstreetmap.josm \
68    --mac-signing-keychain $KEYCHAINPATH \
69    --file-associations native/macosx/bz2.properties \
70    --file-associations native/macosx/geojson.properties \
71    --file-associations native/macosx/gpx.properties \
72    --file-associations native/macosx/gz.properties \
73    --file-associations native/macosx/jos.properties \
74    --file-associations native/macosx/joz.properties \
75    --file-associations native/macosx/osm.properties \
76    --file-associations native/macosx/zip.properties \
77    --add-modules java.base,java.datatransfer,java.desktop,java.logging,java.management,java.naming,java.net.http,java.prefs,java.rmi,java.scripting,java.sql,java.transaction.xa,java.xml,jdk.crypto.ec,jdk.jfr,jdk.jsobject,jdk.unsupported,jdk.unsupported.desktop,jdk.xml.dom
78
79echo "Building done."
80
81if $SIGNAPP; then
82    echo "Preparing for notarization"
83    ditto -c -k --zlibCompressionLevel 9 --keepParent app/JOSM.app app/JOSM.zip
84
85    echo "Uploading to Apple"
86    xcrun altool --notarize-app -f app/JOSM.zip -p "$APPLE_ID_PW" -u "$APPLE_ID" --primary-bundle-id de.openstreetmap.josm
87fi
Note: See TracBrowser for help on using the repository browser.