Ignore:
Timestamp:
2021-02-08T20:52:53+01:00 (2 months ago)
Author:
GerdP
Message:

see #20257:macOS build process fixes and improvements

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/native/macosx/macos-jpackage.sh

    r17373 r17487  
    11#!/bin/bash
     2
     3## Expected environment, passed from GitHub secrets:
     4# https://docs.github.com/en/free-pro-team@latest/actions/reference/encrypted-secrets
     5# APPLE_ID_PW     Password for the Apple ID
     6# CERT_MACOS_P12  Certificate used for code signing, base64 encoded
     7# CERT_MACOS_PW   Password for that certificate
    28
    39set -Eeou pipefail
     
    612set +x
    713
    8 SIGNING_KEY_NAME="Developer ID Application: FOSSGIS e.V. (P8AAAGN2AM)"
     14APPLE_ID="thomas.skowron@fossgis.de"
    915IMPORT_AND_UNLOCK_KEYCHAIN=${IMPORT_AND_UNLOCK_KEYCHAIN:-1}
    1016
     
    1925mkdir app
    2026
    21 if [[ $IMPORT_AND_UNLOCK_KEYCHAIN == 1 ]]; then
    22     if [ -z "$CERT_MACOS_P12" ]
    23     then
    24         echo "CERT_MACOS_P12 must be set in the environment. Won't sign app."
    25         exit 1
    26     fi
    27 
    28 
    29     if [ -z "$CERT_MACOS_PW" ]
    30     then
    31         echo "CERT_MACOS_P12 must be set in the environment. Won't sign app."
    32         exit 1
    33     fi
    34 
     27if [ -z "$CERT_MACOS_P12" ] || [ -z "$CERT_MACOS_PW" ] || [ -z "$APPLE_ID_PW" ]
     28then
     29    echo "CERT_MACOS_P12, CERT_MACOS_PW and APPLE_ID_PW are not set in the environment."
     30    echo "I will create a JOSM.app but I won't attempt to sign and notarize it."
     31    SIGNAPP=false
     32else
    3533    echo "Preparing certificates/keychain for signing…"
    3634
    3735    KEYCHAIN=build.keychain
    3836    KEYCHAINPATH=~/Library/Keychains/$KEYCHAIN-db
    39     KEYCHAIN_PW=`head /dev/urandom | base64 | head -c 20`
     37    KEYCHAIN_PW=$(head /dev/urandom | base64 | head -c 20)
    4038    CERTIFICATE_P12=certificate.p12
    4139
    42     echo $CERT_MACOS_P12 | base64 --decode > $CERTIFICATE_P12
    43     security create-keychain -p $KEYCHAIN_PW $KEYCHAIN
     40    echo "$CERT_MACOS_P12" | base64 --decode > $CERTIFICATE_P12
     41    security create-keychain -p "$KEYCHAIN_PW" $KEYCHAIN
    4442    security default-keychain -s $KEYCHAIN
    45     security unlock-keychain -p $KEYCHAIN_PW $KEYCHAIN
    46     security import $CERTIFICATE_P12 -k $KEYCHAIN -P $CERT_MACOS_PW -T /usr/bin/codesign
    47     security set-key-partition-list -S apple-tool:,apple: -s -k $KEYCHAIN_PW $KEYCHAIN
     43    security unlock-keychain -p "$KEYCHAIN_PW" $KEYCHAIN
     44    security import $CERTIFICATE_P12 -k $KEYCHAIN -P "$CERT_MACOS_PW" -T /usr/bin/codesign
     45    security set-key-partition-list -S apple-tool:,apple: -s -k "$KEYCHAIN_PW" $KEYCHAIN
    4846    rm $CERTIFICATE_P12
    49 
     47    SIGNAPP=true
    5048    echo "Signing preparation done."
    5149fi
    5250
     51if $SIGNAPP; then
     52  JPACKAGEOPTIONS="--mac-sign --mac-signing-keychain $KEYCHAINPATH"
     53else
     54  JPACKAGEOPTIONS=""
     55fi
     56
    5357echo "Building and signin app"
    54     jpackage -n "JOSM" --input dist --main-jar josm-custom.jar \
     58    jpackage $JPACKAGEOPTIONS -n "JOSM" --input dist --main-jar josm-custom.jar \
    5559    --main-class org.openstreetmap.josm.gui.MainApplication \
    5660    --icon ./native/macosx/JOSM.icns --type app-image --dest app \
    5761    --java-options "-Xmx8192m" \
    58      --java-options "-Dapple.awt.application.appearance=system" \
    59     --app-version $1 \
     62    --app-version "$1" \
    6063    --copyright "JOSM, and all its integral parts, are released under the GNU General Public License v2 or later" \
    6164    --vendor "https://josm.openstreetmap.de" \
     
    7679echo "Building done."
    7780
    78 echo "Preparing for notarization"
    79 ditto -c -k --zlibCompressionLevel 9 --keepParent app/JOSM.app app/JOSM.zip
     81if $SIGNAPP; then
     82    echo "Preparing for notarization"
     83    ditto -c -k --zlibCompressionLevel 9 --keepParent app/JOSM.app app/JOSM.zip
    8084
    81 echo "Uploading to Apple"
    82 xcrun altool --notarize-app -f app/JOSM.zip -p "$APPLE_ID_PW" -u "thomas.skowron@fossgis.de" --primary-bundle-id de.openstreetmap.josm
     85    echo "Uploading to Apple"
     86    xcrun altool --notarize-app -f app/JOSM.zip -p "$APPLE_ID_PW" -u "$APPLE_ID" --primary-bundle-id de.openstreetmap.josm
     87fi
Note: See TracChangeset for help on using the changeset viewer.