mirror of
https://github.com/Chia-Network/chia-blockchain.git
synced 2024-10-26 20:40:51 +03:00
Notarize MacOS DMG on GHA and Azure - Azure Python to 3.8 (#595)
* Attempt to Notarize .dmg on GHA and Azure * Add missing env vars * Better ci mgmt * Try Python 3.8 on Mojave * Fix dmg filename
This commit is contained in:
parent
2a6347152c
commit
3dcadd57e5
4
.github/workflows/build-macos-installer.yml
vendored
4
.github/workflows/build-macos-installer.yml
vendored
@ -89,6 +89,10 @@ jobs:
|
||||
node-version: '12.x'
|
||||
|
||||
- name: Build MacOS DMG in Catalina
|
||||
env:
|
||||
NOTARIZE: ${{ steps.check_secrets.outputs.HAS_SECRET }}
|
||||
APPLE_NOTARIZE_USERNAME: "${{ secrets.APPLE_NOTARIZE_USERNAME }}"
|
||||
APPLE_NOTARIZE_PASSWORD: "${{ secrets.APPLE_NOTARIZE_PASSWORD }}"
|
||||
run: |
|
||||
. ./activate
|
||||
clang --version
|
||||
|
@ -12,15 +12,18 @@ trigger:
|
||||
- "*"
|
||||
|
||||
pool:
|
||||
vmImage: "macOS-10.14"
|
||||
vmImage: "macOS-10.15"
|
||||
strategy:
|
||||
matrix:
|
||||
Mojave DMG:
|
||||
python.version: "3.7"
|
||||
python.version: "3.8"
|
||||
# Python38:
|
||||
# python.version: '3.8' # Disabled 3.8 because artifact names conflict
|
||||
# Also, installer can target one verison
|
||||
|
||||
variables:
|
||||
- group: Apple-Notarize-Variables
|
||||
|
||||
steps:
|
||||
- task: UsePythonVersion@0
|
||||
inputs:
|
||||
@ -85,11 +88,13 @@ steps:
|
||||
# py.test tests -s -v
|
||||
# displayName: "pytest"
|
||||
|
||||
- script: |
|
||||
- bash: |
|
||||
. ./activate
|
||||
export NOTARIZE="true"
|
||||
export APPLE_NOTARIZE_USERNAME="$(APPLE_NOTARIZE_USERNAME)"
|
||||
export APPLE_NOTARIZE_PASSWORD="$(APPLE_NOTARIZE_PASSWORD)"
|
||||
cd build_scripts
|
||||
sh build_macos.sh
|
||||
ls -l final_installer
|
||||
displayName: "Build DMG with build_scripts/build_macos.sh"
|
||||
|
||||
- task: PublishPipelineArtifact@1
|
||||
|
@ -1,6 +1,8 @@
|
||||
#!/bin/bash
|
||||
pip install setuptools_scm
|
||||
# The environment variable CHIA_INSTALLER_VERSION needs to be defined
|
||||
# If the env variable NOTARIZE and the username and password variables are
|
||||
# set, this will attempt to Notarize the signed DMG
|
||||
CHIA_INSTALLER_VERSION=$(python installer-version.py)
|
||||
|
||||
if [ ! "$CHIA_INSTALLER_VERSION" ]; then
|
||||
@ -13,6 +15,7 @@ echo "Installing npm and electron packagers"
|
||||
npm install electron-installer-dmg -g
|
||||
npm install electron-packager -g
|
||||
npm install electron/electron-osx-sign -g
|
||||
npm install notarize-cli -g
|
||||
|
||||
echo "Create dist/"
|
||||
sudo rm -rf dist
|
||||
@ -33,13 +36,47 @@ if [ "$LAST_EXIT_CODE" -ne 0 ]; then
|
||||
echo >&2 "npm run build failed!"
|
||||
exit $LAST_EXIT_CODE
|
||||
fi
|
||||
electron-packager . Chia --asar.unpack="**/daemon/**" --platform=darwin --icon=src/assets/img/Chia.icns --overwrite --app-bundle-id=net.chia.blockchain --appVersion=$CHIA_INSTALLER_VERSION
|
||||
electron-osx-sign Chia-darwin-x64/Chia.app --platform=darwin --hardened-runtime=true --provisioning-profile=chiablockchain.provisionprofile --entitlements=entitlements.mac.plist --entitlements-inherit=entitlements.mac.plist --no-gatekeeper-assess
|
||||
electron-packager . Chia --asar.unpack="**/daemon/**" --platform=darwin \
|
||||
--icon=src/assets/img/Chia.icns --overwrite --app-bundle-id=net.chia.blockchain \
|
||||
--appVersion=$CHIA_INSTALLER_VERSION
|
||||
|
||||
electron-osx-sign Chia-darwin-x64/Chia.app --platform=darwin \
|
||||
--hardened-runtime=true --provisioning-profile=chiablockchain.provisionprofile \
|
||||
--entitlements=entitlements.mac.plist --entitlements-inherit=entitlements.mac.plist \
|
||||
--no-gatekeeper-assess
|
||||
|
||||
mv Chia-darwin-x64 ../build_scripts/dist/
|
||||
cd ../build_scripts || exit
|
||||
|
||||
echo "Create .dmg"
|
||||
DMG_NAME="Chia-$CHIA_INSTALLER_VERSION.dmg"
|
||||
echo "Create $DMG_NAME"
|
||||
mkdir final_installer
|
||||
electron-installer-dmg dist/Chia-darwin-x64/Chia.app Chia-$CHIA_INSTALLER_VERSION --overwrite --out final_installer
|
||||
echo "ls -l"
|
||||
ls -l
|
||||
electron-installer-dmg dist/Chia-darwin-x64/Chia.app Chia-$CHIA_INSTALLER_VERSION \
|
||||
--overwrite --out final_installer
|
||||
|
||||
if [ "$NOTARIZE" ]; then
|
||||
echo "Notarize $DMG_NAME on ci"
|
||||
cd final_installer
|
||||
notarize-cli --file=$DMG_NAME --bundle-id net.chia.blockchain \
|
||||
--username $APPLE_NOTARIZE_USERNAME --password $APPLE_NOTARIZE_PASSWORD
|
||||
echo "Notarization step complete"
|
||||
else
|
||||
echo "Not on ci so skipping Notarize"
|
||||
fi
|
||||
|
||||
# Notes on how to manually notarize
|
||||
#
|
||||
# Ask for username and password - password should be an app specific password
|
||||
# Generate app specific password https://support.apple.com/en-us/HT204397
|
||||
# xcrun altool --notarize-app -f Chia-0.1.X.dmg --primary-bundle-id net.chia.blockchain -u username -p password
|
||||
# xcrun altool --notarize-app; -should return REQUEST-ID, use it in next command
|
||||
#
|
||||
# Wait until following command return a success message"
|
||||
# watch -n 20 'xcrun altool --notarization-info {REQUEST-ID} -u username -p password'
|
||||
# It can take a while, run it every few minutes
|
||||
#
|
||||
# Once that is successful, execute the following command"
|
||||
# xcrun stapler staple Chia-0.1.X.dmg
|
||||
#
|
||||
# Validate DMG
|
||||
# xcrun stapler validate Chia-0.1.X.dmg
|
||||
|
@ -1,18 +0,0 @@
|
||||
#!/bin/bash
|
||||
# How to notarize
|
||||
|
||||
echo "Ask for username and password - password should be an app specific password"
|
||||
# Generate app specific password https://support.apple.com/en-us/HT204397
|
||||
xcrun altool --notarize-app -f Chia-0.1.X.dmg --primary-bundle-id net.chia.blockchain -u username -p password
|
||||
echo "xcrun altool --notarize-app; -should return REQUEST-ID, use it in next command"
|
||||
|
||||
echo "Wait until following command return a success message"
|
||||
watch -n 20 'xcrun altool --notarization-info {REQUEST-ID} -u username -p password'
|
||||
echo "It can take a while, run it every few minutes"
|
||||
|
||||
|
||||
echo "Once that is successful, execute the following command"
|
||||
xcrun stapler staple Chia-0.1.X.dmg
|
||||
|
||||
echo "Validate DMG"
|
||||
xcrun stapler validate Chia-0.1.X.dmg
|
Loading…
Reference in New Issue
Block a user