2022-11-22 12:59:47 +03:00
|
|
|
#!/bin/sh
|
|
|
|
|
|
|
|
if ! command -v create-dmg &> /dev/null
|
|
|
|
then
|
|
|
|
echo "create-dmg could not be found"
|
|
|
|
exit
|
|
|
|
fi
|
|
|
|
|
2022-11-18 16:33:23 +03:00
|
|
|
echo "# Extract .app from .tar.gz"
|
2022-11-30 15:15:32 +03:00
|
|
|
tar -xzf yubioath-desktop*.tar.gz
|
2022-11-18 16:33:23 +03:00
|
|
|
|
2024-02-22 15:17:45 +03:00
|
|
|
xattr -d com.apple.quarantine "Yubico Authenticator.app"
|
|
|
|
|
2022-11-30 15:15:32 +03:00
|
|
|
if [ -n "$1" ] && [ -n "$2" ] # Standalone
|
|
|
|
then
|
|
|
|
echo "#################"
|
|
|
|
echo "# Two parameters have been given, this will be a standalone"
|
|
|
|
echo "#################"
|
|
|
|
echo
|
|
|
|
echo "# Sign the main binaries, with the entitlements"
|
|
|
|
codesign -f --timestamp --options runtime --entitlements helper.entitlements --sign 'Application' Yubico\ Authenticator.app/Contents/Resources/helper/authenticator-helper
|
|
|
|
else
|
|
|
|
echo "#################"
|
|
|
|
echo "# No parameters given, this will be app store"
|
|
|
|
echo "#################"
|
|
|
|
echo
|
|
|
|
echo "# Sign the main binaries, with sandbox enabled, without hardened runtime"
|
|
|
|
codesign -f --timestamp --entitlements helper-sandbox.entitlements --sign 'Application' Yubico\ Authenticator.app/Contents/Resources/helper/authenticator-helper
|
|
|
|
fi
|
2022-11-18 16:33:23 +03:00
|
|
|
|
|
|
|
echo "# Sign the dylib and so files, without entitlements"
|
|
|
|
cd Yubico\ Authenticator.app/
|
2023-10-06 17:08:42 +03:00
|
|
|
codesign -f --timestamp --options runtime --sign 'Application' $(find Contents/Resources/helper/_internal/ -name "*.dylib" -o -name "*.so")
|
2022-11-18 16:33:23 +03:00
|
|
|
cd ..
|
|
|
|
|
|
|
|
echo "# Sign the Python binary (if it exists), without entitlements"
|
2023-10-06 17:08:42 +03:00
|
|
|
codesign -f --timestamp --options runtime --sign 'Application' Yubico\ Authenticator.app/Contents/Resources/helper/_internal/Python
|
2022-11-18 16:33:23 +03:00
|
|
|
|
|
|
|
echo "# Sign the GUI"
|
|
|
|
codesign -f --timestamp --options runtime --sign 'Application' --entitlements Release.entitlements --deep "Yubico Authenticator.app"
|
|
|
|
|
2022-11-30 15:15:32 +03:00
|
|
|
if [ -n "$1" ] && [ -n "$2" ] # Standalone
|
|
|
|
then
|
|
|
|
echo "# Compress the .app to .zip and notarize"
|
|
|
|
ditto -c -k --sequesterRsrc --keepParent "Yubico Authenticator.app" "Yubico Authenticator.zip"
|
2023-08-25 15:39:47 +03:00
|
|
|
STATUS=$(xcrun notarytool submit "Yubico Authenticator.zip" --apple-id $1 --team-id LQA3CS5MM7 --password $2 --wait)
|
|
|
|
echo ${STATUS}
|
2022-11-18 16:33:23 +03:00
|
|
|
|
2023-08-25 15:39:47 +03:00
|
|
|
if [[ "$STATUS" == *"Accepted"* ]]; then
|
2023-09-18 11:09:10 +03:00
|
|
|
echo "# Notarization successfull. Staple the .app"
|
2022-11-30 15:15:32 +03:00
|
|
|
xcrun stapler staple -v "Yubico Authenticator.app"
|
|
|
|
|
|
|
|
echo "# Create dmg"
|
|
|
|
rm yubioath-desktop.dmg # Remove old .dmg
|
|
|
|
mkdir source_folder
|
|
|
|
mv "Yubico Authenticator.app" source_folder
|
|
|
|
sh create-dmg.sh
|
2023-09-18 11:09:10 +03:00
|
|
|
echo "# .dmg created."
|
2023-08-25 15:39:47 +03:00
|
|
|
else
|
|
|
|
echo "Error uploading for notarization"
|
|
|
|
exit
|
2022-11-30 15:15:32 +03:00
|
|
|
fi
|
2023-09-18 11:09:10 +03:00
|
|
|
|
|
|
|
echo "# Sign the .dmg"
|
|
|
|
codesign -f --timestamp --options runtime --sign 'Application' yubioath-desktop.dmg
|
|
|
|
echo "# Notarize the .dmg"
|
|
|
|
STATUS=$(xcrun notarytool submit "yubioath-desktop.dmg" --apple-id $1 --team-id LQA3CS5MM7 --password $2 --wait)
|
|
|
|
echo ${STATUS}
|
|
|
|
echo "# Staple the .dmg"
|
|
|
|
xcrun stapler staple -v yubioath-desktop.dmg
|
|
|
|
|
|
|
|
echo "# Everything should be ready for release!"
|
2022-11-30 15:15:32 +03:00
|
|
|
else # App store
|
|
|
|
echo "# Build the package for AppStore submission"
|
|
|
|
productbuild --sign 'Installer' --component "Yubico Authenticator.app" /Applications/ output-appstore.pkg
|
2022-11-18 16:33:23 +03:00
|
|
|
fi
|
|
|
|
|
|
|
|
echo "# End of script"
|