godotengine/godot-build-scripts
1
0
Fork 0
mirror of https://github.com/godotengine/godot-build-scripts.git synced 2026-01-04 02:09:44 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add support for signing OSX binaries

Browse Source 
Note this requires a real mac (for now)
This commit is contained in:
Hein-Pieter van Braam-Stewart
2021-02-12 17:52:15 +01:00
parent 7024ac71f9
commit 1dddb1fb3a
2 changed files with 39 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
build-release.sh
View File

@@ -145,6 +145,33 @@ if [ "${build_classical}" == "1" ]; then
zip -q -9 -r "${reldir}/${binname}.zip" Godot.app
rm -rf Godot.app
if [ ! -z "${OSX_HOST}" ]; then
osx_tmpdir=$(ssh "${OSX_HOST}" "mktemp -d")
scp "${reldir}/${binname}.zip" "${OSX_HOST}:${osx_tmpdir}"
ssh "${OSX_HOST}" "
cd ${osx_tmpdir} && \
unzip ${binname}.zip &&\
codesign --timestamp --options=runtime -s ${OSX_KEY_ID} -v Godot.app/Contents/MacOS/Godot && \
zip -r ${binname}_signed.zip Godot.app"
request_uuid=$(ssh "${OSX_HOST}" "xcrun altool --notarize-app --primary-bundle-id \"${OSX_BUNDLE_ID}\" --username \"${APPLE_ID}\" --password \"${APPLE_ID_PASSWORD}\" --file ${osx_tmpdir}/${binname}_signed.zip")
request_uuid=$(echo ${request_uuid} | sed -e 's/.*RequestUUID = //')
ssh "${OSX_HOST}" "while xcrun altool --notarization-history 0 -u \"${APPLE_ID}\" -p \"${APPLE_ID_PASSWORD}\" | grep -q ${request_uuid}.*in\ progress; do echo Waiting on Apple signature; sleep 30s; done"
if ! ssh "${OSX_HOST}" "xcrun altool --notarization-history 0 -u \"${APPLE_ID}\" -p \"${APPLE_ID_PASSWORD}\" | grep -q ${request_uuid}.*success"; then
echo "Signing failed?"
ssh "${OSX_HOST}" "rm -rf ${osx_tmpdir}"
exit 1
else
ssh "${OSX_HOST}" "
cd ${osx_tmpdir} && \
xcrun stapler staple Godot.app && \
zip -r ${binname}_stapled.zip Godot.app"
scp "${OSX_HOST}:${osx_tmpdir}/${binname}_stapled.zip" ${reldir}/${binname}.zip
ssh "${OSX_HOST}" "rm -rf ${osx_tmpdir}"
fi
fi
# Templates
rm -rf osx_template.app
cp -r git/misc/dist/osx_template.app .

12
config.sh.in
View File

@@ -27,3 +27,15 @@ export SIGN_PASSWORD=""
# Use your own when making a thirdparty build.
export SIGN_NAME=""
export SIGN_URL=""
# Hostname or IP address of an OSX host (Needed for signing)
# eg "user@10.1.0.10"
export OSX_HOST=""
# ID of the Apple certificate used to sign
export OSX_KEY_ID=""
# Bundle id for the signed app
export OSX_BUNDLE_ID=""
# Username/password for Apple's signing APIs (used for atltool)
export APPLE_ID=""
export APPLE_ID_PASSWORD=""