jp9000
/
obs-studio
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CI: Use xcrun notarytool instead of xcnotary 

xcnotary was discontinued since Apple now provides `xcrun notarytool`.
This commit used `xcrun notarytool` to notarize the package.
master
Norihiro Kamae 2022-07-30 03:46:51 +09:00 committed by Patrick Heyer
parent c9859e5afc
commit 8af6b79044
2 changed files with 13 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CI/include/build_support_macos.sh
View File

@ -157,7 +157,7 @@ read_codesign_ident() {
# + Your Apple developer ID is needed for notarization
# + An app-specific password is necessary for notarization from CLI
# + This password will be stored in your macOS keychain under the identifier
# 'OBS-Codesign-Password' with access Apple's 'altool' only.
# 'OBS-Codesign-Password' with access Apple's 'notarytool' only.
##############################################################################
read_codesign_pass() {
@ -174,8 +174,8 @@ read_codesign_pass() {
step "Update notarization keychain..."
echo -n "${COLOR_ORANGE}"
/usr/bin/xcrun altool --store-password-in-keychain-item "OBS-Codesign-Password" -u "${CODESIGN_IDENT_USER}" -p "${CODESIGN_IDENT_PASS}"
echo -n "${COLOR_RESET}"
CODESIGN_IDENT_SHORT=$(echo "${CODESIGN_IDENT}" | /usr/bin/sed -En "s/.+\((.+)\)/\1/p")
echo -n "${COLOR_ORANGE}"
/usr/bin/xcrun notarytool store-credentials "OBS-Codesign-Password" --apple-id "${CODESIGN_IDENT_USER}" --team-id "${CODESIGN_IDENT_SHORT}" --password "${CODESIGN_IDENT_PASS}"
echo -n "${COLOR_RESET}"
}

38
CI/macos/03_package_obs.sh
View File

@ -47,31 +47,21 @@ notarize_obs() {
exit 1
fi
if ! exists xcnotary; then
step "Install notarization dependency 'xcnotary'"
brew install akeru-inc/tap/xcnotary
fi
ensure_dir "${CHECKOUT_DIR}"
if [ "${NOTARIZE_IMAGE}" ]; then
trap "_caught_error_xcnotary '${NOTARIZE_IMAGE}'" ERR
trap "_caught_error_hdiutil_verify '${NOTARIZE_IMAGE}'" ERR
step "Attach OBS disk image ${NOTARIZE_IMAGE}..."
hdiutil attach -readonly -noverify -noautoopen -quiet "${NOTARIZE_IMAGE}"
step "Verify OBS disk image ${NOTARIZE_IMAGE}..."
hdiutil verify "${NOTARIZE_IMAGE}"
VOLUME_NAME=$(hdiutil info -plist | grep "/Volumes/OBS-" | sed 's/<string>\/Volumes\/\([^<]*\)<\/string>/\1/' | sed -e 's/^[[:space:]]*//')
PRECHECK="/Volumes/${VOLUME_NAME}/OBS.app"
NOTARIZE_TARGET="${NOTARIZE_IMAGE}"
elif [ "${NOTARIZE_BUNDLE}" ]; then
PRECHECK="${NOTARIZE_BUNDLE}"
NOTARIZE_TARGET="${NOTARIZE_BUNDLE}"
else
OBS_IMAGE="${BUILD_DIR}/${FILE_NAME}"
if [ -f "${OBS_IMAGE}" ]; then
OBS_BUNDLE=$(/usr/bin/find "${BUILD_DIR}/_CPack_Packages" -type d -name "OBS.app")
PRECHECK="${OBS_BUNDLE}"
NOTARIZE_TARGET="${OBS_IMAGE}"
else
error "No notarization application bundle ('OBS.app') or disk image ('${NOTARIZE_IMAGE:-${FILE_NAME}}') found"
@ -79,30 +69,20 @@ notarize_obs() {
fi
fi
step "Run notarization pre-checks on OBS.app..."
xcnotary precheck "${PRECHECK}"
if [ "$?" -eq 0 ]; then
read_codesign_ident
read_codesign_pass
step "Run xcnotary with ${NOTARIZE_TARGET}..."
xcnotary notarize "${NOTARIZE_TARGET}" --developer-account "${CODESIGN_IDENT_USER}" --developer-password-keychain-item "OBS-Codesign-Password" --provider "${CODESIGN_IDENT_SHORT}"
fi
step "Notarize ${NOTARIZE_TARGET}..."
/usr/bin/xcrun notarytool submit "${NOTARIZE_TARGET}" --keychain-profile "OBS-Codesign-Password" --wait
if [ "${NOTARIZE_IMAGE}" -a -d "/Volumes/${VOLUME_NAME}" ]; then
step "Detach OBS disk image ${NOTARIZE_IMAGE}..."
hdiutil detach "/Volumes/${VOLUME_NAME}" -quiet
step "Staple the ticket to ${NOTARIZE_TARGET}..."
/usr/bin/xcrun stapler staple "${NOTARIZE_TARGET}"
fi
}
_caught_error_xcnotary() {
error "ERROR during notarization of image '${1}'"
if [ -d "/Volumes/${1}" ]; then
step "Detach OBS disk image ${1}..."
hdiutil detach "/Volumes/${1}" -quiet
fi
_caught_error_hdiutil_verify() {
error "ERROR during verifying image '${1}'"
cleanup
exit 1