IntenseWebs/pgadmin4
3
0
Fork 0
mirror of https://github.com/pgadmin-org/pgadmin4.git synced 2025-02-25 18:55:31 -06:00
Code Issues Packages Projects Releases Wiki Activity

Move the macOS notarization into the build system and out of Jenkins.

Browse Source
This commit is contained in:
Dave Page 2021-02-02 11:20:18 +00:00
parent bc3c857b35
commit 0ca4426dd0
4 changed files with 96 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/mac/.gitignore vendored
View File

@ -1,2 +1,3 @@
# Global excludes across all subdirectories # Ignore config files
codesign.conf codesign.conf
notarization.conf

69
pkg/mac/build-functions.sh
View File

@ -9,6 +9,7 @@ _setup_env() {
APP_LONG_VERSION=${APP_LONG_VERSION}-${APP_SUFFIX} APP_LONG_VERSION=${APP_LONG_VERSION}-${APP_SUFFIX}
fi fi
BUNDLE_DIR="${BUILD_ROOT}/${APP_NAME}.app" BUNDLE_DIR="${BUILD_ROOT}/${APP_NAME}.app"
DMG_NAME="${DIST_ROOT}/$(echo ${APP_NAME} | sed 's/ //g' | awk '{print tolower($0)}')-${APP_LONG_VERSION}.dmg"
} }
_cleanup() { _cleanup() {
@ -317,7 +318,7 @@ _create_dmg() {
--format UDBZ \ --format UDBZ \
--skip-jenkins \ --skip-jenkins \
--no-internet-enable \ --no-internet-enable \
"${DIST_ROOT}/$(echo ${APP_NAME} | sed 's/ //g' | awk '{print tolower($0)}')-${APP_LONG_VERSION}.dmg" \ "${DMG_NAME}" \
"${BUNDLE_DIR}" "${BUNDLE_DIR}"
} }
@ -328,5 +329,69 @@ _codesign_dmg() {
# Sign the .app # Sign the .app
echo Signing disk image... echo Signing disk image...
codesign --force --verify --verbose --timestamp --options runtime -i org.pgadmin.pgadmin4 --sign "${DEVELOPER_ID}" "${DIST_ROOT}/$(echo ${APP_NAME} | sed 's/ //g' | awk '{print tolower($0)}')-${APP_LONG_VERSION}.dmg" codesign --force --verify --verbose --timestamp --options runtime -i org.pgadmin.pgadmin4 --sign "${DEVELOPER_ID}" "${DMG_NAME}"
} }
_notarize_pkg() {
if [ ${CODESIGN} -eq 0 ]; then
return
fi
# Notarize the package. Try three times, to allow for upload issues
cmd_status=0
for i in {1..3}; do
echo "Uploading DMG for notarisation (attempt ${i} of 3)..."
STATUS=$(xcrun altool --notarize-app -f "${DMG_NAME}" --asc-provider ${DEVELOPER_NAME} --primary-bundle-id org.pgadmin.pgadmin4 -u ${DEVELOPER_USER} -p ${DEVELOPER_ASP} 2>&1)
RETVAL=$?
if [ ${RETVAL} != 0 ]; then
echo "Attempt ${i} failure: ${STATUS}"
else
# Success!
break;
fi
done
# print error if above command fails
if [ ${RETVAL} != 0 ]; then
echo "Notarization failed."
exit 1
fi
# Get the request ID
REQUEST_UUID=$(echo ${STATUS} | awk '/RequestUUID/ { print $NF; }')
echo "Notarization request ID: ${REQUEST_UUID}"
# Now we need to wait for the results. Try 10 times.
for i in {1..10}; do
echo "Waiting 30 seconds..."
sleep 30
echo "Requesting notarisation result (attempt ${i} of 10)..."
REQUEST_STATUS=$(xcrun altool --notarization-info ${REQUEST_UUID} --username ${DEVELOPER_USER} --password ${DEVELOPER_ASP} 2>&1 | awk -F ': ' '/Status:/ { print $2; }' )
if [[ "${REQUEST_STATUS}" == "success" ]]; then
break
fi
done
# Print status information
xcrun altool --notarization-info ${REQUEST_UUID} --username ${DEVELOPER_USER} --password ${DEVELOPER_ASP}
if [[ "${REQUEST_STATUS}" != "success" ]]; then
echo "Notarization failed."
exit 1
fi
# Staple the notarization
echo "Stapling the notarization to the pgAdmin DMG..."
xcrun stapler staple "${DMG_NAME}"
if [ $? != 0 ]; then
echo "Stapling failed."
exit 1
fi
echo "Notarization completed successfully."
}

16
pkg/mac/build.sh
View File

@ -23,11 +23,24 @@ if [ ! -f ${SCRIPT_DIR}/codesign.conf ]; then
echo "******************************************************************" echo "******************************************************************"
echo echo
CODESIGN=0 CODESIGN=0
sleep 5 sleep 2
else else
source ${SCRIPT_DIR}/codesign.conf source ${SCRIPT_DIR}/codesign.conf
fi fi
NOTARIZE=1
if [ ! -f ${SCRIPT_DIR}/notarization.conf ]; then
echo
echo "******************************************************************"
echo "* pkg/mac/notarization.conf not found. NOT notarizing the package."
echo "******************************************************************"
echo
NOTARIZE=0
sleep 2
else
source ${SCRIPT_DIR}/notarization.conf
fi
if [ "x${PGADMIN_POSTGRES_DIR}" == "x" ]; then if [ "x${PGADMIN_POSTGRES_DIR}" == "x" ]; then
echo "PGADMIN_POSTGRES_DIR not set. Setting it to the default: /usr/local/pgsql" echo "PGADMIN_POSTGRES_DIR not set. Setting it to the default: /usr/local/pgsql"
export PGADMIN_POSTGRES_DIR=/usr/local/pgsql export PGADMIN_POSTGRES_DIR=/usr/local/pgsql
@ -50,3 +63,4 @@ _codesign_binaries
_codesign_bundle _codesign_bundle
_create_dmg _create_dmg
_codesign_dmg _codesign_dmg
_notarize_pkg

12
pkg/mac/notarization.conf.in Normal file
View File

@ -0,0 +1,12 @@
# In order to enable notarization of the Mac Appbundle, copy this file to
# notarization.conf, and edit the values below to reflect your Apple
# Developer User ID, app-specific password and Provider Shortname.
#
# You can use the following command to see the available shortnames for your
# Apple Developer ID (substituting the appropriate username/password):
#
# xcrun altool --list-providers -u "APPLE_DEVELOPER_USERNAME" -p "APP_SPECIFIC_PASSWORD"
DEVELOPER_USER=user@example.com
DEVELOPER_ASP=1234-abcd-5678-efgh
DEVELOPER_NAME=MyCompany