fix: SDA-1749: Enable code signing for third party binaries (#874)

* SDA-1749: add all binaries for signing Signed-off-by: Vishwas Shashidhar <vishwas.shashidhar@symphony.com> * SDA-1749: add hardened run time attribute Signed-off-by: Vishwas Shashidhar <vishwas.shashidhar@symphony.com> * SDA-1749: reformat package.json Signed-off-by: Vishwas Shashidhar <vishwas.shashidhar@symphony.com> * SDA-1749: add echo for copying libraries Signed-off-by: Vishwas Shashidhar <vishwas.shashidhar@symphony.com> * SDA-1749: codesign exec files manually Signed-off-by: Vishwas Shashidhar <vishwas.shashidhar@symphony.com> * SDA-1749: codesign exec files with hardened runtime Signed-off-by: Vishwas Shashidhar <vishwas.shashidhar@symphony.com> * SDA-1749: codesign exec files with hardened runtime Signed-off-by: Vishwas Shashidhar <vishwas.shashidhar@symphony.com>
2024-12-27 01:11:13 -06:00 · 2020-02-13 23:41:16 +05:30 · 2020-02-13 23:41:16 +05:30 · 284ec984e6
commit 284ec984e6
parent 650b2613e5
4 changed files with 20 additions and 5 deletions
--- a/installer/mac/SymphonySettingsPlugin.bundle/Contents/MacOS/SymphonySettingsPlugin
+++ b/installer/mac/SymphonySettingsPlugin.bundle/Contents/MacOS/SymphonySettingsPlugin
--- a/package-lock.json
+++ b/package-lock.json
@ -13060,13 +13060,13 @@
      }
    },
    "screen-share-indicator-frame": {
-      "version": "1.0.0",
-      "resolved": "git+https://github.com/symphonyoss/ScreenShareIndicatorFrame.git#52a5ce71de68202316e19faa22971b5590a9836f",
+      "version": "1.1.0",
+      "resolved": "git+https://github.com/symphonyoss/ScreenShareIndicatorFrame.git#14cf6452610252458650056d568918345abf4eb4",
      "optional": true
    },
    "screen-snippet": {
-      "version": "1.0.5",
-      "resolved": "git+https://github.com/symphonyoss/ScreenSnippet2.git#f46b220dd10db61bcf2b296d32de63e3e46802bb",
+      "version": "1.0.6",
+      "resolved": "git+https://github.com/symphonyoss/ScreenSnippet2.git#c493f35831d7bf2a8164945f83c2669781dde3a7",
      "optional": true
    },
    "semver": {
--- a/package.json
+++ b/package.json
@ -54,7 +54,17 @@
      "category": "public.app-category.business",
      "icon": "images/icon.icns",
      "entitlements": "entitlements.mac.plist",
-      "entitlementsInherit": "entitlements.mac.plist"
+      "entitlementsInherit": "entitlements.mac.plist",
+      "gatekeeperAssess": true,
+      "hardenedRuntime": true,
+      "binaries": [
+        "library/lz4.exec",
+        "library/indexvalidator.exec",
+        "library/libsymphonysearch.dylib",
+        "library/cryptoLib.dylib",
+        "library/dictionary",
+        "installer/mac/SymphonySettingsPlugin.bundle/Contents/MacOS/SymphonySettingsPlugin"
+      ]
    },
    "win": {
      "icon": "images/icon.ico",
--- a/scripts/build-mac.sh
+++ b/scripts/build-mac.sh
@ -65,8 +65,13 @@ if [ ! -d "$HOME/tronlibraries/library" ]; then
  echo 'Search libraries do not exist! Not building with swift search' >&2
 else
  cp -r "$HOME/tronlibraries/library" .
+  echo 'Copied search libraries'
+  ls -lrth $HOME/tronlibraries/library
 fi

+codesign --force --options runtime -s "Developer ID Application: Symphony Communication Services LLC" library/lz4.exec
+codesign --force --options runtime -s "Developer ID Application: Symphony Communication Services LLC" library/indexvalidator.exec
+
 PKG_VERSION=$(node -e "console.log(require('./package.json').version);")

 # Install app dependencies