Jakub Sokołowski af2ec66e0c ci: implement MacOS notarization using xcrun altool
This introduces an automated MacOS notarization process for Jenkins CI.

The process involves:

* Uploading the signed DMG file to the notary service
* Checking periodically if the scanning process has completed
* Stapling the successful scan ticket to the DMG file

This is done by the `scripts/notarize-macos-pkg.sh` via the `make notarize-macos` target.
The whole process is described in more details in `docs/macos_notarization.md`.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/27
Resolves: https://github.com/status-im/status-desktop/issues/2169

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-01 09:50:13 -04:00
..

Description

These Jenkinsfiles are used to run CI jobs in Jenkins. You can find them here: https://ci.status.im/job/nim-status-client/

Builds

Linux

In order to build the Linux version of the application we use a modified a12e/docker-qt:5.14-gcc_64 Docker image with the addition of Git and Golang.

The image is built with Dockerfile using:

docker build -t statusteam/nim-status-client-build:latest .

And pushed to: https://hub.docker.com/r/statusteam/nim-status-client-build

MacOS

The MacOS builds are run on MacOS hosts and expect Command Line Toold and XCode to be installed, as well as QT being available under /usr/local/qt.

It also expects the presence of the following credentials:

  • macos-keychain-identity - ID of used signing certificate.
  • macos-keychain-pass - Password to unlock the keychain.
  • macos-keychain-file - Keychain file with the MacOS signing certificate.

You can read about how to create such a keychain here.