status-im/status-desktop
2
0
Fork 0
mirror of https://github.com/status-im/status-desktop.git synced 2025-01-09 22:06:25 +00:00
Code Issues Projects Releases Wiki Activity
status-desktop/scripts/notarize-macos-pkg.sh
Jakub Sokołowski 8b8f514dd4
ci: show output from xcrun_altool on notarize error 
Right now we don't see what's actually happening:
```

!!! Notariztion Error
{"tool-version":"5.4211.13411","tool-path":"\/Applications\/Xcode.app\/Contents\/SharedFrameworks\/ContentDeliveryServices.framework\/Versions\/A\/Frameworks\/AppStoreService.framework","os-version":"12.3.1","product-errors":[{"message":"You supplied an invalid RequestUUID: null","userInfo":{"NSLocalizedFailureReason":"Apple Services operation failed.","NSLocalizedRecoverySuggestion":"You supplied an invalid RequestUUID: null","NSLocalizedDescription":"You supplied an invalid RequestUUID: null"},"code":1515}],"warnings":[{"message":"altool has been deprecated for notarization and starting in late 2023 will no longer be supported by the Apple notary service. You should start using notarytool to notarize your software.","userInfo":{"NSLocalizedDescription":"altool has been deprecated for notarization and starting in late 2023 will no longer be supported by the Apple notary service. You should start using notarytool to notarize your software."},"code":-1030}]}
make: *** [notarize-macos] Error 1
```

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-12-08 20:04:38 +01:00

73 lines
2.7 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
set -e
[[ $(uname) != 'Darwin' ]] && { echo 'This only works on macOS.' >&2; exit 1; }
[[ $# -ne 1 ]] && { echo 'notarize-macos-pkg.sh <bundle_to_notarize>' >&2; exit 1; }
# Credential necessary for the upload.
[[ -z "${MACOS_NOTARIZE_TEAM_ID}" ]] && { echo -e "Missing env variable: MACOS_NOTARIZE_TEAM_ID" 1>&2; exit 1; }
[[ -z "${MACOS_NOTARIZE_USERNAME}" ]] && { echo -e "Missing env variable: MACOS_NOTARIZE_USERNAME" 1>&2; exit 1; }
[[ -z "${MACOS_NOTARIZE_PASSWORD}" ]] && { echo -e "Missing env variable: MACOS_NOTARIZE_PASSWORD" 1>&2; exit 1; }
# Path to MacOS bundle created by XCode.
BUNDLE_PATH="${1}"
# Notarization request check intervals/retries.
CHECK_INTERVAL_SEC="${CHECK_INTERVAL_SEC:-30}"
CHECK_RETRY_LIMIT="${CHECK_RETRY_LIMIT:-20}"
# Unique ID of MacOS application.
MACOS_BUNDLE_ID="${MACOS_BUNDLE_ID:-im.status.ethereum.desktop}"
# Log file path
NOTARIZATION_LOG="${NOTARIZATION_LOG:-${PWD}/notarization.log}"
function xcrun_altool() {
xcrun altool "${@}" \
--team-id "${MACOS_NOTARIZE_TEAM_ID}" \
--username "${MACOS_NOTARIZE_USERNAME}" \
--password "${MACOS_NOTARIZE_PASSWORD}" \
--output-format "json" \
2>&1 | tee -a "${NOTARIZATION_LOG}"
}
# Submit app for notarization. Should take 5-10 minutes.
echo -e "\n### Creating Notarization Request..."
OUT=$(xcrun_altool --notarize-app -f "${BUNDLE_PATH}" --primary-bundle-id "${MACOS_BUNDLE_ID}")
# Necessary to track notarization request progress.
REQUEST_UUID=$(echo "${OUT}" | jq -r '."notarization-upload".RequestUUID')
if [[ -z "${REQUEST_UUID}" ]] || [[ "${REQUEST_UUID}" == "null" ]]; then
echo "\n!!! FAILURE: No notarization request UUID found." >&1
echo "Full output:"
echo "${OUT}"
exit 1
fi
echo -e "\n### Request ID: ${REQUEST_UUID}"
# Check notarization ticket status periodically.
echo -e "\n### Checking Notarization Status..."
while sleep "${CHECK_INTERVAL_SEC}"; do
OUT=$(xcrun_altool --notarization-info "${REQUEST_UUID}")
# Once notarization is complete, run stapler and exit.
if $(echo "${OUT}" | jq -er '."notarization-info".Status == "in progress"'); then
((CHECK_RETRY_LIMIT-=1))
if [[ "${CHECK_RETRY_LIMIT}" -eq 0 ]]; then
echo -e "\n!!! FAILURE: Notarization timed out."
exit 1
fi
echo "In progress, sleeping ${CHECK_INTERVAL_SEC}s..."
elif $(echo "${OUT}" | jq -er '."notarization-info".Status == "success"'); then
echo -e "\n### Successful Notarization"
break
else
echo -e "\n!!! Notariztion Error"
echo "${OUT}" >&2
exit 1
fi
done
# Optional but preferrable to attach the ticket to the bundle.
echo -e "\n### Stapling Notarization Ticket..."
xcrun stapler staple "${BUNDLE_PATH}"
exit $?
Reference in New Issue View Git Blame Copy Permalink