Sign the DMG with the correct cert
It must be signed with a "Developer ID Application" certificate and not the "Developer ID Installer" certificate. And make sure to sign the app before copying it to the temporary DMG folder.
This commit is contained in:
parent
31d9789c4d
commit
9e0c1b0bd4
|
@ -89,7 +89,6 @@ IDENT=$(plist "${INSTALL_ROOT}/Audacity.app/Contents/Info.plist" "CFBundleIdenti
|
|||
# and unnotarized.
|
||||
#
|
||||
# CODESIGN_APP_IDENTITY="Developer ID Application:"
|
||||
# CODESIGN_DMG_IDENTITY="Developer ID Installer:"
|
||||
# NOTARIZE_USERNAME="specify your Apple developer email address"
|
||||
# NOTARIZE_PASSWORD="@keychain:APP_PASSWORD"
|
||||
#
|
||||
|
@ -104,7 +103,7 @@ SIGNING=
|
|||
if [ -r ~/.audacity_signing ]
|
||||
then
|
||||
source ~/.audacity_signing
|
||||
if [ -n "${CODESIGN_APP_IDENTITY}" -a -n "${CODESIGN_DMG_IDENTITY}" -a -n "${NOTARIZE_USERNAME}" -a -n "${NOTARIZE_PASSWORD}" ]
|
||||
if [ -n "${CODESIGN_APP_IDENTITY}" -a -n "${NOTARIZE_USERNAME}" -a -n "${NOTARIZE_PASSWORD}" ]
|
||||
then
|
||||
SIGNING="y"
|
||||
fi
|
||||
|
@ -123,10 +122,6 @@ chown -RH "${INSTALL_OWNER}:${INSTALL_GROUP}" "${TARGET_BUILD_DIR}"
|
|||
# Preclean
|
||||
rm -rf "$DMG" "$DMG.dmg" TMP.dmg
|
||||
|
||||
# Create structure
|
||||
mkdir "$DMG"
|
||||
cp -pR "${DSTROOT}/" "${DMG}"
|
||||
|
||||
# Sign and notarize the app
|
||||
if [ -n "${SIGNING}" ]
|
||||
then
|
||||
|
@ -138,22 +133,24 @@ then
|
|||
--options runtime \
|
||||
--entitlements "${SRCROOT}/${CODE_SIGN_ENTITLEMENTS}" \
|
||||
--sign "${CODESIGN_APP_IDENTITY}" \
|
||||
"${DMG}/Audacity.app"
|
||||
"${DSTROOT}/Audacity.app"
|
||||
|
||||
# Create the ZIP archive for notarization
|
||||
xcrun ditto -c -k --keepParent "${DMG}" "${DMG}.zip"
|
||||
xcrun ditto -c -k --keepParent "${DSTROOT}" "${DSTROOT}.zip"
|
||||
|
||||
# Send it off for notarization
|
||||
notarize "${DMG}.zip"
|
||||
notarize "${DSTROOT}.zip"
|
||||
|
||||
# Remove the zip file
|
||||
rm "${DMG}.zip"
|
||||
rm "${DSTROOT}.zip"
|
||||
|
||||
# Staple the app
|
||||
stapler staple "${DMG}/Audacity.app"
|
||||
stapler staple "${DSTROOT}/Audacity.app"
|
||||
fi
|
||||
|
||||
|
||||
# Create structure
|
||||
mkdir "$DMG"
|
||||
cp -pR "${DSTROOT}/" "${DMG}"
|
||||
|
||||
#Add a custom icon for the DMG
|
||||
#cp -p mac/Resources/Audacity.icns "${DMG}"/.VolumeIcon.icns
|
||||
|
@ -194,6 +191,7 @@ EOF
|
|||
# Make our DMG look pretty and install the custom background image
|
||||
echo '
|
||||
tell application "Finder"
|
||||
with timeout of 300 seconds
|
||||
tell disk "'$TITLE'"
|
||||
open
|
||||
set current view of container window to icon view
|
||||
|
@ -213,6 +211,7 @@ echo '
|
|||
delay 5
|
||||
eject
|
||||
end tell
|
||||
end timeout
|
||||
end tell
|
||||
' | osascript
|
||||
|
||||
|
@ -225,7 +224,7 @@ then
|
|||
xcrun codesign --verbose \
|
||||
--timestamp \
|
||||
--identifier "${IDENT}" \
|
||||
--sign "${CODESIGN_DMG_IDENTITY}" \
|
||||
--sign "${CODESIGN_APP_IDENTITY}" \
|
||||
"${DMG}.dmg"
|
||||
notarize "${DMG}.dmg"
|
||||
stapler staple "${DMG}.dmg"
|
||||
|
@ -233,7 +232,7 @@ fi
|
|||
|
||||
# Create zip version
|
||||
rm -rf "${DMG}/.background"
|
||||
rm -rf "${DMG}/Audacity.app/help/"
|
||||
rm -rf "${DMG}/Audacity.app/Contents/help"
|
||||
zip -r9 "${DMG}.zip" "${DMG}"
|
||||
|
||||
# Cleanup
|
||||
|
|
Loading…
Reference in New Issue