-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathbuild-pkg-signed.sh
More file actions
executable file
·87 lines (71 loc) · 2.41 KB
/
build-pkg-signed.sh
File metadata and controls
executable file
·87 lines (71 loc) · 2.41 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
#!/bin/bash
set -e
echo "Building signed and notarized OpenInFinder PKG installer..."
# Check for required environment variables
if [ -z "$DEVELOPER_ID_INSTALLER" ]; then
echo "Error: DEVELOPER_ID_INSTALLER environment variable not set"
echo "Set it to your Developer ID Installer certificate name:"
echo "export DEVELOPER_ID_INSTALLER=\"Developer ID Installer: Your Name (TEAMID)\""
exit 1
fi
if [ -z "$DEVELOPER_ID_APPLICATION" ]; then
echo "Error: DEVELOPER_ID_APPLICATION environment variable not set"
echo "Set it to your Developer ID Application certificate name:"
echo "export DEVELOPER_ID_APPLICATION=\"Developer ID Application: Your Name (TEAMID)\""
exit 1
fi
# Clean up previous builds
rm -rf installer/payload/Applications/OpenInFinder.app
rm -f OpenInFinder.pkg OpenInFinder-signed.pkg
# Build the app first
echo "Building app..."
./build.sh
# Sign the app
echo "Signing app..."
codesign --force --options runtime --sign "$DEVELOPER_ID_APPLICATION" OpenInFinder.app
# Verify app signature
echo "Verifying app signature..."
codesign --verify --verbose OpenInFinder.app
# Copy signed app to installer payload
echo "Preparing installer payload..."
cp -r OpenInFinder.app installer/payload/Applications/
# Build the PKG
echo "Creating PKG installer..."
pkgbuild \
--root installer/payload \
--scripts installer/scripts \
--identifier com.alexzidros.openinfinder \
--version 1.0.3 \
--install-location / \
--sign "$DEVELOPER_ID_INSTALLER" \
OpenInFinder-signed.pkg
if [ $? -ne 0 ]; then
echo "✗ Failed to create signed PKG installer"
exit 1
fi
echo "✓ Signed PKG installer created: OpenInFinder-signed.pkg"
# Notarize the PKG
echo "Submitting for notarization..."
xcrun notarytool submit OpenInFinder-signed.pkg \
--keychain-profile "OpenInFinder" \
--wait
if [ $? -ne 0 ]; then
echo "✗ Notarization failed"
exit 1
fi
# Staple the notarization
echo "Stapling notarization..."
xcrun stapler staple OpenInFinder-signed.pkg
if [ $? -eq 0 ]; then
echo "✓ Signed and notarized PKG installer created successfully: OpenInFinder-signed.pkg"
echo ""
echo "The installer is now ready for distribution!"
echo ""
echo "To install:"
echo " sudo installer -pkg OpenInFinder-signed.pkg -target /"
echo ""
echo "Or double-click OpenInFinder-signed.pkg to install via GUI"
else
echo "✗ Failed to staple notarization"
exit 1
fi