Fix signing and notarization of prefPane

jitouch/Jitouch/Jitouch.xcodeproj/project.pbxproj

@@ -316,8 +316,9 @@
 				CLANG_ENABLE_OBJC_WEAK = YES;
 				CODE_SIGN_ENTITLEMENTS = JitouchDebug.entitlements;
 				CODE_SIGN_IDENTITY = "Apple Development";
+				"CODE_SIGN_IDENTITY[sdk=macosx*]" = "Apple Development";
 				CODE_SIGN_INJECT_BASE_ENTITLEMENTS = YES;
-				CODE_SIGN_STYLE = Manual;
+				CODE_SIGN_STYLE = Automatic;
 				COMBINE_HIDPI_IMAGES = YES;
 				COPY_PHASE_STRIP = NO;
 				CURRENT_PROJECT_VERSION = "2.82.1-beta.1";
@@ -341,7 +342,7 @@
 				ONLY_ACTIVE_ARCH = YES;
 				PRODUCT_BUNDLE_IDENTIFIER = com.jitouch.Jitouch;
 				PRODUCT_NAME = Jitouch;
-				PROVISIONING_PROFILE_SPECIFIER = "Jitouch aeolus development";
+				PROVISIONING_PROFILE_SPECIFIER = "";
 				STRIP_INSTALLED_PRODUCT = YES;
 			};
 			name = Debug;

prefpane/Jitouch.xcodeproj/project.pbxproj

@@ -381,7 +381,7 @@
 					arm64e,
 				);
 				CLANG_ENABLE_OBJC_WEAK = YES;
-				CODE_SIGN_IDENTITY = "Apple Development";
+				CODE_SIGN_IDENTITY = "Developer ID Application";
 				CODE_SIGN_STYLE = Manual;
 				COMBINE_HIDPI_IMAGES = YES;
 				CURRENT_PROJECT_VERSION = "2.82.1-beta.1";

scripts/sign-installer.sh

@@ -3,22 +3,26 @@
 set -Eeuo pipefail
 
 CURRENT_PROJECT_VERSION="$1"  # e.g. 2.75
+[[ "${CURRENT_PROJECT_VERSION::1}" != "v" && "${CURRENT_PROJECT_VERSION::1}" != "V" ]] || { echo "using version name without v"; CURRENT_PROJECT_VERSION="${CURRENT_PROJECT_VERSION:1}"; }
+
 BUILT_PRODUCTS_DIR="build/Jitouch_${CURRENT_PROJECT_VERSION}"
 OBJROOT=build/staging
 PRODUCT_BUNDLE_IDENTIFIER="com.jitouch.Jitouch"
 signing_cert="Developer ID Installer: Aaron Kollasch (5UQY3B3594)"
 
-[[ "${CURRENT_PROJECT_VERSION::1}" != "v" && "${CURRENT_PROJECT_VERSION::1}" != "V" ]] || { echo "using version name without v"; CURRENT_PROJECT_VERSION="${CURRENT_PROJECT_VERSION:1}"; }
-
-zip "${BUILT_PRODUCTS_DIR}/Jitouch.prefPane.zip" "${BUILT_PRODUCTS_DIR}/Jitouch.prefPane"
+echo "Notarizing Jitouch.prefPane"
+( cd "$BUILT_PRODUCTS_DIR" && zip -r "Jitouch.prefPane.zip" "Jitouch.prefPane" )
 xcrun notarytool submit "${BUILT_PRODUCTS_DIR}/Jitouch.prefPane.zip" --keychain-profile "aaron@kollasch.dev" --wait
 xcrun stapler staple "${BUILT_PRODUCTS_DIR}/Jitouch.prefPane"
 
+echo "Making Install-Jitouch.pkg"
 rm -rf "$OBJROOT"/*
 mkdir -p "$OBJROOT/pkg_staging/"
 cp -rp ${BUILT_PRODUCTS_DIR}/Jitouch.prefPane ${OBJROOT}/pkg_staging/Jitouch.prefPane
 pkgbuild --root ${OBJROOT}/pkg_staging/ --component-plist prefpane/components.plist --identifier ${PRODUCT_BUNDLE_IDENTIFIER} --version ${CURRENT_PROJECT_VERSION} --sign "${signing_cert}" --timestamp "${OBJROOT}/JitouchPrefpane.pkg"  --install-location /Library/PreferencePanes
 productbuild --distribution prefpane/distribution.xml --package-path ${OBJROOT} --identifier ${PRODUCT_BUNDLE_IDENTIFIER} --version ${CURRENT_PROJECT_VERSION} --sign "${signing_cert}" --timestamp "${BUILT_PRODUCTS_DIR}/Install-Jitouch.pkg"
+
+echo "Notarizing Install-Jitouch.pkg"
 xcrun notarytool submit "${BUILT_PRODUCTS_DIR}/Install-Jitouch.pkg" --keychain-profile "aaron@kollasch.dev" --wait
 spctl --assess -vv --type install "${BUILT_PRODUCTS_DIR}/Install-Jitouch.pkg"