-
Notifications
You must be signed in to change notification settings - Fork 7
/
Makefile
118 lines (83 loc) · 3.26 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
# Makefile for qlZipInfo
# project settings
PROJNAME = qlZipInfo
PROJEXT = qlgenerator
PROJVERS = 1.2.8
BUNDLEID = "org.calalum.ranga.$(PROJNAME)"
# extra files to include in the package
SUPPORT_FILES = README.txt LICENSE.txt
# code signing information
include ../sign.mk
# build and packaging tools
XCODEBUILD = /usr/bin/xcodebuild
XCRUN = /usr/bin/xcrun
HIUTIL = /usr/bin/hiutil
ALTOOL = $(XCRUN) altool
NOTARYTOOL = xcrun notarytool
STAPLER = $(XCRUN) stapler
HDIUTIL = /usr/bin/hdiutil
CODESIGN = /usr/bin/codesign
GPG = /opt/local/bin/gpg
# code sign arguments
# based on:
# https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/customizing_the_notarization_workflow
# https://stackoverflow.com/questions/53112078/how-to-upload-dmg-file-for-notarization-in-xcode
CODESIGN_ARGS = --force \
--verify \
--verbose \
--timestamp \
--options runtime \
--sign $(SIGNID)
# Xcode build target
BUILD_CONFIG = Release
# build results directory
BUILD_RESULTS_DIR = build/$(BUILD_CONFIG)/$(PROJNAME).$(PROJEXT)
BUILD_RESULTS_FRAMEWORKS_DIR = $(BUILD_RESULTS_DIR)/Contents/Frameworks/
# build the app
all:
$(XCODEBUILD) -project $(PROJNAME).xcodeproj -configuration $(BUILD_CONFIG)
# sign the app, if frameworks are included, then sign_frameworks should
# be the pre-requisite target instead of "all"
sign: sign_frameworks
$(CODESIGN) $(CODESIGN_ARGS) $(BUILD_RESULTS_DIR)
# sign any included frameworks (not always needed)
sign_frameworks: all
if [ -d $(BUILD_RESULTS_FRAMEWORKS_DIR) ] ; then \
$(CODESIGN) $(CODESIGN_ARGS) \
$(BUILD_RESULTS_FRAMEWORKS_DIR) ; \
fi
# create a disk image with the signed app
dmg: all sign
/bin/mkdir $(PROJNAME)-$(PROJVERS)
/bin/mv build/Release/$(PROJNAME).$(PROJEXT) $(PROJNAME)-$(PROJVERS)
/bin/cp $(SUPPORT_FILES) $(PROJNAME)-$(PROJVERS)
$(HDIUTIL) create -srcfolder $(PROJNAME)-$(PROJVERS) \
-format UDBZ $(PROJNAME)-$(PROJVERS).dmg
# sign the disk image
sign_dmg: dmg
$(CODESIGN) $(CODESIGN_ARGS) $(PROJNAME)-$(PROJVERS).dmg
# notarize the signed disk image
# Xcode13 notarization
# See: https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/customizing_the_notarization_workflow?preferredLanguage=occ
# https://scriptingosx.com/2021/07/notarize-a-command-line-tool-with-notarytool/
# https://indiespark.top/programming/new-xcode-13-notarization/
notarize: sign_dmg
$(NOTARYTOOL) submit $(PROJNAME)-$(PROJVERS).dmg \
--apple-id $(USERID) --team-id $(TEAMID) \
--wait
# Pre-Xcode13 notarization
notarize_old: sign_dmg
$(ALTOOL) --notarize-app \
--primary-bundle-id $(BUNDLEID) \
--username $(USERID) \
--file $(PROJNAME)-$(PROJVERS).dmg
# staple the ticket to the dmg
staple: notarize
$(STAPLER) staple $(PROJNAME)-$(PROJVERS).dmg
$(STAPLER) validate $(PROJNAME)-$(PROJVERS).dmg
# sign the dmg with a gpg public key
clearsign: staple
$(GPG) -asb $(PROJNAME)-$(PROJVERS).dmg
clean:
/bin/rm -rf ./build $(PROJNAME)-$(PROJVERS) $(PROJNAME)-$(PROJVERS).dmg
$(XCODEBUILD) -project $(PROJNAME).xcodeproj -alltargets clean