From 75e009f8d20c54b92b214592ceec9903f7dd24a5 Mon Sep 17 00:00:00 2001 From: falkTX Date: Fri, 8 Mar 2024 09:17:10 +0100 Subject: [PATCH] Deal with macOS notarization for plugins Signed-off-by: falkTX --- utils/package-osx-bundles.sh | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/utils/package-osx-bundles.sh b/utils/package-osx-bundles.sh index e858dbea..e0b9ab05 100755 --- a/utils/package-osx-bundles.sh +++ b/utils/package-osx-bundles.sh @@ -29,6 +29,10 @@ SNAME="$(echo ${NAME} | tr -d ' ' | tr '/' '-')" SKIP_START="" +if [ -n "${MACOS_INSTALLER_DEV_ID}" ]; then + PKG_SIGN_ARGS=(--sign "${MACOS_INSTALLER_DEV_ID}") +fi + rm -rf pkg mkdir pkg @@ -36,10 +40,12 @@ ENABLE_AU=$(find . -maxdepth 1 -name '*.component' -print -quit | grep -q '.comp if [ -n "${ENABLE_AU}" ]; then mkdir pkg/au cp -RL *.component pkg/au/ + [ -n "${MACOS_APP_DEV_ID}" ] && codesign -s "${MACOS_APP_DEV_ID}" --deep --force --verbose --option=runtime pkg/au/*.component pkgbuild \ --identifier "studio.kx.distrho.plugins.${SNAME}.components" \ --install-location "/Library/Audio/Plug-Ins/Components/" \ --root "${PWD}/pkg/au/" \ + "${PKG_SIGN_ARGS[@]}" \ ../dpf-${SNAME}-components.pkg else SKIP_AU_START="${SKIP_START}" @@ -50,10 +56,12 @@ ENABLE_CLAP=$(find . -maxdepth 1 -name '*.clap' -print -quit | grep -q '.clap' & if [ -n "${ENABLE_CLAP}" ]; then mkdir pkg/clap cp -RL *.clap pkg/clap/ + [ -n "${MACOS_APP_DEV_ID}" ] && codesign -s "${MACOS_APP_DEV_ID}" --deep --force --verbose --option=runtime pkg/clap/*.clap pkgbuild \ --identifier "studio.kx.distrho.plugins.${SNAME}.clapbundles" \ --install-location "/Library/Audio/Plug-Ins/CLAP/" \ --root "${PWD}/pkg/clap/" \ + "${PKG_SIGN_ARGS[@]}" \ ../dpf-${SNAME}-clapbundles.pkg else SKIP_CLAP_START="${SKIP_START}" @@ -64,10 +72,12 @@ ENABLE_LV2=$(find . -maxdepth 1 -name '*.lv2' -print -quit | grep -q '.lv2' && e if [ -n "${ENABLE_LV2}" ]; then mkdir pkg/lv2 cp -RL *.lv2 pkg/lv2/ + [ -n "${MACOS_APP_DEV_ID}" ] && codesign -s "${MACOS_APP_DEV_ID}" --force --verbose --option=runtime pkg/lv2/*.lv2/*.so pkgbuild \ --identifier "studio.kx.distrho.plugins.${SNAME}.lv2bundles" \ --install-location "/Library/Audio/Plug-Ins/LV2/" \ --root "${PWD}/pkg/lv2/" \ + "${PKG_SIGN_ARGS[@]}" \ ../dpf-${SNAME}-lv2bundles.pkg else SKIP_LV2_START="${SKIP_START}" @@ -78,10 +88,12 @@ ENABLE_VST2=$(find . -maxdepth 1 -name '*.vst' -print -quit | grep -q '.vst' && if [ -n "${ENABLE_VST2}" ]; then mkdir pkg/vst2 cp -RL *.vst pkg/vst2/ + [ -n "${MACOS_APP_DEV_ID}" ] && codesign -s "${MACOS_APP_DEV_ID}" --deep --force --verbose --option=runtime pkg/vst2/*.vst pkgbuild \ --identifier "studio.kx.distrho.plugins.${SNAME}.vst2bundles" \ --install-location "/Library/Audio/Plug-Ins/VST/" \ --root "${PWD}/pkg/vst2/" \ + "${PKG_SIGN_ARGS[@]}" \ ../dpf-${SNAME}-vst2bundles.pkg else SKIP_VST2_START="${SKIP_START}" @@ -92,10 +104,12 @@ ENABLE_VST3=$(find . -maxdepth 1 -name '*.vst3' -print -quit | grep -q '.vst3' & if [ -n "${ENABLE_VST3}" ]; then mkdir pkg/vst3 cp -RL *.vst3 pkg/vst3/ + [ -n "${MACOS_APP_DEV_ID}" ] && codesign -s "${MACOS_APP_DEV_ID}" --deep --force --verbose --option=runtime pkg/vst3/*.vst3 pkgbuild \ --identifier "studio.kx.distrho.plugins.${SNAME}.vst3bundles" \ --install-location "/Library/Audio/Plug-Ins/VST3/" \ --root "${PWD}/pkg/vst3/" \ + "${PKG_SIGN_ARGS[@]}" \ ../dpf-${SNAME}-vst3bundles.pkg else SKIP_VST3_START="${SKIP_START}" @@ -131,4 +145,8 @@ productbuild \ --identifier "studio.kx.distrho.${SNAME}" \ --package-path "${PWD}" \ --version 0 \ + "${PKG_SIGN_ARGS[@]}" \ ${SNAME}-macOS.pkg + +# xcrun notarytool submit build/*-macOS.pkg --keychain-profile "build-notary" --wait +# xcrun notarytool log --keychain-profile "build-notary" 00000000-0000-0000-0000-000000000000