Last active
May 20, 2024 04:33
-
-
Save Benitoite/d5054307b63f133eac9b246fc592d25b to your computer and use it in GitHub Desktop.
How to build GrandOrgue on macOS with apple notary
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| arm64: | |
| #!/bin/bash | |
| git clone https://github.com/GrandOrgue/grandorgue.git | |
| cd grandorgue | |
| mkdir build && cd build | |
| cmake -G "Unix Makefiles" -DDOCBOOK_DIR=/opt/homebrew/opt/docbook-xsl/docbook-xsl .. | |
| make -j8 | |
| Place .app artifact on desktop of x86_64 mac. | |
| x86_64: | |
| #!/bin/bash | |
| git clone https://github.com/GrandOrgue/grandorgue.git | |
| cd grandorgue | |
| mkdir build && cd build | |
| cmake -DDOCBOOK_DIR=/usr/local/opt/docbook-xsl/docbook-xsl -DCMAKE_OSX_DEPLOYMENT_TARGET=12.3 -DCMAKE_BUILD_TYPE=Release -DCMAKE_OSX_SYSROOT=/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX12.3.sdk .. | |
| make -j8 | |
| # temporarily move the links | |
| mkdir links | |
| for frame in GrandOrgue.app/Contents/Frameworks/* ; do | |
| echo $frame | |
| if [ -L $frame ] ; then | |
| mv $frame links | |
| fi | |
| done | |
| # Create Universal App | |
| for lib in GrandOrgue.app/Contents/Frameworks/* ; do | |
| lipo -create -output $(basename $lib) ~/Desktop/GrandOrgue.app/Contents/Frameworks/$(basename $lib) GrandOrgue.app/Contents/Frameworks/$(basename $lib) | |
| echo $lib | |
| done | |
| mv *dylib GrandOrgue.app/Contents/Frameworks | |
| for bins in GrandOrgue.app/Contents/MacOS/* ; do | |
| lipo -create -output $(basename $bins) ~/Desktop/GrandOrgue.app/Contents/MacOS/$(basename $bins) GrandOrgue.app/Contents/MacOS/$(basename $bins) | |
| echo $bins | |
| done | |
| mv GrandOrgue *PerfTest *Tool GrandOrgue.app/Contents/MacOS | |
| mv links/* GrandOrgue.app/Contents/Frameworks | |
| # hard-code instal_name_tool entries to /Applications | |
| for y in GrandOrgue.app/Contents/(Frameworks|MacOS)/*; do for x in $(otool -L $y | tail -n +2 | sed $'s/^[ \t]*//' | cut -d " " -f1 | grep @exec); do echo $x && install_name_tool -change $x /Applications/GrandOrgue.app/Contents/Frameworks/$(basename $x) $y; done; done | |
| # build the entitlements file | |
| echo "<?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>com.apple.application-identifier</key> | |
| <string>com.our-organ.GrandOrgue.</string> | |
| <key>com.apple.security.app-sandbox</key> | |
| <true/> | |
| <key>com.apple.security.cs.allow-dyld-environment-variables</key> | |
| <true/> | |
| <key>com.apple.security.temporary-exception.files.absolute-path.read-write</key> | |
| <array> | |
| <string>/</string> | |
| </array> | |
| </dict> | |
| </plist>" > go.entitlements | |
| # Codesign the app | |
| echo "Codesigning Application." | |
| for frame in GrandOrgue.app/Contents/Frameworks/* ; do | |
| echo $frame | |
| codesign -o runtime --entitlements go.entitlements --preserve-metadata=identifier --force --timestamp --strict -v -s "${CODESIGNID}" -i com.our-organ.GrandOrgue $frame | |
| done | |
| for resource in GrandOrgue.app/Contents/Resources/* ; do | |
| echo $resource | |
| if [ ! -d $resource ]; then | |
| codesign --preserve-metadata=identifier --force --timestamp --strict -v -s "${CODESIGNID}" -o runtime --entitlements go.entitlements -i com.our-organ.GrandOrgue $resource | |
| else | |
| for subresource in GrandOrgue.app/Contents/Resources/$(basename $resource)/* ; do | |
| if [ ! -d $subresource ]; then | |
| codesign -o runtime --entitlements go.entitlements --preserve-metadata=identifier --force --timestamp --strict -v -s "${CODESIGNID}" -i com.our-organ.GrandOrgue $subresource | |
| fi | |
| done | |
| fi | |
| done | |
| for macOS in GrandOrgue.app/Contents/MacOS/* ; do | |
| echo $frame | |
| codesign -o runtime --entitlements go.entitlements --preserve-metadata=identifier --force --timestamp --strict -v -s "${CODESIGNID}" -i com.our-organ.GrandOrgue $macOS | |
| done | |
| codesign -o runtime --entitlements go.entitlements --preserve-metadata=identifier --force --timestamp --strict -v -s "${CODESIGNID}" -i com.our-organ.GrandOrgue GrandOrgue.app | |
| spctl -a -vvvv GrandOrgue.app | |
| # Notarize the app | |
| ditto -c -k --sequesterRsrc --keepParent GrandOrgue.app GrandOrgue.zip | |
| sudo xcrun notarytool submit GrandOrgue.zip --apple-id ########## --team-id ########## --password ####-####-####-#### --wait | |
| stapler staple GrandOrgue.app | |
| # Make and notarize the dmg | |
| mkdir GrandOrgue | |
| mv GrandOrgue.app GrandOrgue | |
| create-dmg --app-drop-link 50 50 --eula ../LICENSE grandorgue$(cat ../version.txt).dmg GrandOrgue | |
| ditto -c -k --sequesterRsrc --keepParent grandorgue*.dmg GrandOrgue.dmg.zip | |
| sudo xcrun notarytool submit GrandOrgue.dmg.zip --apple-id ########## --team-id ########## --password ####-####-####-#### --wait | |
| # end of script |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment