An xcode post archive action that checks for Gatekeeper compatibility using spctl. For a given Xcode scheme put something like this into the scheme archive post-actions script.

post-archive-build-action.sh

if [ "${CONFIGURATION}" == "Release" ]; then

    # xcode post build action for build/archive cannot directly return or log error conditions but we can:
    # 1. put up a dialog
    # 2. post a notification
    # 3. say someting
    # 4. write to the syslog
    # 5. write to a file and open the file

    # Execute a project folder script.
    # Note that Git checkout may mutate the excute permissions
    #${PROJECT_DIR}/${PROJECT_NAME}/script.sh

    # audible feedback
    say "Processing post action script for ${PROJECT_NAME}"

    # show avaiable vars - helps a lot when debugging
    SHOW_EXPORTS=0
    if [ $SHOW_EXPORTS -eq 1 ]; then
        OUT_FILE="${HOME}/Desktop/${PROJECT_NAME}-xcode-post-action-exports.txt"
        rm "${OUT_FILE}"
        export -p > "${OUT_FILE}"
        open "${OUT_FILE}"
    fi

    # make archived app path
    APP_PATH="${ARCHIVE_PRODUCTS_PATH}/Applications/${EXECUTABLE_PATH}"

    # update syslog
    syslog -s -l Error "xcode-post-action APP_PATH = ${APP_PATH}"

    # do Gatekeeper security check
    spctl -vvvvv --assess --type execute "${APP_PATH}"
    SPCTL_OUT=$?

    # output result
    syslog -s -l Error "xcode-post-action spctl result code = $SPCTL_OUT"
    if [ $SPCTL_OUT -eq 0 ]; then
        say "Gatekeeper security check passed for ${PROJECT_NAME}"
        osascript -e 'display notification "Gatekeeper security check passed" with title "Archive Security Check"'
    else
    say "Gatekeeper security check faile for ${PROJECT_NAME}"
        osascript -e 'tell app "Xcode" to display dialog "Security failure: spctl rejected app and Gatekeeper will too." buttons {"Okay"} default button "Okay"'
    fi
fi