xcrun notarytool replacement for macOS 10.14 using ssh

notarytool_remote.sh

#!/bin/bash
#
# Replacement commandline tool of "notarytool" for 10.14.
# Will ssh to host specified and run "xcrun notarytool" on
# that server.
#
# Arguments are copied as is, and expects the last argument to
# be the filename.
#
# notarytool_remote.sh submit --wait 
#     --apple-id "$APPLE_ID" 
#     --team-id "$TEAM_ID" 
#     --password "$PKG_NOTARIZE_KEY" 
#     my_package_to_notarize.pkg
#
# 2023/12/09 : [email protected] : epoch
#

# Add "user@" if you don't have matching usernames
NOTARY_HOST=192.168.11.79

# Fetch the last argument so we can scp it.
filename="${@: -1}"
name=$(basename "$filename")

# Remove the last argument, so we can copy arguments verbatim
set -- "${@:1:$(($#-1))}"

# SSH setup, use ssh-multiplex. You can just as easily use ssh keys
# and Authorized_Keys.

# Based on current user's homedir
MUXPATH=~/.ssh/ssh-mux
mkdir -p "$MUXPATH"
SSHMUX="$MUXPATH/%L-%r@%h:%p"

echo "Starting ssh multiplex ($SSHMUX) ..."
echo "Enter the password for $NOTARY_HOST"
ssh -nNf -o ControlMaster=yes -o "ControlPath=$SSHMUX" $NOTARY_HOST

echo "Copying file $name to $NOTARY_HOST ... "

scp -o "ControlPath=$SSHMUX" "$filename" $NOTARY_HOST:/var/tmp/$name

echo "Running notarytool ..."
ssh -o "ControlPath=$SSHMUX" $NOTARY_HOST "xcrun notarytool $* /var/tmp/$name"
ret=$?

if [ $ret == 0 ]; then
    echo "Success; copying file back ..."
    scp -o "ControlPath=$SSHMUX" $NOTARY_HOST:"/var/tmp/$name" "$filename"
else
    echo "Remote notarytool returned $ret - failed."
fi

echo "Tearing down ssh multiplex ..."
ssh -O exit -o "ControlPath=$SSHMUX" $NOTARY_HOST

echo "Done."
exit $ret