Implement fully automated Notarization.

Requires jq be installed. Submits the release zip file to apple, waits for a result, and if the result is successfully, staples the notarization and builds the final packages. Very slow. A 2 minute build is now an 8+ minute build because we have to wait for Apple to catch up.
LibreGamesArchive · Jul 19, 2020 · a471c4f · a471c4f
1 parent 85761e7
commit a471c4f
Showing 1 changed file with 31 additions and 2 deletions.
diff --git a/Jenkinsfile b/Jenkinsfile
@@ -61,12 +61,41 @@ pipeline {
                             security unlock-keychain -p "${APPSIGNING_PASSWORD}" appsigning
                             codesign --keychain appsigning -s "${APPSIGNING_KEYID}" --options runtime,library --timestamp "bin/Strange Adventures in Infinite Space.app"
                             '''
-                            cpack installation: 'CMake 3.16.0'
+                            cpack installation: 'CMake 3.16.0',
+                                arguments: '-G ZIP'
                             sh '''
                             set +x
 
-                            xcrun altool --notarize-app  --primary-bundle-id "au.com.ecsim.SAISGPL" --username "${APPSIGNING_APPLEUSER}" --password "${APPSIGNING_APPLEPW}" --file SAIS-GPL-*-macOS-x86_64.zip
+                            PATH=/usr/local/bin:"${PATH}"
+                            export PATH
+
+                            xcrun altool --notarize-app  --primary-bundle-id "au.com.ecsim.SAISGPL" --username "${APPSIGNING_APPLEUSER}" --password "${APPSIGNING_APPLEPW}" --file SAIS-GPL-*-macOS-x86_64.zip --output-format xml | tee notarization-submission.plist
+                            plutil -convert json notarization-submission.plist
+                            REQUEST_ID="$(jq '."notarization-upload".RequestUUID' -r notarization-submission.plist)"
+                            echo "Notarization Request ID: ${REQUEST_ID}"
+
+                            NOTARIZATION_STATUS=""
+                            update_status () {
+                              xcrun altool --notarization-info "${REQUEST_ID}" --username "${APPSIGNING_APPLEUSER}" --password "${APPSIGNING_APPLEPW}" --output-format=xml > notarization-result.plist
+                              plutil -remove 'notarization-info.Date' notarization-result.plist
+                              plutil -convert json notarization-result.plist
+                              NOTARIZATION_STATUS="$(jq '."notarization-info".Status' -r notarization-result.plist)"
+                            }
+
+                            update_status
+                            echo "NOTARIZATION_STATUS is ${NOTARIZATION_STATUS}"
+                            while [ "${NOTARIZATION_STATUS}" = "in progress" ]; do
+                              sleep 60
+                              update_status
+                              echo "NOTARIZATION_STATUS is ${NOTARIZATION_STATUS}"
+                            done
+                            if [ "${NOTARIZATION_STATUS}" != "success" ]; then
+                              echo "Notarization failed."
+                              exit 1
+                            fi
+                            xcrun stapler staple -v "bin/Strange Adventures in Infinite Space.app"
                             '''
+                            cpack installation: 'CMake 3.16.0'
                             archiveArtifacts artifacts: 'SAIS-GPL-**', defaultExcludes: false, fingerprint: true
                         }
                     }