From a471c4fd1145aafc19201ad7529535bf366815f2 Mon Sep 17 00:00:00 2001 From: Chris Collins Date: Sun, 19 Jul 2020 22:11:54 +1000 Subject: [PATCH] Implement fully automated Notarization. Requires jq be installed. Submits the release zip file to apple, waits for a result, and if the result is successfully, staples the notarization and builds the final packages. Very slow. A 2 minute build is now an 8+ minute build because we have to wait for Apple to catch up. --- Jenkinsfile | 33 +++++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 88aaa23..f671bce 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -61,12 +61,41 @@ pipeline { security unlock-keychain -p "${APPSIGNING_PASSWORD}" appsigning codesign --keychain appsigning -s "${APPSIGNING_KEYID}" --options runtime,library --timestamp "bin/Strange Adventures in Infinite Space.app" ''' - cpack installation: 'CMake 3.16.0' + cpack installation: 'CMake 3.16.0', + arguments: '-G ZIP' sh ''' set +x - xcrun altool --notarize-app --primary-bundle-id "au.com.ecsim.SAISGPL" --username "${APPSIGNING_APPLEUSER}" --password "${APPSIGNING_APPLEPW}" --file SAIS-GPL-*-macOS-x86_64.zip + PATH=/usr/local/bin:"${PATH}" + export PATH + + xcrun altool --notarize-app --primary-bundle-id "au.com.ecsim.SAISGPL" --username "${APPSIGNING_APPLEUSER}" --password "${APPSIGNING_APPLEPW}" --file SAIS-GPL-*-macOS-x86_64.zip --output-format xml | tee notarization-submission.plist + plutil -convert json notarization-submission.plist + REQUEST_ID="$(jq '."notarization-upload".RequestUUID' -r notarization-submission.plist)" + echo "Notarization Request ID: ${REQUEST_ID}" + + NOTARIZATION_STATUS="" + update_status () { + xcrun altool --notarization-info "${REQUEST_ID}" --username "${APPSIGNING_APPLEUSER}" --password "${APPSIGNING_APPLEPW}" --output-format=xml > notarization-result.plist + plutil -remove 'notarization-info.Date' notarization-result.plist + plutil -convert json notarization-result.plist + NOTARIZATION_STATUS="$(jq '."notarization-info".Status' -r notarization-result.plist)" + } + + update_status + echo "NOTARIZATION_STATUS is ${NOTARIZATION_STATUS}" + while [ "${NOTARIZATION_STATUS}" = "in progress" ]; do + sleep 60 + update_status + echo "NOTARIZATION_STATUS is ${NOTARIZATION_STATUS}" + done + if [ "${NOTARIZATION_STATUS}" != "success" ]; then + echo "Notarization failed." + exit 1 + fi + xcrun stapler staple -v "bin/Strange Adventures in Infinite Space.app" ''' + cpack installation: 'CMake 3.16.0' archiveArtifacts artifacts: 'SAIS-GPL-**', defaultExcludes: false, fingerprint: true } }