commit 75e009f8d20c54b92b214592ceec9903f7dd24a5
parent 51edc8b6e3c636f29b5fca801bfb2551b0634b91
Author: falkTX <falktx@falktx.com>
Date: Fri, 8 Mar 2024 09:16:43 +0100
Deal with macOS notarization for plugins
Signed-off-by: falkTX <falktx@falktx.com>
Diffstat:
1 file changed, 18 insertions(+), 0 deletions(-)
diff --git a/utils/package-osx-bundles.sh b/utils/package-osx-bundles.sh
@@ -29,6 +29,10 @@ SNAME="$(echo ${NAME} | tr -d ' ' | tr '/' '-')"
SKIP_START="<!--"
SKIP_END="-->"
+if [ -n "${MACOS_INSTALLER_DEV_ID}" ]; then
+ PKG_SIGN_ARGS=(--sign "${MACOS_INSTALLER_DEV_ID}")
+fi
+
rm -rf pkg
mkdir pkg
@@ -36,10 +40,12 @@ ENABLE_AU=$(find . -maxdepth 1 -name '*.component' -print -quit | grep -q '.comp
if [ -n "${ENABLE_AU}" ]; then
mkdir pkg/au
cp -RL *.component pkg/au/
+ [ -n "${MACOS_APP_DEV_ID}" ] && codesign -s "${MACOS_APP_DEV_ID}" --deep --force --verbose --option=runtime pkg/au/*.component
pkgbuild \
--identifier "studio.kx.distrho.plugins.${SNAME}.components" \
--install-location "/Library/Audio/Plug-Ins/Components/" \
--root "${PWD}/pkg/au/" \
+ "${PKG_SIGN_ARGS[@]}" \
../dpf-${SNAME}-components.pkg
else
SKIP_AU_START="${SKIP_START}"
@@ -50,10 +56,12 @@ ENABLE_CLAP=$(find . -maxdepth 1 -name '*.clap' -print -quit | grep -q '.clap' &
if [ -n "${ENABLE_CLAP}" ]; then
mkdir pkg/clap
cp -RL *.clap pkg/clap/
+ [ -n "${MACOS_APP_DEV_ID}" ] && codesign -s "${MACOS_APP_DEV_ID}" --deep --force --verbose --option=runtime pkg/clap/*.clap
pkgbuild \
--identifier "studio.kx.distrho.plugins.${SNAME}.clapbundles" \
--install-location "/Library/Audio/Plug-Ins/CLAP/" \
--root "${PWD}/pkg/clap/" \
+ "${PKG_SIGN_ARGS[@]}" \
../dpf-${SNAME}-clapbundles.pkg
else
SKIP_CLAP_START="${SKIP_START}"
@@ -64,10 +72,12 @@ ENABLE_LV2=$(find . -maxdepth 1 -name '*.lv2' -print -quit | grep -q '.lv2' && e
if [ -n "${ENABLE_LV2}" ]; then
mkdir pkg/lv2
cp -RL *.lv2 pkg/lv2/
+ [ -n "${MACOS_APP_DEV_ID}" ] && codesign -s "${MACOS_APP_DEV_ID}" --force --verbose --option=runtime pkg/lv2/*.lv2/*.so
pkgbuild \
--identifier "studio.kx.distrho.plugins.${SNAME}.lv2bundles" \
--install-location "/Library/Audio/Plug-Ins/LV2/" \
--root "${PWD}/pkg/lv2/" \
+ "${PKG_SIGN_ARGS[@]}" \
../dpf-${SNAME}-lv2bundles.pkg
else
SKIP_LV2_START="${SKIP_START}"
@@ -78,10 +88,12 @@ ENABLE_VST2=$(find . -maxdepth 1 -name '*.vst' -print -quit | grep -q '.vst' &&
if [ -n "${ENABLE_VST2}" ]; then
mkdir pkg/vst2
cp -RL *.vst pkg/vst2/
+ [ -n "${MACOS_APP_DEV_ID}" ] && codesign -s "${MACOS_APP_DEV_ID}" --deep --force --verbose --option=runtime pkg/vst2/*.vst
pkgbuild \
--identifier "studio.kx.distrho.plugins.${SNAME}.vst2bundles" \
--install-location "/Library/Audio/Plug-Ins/VST/" \
--root "${PWD}/pkg/vst2/" \
+ "${PKG_SIGN_ARGS[@]}" \
../dpf-${SNAME}-vst2bundles.pkg
else
SKIP_VST2_START="${SKIP_START}"
@@ -92,10 +104,12 @@ ENABLE_VST3=$(find . -maxdepth 1 -name '*.vst3' -print -quit | grep -q '.vst3' &
if [ -n "${ENABLE_VST3}" ]; then
mkdir pkg/vst3
cp -RL *.vst3 pkg/vst3/
+ [ -n "${MACOS_APP_DEV_ID}" ] && codesign -s "${MACOS_APP_DEV_ID}" --deep --force --verbose --option=runtime pkg/vst3/*.vst3
pkgbuild \
--identifier "studio.kx.distrho.plugins.${SNAME}.vst3bundles" \
--install-location "/Library/Audio/Plug-Ins/VST3/" \
--root "${PWD}/pkg/vst3/" \
+ "${PKG_SIGN_ARGS[@]}" \
../dpf-${SNAME}-vst3bundles.pkg
else
SKIP_VST3_START="${SKIP_START}"
@@ -131,4 +145,8 @@ productbuild \
--identifier "studio.kx.distrho.${SNAME}" \
--package-path "${PWD}" \
--version 0 \
+ "${PKG_SIGN_ARGS[@]}" \
${SNAME}-macOS.pkg
+
+# xcrun notarytool submit build/*-macOS.pkg --keychain-profile "build-notary" --wait
+# xcrun notarytool log --keychain-profile "build-notary" 00000000-0000-0000-0000-000000000000
