From 60851ef1a69a22b5efc43223363d3a4f62b1167e Mon Sep 17 00:00:00 2001
From: Owen Rudge <owen@owenrudge.net>
Date: Tue, 12 Jan 2021 21:47:08 +0000
Subject: Feature: Sign macOS builds

---
 os/macosx/Info.plist.in |  2 +-
 os/macosx/notarize.sh   | 58 +++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 59 insertions(+), 1 deletion(-)
 create mode 100755 os/macosx/notarize.sh

(limited to 'os')

diff --git a/os/macosx/Info.plist.in b/os/macosx/Info.plist.in
index b3285589d..04d6ea6d3 100644
--- a/os/macosx/Info.plist.in
+++ b/os/macosx/Info.plist.in
@@ -8,7 +8,7 @@
         <key>CFBundleDisplayName</key>
         <string>${CPACK_BUNDLE_NAME}</string>
         <key>CFBundleExecutable</key>
-        <string>${CPACK_BUNDLE_NAME}</string>
+        <string>openttd</string>
         <key>CFBundleGetInfoString</key>
         <string>#CPACK_PACKAGE_VERSION#, Copyright 2004-${CURRENT_YEAR} The OpenTTD team</string>
         <key>CFBundleIconFile</key>
diff --git a/os/macosx/notarize.sh b/os/macosx/notarize.sh
new file mode 100755
index 000000000..3434c3125
--- /dev/null
+++ b/os/macosx/notarize.sh
@@ -0,0 +1,58 @@
+#!/bin/bash
+set -e
+
+# This script attempts to notarize the OpenTTD DMG generated by CPack.
+# If you are building an unofficial branch of OpenTTD, please change the bundle
+# ID in Info.plist and below.
+#
+# This uses `gon' to perform notarization:
+#
+#   https://github.com/mitchellh/gon
+#
+# Follow the setup instructions on the gon site to install.
+#
+# Before executing this script, you must first configure CMake with at least the following
+# parameters:
+#
+# -DCPACK_BUNDLE_APPLE_CERT_APP={certificate ID}
+# "-DCPACK_BUNDLE_APPLE_CODESIGN_PARAMETER=--deep -f --options runtime"
+#
+# then run "make package" or "cpack".
+#
+# This will sign the application with your signing certificate, and will enable
+# the hardened runtime.
+#
+# You also need to set your Apple Developer username and password (app-specific password
+# is recommended) in the AC_USERNAME and AC_PASSWORD environment variables.
+#
+# Then, ensuring you're in your build directory and that the "bundles" directory
+# exists with a .dmg in it (clear out any old DMGs first), run:
+#
+# ../os/macosx/notarize.sh
+
+if [ -z "${AC_USERNAME}" ]; then
+    echo AC_USERNAME not set, skipping notarization.
+    exit 0
+fi;
+
+dmg_filename=(bundles/*.dmg)
+
+if [ "${dmg_filename}" = "bundles/*.dmg" ]; then
+    echo "No .dmg found in the bundles directory, skipping notarization. Please read this"
+    echo "script's source for execution instructions."
+    exit 1
+fi;
+
+cat <<EOF > notarize.json
+{
+   "notarize": [
+      {
+         "path": "${dmg_filename[0]}",
+         "bundle_id": "org.openttd.openttd",
+         "staple": true
+      }
+   ]
+}
+EOF
+
+gon notarize.json
-- 
cgit v1.2.3-54-g00ecf