From 60851ef1a69a22b5efc43223363d3a4f62b1167e Mon Sep 17 00:00:00 2001 From: Owen Rudge Date: Tue, 12 Jan 2021 21:47:08 +0000 Subject: Feature: Sign macOS builds --- os/macosx/Info.plist.in | 2 +- os/macosx/notarize.sh | 58 +++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+), 1 deletion(-) create mode 100755 os/macosx/notarize.sh (limited to 'os') diff --git a/os/macosx/Info.plist.in b/os/macosx/Info.plist.in index b3285589d..04d6ea6d3 100644 --- a/os/macosx/Info.plist.in +++ b/os/macosx/Info.plist.in @@ -8,7 +8,7 @@ CFBundleDisplayName ${CPACK_BUNDLE_NAME} CFBundleExecutable - ${CPACK_BUNDLE_NAME} + openttd CFBundleGetInfoString #CPACK_PACKAGE_VERSION#, Copyright 2004-${CURRENT_YEAR} The OpenTTD team CFBundleIconFile diff --git a/os/macosx/notarize.sh b/os/macosx/notarize.sh new file mode 100755 index 000000000..3434c3125 --- /dev/null +++ b/os/macosx/notarize.sh @@ -0,0 +1,58 @@ +#!/bin/bash +set -e + +# This script attempts to notarize the OpenTTD DMG generated by CPack. +# If you are building an unofficial branch of OpenTTD, please change the bundle +# ID in Info.plist and below. +# +# This uses `gon' to perform notarization: +# +# https://github.com/mitchellh/gon +# +# Follow the setup instructions on the gon site to install. +# +# Before executing this script, you must first configure CMake with at least the following +# parameters: +# +# -DCPACK_BUNDLE_APPLE_CERT_APP={certificate ID} +# "-DCPACK_BUNDLE_APPLE_CODESIGN_PARAMETER=--deep -f --options runtime" +# +# then run "make package" or "cpack". +# +# This will sign the application with your signing certificate, and will enable +# the hardened runtime. +# +# You also need to set your Apple Developer username and password (app-specific password +# is recommended) in the AC_USERNAME and AC_PASSWORD environment variables. +# +# Then, ensuring you're in your build directory and that the "bundles" directory +# exists with a .dmg in it (clear out any old DMGs first), run: +# +# ../os/macosx/notarize.sh + +if [ -z "${AC_USERNAME}" ]; then + echo AC_USERNAME not set, skipping notarization. + exit 0 +fi; + +dmg_filename=(bundles/*.dmg) + +if [ "${dmg_filename}" = "bundles/*.dmg" ]; then + echo "No .dmg found in the bundles directory, skipping notarization. Please read this" + echo "script's source for execution instructions." + exit 1 +fi; + +cat < notarize.json +{ + "notarize": [ + { + "path": "${dmg_filename[0]}", + "bundle_id": "org.openttd.openttd", + "staple": true + } + ] +} +EOF + +gon notarize.json -- cgit v1.2.3-70-g09d2