diff options
Diffstat (limited to 'desktop/package/macos/build.py')
-rwxr-xr-x | desktop/package/macos/build.py | 63 |
1 files changed, 36 insertions, 27 deletions
diff --git a/desktop/package/macos/build.py b/desktop/package/macos/build.py index 0ba23129..98b39f48 100755 --- a/desktop/package/macos/build.py +++ b/desktop/package/macos/build.py @@ -5,6 +5,7 @@ import subprocess import argparse import shutil import glob +import itertools root = os.path.dirname( os.path.dirname( @@ -15,6 +16,24 @@ root = os.path.dirname( ) +def codesign(path, entitlements, identity): + run( + [ + "codesign", + "--sign", + identity, + "--entitlements", + str(entitlements), + "--timestamp", + "--deep", + str(path), + "--force", + "--options", + "runtime", + ] + ) + + def run(cmd, cwd=None): subprocess.run(cmd, cwd=cwd, check=True) @@ -53,39 +72,29 @@ def main(): if args.with_codesign: identity_name_application = "Developer ID Application: Micah Lee (N9B95FDWH4)" - entitlements_child_filename = os.path.join( + entitlements_child_plist_path = os.path.join( desktop_dir, "package", "macos", "ChildEntitlements.plist" ) - entitlements_filename = os.path.join( + entitlements_plist_path = os.path.join( desktop_dir, "package", "macos", "Entitlements.plist" ) print("○ Code signing app bundle") - run( - [ - "codesign", - "--deep", - "-s", - identity_name_application, - "--force", - "--entitlements", - entitlements_child_filename, - "--timestamp", - app_path, - ] - ) - run( - [ - "codesign", - "-s", - identity_name_application, - "--force", - "--entitlements", - entitlements_filename, - "--timestamp", - app_path, - ] - ) + for path in itertools.chain( + glob.glob(f"{app_path}/Contents/Resources/app_packages/**/*.dylib", recursive=True), + glob.glob(f"{app_path}/Contents/Resources/app_packages/**/*.so", recursive=True), + glob.glob(f"{app_path}/Contents/Resources/Support/**/*.dylib", recursive=True), + glob.glob(f"{app_path}/Contents/Resources/Support/**/*.so", recursive=True), + glob.glob(f"{app_path}/Contents/Resources/app_packages/PySide2/Qt/lib/**/Versions/5/*", recursive=True), + ): + codesign(path, entitlements_plist_path, identity_name_application) + # for path in [ + # f"{app_path}/Contents/Resources/app/onionshare/resources/tor/libevent-2.1.7.dylib", + # f"{app_path}/Contents/Resources/app/onionshare/resources/tor/obfs4proxy", + # f"{app_path}/Contents/Resources/app/onionshare/resources/tor/tor", + # ]: + # codesign(path, entitlements_child_plist_path, identity_name_application) + codesign(app_path, entitlements_plist_path, identity_name_application) print(f"○ Signed app bundle: {app_path}") if not os.path.exists("/usr/local/bin/create-dmg"): |