Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[stable-3.15] mac-crafter: Fix codesigning of app bundle when auto-updater is excluded #7617

Merged
merged 2 commits into from
Dec 9, 2024
Merged

[stable-3.15] mac-crafter: Fix codesigning of app bundle when auto-updater is excluded #7617

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
9fcbd42
mac-crafter: Check if path to trecursively codesign exists and throw …
claucambra Dec 5, 2024
db11d46
mac-crafter: Only attempt sparkle codesign if it exists in the app bu…
claucambra Dec 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 18 additions & 6 deletions admin/osx/mac-crafter/Sources/Utils/Codesign.swift
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ enum CodeSigningError: Error {
}

enum AppBundleSigningError: Error {
case doesNotExist(String)
case couldNotEnumerate(String)
}

Expand Down Expand Up @@ -64,6 +65,10 @@ func recursivelyCodesign(
skip: [String] = []
) throws {
let fm = FileManager.default
guard fm.fileExists(atPath: path) else {
throw AppBundleSigningError.doesNotExist("Item at \(path) does not exist.")
}

guard let pathEnumerator = fm.enumerator(atPath: path) else {
throw AppBundleSigningError.couldNotEnumerate(
"Failed to enumerate directory at \(path)."
Expand Down Expand Up @@ -118,14 +123,21 @@ func codesignClientAppBundle(
// Multiple components of the app will now have the get-task-allow entitlements.
// We need to strip these out manually.

print("Code-signing Sparkle autoupdater app (without entitlements)...")
let sparkleFrameworkPath = "\(frameworksPath)/Sparkle.framework"
try recursivelyCodesign(path: "\(sparkleFrameworkPath)/Resources/Autoupdate.app",
identity: codeSignIdentity,
options: "--timestamp --force --verbose=4 --options runtime --deep")
if FileManager.default.fileExists(atPath: "\(sparkleFrameworkPath)/Resources/Autoupdate.app") {
print("Code-signing Sparkle autoupdater app (without entitlements)...")

print("Re-codesigning Sparkle library...")
try codesign(identity: codeSignIdentity, path: "\(sparkleFrameworkPath)/Sparkle")
try recursivelyCodesign(
path: "\(sparkleFrameworkPath)/Resources/Autoupdate.app",
identity: codeSignIdentity,
options: "--timestamp --force --verbose=4 --options runtime --deep"
)

print("Re-codesigning Sparkle library...")
try codesign(identity: codeSignIdentity, path: "\(sparkleFrameworkPath)/Sparkle")
} else {
print("Build does not have Sparkle, skipping.")
}

print("Code-signing app extensions (removing get-task-allow entitlements)...")
let fm = FileManager.default
Expand Down
Loading