Skip to content

Commit 2b1703a

Browse files
dbarashevdbarashev
committed
Notarizing fixes II
1 parent 3e9b905 commit 2b1703a

File tree

2 files changed

+28
-8
lines changed

2 files changed

+28
-8
lines changed

build-bin/notarize.sh

Lines changed: 27 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,26 @@ codesign -vvv --deep --strict build/GanttProject.app
1515
spctl -a -t exec -vv build/GanttProject.app
1616
}
1717

18+
do_prepare2() {
19+
APP_PATH="build/GanttProject.app"
20+
RUNTIME_PATH="$APP_PATH/Contents/runtime"
21+
ENTITLEMENTS="build-cfg/ganttproject.entitlements.xml"
22+
23+
echo "Signing libraries and executables..."
24+
find "$APP_PATH" -type f \( -name "*.dylib" -or -name "*.so" -or -perm +111 \) -not -path "$RUNTIME_PATH/*" -exec codesign --timestamp -f -s "$SIG" --prefix com.bardsoftware. --entitlements "$ENTITLEMENTS" --options runtime -v --keychain "$KEYCHAIN" {} \;
25+
26+
echo "Signing Java runtime..."
27+
find "$RUNTIME_PATH" -type f \( -name "*.dylib" -or -name "*.so" -or -perm +111 \) -exec codesign --timestamp -f -s "$SIG" --prefix com.bardsoftware. --entitlements "$ENTITLEMENTS" --options runtime -v --keychain "$KEYCHAIN" {} \;
28+
codesign -f --timestamp --entitlements "$ENTITLEMENTS" -s "$SIG" --prefix com.bardsoftware. --options runtime -v --keychain "$KEYCHAIN" "$RUNTIME_PATH"
29+
30+
echo "Signing the application bundle..."
31+
codesign -f --timestamp --entitlements "$ENTITLEMENTS" -s "$SIG" --prefix com.bardsoftware. --options runtime -v --keychain "$KEYCHAIN" "$APP_PATH"
32+
33+
echo "Verifying signature..."
34+
codesign -vvv --deep --strict "$APP_PATH"
35+
spctl -a -t exec -vv "$APP_PATH"
36+
}
37+
1838
do_notarize() {
1939
xcrun notarytool submit --apple-id contact@bardsoftware.com --team-id QDCH4KTVP7 --password $NOTARIZE_PASSWORD --wait build/ganttproject-1.0.dmg
2040
}
@@ -34,7 +54,7 @@ do_all2() {
3454
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$MACOS_CI_KEYCHAIN_PWD" build.keychain
3555

3656
echo "------------------ SIGNING ------------------------"
37-
do_prepare
57+
do_prepare2
3858
jpackage --type dmg --app-image build/GanttProject.app -n "ganttproject" --dest build/
3959

4060
echo "------------------ NOTARIZING ------------------------"
@@ -62,14 +82,14 @@ do_all() {
6282
security find-identity -v -p codesigning "$KEYCHAIN"
6383

6484
echo "------------------ SIGNING ------------------------"
65-
# Update KEYCHAIN variable so do_prepare uses our new keychain
85+
# Update KEYCHAIN variable so do_prepare2 uses our new keychain
6686
# In notarize.sh, KEYCHAIN is defined at the top as:
6787
# KEYCHAIN=${5:-"~/Library/Keychains/login.keychain-db"}
68-
# We want do_prepare to use the local build.keychain we just created.
69-
# We can either export it or pass it if do_prepare was designed for it.
70-
# do_prepare uses $KEYCHAIN in its codesign calls.
88+
# We want do_prepare2 to use the local build.keychain we just created.
89+
# We can either export it or pass it if do_prepare2 was designed for it.
90+
# do_prepare2 uses $KEYCHAIN in its codesign calls.
7191

72-
do_prepare
92+
do_prepare2
7393
jpackage --type dmg --app-image build/GanttProject.app -n "ganttproject" --dest build/
7494

7595
echo "------------------ NOTARIZING ------------------------"
@@ -81,7 +101,7 @@ do_all() {
81101

82102
case $COMMAND in
83103
sign)
84-
do_prepare
104+
do_prepare2
85105
;;
86106
notarize)
87107
do_notarize

ganttproject-builder/BUILD-HISTORY-MAJOR

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,5 +10,5 @@
1010
2025-01-29 3316 fixed issue 2569, added group to MSI silent
1111
2025-07-04 3390 Test build of GanttProject 3.4 Beta I ....
1212
2026-01-16 3390 Test build of GanttProject 3.4 Beta I ....
13-
2026-01-17 3390 Test build of GanttProject 3.4 Beta I ......
13+
2026-01-17 3390 Test build of GanttProject 3.4 Beta I .......
1414
--

0 commit comments

Comments
 (0)