@@ -178,21 +178,6 @@ zip {
178178 }
179179}
180180```
181- Example of "notarization only"
182- ``` hcl
183- sources = []
184- bundle_id = "com.mitchellh.example.terraform"
185-
186- notarize {
187- package = "/path/to/terraform.pkg"
188- staple = true
189- }
190-
191- apple_id {
192- username = "mitchell@example.com"
193- password = "@env:AC_PASSWORD"
194- }
195- ```
196181
197182Supported configurations:
198183
@@ -205,11 +190,20 @@ Supported configurations:
205190 for your application. You should choose something unique for your application.
206191 You can also [ register these with Apple] ( https://developer.apple.com/account/resources/identifiers/list ) .
207192
208- * ` notarize ` (optional) - Settings for notarizing an already built .pkg or .zip. An alternative to using the ` source `
193+ * ` notarize ` (_ optional_ ) - Settings for notarizing an already built files.
194+ This is an alternative to using the ` source ` option.
209195
210- * ` package ` (` string ` ) - The path to the file to notarize
196+ * ` path ` (` string ` ) - The path to the file to notarize. This must be
197+ one of Apple's supported file types for notarization: dmg, pkg, app, or
198+ zip.
211199
212- * ` staple ` (` bool ` ) - Controls if ` stapler staple ` should run if notarization succeeds
200+ * ` bundle_id ` (` string ` ) - The bundle ID to use for this notarization.
201+ This is used instead of the top-level ` bundle_id ` (which controls the
202+ value for source-based runs).
203+
204+ * ` staple ` (` bool ` _ optional_ ) - Controls if ` stapler staple ` should run
205+ if notarization succeeds. This should only be set for filetypes that
206+ support it (dmg, pkg, or app).
213207
214208 * ` apple_id ` - Settings related to the Apple ID to use for notarization.
215209
@@ -253,6 +247,55 @@ Supported configurations:
253247 already exists, it will be overwritten. All files in ` source ` will be copied
254248 into the root of the zip archive.
255249
250+ ### Notarization-Only Configuration
251+
252+ You can configure ` gon ` to notarize already-signed files. This is useful
253+ if you're integrating ` gon ` into an existing build pipeline that may already
254+ support creation of pkg, app, etc. files.
255+
256+ You can use this in addition to specifying ` source ` as well. In this case,
257+ we will codesign & package the files specified in ` source ` and then notarize
258+ those results as well as those in ` notarize ` blocks.
259+
260+ Example in HCL and then the identical configuration in JSON:
261+
262+ ``` hcl
263+ sources = []
264+ bundle_id = ""
265+
266+ notarize {
267+ path = "/path/to/terraform.pkg"
268+ bundle_id = "com.mitchellh.example.terraform"
269+ staple = true
270+ }
271+
272+ apple_id {
273+ username = "mitchell@example.com"
274+ password = "@env:AC_PASSWORD"
275+ }
276+ ```
277+
278+ ``` json
279+ {
280+ "sources" : [],
281+ "bundle_id" : " "
282+
283+ "notarize" : [{
284+ "path" : " /path/to/terraform.pkg"
285+ "bundle_id" : " com.mitchellh.example.terraform"
286+ "staple" : true
287+ }],
288+
289+ "apple_id" : {
290+ "username" : " mitchell@example.com"
291+ "password" : " @env:AC_PASSWORD"
292+ }
293+ }
294+ ```
295+
296+ Note you may specify multiple ` notarize ` blocks to notarize multipel files
297+ concurrently.
298+
256299### Processing Time
257300
258301The notarization process requires submitting your package(s) to Apple
0 commit comments