AnyConnect Mac package respinner

Makefile

# put AnyConnect.pkg next to this Makefile
# make a directory "profiles" and put any profiles you want to embed in it
# run `make` to get a package
#
# if you want to codesign this you will need a DevID and set up altool's password,
# otherwise strip out the --sign argument to productbuild and remove the xcrun altool block, here

CorpVPN.pkg: tmp/Distribution tmp/vpn.pkg tmp/profiles.pkg
	productbuild \
		--sign 'Developer ID Installer: Org Name (ORGCODE)' \
		--distribution tmp/Distribution \
		--package-path tmp \
		CorpVPN.pkg
	xcrun altool --notarize-app \
	  --username "me@company.org" \
	  --password "@keychain:altool" \
	  --asc-provider "ORGCODE" \
	  --primary-bundle-id corp.vpn-profiles \
	  -f CorpVPN.pkg

clean:
	rm -rf tmp/*
	rm -f CorpVPN.pkg

# add --package tmp/dart_module.pkg if you want that in here
tmp/Distribution: \
	tmp/vpn.pkg \
  tmp/dart_module.pkg \
	tmp/profiles.pkg
	productbuild \
		--synthesize \
		--package tmp/vpn.pkg \
		--package tmp/profiles.pkg \
		tmp/Distribution
	perl -p -i -e 's/<options/<title>AnyConnect for CorpVPN<\/title>\n<options/' tmp/Distribution

tmp/vpn.pkg: AnyConnect.pkg
	mkdir -p tmp
	rm -rf tmp/expanded
	pkgutil --expand AnyConnect.pkg tmp/expanded
	pkgutil --flatten tmp/expanded/vpn_module.pkg tmp/vpn.pkg

tmp/dart_module.pkg: AnyConnect.pkg tmp/vpn.pkg
	pkgutil --flatten tmp/expanded/dart_module.pkg tmp/dart_module.pkg

AnyConnect.pkg:
	echo 'Drop the "AnyConnect.pkg" package from the AnyConnect predeploy download in the same folder as this Makefile'
	exit 1

tmp/profiles.pkg:
	mkdir -p tmp
	/usr/bin/pkgbuild \
		--root profiles \
		--identifier corp.vpn-profiles \
		--install-location /opt/cisco/anyconnect/profile \
		--version `date +'%Y.%m.%d'` \
		tmp/profiles.pkg