Last active
October 5, 2022 11:00
-
-
Save thomashope/7935ae8b99f037a4dd7d739c1d82a88f to your computer and use it in GitHub Desktop.
Uploading an app to apple and waiting for notarisation to complete
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# script setup | |
set -Eeuxo pipefail | |
setup_colors() { | |
if [[ -t 2 ]] && [[ -z "${NO_COLOR-}" ]] && [[ "${TERM-}" != "dumb" ]]; then | |
NOFORMAT='\033[0m' RED='\033[0;31m' GREEN='\033[0;32m' ORANGE='\033[0;33m' BLUE='\033[0;34m' PURPLE='\033[0;35m' CYAN='\033[0;36m' YELLOW='\033[1;33m' | |
else | |
NOFORMAT='' RED='' GREEN='' ORANGE='' BLUE='' PURPLE='' CYAN='' YELLOW='' | |
fi | |
} | |
msg() { | |
echo >&2 -e "${1-}" | |
} | |
die() { | |
local msg=$1 | |
local code=${2-1} # default exit status 1 | |
msg "${RED}${msg}${NOFORMAT}" | |
exit "$code" | |
} | |
bump_bundle_version() { | |
BUNDLE_VERSION=$(/usr/libexec/PlistBuddy -c "Print :CFBundleVersion" source/mac/Info.plist) | |
((BUNDLE_VERSION=$BUNDLE_VERSION + 1)) | |
/usr/libexec/PlistBuddy -c "Set :CFBundleVersion $BUNDLE_VERSION" source/mac/Info.plist | |
msg "${CYAN}Set CFBundleVersion to '$BUNDLE_VERSION'${NOFORMAT}" | |
} | |
setup_colors | |
# get params | |
APP_NAME="$1" | |
BUNDLE_ID="$2" | |
TEAM_ID="$3" | |
UNAME="$4" | |
PASS="$5" | |
UPLOAD_INFO_PLIST="upload_info.plist" | |
REQUEST_INFO_PLIST="request_info.plist" | |
# an ever increasing bundle version | |
bump_bundle_version | |
# create project | |
./premake xcode4 | |
# create archive | |
xcodebuild -workspace "build/xcode4/${APP_NAME}.xcworkspace" -scheme "${APP_NAME}" clean archive -archivePath "bin/xcode4/Archive/${APP_NAME}.xcarchive" | |
# export a distributable app from the archive | |
cp source/mac/ExportOptions.plist bin/xcode4/Archive | |
plutil -insert teamID -string "$TEAM_ID" bin/xcode4/Archive/ExportOptions.plist | |
xcodebuild -exportArchive -archivePath "bin/xcode4/Archive/${APP_NAME}.xcarchive" -exportOptionsPlist bin/xcode4/Archive/ExportOptions.plist -exportPath bin/xcode4/Package | |
# move into package dir | |
pushd bin/xcode4/Package | |
# zip app for upload | |
ditto -c -k --keepParent ${APP_NAME}.app ${APP_NAME}.zip | |
# upload for notarization | |
xcrun altool --notarize-app \ | |
--primary-bundle-id ${BUNDLE_ID}.zip \ | |
--asc-provider ${TEAM_ID} \ | |
-u $UNAME \ | |
-p $PASS \ | |
--file ${APP_NAME}.zip \ | |
--output-format xml > ${UPLOAD_INFO_PLIST} | |
# extract the upload request uuid | |
REQUEST_UUID=$(/usr/libexec/PlistBuddy -c "Print :notarization-upload:RequestUUID" "${UPLOAD_INFO_PLIST}") | |
# wait for notarization to complete | |
while true; | |
do | |
xcrun altool --notarization-info ${REQUEST_UUID} \ | |
-u ${UNAME} \ | |
-p ${PASS} \ | |
--output-format xml > ${REQUEST_INFO_PLIST} | |
STATUS=$(/usr/libexec/PlistBuddy -c "Print :notarization-info:Status" ${REQUEST_INFO_PLIST}) | |
if [ "${STATUS}" != "in progress" ]; | |
then | |
break | |
else | |
sleep 30 | |
fi | |
done | |
# staple the notarization ticket, enables gatekeeper to verify the signature while offline | |
xcrun stapler staple "${APP_NAME}.app" | |
xcrun stapler validate "${APP_NAME}.app" | |
# check security | |
spctl -a -vvv "${APP_NAME}.app" | |
# make sure app is runnable | |
if ! open "${APP_NAME}.app" -g -j --args --quit; then | |
die "ERROR: app crashed. Maybe make sure frameworks are set to 'Embed & Sign' (or 'Embed Without Signing' if you disable library validation under hardened runtime)" | |
else | |
msg "Package ran OK" | |
fi | |
popd | |
# copy to upload dir | |
rm -rf package/mac | |
mkdir -p package/mac/ | |
ditto "bin/xcode4/Package/${APP_NAME}.app" "package/mac/${APP_NAME}.app" |
The issue with the app not launching for a while after updating from the itch.io launcher was due to not bumping CFBundleVersion in the Info.plist.
I've updated the gist to automatically increase the bundle version on every run.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uploading the resulting app to Itch.io as a zip is working both from the launcher and when opened from finder. Although you have to leave it for some random amount of time before it start working from Itch for some reason?
Example: https://gist.github.com/thomashope/7935ae8b99f037a4dd7d739c1d82a88f