Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
Working

Shane Lee twangboy

💭
Working
View GitHub Profile
@twangboy
twangboy / OSX Code Signing and Notarization
Last active Oct 12, 2020
OSX Code Signing and Notarization for Salt OSX Packages
View OSX Code Signing and Notarization
Salt has been building OSX packages for many years now. We have been signing the installer (``.pkg``) files with a Developer ID Installer certificate. Apple now requires some additional signing and notarization in addition to signing the installer. This will allow the installer and Salt software to pass the gate keeper. I believe the process is as follows.
1. Build the app
2. Sign all the binaries in the app (python, pip, salt-*, etc) with the Developer ID Application certificate and use a secure timestamp
3. Build the package (I believe ours is a flat installer)
4. Sign the package with the Developer ID Installer certificate
5. Submit the installer for notarization
6. Staple the notarization to the package
This requires the use of new tooling
View PyMySQL, Shorter...
# Import third party libs
try:
# Try to import MySQLdb
import MySQLdb
HAS_MYSQLDB = True
except ImportError:
try:
# MySQLdb import failed, try to import PyMySQL
import pymysql
pymysql.install_as_MySQLdb()