diff options
| author | rowanbeentje <rowan@beent.je> | 2015-05-25 22:22:55 +0100 |
|---|---|---|
| committer | rowanbeentje <rowan@beent.je> | 2015-05-29 22:33:44 +0100 |
| commit | adae108f52f2759e3e690160552182e65a716f18 (patch) | |
| tree | 1f2eb31dfe5d048c6658e85306ace0cc4f4ffec8 | |
| parent | c7488d7bd4b6cc20170e463b4d743cd27fc15b46 (diff) | |
| download | sequelpro-adae108f52f2759e3e690160552182e65a716f18.tar.gz sequelpro-adae108f52f2759e3e690160552182e65a716f18.tar.bz2 sequelpro-adae108f52f2759e3e690160552182e65a716f18.zip | |
Rework distribution code signing, amending it to support version 2 resource envelopes, and add a Scheme which invokes it as part of building
| -rw-r--r-- | Resources/English.lproj/Preferences.strings | bin | 47612 -> 43056 bytes | |||
| -rw-r--r-- | Resources/spframeworkrequirement.bin | bin | 0 -> 180 bytes | |||
| -rw-r--r-- | Resources/sprequirement.bin | bin | 252 -> 300 bytes | |||
| -rwxr-xr-x | Scripts/build.sh | 47 | ||||
| -rwxr-xr-x | Scripts/package-application.sh | 3 | ||||
| -rw-r--r-- | sequel-pro.xcodeproj/project.pbxproj | 3 | ||||
| -rw-r--r-- | sequel-pro.xcodeproj/xcshareddata/xcschemes/Sequel Pro Release Build (10.6+).xcscheme | 107 |
7 files changed, 139 insertions, 21 deletions
diff --git a/Resources/English.lproj/Preferences.strings b/Resources/English.lproj/Preferences.strings Binary files differindex 8248bf70..471f41f6 100644 --- a/Resources/English.lproj/Preferences.strings +++ b/Resources/English.lproj/Preferences.strings diff --git a/Resources/spframeworkrequirement.bin b/Resources/spframeworkrequirement.bin Binary files differnew file mode 100644 index 00000000..a13a2f84 --- /dev/null +++ b/Resources/spframeworkrequirement.bin diff --git a/Resources/sprequirement.bin b/Resources/sprequirement.bin Binary files differindex 4b2049cc..7ec4565f 100644 --- a/Resources/sprequirement.bin +++ b/Resources/sprequirement.bin diff --git a/Scripts/build.sh b/Scripts/build.sh index cafa5383..88b2f948 100755 --- a/Scripts/build.sh +++ b/Scripts/build.sh @@ -48,6 +48,11 @@ dev_sign_resource() codesign -f -s 'Sequel Pro Development' "$1" 2> /dev/null } +dist_sign_framework() +{ + codesign -f -s 'Developer ID Application: MJ Media' -r "${SRCROOT}/Resources/spframeworkrequirement.bin" "$1" 2> /dev/null +} + dist_sign_resource() { codesign -f -s 'Developer ID Application: MJ Media' -r "${SRCROOT}/Resources/sprequirement.bin" "$1" 2> /dev/null @@ -55,36 +60,34 @@ dist_sign_resource() verify_signing() { - codesign --verify "$1" 2>&1 + codesign --verify --deep "$1" 2>&1 } dev_code_sign() { - while read FRAMEWORK + while read FILE_TO_SIGN do - dev_sign_resource "${FRAMEWORKS_PATH}/${FRAMEWORK}" + dev_sign_resource "${FILE_TO_SIGN}" done < "$1" - - dev_sign_resource "${BUILD_PRODUCT}/Contents/Resources/SequelProTunnelAssistant" - dev_sign_resource "${BUILD_PRODUCT}" } dist_code_sign() { ERRORS='' - while read FRAMEWORK + while read FRAMEWORK_TO_SIGN do - dist_sign_resource "${FRAMEWORKS_PATH}/${FRAMEWORK}" + dist_sign_framework "${FRAMEWORK_TO_SIGN}" - ERRORS+=$(verify_signing "${FRAMEWORKS_PATH}/${FRAMEWORK}") + ERRORS+=$(verify_signing "${FRAMEWORK_TO_SIGN}") done < "$1" - dist_sign_resource "${BUILD_PRODUCT}/Contents/Resources/SequelProTunnelAssistant" - dist_sign_resource "${BUILD_PRODUCT}" + while read FILE_TO_SIGN + do + dist_sign_resource "${FILE_TO_SIGN}" - ERRORS+=$(verify_signing "${BUILD_PRODUCT}/Contents/Resources/SequelProTunnelAssistant") - ERRORS+=$(verify_signing "${BUILD_PRODUCT}") + ERRORS+=$(verify_signing "${FILE_TO_SIGN}") + done < "$2" echo $ERRORS } @@ -127,9 +130,15 @@ cp -R "${SRCROOT}/SharedSupport/Default Themes" "${SHARED_SUPPORT_DIR}" # osascript -e "tell application \"Finder\" to set comment of (alias (POSIX file \"${BUILD_PRODUCT}\")) to \"MySQL database pancakes with syrup\"" xattr -wx com.apple.metadata:kMDItemFinderComment "62 70 6C 69 73 74 30 30 5F 10 22 4D 79 53 51 4C 20 64 61 74 61 62 61 73 65 20 70 61 6E 63 61 6B 65 73 20 77 69 74 68 20 73 79 72 75 70 08 00 00 00 00 00 00 01 01 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2D" "${BUILD_PRODUCT}" -FRAMEWORKS="/tmp/sp.frameworks.$$" -ls "$FRAMEWORKS_PATH" > "$FRAMEWORKS" +FRAMEWORKS_LIST="/tmp/sp.frameworks.$$" +ls -d -1 "$FRAMEWORKS_PATH"/** > "$FRAMEWORKS_LIST" + +FILES_TO_SIGN_LIST="/tmp/sp.filelist.$$" +echo "${BUILD_PRODUCT}/Contents/Library/QuickLook/Sequel Pro.qlgenerator" >> "$FILES_TO_SIGN_LIST" +echo "${BUILD_PRODUCT}/Contents/Resources/SequelProTunnelAssistant" >> "$FILES_TO_SIGN_LIST" +echo "${BUILD_PRODUCT}" >> "$FILES_TO_SIGN_LIST" + # Perform distribution specific tasks if this is a 'Distribution' build if [ "$CONFIGURATION" == 'Distribution' ] @@ -145,7 +154,7 @@ then echo 'Performing distribution build code signing...' - VERIFY_ERRORS=$(dist_code_sign "$FRAMEWORKS") + VERIFY_ERRORS=$(dist_code_sign "$FRAMEWORKS_LIST" "$FILES_TO_SIGN_LIST") if [ "$VERIFY_ERRORS" != '' ] then @@ -165,12 +174,14 @@ if [ "$CONFIGURATION" == 'Debug' ] then echo 'Performing development build code signing...' - dev_code_sign "$FRAMEWORKS" + dev_code_sign "$FRAMEWORKS_LIST" + dev_code_sign "$FILES_TO_SIGN_LIST" # Run a fake command to silence errors touch "$BUILD_PRODUCT" fi -rm "$FRAMEWORKS" +rm "$FRAMEWORKS_LIST" +rm "$FILES_TO_SIGN_LIST" exit 0 diff --git a/Scripts/package-application.sh b/Scripts/package-application.sh index 9708a075..002d51ce 100755 --- a/Scripts/package-application.sh +++ b/Scripts/package-application.sh @@ -90,4 +90,7 @@ then echo "$SIGNATURE" > "${DMG_BUILD_PATH}/${DMG_NAME}.dmg.signature" fi +echo "Disk image created at ${DMG_BUILD_PATH}/${DMG_NAME}.dmg and signature placed next to it" +open -R "${DMG_BUILD_PATH}" + exit 0 diff --git a/sequel-pro.xcodeproj/project.pbxproj b/sequel-pro.xcodeproj/project.pbxproj index ef3d204a..fd4f3207 100644 --- a/sequel-pro.xcodeproj/project.pbxproj +++ b/sequel-pro.xcodeproj/project.pbxproj @@ -3932,7 +3932,6 @@ "-lcrypto", ); PRODUCT_NAME = "Sequel Pro"; - SDKROOT = macosx; SEPARATE_STRIP = NO; }; name = Distribution; @@ -4136,7 +4135,6 @@ "-lcrypto", ); PRODUCT_NAME = "Sequel Pro"; - SDKROOT = macosx; SEPARATE_STRIP = NO; }; name = Debug; @@ -4164,7 +4162,6 @@ "-lcrypto", ); PRODUCT_NAME = "Sequel Pro"; - SDKROOT = macosx; SEPARATE_STRIP = NO; }; name = Release; diff --git a/sequel-pro.xcodeproj/xcshareddata/xcschemes/Sequel Pro Release Build (10.6+).xcscheme b/sequel-pro.xcodeproj/xcshareddata/xcschemes/Sequel Pro Release Build (10.6+).xcscheme new file mode 100644 index 00000000..a3785caa --- /dev/null +++ b/sequel-pro.xcodeproj/xcshareddata/xcschemes/Sequel Pro Release Build (10.6+).xcscheme @@ -0,0 +1,107 @@ +<?xml version="1.0" encoding="UTF-8"?> +<Scheme + LastUpgradeVersion = "0510" + version = "1.3"> + <BuildAction + parallelizeBuildables = "YES" + buildImplicitDependencies = "YES"> + <PostActions> + <ExecutionAction + ActionType = "Xcode.IDEStandardExecutionActionsCore.ExecutionActionType.ShellScriptAction"> + <ActionContent + title = "Run Script" + scriptText = "Scripts/build.sh"> + </ActionContent> + </ExecutionAction> + </PostActions> + <BuildActionEntries> + <BuildActionEntry + buildForTesting = "YES" + buildForRunning = "YES" + buildForProfiling = "YES" + buildForArchiving = "YES" + buildForAnalyzing = "YES"> + <BuildableReference + BuildableIdentifier = "primary" + BlueprintIdentifier = "8D15AC270486D014006FF6A4" + BuildableName = "Sequel Pro.app" + BlueprintName = "Sequel Pro" + ReferencedContainer = "container:sequel-pro.xcodeproj"> + </BuildableReference> + </BuildActionEntry> + </BuildActionEntries> + </BuildAction> + <TestAction + selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB" + selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB" + shouldUseLaunchSchemeArgsEnv = "YES" + buildConfiguration = "Debug"> + <Testables> + <TestableReference + skipped = "NO"> + <BuildableReference + BuildableIdentifier = "primary" + BlueprintIdentifier = "380F4ED80FC0B50500B0BFD7" + BuildableName = "Unit Tests.octest" + BlueprintName = "Unit Tests" + ReferencedContainer = "container:sequel-pro.xcodeproj"> + </BuildableReference> + </TestableReference> + </Testables> + <MacroExpansion> + <BuildableReference + BuildableIdentifier = "primary" + BlueprintIdentifier = "8D15AC270486D014006FF6A4" + BuildableName = "Sequel Pro.app" + BlueprintName = "Sequel Pro" + ReferencedContainer = "container:sequel-pro.xcodeproj"> + </BuildableReference> + </MacroExpansion> + </TestAction> + <LaunchAction + selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB" + selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB" + launchStyle = "0" + useCustomWorkingDirectory = "NO" + buildConfiguration = "Distribution" + ignoresPersistentStateOnLaunch = "NO" + debugDocumentVersioning = "YES" + allowLocationSimulation = "YES"> + <BuildableProductRunnable + runnableDebuggingMode = "0"> + <BuildableReference + BuildableIdentifier = "primary" + BlueprintIdentifier = "8D15AC270486D014006FF6A4" + BuildableName = "Sequel Pro.app" + BlueprintName = "Sequel Pro" + ReferencedContainer = "container:sequel-pro.xcodeproj"> + </BuildableReference> + </BuildableProductRunnable> + <AdditionalOptions> + </AdditionalOptions> + </LaunchAction> + <ProfileAction + shouldUseLaunchSchemeArgsEnv = "YES" + savedToolIdentifier = "" + useCustomWorkingDirectory = "NO" + buildConfiguration = "Release" + debugDocumentVersioning = "YES"> + <BuildableProductRunnable + runnableDebuggingMode = "0"> + <BuildableReference + BuildableIdentifier = "primary" + BlueprintIdentifier = "8D15AC270486D014006FF6A4" + BuildableName = "Sequel Pro.app" + BlueprintName = "Sequel Pro" + ReferencedContainer = "container:sequel-pro.xcodeproj"> + </BuildableReference> + </BuildableProductRunnable> + </ProfileAction> + <AnalyzeAction + buildConfiguration = "Debug"> + </AnalyzeAction> + <ArchiveAction + buildConfiguration = "Distribution" + revealArchiveInOrganizer = "YES"> + </ArchiveAction> +</Scheme> |