Skip to content

Commit

Permalink
fix macos-14 code signing
Browse files Browse the repository at this point in the history
  • Loading branch information
@VitoVan
VitoVan committed Aug 8, 2024
1 parent d7c5039 commit a3856b1
Show file tree
Hide file tree
Showing 6 changed files with 34 additions and 3 deletions.
2 changes: 2 additions & 0 deletions build/build.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,8 @@ build_darwin () {
echo "build launcher ..."
brew install gcc
gcc src/calm.c -o calm
# codesign for macos-14 enhanced security
sudo codesign --sign - --force calm

echo "remove Windows fonts dir ..."
sed '/<dir>C:\\Windows\\Fonts<\/dir>/d' s/usr/all/fonts.conf > tmp-fonts.conf
Expand Down
4 changes: 4 additions & 0 deletions entry.lisp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,8 @@
(dist-by-new-process)
(u:calm-log "building macOS Application...")
(u:load-from-calm "s/usr/macos/bundle.lisp")
(u:calm-log "signing macOS Application...")
(u:load-from-calm "s/usr/macos/sign.lisp")
(u:calm-log "building macOS DMG, this may take a while...")
(u:load-from-calm "s/usr/macos/dmg.lisp"))
#+win32
Expand Down Expand Up @@ -132,6 +134,8 @@
#+darwin
("make-bundle" (u:load-from-calm "s/usr/macos/bundle.lisp"))
#+darwin
("sign-app" (u:load-from-calm "s/usr/macos/sign.lisp"))
#+darwin
("make-dmg" (u:load-from-calm "s/usr/macos/dmg.lisp"))

#+win32
Expand Down
5 changes: 3 additions & 2 deletions s/dev/darwin/config-lib.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,5 +65,6 @@ ls -lah .
# copy all typelibs
cp -L -R $(brew --prefix)/lib/girepository-1.0/*.typelib ./

# codesign for macos-14, since we changed those libs
ls *.dylib | xargs -I _ codesign --sign - --force --preserve-metadata=entitlements,requirements,flags,runtime _
# codesign for macos-14 enhanced security
sudo codesign --sign - --force *.*

2 changes: 2 additions & 0 deletions s/dev/darwin/pack.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ export DIST_DIR=./calm-dist/

./calm make-bundle

./calm sign-app

if [ -n "${CI}" ]; then
echo working around for macos-13 on github ...
# A workaround mentioned here https://github.com/actions/runner-images/issues/7522
Expand Down
8 changes: 7 additions & 1 deletion s/usr/macos/bundle.lisp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,9 @@
;; clean old bunlde
(uiop:delete-directory-tree app-dir :validate t :if-does-not-exist :ignore)

(u:calm-log "signing everything before bundling, some files need sudo permission...")
(u:exec (str:concat "find " dist-dir-abs " -type f | xargs -I _ sudo codesign --sign - --force _"))

(ensure-directories-exist app-content-dir)
(ensure-directories-exist app-receipt-dir)
(ensure-directories-exist app-resources-dir)
Expand All @@ -38,7 +41,10 @@
dist-dir-abs
app-macos-dir)
;; copy icon
(u:copy-file app-icon-abs (merge-pathnames "icon.icns" app-resources-dir)))
(u:copy-file app-icon-abs (merge-pathnames "icon.icns" app-resources-dir))

(u:calm-log "signing the application bundle itself...")
(u:exec (str:concat "sudo codesign --sign - --force " app-name ".app")))

(u:calm-log-fancy "~%Application Bundle created: ~A.app~%" app-name))

Expand Down
16 changes: 16 additions & 0 deletions s/usr/macos/sign.lisp
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
#-calm
(ql:quickload :calm)
(in-package :calm)
(calm-config)

(defun sign-app (app-name)
(uiop:chdir *calm-env-app-dir*)

(u:calm-log "signing everything, some files need sudo permission...")
(u:exec (str:concat "find " app-name ".app -type f | xargs -I _ sudo codesign --sign - --force _"))
(u:calm-log "signing the app itself...")
(u:exec (str:concat "sudo codesign --sign - --force " app-name ".app"))
(u:calm-log-fancy "~%APP signed: ~A.app~%" app-name))

(sign-app
(u:get-from-env-or-ask 'app-name "Hello"))

0 comments on commit a3856b1

Please sign in to comment.