mirror of https://github.com/keeweb/keeweb
splitted macos app signing and notarization
antelle
parent
9988454af1
commit
f8e454dab3
104
Gruntfile.js
104
Gruntfile.js
|
|
@ -141,6 +141,21 @@ module.exports = function (grunt) {
|
|||
dest: 'tmp/desktop/update/',
|
||||
nonull: true
|
||||
},
|
||||
'desktop-darwin-helper': {
|
||||
src: 'helper/darwin/KeeWebHelper',
|
||||
dest: 'tmp/desktop/KeeWeb-darwin-x64/KeeWeb.app/Contents/Resources/',
|
||||
nonull: true,
|
||||
options: { mode: '0755' }
|
||||
},
|
||||
'desktop-darwin-installer-helper': {
|
||||
cwd: 'package/osx/KeeWeb Installer.app',
|
||||
src: '**',
|
||||
dest:
|
||||
'tmp/desktop/KeeWeb-darwin-x64/KeeWeb.app/Contents/Installer/KeeWeb Installer.app',
|
||||
expand: true,
|
||||
nonull: true,
|
||||
options: { mode: true }
|
||||
},
|
||||
'desktop-windows-helper-x64': {
|
||||
src: 'helper/win32/KeeWebHelper.exe',
|
||||
dest: 'tmp/desktop/KeeWeb-win32-x64/Resources/',
|
||||
|
|
@ -326,65 +341,7 @@ module.exports = function (grunt) {
|
|||
appBundleId: 'net.antelle.keeweb',
|
||||
appCategoryType: 'public.app-category.productivity',
|
||||
extendInfo: 'package/osx/extend.plist',
|
||||
ignore: [/(linux|win32)-\w+\.node$/],
|
||||
osxSign: skipSign
|
||||
? undefined
|
||||
: {
|
||||
get identity() {
|
||||
return getCodeSignConfig().identities.app;
|
||||
},
|
||||
hardenedRuntime: true,
|
||||
entitlements: 'package/osx/entitlements.mac.plist',
|
||||
'entitlements-inherit': 'package/osx/entitlements.mac.plist',
|
||||
'gatekeeper-assess': false
|
||||
},
|
||||
osxNotarize: skipSign
|
||||
? undefined
|
||||
: {
|
||||
get appleId() {
|
||||
return getCodeSignConfig().appleId;
|
||||
},
|
||||
appleIdPassword: '@keychain:AC_PASSWORD',
|
||||
get ascProvider() {
|
||||
return getCodeSignConfig().teamId;
|
||||
}
|
||||
},
|
||||
afterCopy: [
|
||||
(buildPath, electronVersion, platform, arch, callback) => {
|
||||
if (path.basename(buildPath) !== 'app') {
|
||||
throw new Error('Bad build path: ' + buildPath);
|
||||
}
|
||||
const resPath = path.dirname(buildPath);
|
||||
if (path.basename(resPath) !== 'Resources') {
|
||||
throw new Error('Bad Resources path: ' + resPath);
|
||||
}
|
||||
const helperTargetPath = path.join(
|
||||
resPath,
|
||||
'helper/darwin/KeeWebHelper'
|
||||
);
|
||||
const helperSourcePath = path.join(
|
||||
__dirname,
|
||||
'helper/darwin/KeeWebHelper'
|
||||
);
|
||||
fs.copySync(helperSourcePath, helperTargetPath);
|
||||
|
||||
const contentsPath = path.dirname(resPath);
|
||||
if (path.basename(contentsPath) !== 'Contents') {
|
||||
throw new Error('Bad Contents path: ' + contentsPath);
|
||||
}
|
||||
const installerSourcePath = path.join(
|
||||
__dirname,
|
||||
'package/osx/KeeWeb Installer.app'
|
||||
);
|
||||
const installerTargetPath = path.join(
|
||||
contentsPath,
|
||||
'Installer/KeeWeb Installer.app'
|
||||
);
|
||||
fs.copySync(installerSourcePath, installerTargetPath);
|
||||
|
||||
callback();
|
||||
}
|
||||
]
|
||||
ignore: [/(linux|win32)-\w+\.node$/]
|
||||
}
|
||||
},
|
||||
'win32-x64': {
|
||||
|
|
@ -639,6 +596,35 @@ module.exports = function (grunt) {
|
|||
}
|
||||
}
|
||||
},
|
||||
'osx-sign': {
|
||||
options: {
|
||||
get identity() {
|
||||
return getCodeSignConfig().identities.app;
|
||||
},
|
||||
hardenedRuntime: true,
|
||||
entitlements: 'package/osx/entitlements.mac.plist',
|
||||
'entitlements-inherit': 'package/osx/entitlements.mac.plist',
|
||||
'gatekeeper-assess': false
|
||||
},
|
||||
desktop: {
|
||||
src: 'tmp/desktop/KeeWeb-darwin-x64/KeeWeb.app'
|
||||
}
|
||||
},
|
||||
notarize: {
|
||||
options: {
|
||||
appBundleId: 'net.antelle.keeweb',
|
||||
get appleId() {
|
||||
return getCodeSignConfig().appleId;
|
||||
},
|
||||
appleIdPassword: '@keychain:AC_PASSWORD',
|
||||
get ascProvider() {
|
||||
return getCodeSignConfig().teamId;
|
||||
}
|
||||
},
|
||||
desktop: {
|
||||
src: 'tmp/desktop/KeeWeb-darwin-x64/KeeWeb.app'
|
||||
}
|
||||
},
|
||||
'sign-exe': {
|
||||
options: {
|
||||
url: pkg.homepage,
|
||||
|
|
|
|||
|
|
@ -0,0 +1,24 @@
|
|||
const { notarize } = require('electron-notarize');
|
||||
|
||||
module.exports = function (grunt) {
|
||||
grunt.registerMultiTask(
|
||||
'notarize',
|
||||
'Notarizes a macOS electron app using electron-notarize',
|
||||
async function () {
|
||||
const done = this.async();
|
||||
const opt = this.options();
|
||||
|
||||
Promise.all(
|
||||
this.files[0].src.map((appPath) =>
|
||||
notarize({ ...opt, appPath })
|
||||
.then(() => {
|
||||
grunt.log.writeln('notarized:', appPath);
|
||||
})
|
||||
.catch((err) => {
|
||||
grunt.warn('electron-notarize returned an error: \n' + err);
|
||||
})
|
||||
)
|
||||
).then(done);
|
||||
}
|
||||
);
|
||||
};
|
||||
|
|
@ -0,0 +1,33 @@
|
|||
const osxSign = require('electron-osx-sign');
|
||||
|
||||
module.exports = function (grunt) {
|
||||
grunt.registerMultiTask(
|
||||
'osx-sign',
|
||||
'Signs a macOS electron app using electron-osx-sign',
|
||||
async function () {
|
||||
const done = this.async();
|
||||
const opt = this.options();
|
||||
|
||||
Promise.all(
|
||||
this.files[0].src.map((app) => {
|
||||
return new Promise((resolve) => {
|
||||
osxSign(
|
||||
{
|
||||
...opt,
|
||||
app
|
||||
},
|
||||
(err) => {
|
||||
if (err) {
|
||||
grunt.warn('electron-osx-sign returned an error: \n' + err);
|
||||
} else {
|
||||
grunt.log.writeln('signed:', app);
|
||||
}
|
||||
resolve();
|
||||
}
|
||||
);
|
||||
});
|
||||
})
|
||||
).then(done);
|
||||
}
|
||||
);
|
||||
};
|
||||
|
|
@ -54,7 +54,9 @@ module.exports = function(grunt) {
|
|||
grunt.registerTask('dev-desktop-darwin', 'Build a macOS app in dev environment', [
|
||||
'default',
|
||||
'build-desktop-app-content',
|
||||
'build-desktop-executables-darwin'
|
||||
'electron:darwin',
|
||||
'copy:desktop-darwin-helper',
|
||||
'copy:desktop-darwin-installer-helper'
|
||||
]);
|
||||
|
||||
grunt.registerTask('dev-desktop-win32', 'Build a Windows app in dev environment', [
|
||||
|
|
|
|||
|
|
@ -39,7 +39,13 @@ module.exports = function (grunt) {
|
|||
'chmod:linux-desktop-x64'
|
||||
]);
|
||||
|
||||
grunt.registerTask('build-desktop-executables-darwin', ['electron:darwin']);
|
||||
grunt.registerTask('build-desktop-executables-darwin', [
|
||||
'electron:darwin',
|
||||
'copy:desktop-darwin-helper',
|
||||
'copy:desktop-darwin-installer-helper',
|
||||
'osx-sign:desktop',
|
||||
'notarize:desktop'
|
||||
]);
|
||||
|
||||
grunt.registerTask('build-desktop-executables-win32', [
|
||||
'electron:win32-x64',
|
||||
|
|
|
|||
|
|
@ -5854,9 +5854,9 @@
|
|||
}
|
||||
},
|
||||
"electron-notarize": {
|
||||
"version": "0.2.1",
|
||||
"resolved": "https://registry.npmjs.org/electron-notarize/-/electron-notarize-0.2.1.tgz",
|
||||
"integrity": "sha512-oZ6/NhKeXmEKNROiFmRNfytqu3cxqC95sjooG7kBXQVEUSQkZnbiAhxVh5jXngL881G197pbwpeVPJyM7Ikmxw==",
|
||||
"version": "0.3.0",
|
||||
"resolved": "https://registry.npmjs.org/electron-notarize/-/electron-notarize-0.3.0.tgz",
|
||||
"integrity": "sha512-tuDw8H0gcDOalNLv6RM2CwGvUXU60MPGZRDEmd0ppX+yP5XqL8Ec2DuXyz9J7WQSA3aRCfzIgH8C5CAivDYWMw==",
|
||||
"requires": {
|
||||
"debug": "^4.1.1",
|
||||
"fs-extra": "^8.1.0"
|
||||
|
|
@ -5875,9 +5875,9 @@
|
|||
}
|
||||
},
|
||||
"electron-osx-sign": {
|
||||
"version": "0.4.15",
|
||||
"resolved": "https://registry.npmjs.org/electron-osx-sign/-/electron-osx-sign-0.4.15.tgz",
|
||||
"integrity": "sha512-1QtPNpjIji9bGZ0VRFwtJUyU1uHi7q3XUAOG0qFsvAUfs5H0T8hbgUfyg3xvPzmF1ruV8T8pQmQ86vNfLrcRiA==",
|
||||
"version": "0.4.16",
|
||||
"resolved": "https://registry.npmjs.org/electron-osx-sign/-/electron-osx-sign-0.4.16.tgz",
|
||||
"integrity": "sha512-ziMWfc3NmQlwnWLW6EaZq8nH2BWVng/atX5GWsGwhexJYpdW6hsg//MkAfRTRx1kR3Veiqkeiog1ibkbA4x0rg==",
|
||||
"requires": {
|
||||
"bluebird": "^3.5.0",
|
||||
"compare-version": "^0.1.2",
|
||||
|
|
@ -5926,6 +5926,15 @@
|
|||
"yargs-parser": "^16.0.0"
|
||||
},
|
||||
"dependencies": {
|
||||
"electron-notarize": {
|
||||
"version": "0.2.1",
|
||||
"resolved": "https://registry.npmjs.org/electron-notarize/-/electron-notarize-0.2.1.tgz",
|
||||
"integrity": "sha512-oZ6/NhKeXmEKNROiFmRNfytqu3cxqC95sjooG7kBXQVEUSQkZnbiAhxVh5jXngL881G197pbwpeVPJyM7Ikmxw==",
|
||||
"requires": {
|
||||
"debug": "^4.1.1",
|
||||
"fs-extra": "^8.1.0"
|
||||
}
|
||||
},
|
||||
"fs-extra": {
|
||||
"version": "8.1.0",
|
||||
"resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-8.1.0.tgz",
|
||||
|
|
|
|||
|
|
@ -31,6 +31,8 @@
|
|||
"dompurify": "^2.0.11",
|
||||
"electron": "^9.0.0",
|
||||
"electron-builder": "^22.7.0",
|
||||
"electron-notarize": "^0.3.0",
|
||||
"electron-osx-sign": "^0.4.16",
|
||||
"eslint": "^7.1.0",
|
||||
"eslint-config-prettier": "^6.11.0",
|
||||
"eslint-config-standard": "^14.1.1",
|
||||
|
|
|
|||
Loading…
Reference in New Issue