Git-Mirrors/onionshare
1
0
Fork 0
mirror of https://github.com/onionshare/onionshare.git synced 2025-01-13 08:19:28 -05:00
Code Issues Packages Projects Releases Wiki Activity

Write macOS package script, to codesign child binaries

Browse Source
This commit is contained in:
Micah Lee 2020-11-04 17:34:00 -08:00
parent 4f0154d698
commit 654611f1e4
No known key found for this signature in database
GPG Key ID: 403C2657CD994F73
4 changed files with 52 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
RELEASE.md
View File

@ -145,6 +145,31 @@ Make sure the virtual environment is active, and then run `briefcase create`:
```sh ```sh
. venv/bin/activate . venv/bin/activate
briefcase create ./install/macos_package.sh
briefcase package -i "Developer ID Application: Micah Lee"
``` ```
Now, notarize the release. You must have an app-specific Apple ID password saved in the login keychain called `onionshare-notarize`.
- Notarize it: `xcrun altool --notarize-app --primary-bundle-id "com.micahflee.onionshare" -u "micah@micahflee.com" -p "@keychain:onionshare-notarize" --file macOS/OnionShare-$VERSION.dmg`
- Wait for it to get approved, check status with: `xcrun altool --notarization-history 0 -u "micah@micahflee.com" -p "@keychain:onionshare-notarize"`
- After it's approved, staple the ticket: `xcrun stapler staple macOS/OnionShare-$VERSION.dmg`
This will create `macOS/OnionShare-$VERSION.dmg`, signed and notarized.
### Source package
TODO: Write documentation for source package
### Publishing the release
To publish the release:
- Create a new release on GitHub, put the changelog in the description of the release, and upload all six files (the macOS installer, the Windows installer, the source package, and their signatures)
- Upload the six release files to https://onionshare.org/dist/$VERSION/
- Copy the six release files into the OnionShare team Keybase filesystem
- Update the [onionshare-website](https://github.com/micahflee/onionshare-website) repo:
- Edit `latest-version.txt` to match the latest version
- Update the version number and download links
- Deploy to https://onionshare.org/
- Email the [onionshare-dev](https://lists.riseup.net/www/subscribe/onionshare-dev) mailing list announcing the release
- Make a PR to [homebrew-cask](https://github.com/homebrew/homebrew-cask) to update the macOS version

25
desktop/install/macos_package.sh Executable file
View File

@ -0,0 +1,25 @@
#!/bin/bash
export DEVELOPER_ID="Developer ID Application: Micah Lee (N9B95FDWH4)"
# Cleanb up from the last build
rm -rf macOS
briefcase create
# Codesign the child binaries
codesign --sign "$DEVELOPER_ID" \
--entitlements install/macos_sandbox/ChildEntitlements.plist \
macOS/OnionShare/OnionShare.app/Contents/Resources/app/onionshare/resources/tor/tor \
--force --options runtime
codesign --sign "$DEVELOPER_ID" \
--entitlements install/macos_sandbox/ChildEntitlements.plist \
macOS/OnionShare/OnionShare.app/Contents/Resources/app/onionshare/resources/tor/libevent-2.1.7.dylib \
--force --options runtime
codesign --sign "$DEVELOPER_ID" \
--entitlements install/macos_sandbox/ChildEntitlements.plist \
macOS/OnionShare/OnionShare.app/Contents/Resources/app/onionshare/resources/tor/obfs4proxy \
--force --options runtime
# Build and codesign the app bundle and dmg
cp install/macos_sandbox/Entitlements.plist macOS/OnionShare/
briefcase package -i "$DEVELOPER_ID"

0
desktop/install/macos_sandbox/child.plist → desktop/install/macos_sandbox/ChildEntitlements.plist
View File

0
desktop/install/macos_sandbox/parent.plist → desktop/install/macos_sandbox/Entitlements.plist
View File