From 8fd0fcc5eaa9b5fc7692304cdf24560dfb8862ab Mon Sep 17 00:00:00 2001
From: kali <kali@leap.se>
Date: Thu, 15 Jul 2021 17:10:31 +0200
Subject: [PATCH] [pkg] improve stapler script

---
 Makefile                              |  7 +++++
 branding/scripts/osx-staple-status.py |  5 +++
 branding/scripts/osx-staple-uuid.py   |  5 +++
 branding/scripts/osx-stapler.sh       | 44 +++++++++------------------
 4 files changed, 32 insertions(+), 29 deletions(-)
 create mode 100755 branding/scripts/osx-staple-status.py
 create mode 100755 branding/scripts/osx-staple-uuid.py
 mode change 100644 => 100755 branding/scripts/osx-stapler.sh

diff --git a/Makefile b/Makefile
index de3e89a5..08021da9 100644
--- a/Makefile
+++ b/Makefile
@@ -253,6 +253,11 @@ ifeq (${PLATFORM}, darwin)
 	ditto -ck --rsrc --sequesterRsrc build/installer/${APPNAME}-installer-${VERSION}.app build/installer/${APPNAME}-installer-${VERSION}.zip
 endif
 
+notarize_all:
+	APPNAME=${APPNAME} VERSION=${VERSION} TARGET=${TARGET} OSXAPPPASS=${OSXAPPPASS} branding/scripts/osx-stapler.sh
+
+# --------------------
+
 notarize_installer:
 # courtesy of https://skyronic.com/2019/07/app-notarization-for-qt-applications/
 ifeq (${PLATFORM}, darwin)
@@ -274,6 +279,8 @@ ifeq (${PLATFORM}, darwin)
 	@create-dmg deploy/${APPNAME}-${VERSION}.dmg build/installer/${APPNAME}-installer-${VERSION}.app
 endif
 
+# --------------------
+
 
 check_qtifw:
 ifdef HAS_QTIFW
diff --git a/branding/scripts/osx-staple-status.py b/branding/scripts/osx-staple-status.py
new file mode 100755
index 00000000..6ee9943e
--- /dev/null
+++ b/branding/scripts/osx-staple-status.py
@@ -0,0 +1,5 @@
+#!/usr/bin/env python3
+import sys
+arg = sys.argv[1]
+line = [x for x in arg.split('\n') if x.startswith('Status:')]
+print(line[0].split('Status: ')[-1])
diff --git a/branding/scripts/osx-staple-uuid.py b/branding/scripts/osx-staple-uuid.py
new file mode 100755
index 00000000..2db3699b
--- /dev/null
+++ b/branding/scripts/osx-staple-uuid.py
@@ -0,0 +1,5 @@
+#!/usr/bin/env python3
+import sys
+arg = sys.argv[1]
+line = [x for x in arg.split('\n') if x.startswith('Status:')]
+print(line[0].split('=')[1])
diff --git a/branding/scripts/osx-stapler.sh b/branding/scripts/osx-stapler.sh
old mode 100644
new mode 100755
index 3069e499..5017f0b9
--- a/branding/scripts/osx-stapler.sh
+++ b/branding/scripts/osx-stapler.sh
@@ -1,19 +1,20 @@
 #!/bin/bash
 # Notes to script notarization steps.
+# To be called from the root folder.
 # Taken from https://oozou.com/blog/scripting-notarization-for-macos-app-distribution-38
 
 # TODO: put pass in keychain
+# --password "@keychain:notarization-password"
 
-# 1. create dmb
-hdiutil create -format UDZO -srcfolder yourFolder YourApp.dmg
+USER=info@leap.se
 
-# 2. send notarization request
 requestInfo=$(xcrun altool --notarize-app \
-   --file "YourApp.dmg" \
-   --username "yourDeveloperAccountEmail@email.com" \
-   --password "@keychain:notarization-password" \
-   --asc-provider "yourAppleTeamID" \
-   --primary-bundle-id "com.your.app.bundle.id")
+	-t osx -f build/installer/${APPNAME}-installer-${VERSION}.zip \
+	--primary-bundle-id="se.leap.bitmask.${TARGET}" \
+	-u ${USER} \
+	-p ${OSXAPPPASS})
+
+uuid=$(python branding/scripts/osx-get-uuid.py $requestInfo)
 
 current_status = "in progress"
 
@@ -22,31 +23,16 @@ while [[ "$currentStatus" == "in progress" ]]; do
 sleep 15
 
 statusResponse=$(xcrun altool --notarization-info "$uuid" \
-    --username "yourDeveloperAccountEmail@email.com" \
-    --password "@keychain:notarization-password")
-
-# TODO change to python ---- ruby script ------------------------------------
-# the response is a multiline string, with the status being on its own line
-# using the format "Status: <status here>"
-# Split each line into its own object in an array
-response_objects = ARGV[0].split("\n")
-
-# get line that contains the "Status:" text
-status_line = response_objects.select { |data| data.include?('Status:') }[0]
-
-# get text describing the status (should be either "in progress" or "success")
-current_status = "#{status_line.split('Status: ').last}"
-
-# respond with value
-puts current_status
-# -- end ruby script --------------------------------------------------------
-
-current_status=$(ruby status.rb "$statusResponse")
+    --username ${USER} \
+    --password ${OSXAPPPASS})
+current_status=$(python branding/scripts/osx-get-status.py $statusResponse)
 done
 
+
 if [[ "$current_status" == "success" ]]; then
   # staple notarization here
-  xcrun stapler staple "YourApp.dmg"
+  xcrun stapler staple build/installer/${APPNAME}-installer-${VERSION}.app
+  create-dmg deploy/${APPNAME}-${VERSION}.dmg build/installer/${APPNAME}-installer-${VERSION}.app
 else
   echo "Error! The status was $current_status. There were errors. Please check the LogFileURL for error descriptions"
   exit 1
-- 
GitLab