From 1e07c07b42a4240d9bd009a1d526bc697c4a9f62 Mon Sep 17 00:00:00 2001
From: Jim Procter <jprocter@dundee.ac.uk>
Date: Thu, 6 Jun 2024 11:47:20 +0100
Subject: [PATCH] JAL-4428 added the signing and stapling scripts - not yet
 integrated with JAL-4421

---
 utils/osx_signing/sign_dmg.sh   |   60 +++++++++++++++++++++++++++++++++++++++
 utils/osx_signing/staple_dmg.sh |   50 ++++++++++++++++++++++++++++++++
 2 files changed, 110 insertions(+)
 create mode 100755 utils/osx_signing/sign_dmg.sh
 create mode 100755 utils/osx_signing/staple_dmg.sh

diff --git a/utils/osx_signing/sign_dmg.sh b/utils/osx_signing/sign_dmg.sh
new file mode 100755
index 0000000..1b3973c
--- /dev/null
+++ b/utils/osx_signing/sign_dmg.sh
@@ -0,0 +1,60 @@
+#!/bin/bash
+
+if [[ "$GITDIR" == "" ]]; then
+    GITDIR=~/uod-development/jalview-builds/git/jalview
+fi;
+
+if [[ "$DEVELOPERID" == "" ]]; then
+    DEVELOPERID="Developer ID"
+fi;
+
+if [[ "$TMPDMG" == "" ]]; then
+    TMPDMG="signingDMG"
+fi;
+
+echo APPNAME $APPNAME like Jalview Test
+echo doing ARCH $ARCH
+echo using entitlements from $GITDIR
+echo using key $DEVELOPERID
+
+FAPPNAME="${APPNAME/ /\\ }"
+FAPPNAMEESC="${APPNAME/ /\\\\\\ }"
+FWAPP="${APPNAME/ [A-Za-z]*/}"
+ARCHNAME="${APPNAME// /_}-${APPVER//\./_}-macos-$ARCH-java_$JVER"
+DMGNAME="${APPNAME/ /_}-${APPVER//\./_}-macos-$ARCH-java_$JVER.dmg"
+VOLNAME="${APPNAME// /_}\\ Installer\\ \\(${APPVER//\./_}\\ $ARCH\\ $JVER\\)"
+VLNAME="${APPNAME// /_} Installer (${APPVER//\./_} $ARCH $JVER)"
+BORINGVLNAME="${APPNAME} Installer"
+
+
+
+echo "will mount $DMGNAME as $VOLNAME"
+if [[ -d $TMPDMG ]]; then
+	echo "'$TMPDMG' is in the way. Please delete it or set TMPDMG"
+	exit 1;
+fi
+
+if [[ -f $DMGNAME ]]; then
+    hdiutil attach $DMGNAME
+    ditto /Volumes/${FWAPP}* $TMPDMG
+    hdiutil eject /Volumes/${FWAPP}*
+    mkdir -p unsigned
+    mv -v $DMGNAME unsigned/
+    echo Moved $DMGNAME to unsigned/$DMGNAME
+    codesign  --remove-signature --force --deep -vvvv -s "Developer ID" --options runtime --entitlements $GITDIR/utils/osx_signing/entitlements.txt $TMPDMG/${FWAPP}*.app/Contents/Resources/app/jre/Contents/MacOS/libjli.dylib 
+
+    codesign  --verify --deep -v ./$TMPDMG/${FWAPP}*.app/Contents/Resources/app/jre/Contents/MacOS/libjli.dylib 
+
+    codesign --remove-signature --force --deep -vvvv -s "Developer ID" --options runtime --entitlements $GITDIR/utils/osx_signing/entitlements.txt  $TMPDMG/${FWAPP}*.app/Contents/MacOS/JavaApplicationStub
+
+    hdiutil create -megabytes 260 -srcfolder ./$TMPDMG -volname "$BORINGVLNAME" $ARCHNAME.dmg
+
+    codesign --force --deep -vvvv -s "Developer ID" --options runtime --entitlements $GITDIR/utils/osx_signing/entitlements.txt $ARCHNAME.dmg
+
+    codesign --deep -vvvv $ARCHNAME.dmg
+    
+    rm -Rf $TMPDMG
+else
+    echo Can\'t find $DMGNAME - dit you set APPNAME APPVER ARCH and JVER correctly ?
+fi
+
diff --git a/utils/osx_signing/staple_dmg.sh b/utils/osx_signing/staple_dmg.sh
new file mode 100755
index 0000000..0eb24dc
--- /dev/null
+++ b/utils/osx_signing/staple_dmg.sh
@@ -0,0 +1,50 @@
+#!/bin/bash
+
+if [[ "$GITDIR" == "" ]]; then
+    GITDIR=~/uod-development/jalview-builds/git/jalview
+fi;
+
+
+if [[ "$DEVELOPERID" == "" ]]; then
+    DEVELOPERID="Developer ID"
+fi;
+
+if [[ "$TMPDMG" == "" ]]; then
+    TMPDMG="staplingDMG"
+fi;
+
+
+echo APPNAME $APPNAME like Jalview Test
+echo doing ARCH $ARCH
+echo using entitlements from $GITDIR
+
+FAPPNAME="${APPNAME/ /\\ }"
+FAPPNAMEESC="${APPNAME/ /\\\\\\ }"
+FWAPP="${APPNAME/ [A-Za-z]*/}"
+ARCHNAME="${APPNAME// /_}-${APPVER//\./_}-macos-$ARCH-java_$JVER"
+DMGNAME="${APPNAME/ /_}-${APPVER//\./_}-macos-$ARCH-java_$JVER.dmg"
+VOLNAME="${APPNAME// /_}\\ Installer\\ \\(${APPVER//\./_}\\ $ARCH\\ $JVER\\)"
+VLNAME="${APPNAME// /_} Installer (${APPVER//\./_} $ARCH $JVER)"
+BORINGVLNAME="${APPNAME} Installer"
+echo "will mount $DMGNAME as $VOLNAME"
+
+if [[ -d $TMPDMG ]]; then
+	echo "'$TMPDMG' is in the way. Please delete it or set TMPDMG"
+	exit 1;
+fi
+
+if [[ -f $DMGNAME ]]; then
+    hdiutil attach $DMGNAME
+    ditto /Volumes/${FWAPP}* $TMPDMG
+    hdiutil eject /Volumes/${FWAPP}*
+    xcrun stapler staple $TMPDMG/${FWAPP}*.app
+    mkdir -p stapled
+    hdiutil create -megabytes 240 -srcfolder $TMPDMG -volname "$BORINGVLNAME" stapled/$DMGNAME
+    codesign --force --deep -vvvv -s "$DEVELOPERID" --options runtime --entitlements ${GITDIR}/utils/osx_signing/entitlements.txt stapled/$DMGNAME
+    codesign --deep -vvvv stapled/$DMGNAME
+	echo "Stapled DMG is in stapled/$DMGNAME"
+    rm -Rf $TMPDMG    
+else
+    echo Can\'t find $DMGNAME - dit you set APPNAME APPVER ARCH and JVER correctly ?
+fi
+
-- 
1.7.10.2