almet/dangerzone
1
0
Fork 0
mirror of https://github.com/freedomofpress/dangerzone.git synced 2025-04-28 18:02:38 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

Redo macOS build-app.py and add --codesign-only opt

Browse source 
Redoes the build-app.py script to add an option to sign only an already-
produced app bundle.
This commit is contained in:
deeplow 2023-03-30 16:04:23 +01:00
parent bb0de52b01
commit 3f23010394
No known key found for this signature in database
GPG key ID: 577982871529A52A
1 changed files with 105 additions and 75 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

180
install/macos/build-app.py
View file

@ -19,6 +19,28 @@ def run(cmd):
subprocess.run(cmd, cwd=root, check=True)
def build_app_bundle():
"""
Builds the Dangerzone.app bundle and saves it in dist/Dangerzone.app
"""
print("○ Deleting old build and dist")
if os.path.exists(build_path):
shutil.rmtree(build_path)
if os.path.exists(dist_path):
shutil.rmtree(dist_path)
print("○ Building app bundle")
run(["pyinstaller", "install/pyinstaller/pyinstaller.spec", "--clean"])
shutil.rmtree(os.path.join(dist_path, "dangerzone"))
os.symlink(
"dangerzone",
os.path.join(app_path, "Contents/MacOS/dangerzone-cli"),
)
print(f"○ Finished build app: {app_path}")
def codesign(path, entitlements, identity):
run(
[
@ -37,96 +59,104 @@ def codesign(path, entitlements, identity):
)
def sign_app_bundle(build_path, dist_path, app_path):
"""
Signs the app bundle stored in dist/Dangerzone.app,
producing a Dangerzone.dmg file
"""
print(f"○ Signing app bundle in {app_path}")
# Detect if create-dmg is installed
if not os.path.exists(app_path):
print(f"ERROR: Dangerzone.app not found in {app_path}.")
exit(1)
dmg_path = os.path.join(dist_path, "Dangerzone.dmg")
icon_path = os.path.join(root, "install", "macos", "dangerzone.icns")
print("○ Code signing app bundle")
identity_name_application = (
# FIXME: Update this line with the proper developer ID, once we know what
# that is.
"Developer ID Application: FREEDOM OF THE PRESS FOUNDATION, 501(c)(3)"
)
entitlements_plist_path = os.path.join(root, "install/macos/entitlements.plist")
for path in itertools.chain(
glob.glob(f"{app_path}/**/*.so", recursive=True),
glob.glob(f"{app_path}/**/*.dylib", recursive=True),
glob.glob(f"{app_path}/**/Python3", recursive=True),
[app_path],
):
codesign(path, entitlements_plist_path, identity_name_application)
print(f"○ Signed app bundle: {app_path}")
# Detect if create-dmg is installed
if not os.path.exists("/usr/local/bin/create-dmg"):
print("create-dmg is not installed, skipping creating a DMG")
return
print("○ Creating DMG")
run(
[
"create-dmg",
"--volname",
"Dangerzone",
"--volicon",
icon_path,
"--window-size",
"400",
"200",
"--icon-size",
"100",
"--icon",
"Dangerzone.app",
"100",
"70",
"--hide-extension",
"Dangerzone.app",
"--app-drop-link",
"300",
"70",
dmg_path,
app_path,
"--identity",
identity_name_application,
]
)
print(f"○ Finished building DMG: {dmg_path}")
def main():
# Parse arguments
parser = argparse.ArgumentParser()
parser.add_argument(
codesign_opts = parser.add_mutually_exclusive_group()
codesign_opts.add_argument(
"--with-codesign",
action="store_true",
dest="with_codesign",
help="Codesign the app bundle",
)
codesign_opts.add_argument(
"--only-codesign",
action="store_true",
dest="only_codesign",
help="Exclusively codesign the app bundle in dist/Dangerzone.app",
)
args = parser.parse_args()
build_path = os.path.join(root, "build")
dist_path = os.path.join(root, "dist")
app_path = os.path.join(dist_path, "Dangerzone.app")
dmg_path = os.path.join(dist_path, "Dangerzone.dmg")
icon_path = os.path.join(root, "install", "macos", "dangerzone.icns")
print("○ Deleting old build and dist")
if os.path.exists(build_path):
shutil.rmtree(build_path)
if os.path.exists(dist_path):
shutil.rmtree(dist_path)
print("○ Building app bundle")
run(["pyinstaller", "install/pyinstaller/pyinstaller.spec", "--clean"])
shutil.rmtree(os.path.join(dist_path, "dangerzone"))
os.symlink(
"dangerzone",
os.path.join(app_path, "Contents/MacOS/dangerzone-cli"),
)
print(f"○ Finished build app: {app_path}")
if args.with_codesign:
print("○ Code signing app bundle")
identity_name_application = (
# FIXME: Update this line with the proper developer ID, once we know what
# that is.
"Developer ID Application: FREEDOM OF THE PRESS FOUNDATION, 501(c)(3)"
)
entitlements_plist_path = os.path.join(root, "install/macos/entitlements.plist")
for path in itertools.chain(
glob.glob(f"{app_path}/**/*.so", recursive=True),
glob.glob(f"{app_path}/**/*.dylib", recursive=True),
glob.glob(f"{app_path}/**/Python3", recursive=True),
[app_path],
):
codesign(path, entitlements_plist_path, identity_name_application)
print(f"○ Signed app bundle: {app_path}")
# Detect if create-dmg is installed
if not os.path.exists("/usr/local/bin/create-dmg"):
print("create-dmg is not installed, skipping creating a DMG")
return
print("○ Creating DMG")
run(
[
"create-dmg",
"--volname",
"Dangerzone",
"--volicon",
icon_path,
"--window-size",
"400",
"200",
"--icon-size",
"100",
"--icon",
"Dangerzone.app",
"100",
"70",
"--hide-extension",
"Dangerzone.app",
"--app-drop-link",
"300",
"70",
dmg_path,
app_path,
"--identity",
identity_name_application,
]
)
print(f"○ Finished building DMG: {dmg_path}")
if args.only_codesign:
sign_app_bundle(build_path, dist_path, app_path)
else:
print("○ Skipping code signing")
build_app_bundle(build_path, dist_path, app_path)
if args.with_codesign:
sign_app_bundle(build_path, dist_path, app_path)
else:
print("○ Skipping code signing")
if __name__ == "__main__":