Skip to content

Commit ec5adb8

Browse files
dcommanderdcommander
committed
Build/packaging: Support macOS package/DMG signing
1 parent c8e5274 commit ec5adb8

File tree

2 files changed

+22
-1
lines changed

2 files changed

+22
-1
lines changed

cmakescripts/BuildPackages.cmake

+5
Original file line numberDiff line numberDiff line change
@@ -145,6 +145,11 @@ set(DEFAULT_IOS_ARMV8_BUILD ${CMAKE_SOURCE_DIR}/iosarmv8)
145145
set(IOS_ARMV8_BUILD ${DEFAULT_IOS_ARMV8_BUILD} CACHE PATH
146146
"Directory containing ARMv8 iOS build to include in universal binaries (default: ${DEFAULT_IOS_ARMV8_BUILD})")
147147

148+
set(OSX_APP_CERT_NAME "" CACHE STRING
149+
"Name of the Developer ID Application certificate (in the macOS keychain) that should be used to sign the libjpeg-turbo DMG. Leave this blank to generate an unsigned DMG.")
150+
set(OSX_INST_CERT_NAME "" CACHE STRING
151+
"Name of the Developer ID Installer certificate (in the macOS keychain) that should be used to sign the libjpeg-turbo installer package. Leave this blank to generate an unsigned package.")
152+
148153
configure_file(release/makemacpkg.in pkgscripts/makemacpkg)
149154
configure_file(release/Distribution.xml.in pkgscripts/Distribution.xml)
150155
configure_file(release/uninstall.in pkgscripts/uninstall)

release/makemacpkg.in

+17-1
Original file line numberDiff line numberDiff line change
@@ -58,6 +58,8 @@ BUILDDIRARMV7=@IOS_ARMV7_BUILD@
5858
BUILDDIRARMV7S=@IOS_ARMV7S_BUILD@
5959
BUILDDIRARMV8=@IOS_ARMV8_BUILD@
6060
WITH_JAVA=@WITH_JAVA@
61+
OSX_APP_CERT_NAME="@OSX_APP_CERT_NAME@"
62+
OSX_INST_CERT_NAME="@OSX_INST_CERT_NAME@"
6163
LIPO=lipo
6264

6365
PREFIX=@CMAKE_INSTALL_PREFIX@
@@ -258,11 +260,25 @@ cp $SRCDIR/release/License.rtf $SRCDIR/release/Welcome.rtf $SRCDIR/release/ReadM
258260
mkdir $TMPDIR/dmg
259261
pkgbuild --root $PKGROOT --version $VERSION.$BUILD --identifier @PKGID@ \
260262
$TMPDIR/pkg/$PKGNAME.pkg
263+
SUFFIX=
264+
if [ "$OSX_INST_CERT_NAME" != "" ]; then
265+
SUFFIX=-unsigned
266+
fi
261267
productbuild --distribution pkgscripts/Distribution.xml \
262268
--package-path $TMPDIR/pkg/ --resources $TMPDIR/pkg/ \
263-
$TMPDIR/dmg/$PKGNAME.pkg
269+
$TMPDIR/dmg/$PKGNAME$SUFFIX.pkg
270+
if [ "$OSX_INST_CERT_NAME" != "" ]; then
271+
productsign --sign "$OSX_INST_CERT_NAME" --timestamp \
272+
$TMPDIR/dmg/$PKGNAME$SUFFIX.pkg $TMPDIR/dmg/$PKGNAME.pkg
273+
rm -r $TMPDIR/dmg/$PKGNAME$SUFFIX.pkg
274+
pkgutil --check-signature $TMPDIR/dmg/$PKGNAME.pkg
275+
fi
264276
hdiutil create -fs HFS+ -volname $PKGNAME-$VERSION \
265277
-srcfolder "$TMPDIR/dmg" $TMPDIR/$PKGNAME-$VERSION.dmg
278+
if [ "$OSX_APP_CERT_NAME" != "" ]; then
279+
codesign -s "$OSX_APP_CERT_NAME" --timestamp $TMPDIR/$PKGNAME-$VERSION.dmg
280+
codesign -vv $TMPDIR/$PKGNAME-$VERSION.dmg
281+
fi
266282
cp $TMPDIR/$PKGNAME-$VERSION.dmg .
267283

268284
exit

0 commit comments

Comments
 (0)