[Bf-blender-cvs] [3c8f8a9d246] master: macOS: tweaks for macOS bundle script
Brecht Van Lommel
noreply at git.blender.org
Sat Jun 22 16:00:52 CEST 2019
Commit: 3c8f8a9d2467d930c9281c6315f09edc23f5cfba
Author: Brecht Van Lommel
Date: Sat Jun 22 15:51:35 2019 +0200
Branches: master
https://developer.blender.org/rB3c8f8a9d2467d930c9281c6315f09edc23f5cfba
macOS: tweaks for macOS bundle script
* Follow Blender code style a bit more closely
* Fix mixed tabs and spaces
* Remove old README now that it's part of the script
* Make less tied to specific Blender version numbers
===================================================================
D release/darwin/README_codesigning.txt
M release/darwin/bundle.sh
===================================================================
diff --git a/release/darwin/README_codesigning.txt b/release/darwin/README_codesigning.txt
deleted file mode 100644
index 34de5dc74a7..00000000000
--- a/release/darwin/README_codesigning.txt
+++ /dev/null
@@ -1,26 +0,0 @@
-Tutorial for codesigning Blender releases on OSX ( atm. i do manually when needed ):
-Updated as by august 01.2014 - removed deprecated rules and not recommended deep codesigning
-
-1. You need to obtain the certificates for blender foundation, they can bw pulled at Apple developer account for BF
-2. Run the following commands from terminal:
-
-codesign -s <IDENTITY> <path_to_Blender.app>
-
-codesign -s <IDENTITY> <path_to_blenderplayer.app>
-
-
-3. Checking:
-
-codesign -vv <path_to_blenderplayer.app>
-codesign -vv <path_to_Blender.app>
-
-The result should be something like:
-
-<build_path>/Blender.app: valid on disk
-<build_path>/Blender.app: satisfies its Designated Requirement
-
-<build_path>/blenderplayer.app: valid on disk
-<build_path>/blenderplayer.app: satisfies its Designated Requirement
-
-Jens Verwiebe
-
diff --git a/release/darwin/bundle.sh b/release/darwin/bundle.sh
index 85084e07ee2..73fba0f30e6 100755
--- a/release/darwin/bundle.sh
+++ b/release/darwin/bundle.sh
@@ -1,71 +1,69 @@
#!/usr/bin/env bash
+#
+# Script to create a macOS dmg file for Blender builds, including code
+# signing and notarization for releases.
-# create blender distribution dmg
-
-# check that we have all needed tools
-
+# Check that we have all needed tools.
for i in osascript git codesign hdiutil xcrun ; do
if [ ! -x "$(which ${i})" ]; then
- echo "Unable to execute command $i, macOS broken?"
- exit 1
+ echo "Unable to execute command $i, macOS broken?"
+ exit 1
fi
done
-# some defaults settings
-
-_scriptdir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
-_volname="Blender"
-_tmpdir="$(mktemp -d)"
-_tmpdmg="/tmp/blender-tmp.dmg"
-BACKGROUND_IMAGE="${_scriptdir}/background.tif"
-MOUNT_DIR="/Volumes/${_volname}"
-
-# handle arguments
+# Defaults settings.
+_script_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
+_volume_name="Blender"
+_tmp_dir="$(mktemp -d)"
+_tmp_dmg="/tmp/blender-tmp.dmg"
+_background_image="${_script_dir}/background.tif"
+_mount_dir="/Volumes/${_volume_name}"
+# Handle arguments.
while [[ $# -gt 0 ]]; do
key=$1
case $key in
- -s|--source)
- SRC_DIR="$2"
- shift
- shift
- ;;
- -d|--dmg)
- DEST_DMG="$2"
- shift
- shift
- ;;
- -b|--bundle-id)
- N_BUNDLE_ID="$2"
- shift
- shift
- ;;
- -u|--username)
- N_USERNAME="$2"
- shift
- shift
- ;;
- -p|--password)
- N_PASSWORD="$2"
- shift
- shift
- ;;
- -c|--codesign)
- C_CERT="$2"
- shift
- shift
- ;;
- -h|--help)
- echo "Usage:"
- echo " $(basename "$0") --source DIR --dmg IMAGENAME "
- echo " optional arguments:"
- echo " --codesign <certname>"
- echo " --username <username>"
- echo " --password <password>"
- echo " --bundle-id <bundleid>"
- echo " Check https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution/customizing_the_notarization_workflow "
- exit 1
- ;;
+ -s|--source)
+ SRC_DIR="$2"
+ shift
+ shift
+ ;;
+ -d|--dmg)
+ DEST_DMG="$2"
+ shift
+ shift
+ ;;
+ -b|--bundle-id)
+ N_BUNDLE_ID="$2"
+ shift
+ shift
+ ;;
+ -u|--username)
+ N_USERNAME="$2"
+ shift
+ shift
+ ;;
+ -p|--password)
+ N_PASSWORD="$2"
+ shift
+ shift
+ ;;
+ -c|--codesign)
+ C_CERT="$2"
+ shift
+ shift
+ ;;
+ -h|--help)
+ echo "Usage:"
+ echo " $(basename "$0") --source DIR --dmg IMAGENAME "
+ echo " optional arguments:"
+ echo " --codesign <certname>"
+ echo " --username <username>"
+ echo " --password <password>"
+ echo " --bundle-id <bundleid>"
+ echo " Check https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution/customizing_the_notarization_workflow "
+ exit 1
+ ;;
esac
done
@@ -79,120 +77,116 @@ if [ -z "${DEST_DMG}" ]; then
exit 1
fi
-# destroy destination dmg if there is any. be warned.
-
+# Destroy destination dmg if there is any.
test -f "${DEST_DMG}" && rm "${DEST_DMG}"
-if [ -d "${MOUNT_DIR}" ]; then
+if [ -d "${_mount_dir}" ]; then
echo -n "Ejecting existing blender volume.."
- DEV_FILE=$(mount | grep "${MOUNT_DIR}" | awk '{ print $1 }')
+ DEV_FILE=$(mount | grep "${_mount_dir}" | awk '{ print $1 }')
diskutil eject "${DEV_FILE}" || exit 1
echo
fi
-# let's go.
-
+# Copy dmg contents.
echo -n "Copying Blender.app..."
-cp -r "${SRC_DIR}/Blender.app" "${_tmpdir}/" || exit 1
+cp -r "${SRC_DIR}/Blender.app" "${_tmp_dir}/" || exit 1
echo
-# Create the disk image
+# Create the disk image.
+_directory_size=$(du -sh ${_tmp_dir} | awk -F'[^0-9]*' '$0=$1')
+_image_size=$(echo "${_directory_size}" + 200 | bc) # extra 200 need for codesign to work (why on earth?)
-_ds=$(du -sh ${_tmpdir} | awk -F'[^0-9]*' '$0=$1') # directory size
-_is=$(echo "${_ds}" + 200 | bc) # image size with extra 200 ! (why on earth!) for codesign to work
echo
-echo -n "Creating disk image of size ${_is}M.."
-test -f "${_tmpdmg}" && rm "${_tmpdmg}"
-hdiutil create -size "${_is}m" -fs HFS+ -srcfolder "${_tmpdir}" -volname "${_volname}" -format UDRW "${_tmpdmg}"
+echo -n "Creating disk image of size ${_image_size}M.."
+test -f "${_tmp_dmg}" && rm "${_tmp_dmg}"
+hdiutil create -size "${_image_size}m" -fs HFS+ -srcfolder "${_tmp_dir}" -volname "${_volume_name}" -format UDRW "${_tmp_dmg}"
echo "Mounting readwrite image..."
-hdiutil attach -readwrite -noverify -noautoopen "${_tmpdmg}"
+hdiutil attach -readwrite -noverify -noautoopen "${_tmp_dmg}"
echo "Setting background picture.."
-if ! test -z "${BACKGROUND_IMAGE}"; then
+if ! test -z "${_background_image}"; then
echo "Copying background image ..."
- test -d "${MOUNT_DIR}/.background" || mkdir "${MOUNT_DIR}/.background"
- BACKGROUND_IMAGE_NAME=$(basename "${BACKGROUND_IMAGE}")
- cp "${BACKGROUND_IMAGE}" "${MOUNT_DIR}/.background/${BACKGROUND_IMAGE_NAME}"
+ test -d "${_mount_dir}/.background" || mkdir "${_mount_dir}/.background"
+ _background_image_NAME=$(basename "${_background_image}")
+ cp "${_background_image}" "${_mount_dir}/.background/${_background_image_NAME}"
fi
-# echo "Creating link to /Applications ..."
-ln -s /Applications "${MOUNT_DIR}/Applications"
+echo "Creating link to /Applications ..."
+ln -s /Applications "${_mount_dir}/Applications"
echo "Renaming Applications to empty string."
-mv ${MOUNT_DIR}/Applications "${MOUNT_DIR}/ "
+mv ${_mount_dir}/Applications "${_mount_dir}/ "
echo "Running applescript to set folder looks ..."
-cat "${_scriptdir}/blender.applescript" | osascript
+cat "${_script_dir}/blender.applescript" | osascript
echo "Waiting after applescript ..."
sleep 5
if [ ! -z "${C_CERT}" ]; then
- # codesigning seems to be thingie. all libs and binaries need to be
- # signed separately. todo: use some find magic to find those
+ # Codesigning requires all libs and binaries to be signed separately.
+ # TODO: use find to get the list automatically
echo -n "Codesigning..."
- codesign --timestamp --options runtime --sign "${C_CERT}" "${MOUNT_DIR}/Blender.app/Contents/Resources/2.80/python/bin/python3.7m"
- codesign --timestamp --options runtime --sign "${C_CERT}" "${MOUNT_DIR}/Blender.app/Contents/Resources/2.80/python/lib/python3.7/site-packages/libextern_draco.dylib"
- codesign --timestamp --options runtime --sign "${C_CERT}" "${MOUNT_DIR}/Blender.app/Contents/Resources/lib/libomp.dylib"
- codesign --timestamp --options runtime --sign "${C_CERT}" "${MOUNT_DIR}/Blender.app"
+ codesign --timestamp --options runtime --sign "${C_CERT}" "${_mount_dir}/Blender.app/Contents/Resources/*/python/bin/python*"
+ codesign --timestamp --options runtime --sign "${C_CERT}" "${_mount_dir}/Blender.app/Contents/Resources/*/python/lib/python*/site-packages/libextern_draco.dylib"
+ codesign --timestamp --options runtime --sign "${C_CERT}" "${_mount_dir}/Blender.app/Contents/Resources/lib/libomp.dylib"
+ codesign --timestamp --options runtime --sign "${C_CERT}" "${_mount_dir}/Blender.app"
echo
else
echo "No codesigning cert given, skipping..."
fi
-
+# Need to eject dev files to remove /dev files and free .dmg for converting
echo "Unmounting rw disk image ..."
-# need to eject dev files to remove /dev files and free .dmg for converting
-DEV_FILE=$(mount | grep "${MOUNT_DIR}" | awk '{ print $1 }')
+DEV_FILE=$(mount | grep "${_mount_dir}" | awk '{ print $1 }')
diskutil eject "${DEV_FILE}"
sleep 3
echo "Compressing disk image ..."
-hdiutil convert "${_tmpdmg}" -format UDZO -o "${DEST_DMG}"
-
-# codesign the dmg
+hdiutil convert "${_tmp_dmg}" -format UDZO -o "${DEST_DMG}"
+# Codesign the dmg
if [ ! -z "${C_CERT}" ]; then
echo -n "Codesigning dmg..."
codesign --timestamp --force --sign "${C_CERT}" "${DEST_DMG}"
echo
fi
-# cleanup
+# Cleanup
+rm -rf "${_tmp_dir}"
+rm "${_tmp_dmg}"
-rm -rf "${_tmpdir}"
-rm "${_tmpdmg}"
-
-# send notarization
+# Notarize
if [ ! -z "${N_USERNAME}" ] && [ ! -z "${N_PASSWORD}" ] && [ ! -z "${N_BUNDLE_ID}" ]; then
+ # Send to Apple
echo -n "Sending ${DEST_DMG} for notarization..."
_tmpout=$(mktemp)
xcrun altool --notarize-app -f "${DEST_DMG}" --primary-bundle-id "${N_BUNDLE_ID}" --username "${N_USERNAME}" --password "${N_PASSWORD}" >${_tmpout} 2>&1
- # check the request uuid
-
+ # Parse request uuid
_requuid=$(cat "${_tmpout}" | grep "RequestUUID" | awk '{ print $3 }')
echo "RequestUUID: ${_requuid}"
if [ ! -z "${_requuid}" ]; then
- echo "Waiting for notarization to be complete.."
- for c in {20..0};do
- sleep 60
@@ Diff output truncated at 10240 characters. @@
More information about the Bf-blender-cvs
mailing list