curben
/
cloudflared-mirror
mirror of https://github.com/cloudflare/cloudflared.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

TUN-9886 notarize cloudflared

This commit is contained in:
Andi Anderson 2025-12-12 12:28:39 -08:00 committed by João "Pisco" Fernandes
parent 8aebc38b2f
commit 9abcfece66
1 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
.ci/scripts/mac/build.sh
View File

@ -178,8 +178,13 @@ fi
if [[ ! -z "$CODE_SIGN_NAME" ]]; then if [[ ! -z "$CODE_SIGN_NAME" ]]; then
codesign --keychain $HOME/Library/Keychains/cloudflared_build_keychain.keychain-db -s "${CODE_SIGN_NAME}" -fv --options runtime --timestamp ${BINARY_NAME} codesign --keychain $HOME/Library/Keychains/cloudflared_build_keychain.keychain-db -s "${CODE_SIGN_NAME}" -fv --options runtime --timestamp ${BINARY_NAME}
# notarize the binary echo "Uploading ${BINARY_NAME} to apple portal."
# TODO: TUN-5789 xcrun notarytool submit \
"${BINARY_NAME}" \
--keychain $HOME/Library/Keychains/cloudflared_build_keychain.keychain-db \
--verbose \
--wait \
--timeout 15m
fi fi
ARCH_TARGET_DIRECTORY="${TARGET_DIRECTORY}/${TARGET_ARCH}-build" ARCH_TARGET_DIRECTORY="${TARGET_DIRECTORY}/${TARGET_ARCH}-build"
@ -207,8 +212,16 @@ if [[ ! -z "$PKG_SIGN_NAME" ]]; then
--sign "${PKG_SIGN_NAME}" \ --sign "${PKG_SIGN_NAME}" \
${PKGNAME} ${PKGNAME}
# notarize the package echo "Uploading ${PKG_NAME} to apple portal."
# TODO: TUN-5789 xcrun notarytool submit \
"${PKG_NAME}" \
--keychain $HOME/Library/Keychains/cloudflared_build_keychain.keychain-db \
--verbose \
--wait \
--timeout 15m
echo "Stapling ${PKG_NAME}"
xcrun stapler staple "${PKG_NAME}"
else else
pkgbuild --identifier com.cloudflare.${PRODUCT} \ pkgbuild --identifier com.cloudflare.${PRODUCT} \
--version ${VERSION} \ --version ${VERSION} \