From 5e113f89750f62abc390fa65cd51534a39e0ed7d Mon Sep 17 00:00:00 2001 From: Fedor Indutny <79877362+indutny-signal@users.noreply.github.com> Date: Thu, 24 Feb 2022 11:39:26 -0800 Subject: [PATCH] Run notarization in afterPack script --- package.json | 2 +- ts/build/notarize.ts | 90 ---------------------------------------- ts/scripts/after-pack.ts | 4 ++ ts/scripts/notarize.ts | 62 +++++++++++++++++++++++++++ 4 files changed, 67 insertions(+), 91 deletions(-) delete mode 100644 ts/build/notarize.ts create mode 100644 ts/scripts/notarize.ts diff --git a/package.json b/package.json index 468e64a29a6..4fd4b936846 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,7 @@ "generate": "npm-run-all build-protobuf transpile sass get-expire-time copy-and-concat", "build-release": "yarn run build", "sign-release": "node ts/updater/generateSignature.js", - "notarize": "node ts/build/notarize.js", + "notarize": "echo 'No longer necessary'", "get-strings": "node ts/scripts/get-strings.js", "get-expire-time": "node ts/scripts/get-expire-time.js", "copy-and-concat": "node ts/scripts/copy-and-concat.js", diff --git a/ts/build/notarize.ts b/ts/build/notarize.ts deleted file mode 100644 index b84c970c93e..00000000000 --- a/ts/build/notarize.ts +++ /dev/null @@ -1,90 +0,0 @@ -// Copyright 2019-2020 Signal Messenger, LLC -// SPDX-License-Identifier: AGPL-3.0-only - -import { join, resolve } from 'path'; -import { readdir as readdirCallback } from 'fs'; - -import pify from 'pify'; - -import { notarize } from 'electron-notarize'; - -import * as packageJson from '../../package.json'; - -const readdir = pify(readdirCallback); - -/* eslint-disable no-console */ - -go().catch(error => { - console.error(error.stack); - - process.exit(1); -}); - -async function go() { - if (process.platform !== 'darwin') { - console.log('notarize: Skipping, not on macOS'); - - return; - } - - const appPaths = await findDMGs(); - const appBundleId = packageJson.build.appId; - if (!appBundleId) { - throw new Error( - 'appBundleId must be provided in package.json: build.appId' - ); - } - - const appleId = process.env.APPLE_USERNAME; - if (!appleId) { - throw new Error( - 'appleId must be provided in environment variable APPLE_USERNAME' - ); - } - - const appleIdPassword = process.env.APPLE_PASSWORD; - if (!appleIdPassword) { - throw new Error( - 'appleIdPassword must be provided in environment variable APPLE_PASSWORD' - ); - } - - console.log('Notarizing with...'); - console.log(` primaryBundleId: ${appBundleId}`); - console.log(` username: ${appleId}`); - - for (const appPath of appPaths) { - console.log(` file: ${appPath}`); - - // eslint-disable-next-line no-await-in-loop - await notarize({ - appBundleId, - appPath, - appleId, - appleIdPassword, - }); - } -} - -const IS_DMG = /\.dmg$/; -async function findDMGs(): Promise> { - const releaseDir = resolve('release'); - const files: Array = await readdir(releaseDir); - - const max = files.length; - const results = new Array(); - for (let i = 0; i < max; i += 1) { - const file = files[i]; - const fullPath = join(releaseDir, file); - - if (IS_DMG.test(file)) { - results.push(fullPath); - } - } - - if (results.length === 0) { - throw new Error("No suitable files found in 'release' folder!"); - } - - return results; -} diff --git a/ts/scripts/after-pack.ts b/ts/scripts/after-pack.ts index 48cf928125c..2c6441d91d3 100644 --- a/ts/scripts/after-pack.ts +++ b/ts/scripts/after-pack.ts @@ -6,10 +6,14 @@ import { afterPack as fuseElectron } from './fuse-electron'; import { afterPack as mergeASARs } from './merge-macos-asars'; import { afterPack as copyPacks } from './copy-language-packs'; import { afterPack as pruneMacOSRelease } from './prune-macos-release'; +import { afterPack as notarize } from './notarize'; export async function afterPack(context: AfterPackContext): Promise { await pruneMacOSRelease(context); await mergeASARs(context); await fuseElectron(context); await copyPacks(context); + + // This must be the last step + await notarize(context); } diff --git a/ts/scripts/notarize.ts b/ts/scripts/notarize.ts new file mode 100644 index 00000000000..04a76462db4 --- /dev/null +++ b/ts/scripts/notarize.ts @@ -0,0 +1,62 @@ +// Copyright 2019-2020 Signal Messenger, LLC +// SPDX-License-Identifier: AGPL-3.0-only + +import path from 'path'; +import type { AfterPackContext } from 'electron-builder'; + +import { notarize } from 'electron-notarize'; + +import * as packageJson from '../../package.json'; + +/* eslint-disable no-console */ + +export async function afterPack({ + appOutDir, + packager, + electronPlatformName, +}: AfterPackContext): Promise { + if (electronPlatformName !== 'darwin') { + console.log('notarize: Skipping, not on macOS'); + return; + } + + const { productFilename } = packager.appInfo; + + const appPath = path.join(appOutDir, `${productFilename}.app`); + + const appBundleId = packageJson.build.appId; + if (!appBundleId) { + throw new Error( + 'appBundleId must be provided in package.json: build.appId' + ); + } + + const appleId = process.env.APPLE_USERNAME; + if (!appleId) { + console.warn( + 'appleId must be provided in environment variable APPLE_USERNAME' + ); + return; + } + + const appleIdPassword = process.env.APPLE_PASSWORD; + if (!appleIdPassword) { + console.warn( + 'appleIdPassword must be provided in environment variable APPLE_PASSWORD' + ); + return; + } + + console.log('Notarizing with...'); + console.log(` primaryBundleId: ${appBundleId}`); + console.log(` username: ${appleId}`); + console.log(` file: ${appPath}`); + + // eslint-disable-next-line no-await-in-loop + await notarize({ + appBundleId, + appPath, + appleId, + appleIdPassword, + }); +}