[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [tycho-user] Tycho and code signing on OS X

Hi, just joining your discussion:

Do I understand this right, that if we want to sign our app for OSX, we definitively need an OSX machine in our build-farm?
Or to put this a different way: The signing process can only be done if we do it "[...] on a OSX machine with the Xcode toolchain installed and you need to unlock your OSX keychain before." as Martin explained?

Just asking so I can get the people with the money get used to the idea, that I need a Mac to make it Jenkin's slave :-)

Regards,
Markward


2012/9/27 David Carver <d_a_carver@xxxxxxxxx>
You could do the same thing with the exec-maven-plugin. ÂWhich would avoid the call to Ant.

Dave

On 09/27/2012 02:53 PM, Martin Lippert wrote:
Hey Valerio!

I guess you mean signing the OSX app with an Apple certificate to make Mountain Lion and Gatekeeper happy? I do the following in my build script for the products of the Spring Tool Suite:

(you would need to replace STS.app with the name of your app, of course, and <YourCompanyHere> with the correct ID of your Apple Developer certificate that you need from Apple)

<build>
  <plugins>
    <plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-antrun-plugin</artifactId>
      <version>1.7</version>
      <executions>
        <execution>
          <id>osx-app-signing</id>
          <phase>package</phase>
          <configuration>
<skip>${skip.osx.signing}</skip>
            <target>
              <taskdef resource="net/sf/antcontrib/antcontrib.properties" />

              <exec executable="codesign">
                <arg value="-s"/>
                <arg value="Developer ID Application: <YourCompanyHere>"/>
                <arg value="${build.destination.cocoa.x86}/sts-${unqualifiedVersion}.${p2.qualifier}/STS.app"/>
              </exec>

              <exec executable="codesign">
                <arg value="-s"/>
                <arg value="Developer ID Application: <YourCompanyHere>"/>
                <arg value="${build.destination.cocoa.x86_64}/sts-${unqualifiedVersion}.${p2.qualifier}/STS.app"/>
              </exec>

            </target>
          </configuration>
          <goals>
            <goal>run</goal>
          </goals>
        </execution>
      </executions>
    ...


But you need to run this on a OSX machine with the Xcode toolchain installed and you need to unlock your OSX keychain before.

HTH,
Martin



On 27.09.12 20:38, Valerio Santinelli wrote:
Hello there,

this is my first post on this list and I hope I'm not going to be off-topic.

Hre's the question: has anyone stumbled upon having to code sign an OS X binary (.app) built with Tycho?
Is there a script that can be run from Maven or a plugin for the Maven+Tycho couple?

Thanks!

Valerio Santinelli

Inviato da iPad
_______________________________________________
tycho-user mailing list
tycho-user@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/tycho-user

_______________________________________________
tycho-user mailing list
tycho-user@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/tycho-user

_______________________________________________
tycho-user mailing list
tycho-user@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/tycho-user