diff --git a/.gitignore b/.gitignore index e48347c2..6e68831a 100644 --- a/.gitignore +++ b/.gitignore @@ -35,6 +35,7 @@ CMakeLists.txt.user* .DS_Store ._.DS_Store ._* +*.dmg # tmp files *.*~ diff --git a/.travis.yml b/.travis.yml index e25f6362..9088cde6 100644 --- a/.travis.yml +++ b/.travis.yml @@ -30,7 +30,7 @@ jobs: token: $GH_TOKEN skip_cleanup: true file: - - "AmneziaVPN.dmg" + - "AmneziaVPN_unsigned.dmg" on: tags: true branch: master diff --git a/deploy/build_macos.sh b/deploy/build_macos.sh index ad6a2053..2acbb2a3 100755 --- a/deploy/build_macos.sh +++ b/deploy/build_macos.sh @@ -5,31 +5,30 @@ set -o errexit -o nounset # Hold on to current directory PROJECT_DIR=$(pwd) -SCRIPT_DIR=$PROJECT_DIR/deploy +DEPLOY_DIR=$PROJECT_DIR/deploy -mkdir -p $SCRIPT_DIR/build -WORK_DIR=$SCRIPT_DIR/build +mkdir -p $DEPLOY_DIR/build +BUILD_DIR=$DEPLOY_DIR/build echo "Project dir: ${PROJECT_DIR}" -echo "Build dir: ${WORK_DIR}" +echo "Build dir: ${BUILD_DIR}" APP_NAME=AmneziaVPN APP_FILENAME=$APP_NAME.app APP_DOMAIN=org.amneziavpn.package PLIST_NAME=$APP_NAME.plist -RELEASE_DIR=$WORK_DIR -OUT_APP_DIR=$RELEASE_DIR/client +OUT_APP_DIR=$BUILD_DIR/client BUNDLE_DIR=$OUT_APP_DIR/$APP_FILENAME DEPLOY_DATA_DIR=$PROJECT_DIR/deploy/data/macos -INSTALLER_DATA_DIR=$RELEASE_DIR/installer/packages/$APP_DOMAIN/data +INSTALLER_DATA_DIR=$BUILD_DIR/installer/packages/$APP_DOMAIN/data PRO_FILE_PATH=$PROJECT_DIR/$APP_NAME.pro QMAKE_STASH_FILE=$PROJECT_DIR/.qmake_stash -TARGET_FILENAME=$PROJECT_DIR/$APP_NAME.dmg +DMG_FILENAME=$PROJECT_DIR/${APP_NAME}_unsigned.dmg # Seacrh Qt -if [ -z "${QT_VERSION+x}" ]; then export QT_VERSION=5.14.2; fi +if [ -z "${QT_VERSION+x}" ]; then export QT_VERSION=5.15.2; fi QT_BIN_DIR=$HOME/Qt/$QT_VERSION/clang_64/bin QIF_BIN_DIR=$QT_BIN_DIR/../../../Tools/QtInstallerFramework/4.0/bin @@ -37,8 +36,6 @@ QIF_BIN_DIR=$QT_BIN_DIR/../../../Tools/QtInstallerFramework/4.0/bin echo "Using Qt in $QT_BIN_DIR" echo "Using QIF in $QIF_BIN_DIR" -ls -al $QT_BIN_DIR/../../.. - # Checking env $QT_BIN_DIR/qmake -v @@ -47,7 +44,7 @@ clang -v # Build App echo "Building App..." -cd $WORK_DIR +cd $BUILD_DIR $QT_BIN_DIR/qmake $PROJECT_DIR/AmneziaVPN.pro 'CONFIG+=release CONFIG+=x86_64' make -j `sysctl -n hw.ncpu` @@ -61,16 +58,16 @@ echo "____________________________________" # Package echo "Packaging ..." -#cd $SCRIPT_DIR +#cd $DEPLOY_DIR $QT_BIN_DIR/macdeployqt $OUT_APP_DIR/$APP_FILENAME -always-overwrite -cp -av $RELEASE_DIR/service/server/$APP_NAME-service.app/Contents/macOS/$APP_NAME-service $BUNDLE_DIR/Contents/macOS +cp -av $BUILD_DIR/service/server/$APP_NAME-service.app/Contents/macOS/$APP_NAME-service $BUNDLE_DIR/Contents/macOS cp -Rv $PROJECT_DIR/deploy/data/macos/* $BUNDLE_DIR/Contents/macOS if [ "${MAC_CERT_PW+x}" ]; then -CERTIFICATE_P12=$SCRIPT_DIR/PrivacyTechAppleCertDeveloperId.p12 -WWDRCA=$SCRIPT_DIR/WWDRCA.cer +CERTIFICATE_P12=$DEPLOY_DIR/PrivacyTechAppleCertDeveloperId.p12 +WWDRCA=$DEPLOY_DIR/WWDRCA.cer KEYCHAIN=amnezia.build.keychain TEMP_PASS=tmp_pass @@ -95,7 +92,7 @@ fi mkdir -p $INSTALLER_DATA_DIR -cp -av $PROJECT_DIR/deploy/installer $RELEASE_DIR +cp -av $PROJECT_DIR/deploy/installer $BUILD_DIR cp -av $DEPLOY_DATA_DIR/post_install.sh $INSTALLER_DATA_DIR/post_install.sh cp -av $DEPLOY_DATA_DIR/post_uninstall.sh $INSTALLER_DATA_DIR/post_uninstall.sh cp -av $DEPLOY_DATA_DIR/$PLIST_NAME $INSTALLER_DATA_DIR/$PLIST_NAME @@ -106,18 +103,24 @@ chmod a+x $INSTALLER_DATA_DIR/post_install.sh $INSTALLER_DATA_DIR/post_uninstall cd $BUNDLE_DIR tar czf $INSTALLER_DATA_DIR/$APP_NAME.tar.gz ./ -cd $RELEASE_DIR/installer -$QIF_BIN_DIR/binarycreator --offline-only -v -c config/macos.xml -p packages -f $APP_NAME -hdiutil create -volname $APP_NAME -srcfolder $APP_NAME.app -ov -format UDZO $TARGET_FILENAME - +cd $BUILD_DIR/installer +$QIF_BIN_DIR/binarycreator --offline-only -v -c config/macos.xml -p packages -f $APP_FILENAME if [ "${MAC_CERT_PW+x}" ]; then -/usr/bin/codesign --deep --force --verbose --timestamp -o runtime --sign "Developer ID Application: Privacy Technologies OU (X7UJ388FXK)" $TARGET_FILENAME -/usr/bin/codesign --verify -vvvv $TARGET_FILENAME || true -spctl -a -vvvv $TARGET_FILENAME || true -#xcrun altool --notarize-app -f $TARGET_FILENAME -t osx --primary-bundle-id $APP_DOMAIN +/usr/bin/codesign --deep --force --verbose --timestamp -o runtime --sign "Developer ID Application: Privacy Technologies OU (X7UJ388FXK)" $APP_FILENAME fi -echo "Finished, artifact is $PROJECT_DIR/$APP_NAME.dmg" +hdiutil create -volname $APP_NAME -srcfolder $APP_NAME.app -ov -format UDZO $DMG_FILENAME + +if [ "${MAC_CERT_PW+x}" ]; then +/usr/bin/codesign --deep --force --verbose --timestamp -o runtime --sign "Developer ID Application: Privacy Technologies OU (X7UJ388FXK)" $DMG_FILENAME +/usr/bin/codesign --verify -vvvv $DMG_FILENAME || true +spctl -a -vvvv $DMG_FILENAME || true +#xcrun altool --notarize-app -f $DMG_FILENAME -t osx --primary-bundle-id $APP_DOMAIN -u $APPLE_DEV_EMAIL +#xcrun stapler staple $DMG_FILENAME +#xcrun stapler validate $DMG_FILENAME +fi + +echo "Finished, artifact is $DMG_FILENAME" # restore keychain security default-keychain -s login.keychain