Merge branch 'dev' into service_refact
This commit is contained in:
pokamest
commit
f91854594c
9 changed files with 70 additions and 40 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
|
@ -35,6 +35,7 @@ CMakeLists.txt.user*
|
|||
.DS_Store
|
||||
._.DS_Store
|
||||
._*
|
||||
*.dmg
|
||||
|
||||
# tmp files
|
||||
*.*~
|
||||
|
|
|
|||
10
.travis.yml
10
.travis.yml
|
|
@ -15,14 +15,6 @@ jobs:
|
|||
env:
|
||||
- QT_VERSION=5.15.1
|
||||
|
||||
before_install:
|
||||
- export CERTIFICATE_P12=deploy/PrivacyTechAppleCert.p12
|
||||
- export KEYCHAIN=build.keychain
|
||||
- security create-keychain -p $MAC_CERT_PW $KEYCHAIN
|
||||
- security default-keychain -s $KEYCHAIN
|
||||
- security unlock-keychain -p $MAC_CERT_PW $KEYCHAIN
|
||||
- security import $CERTIFICATE_P12 -k $KEYCHAIN -P $MAC_CERT_PW -T /usr/bin/codesign
|
||||
|
||||
script:
|
||||
- |
|
||||
if [ ! -f $HOME/Qt/$QT_VERSION/clang_64/bin/qmake ]; then \
|
||||
|
|
@ -38,7 +30,7 @@ jobs:
|
|||
token: $GH_TOKEN
|
||||
skip_cleanup: true
|
||||
file:
|
||||
- "AmneziaVPN.dmg"
|
||||
- "AmneziaVPN_unsigned.dmg"
|
||||
on:
|
||||
tags: true
|
||||
branch: master
|
||||
|
|
|
|||
Binary file not shown.
BIN
deploy/PrivacyTechAppleCertDeveloperId.p12
Executable file
BIN
deploy/PrivacyTechAppleCertDeveloperId.p12
Executable file
Binary file not shown.
BIN
deploy/PrivacyTechAppleCertInstallerId.p12
Executable file
BIN
deploy/PrivacyTechAppleCertInstallerId.p12
Executable file
Binary file not shown.
Binary file not shown.
BIN
deploy/WWDRCA.cer
Normal file
BIN
deploy/WWDRCA.cer
Normal file
Binary file not shown.
82
deploy/build_macos.sh
Normal file → Executable file
82
deploy/build_macos.sh
Normal file → Executable file
|
|
@ -5,46 +5,37 @@ set -o errexit -o nounset
|
|||
|
||||
# Hold on to current directory
|
||||
PROJECT_DIR=$(pwd)
|
||||
SCRIPT_DIR=$PROJECT_DIR/deploy
|
||||
DEPLOY_DIR=$PROJECT_DIR/deploy
|
||||
|
||||
mkdir -p $SCRIPT_DIR/build
|
||||
WORK_DIR=$SCRIPT_DIR/build
|
||||
mkdir -p $DEPLOY_DIR/build
|
||||
BUILD_DIR=$DEPLOY_DIR/build
|
||||
|
||||
echo "Project dir: ${PROJECT_DIR}"
|
||||
echo "Build dir: ${WORK_DIR}"
|
||||
echo "Build dir: ${BUILD_DIR}"
|
||||
|
||||
APP_NAME=AmneziaVPN
|
||||
APP_FILENAME=$APP_NAME.app
|
||||
APP_DOMAIN=org.amneziavpn.package
|
||||
PLIST_NAME=$APP_NAME.plist
|
||||
|
||||
RELEASE_DIR=$WORK_DIR
|
||||
OUT_APP_DIR=$RELEASE_DIR/client
|
||||
OUT_APP_DIR=$BUILD_DIR/client
|
||||
BUNDLE_DIR=$OUT_APP_DIR/$APP_FILENAME
|
||||
DEPLOY_DATA_DIR=$PROJECT_DIR/deploy/data/macos
|
||||
INSTALLER_DATA_DIR=$RELEASE_DIR/installer/packages/$APP_DOMAIN/data
|
||||
INSTALLER_DATA_DIR=$BUILD_DIR/installer/packages/$APP_DOMAIN/data
|
||||
|
||||
PRO_FILE_PATH=$PROJECT_DIR/$APP_NAME.pro
|
||||
QMAKE_STASH_FILE=$PROJECT_DIR/.qmake_stash
|
||||
TARGET_FILENAME=$PROJECT_DIR/$APP_NAME.dmg
|
||||
DMG_FILENAME=$PROJECT_DIR/${APP_NAME}_unsigned.dmg
|
||||
|
||||
# Seacrh Qt
|
||||
echo "Brew Qt version $(brew --prefix qt)"
|
||||
|
||||
|
||||
#if [ -f $(brew --prefix qt)/clang_64/bin/qmake ]; then QT_BIN_DIR=$(brew --prefix qt)/clang_64/bin;
|
||||
#else QT_BIN_DIR=$HOME/Qt/5.14.2/clang_64/bin; fi
|
||||
if [ -z "${QT_VERSION+x}" ]; then export QT_VERSION=5.15.2; fi
|
||||
|
||||
QT_BIN_DIR=$HOME/Qt/$QT_VERSION/clang_64/bin
|
||||
|
||||
#QIF_BIN_DIR=$HOME/Qt/Tools/QtInstallerFramework/4.0/bin
|
||||
QIF_BIN_DIR=$QT_BIN_DIR/../../../Tools/QtInstallerFramework/4.0/bin
|
||||
|
||||
echo "Using Qt in $QT_BIN_DIR"
|
||||
echo "Using QIF in $QIF_BIN_DIR"
|
||||
|
||||
ls -al $QT_BIN_DIR/../../..
|
||||
|
||||
|
||||
# Checking env
|
||||
$QT_BIN_DIR/qmake -v
|
||||
|
|
@ -53,7 +44,7 @@ clang -v
|
|||
|
||||
# Build App
|
||||
echo "Building App..."
|
||||
cd $WORK_DIR
|
||||
cd $BUILD_DIR
|
||||
|
||||
$QT_BIN_DIR/qmake $PROJECT_DIR/AmneziaVPN.pro 'CONFIG+=release CONFIG+=x86_64'
|
||||
make -j `sysctl -n hw.ncpu`
|
||||
|
|
@ -67,15 +58,41 @@ echo "____________________________________"
|
|||
# Package
|
||||
echo "Packaging ..."
|
||||
|
||||
#cd $SCRIPT_DIR
|
||||
#cd $DEPLOY_DIR
|
||||
|
||||
$QT_BIN_DIR/macdeployqt $OUT_APP_DIR/$APP_FILENAME -always-overwrite
|
||||
cp -av $RELEASE_DIR/service/server/$APP_NAME-service.app/Contents/macOS/$APP_NAME-service $BUNDLE_DIR/Contents/macOS
|
||||
cp -av $BUILD_DIR/service/server/$APP_NAME-service.app/Contents/macOS/$APP_NAME-service $BUNDLE_DIR/Contents/macOS
|
||||
cp -Rv $PROJECT_DIR/deploy/data/macos/* $BUNDLE_DIR/Contents/macOS
|
||||
|
||||
if [ "${MAC_CERT_PW+x}" ]; then
|
||||
|
||||
CERTIFICATE_P12=$DEPLOY_DIR/PrivacyTechAppleCertDeveloperId.p12
|
||||
WWDRCA=$DEPLOY_DIR/WWDRCA.cer
|
||||
KEYCHAIN=amnezia.build.keychain
|
||||
TEMP_PASS=tmp_pass
|
||||
|
||||
security create-keychain -p $TEMP_PASS $KEYCHAIN || true
|
||||
security default-keychain -s $KEYCHAIN
|
||||
security unlock-keychain -p $TEMP_PASS $KEYCHAIN
|
||||
|
||||
security default-keychain
|
||||
security list-keychains
|
||||
|
||||
security import $WWDRCA -k $KEYCHAIN -T /usr/bin/codesign || true
|
||||
security import $CERTIFICATE_P12 -k $KEYCHAIN -P $MAC_CERT_PW -T /usr/bin/codesign || true
|
||||
|
||||
security set-key-partition-list -S apple-tool:,apple: -k $TEMP_PASS $KEYCHAIN
|
||||
security find-identity -p codesigning
|
||||
|
||||
/usr/bin/codesign --deep --force --verbose --timestamp -o runtime --sign "Developer ID Application: Privacy Technologies OU (X7UJ388FXK)" $BUNDLE_DIR
|
||||
/usr/bin/codesign --verify -vvvv $BUNDLE_DIR || true
|
||||
spctl -a -vvvv $BUNDLE_DIR || true
|
||||
|
||||
fi
|
||||
|
||||
|
||||
mkdir -p $INSTALLER_DATA_DIR
|
||||
cp -av $PROJECT_DIR/deploy/installer $RELEASE_DIR
|
||||
cp -av $PROJECT_DIR/deploy/installer $BUILD_DIR
|
||||
cp -av $DEPLOY_DATA_DIR/post_install.sh $INSTALLER_DATA_DIR/post_install.sh
|
||||
cp -av $DEPLOY_DATA_DIR/post_uninstall.sh $INSTALLER_DATA_DIR/post_uninstall.sh
|
||||
cp -av $DEPLOY_DATA_DIR/$PLIST_NAME $INSTALLER_DATA_DIR/$PLIST_NAME
|
||||
|
|
@ -86,9 +103,24 @@ chmod a+x $INSTALLER_DATA_DIR/post_install.sh $INSTALLER_DATA_DIR/post_uninstall
|
|||
cd $BUNDLE_DIR
|
||||
tar czf $INSTALLER_DATA_DIR/$APP_NAME.tar.gz ./
|
||||
|
||||
cd $RELEASE_DIR/installer
|
||||
$QIF_BIN_DIR/binarycreator --offline-only -v -c config/macos.xml -p packages -f $APP_NAME
|
||||
hdiutil create -volname $APP_NAME -srcfolder $APP_NAME.app -ov -format UDZO $TARGET_FILENAME
|
||||
cd $BUILD_DIR/installer
|
||||
$QIF_BIN_DIR/binarycreator --offline-only -v -c config/macos.xml -p packages -f $APP_FILENAME
|
||||
if [ "${MAC_CERT_PW+x}" ]; then
|
||||
/usr/bin/codesign --deep --force --verbose --timestamp -o runtime --sign "Developer ID Application: Privacy Technologies OU (X7UJ388FXK)" $APP_FILENAME
|
||||
fi
|
||||
|
||||
hdiutil create -volname $APP_NAME -srcfolder $APP_NAME.app -ov -format UDZO $DMG_FILENAME
|
||||
|
||||
echo "Finished, artifact is $PROJECT_DIR/$APP_NAME.dmg"
|
||||
if [ "${MAC_CERT_PW+x}" ]; then
|
||||
/usr/bin/codesign --deep --force --verbose --timestamp -o runtime --sign "Developer ID Application: Privacy Technologies OU (X7UJ388FXK)" $DMG_FILENAME
|
||||
/usr/bin/codesign --verify -vvvv $DMG_FILENAME || true
|
||||
spctl -a -vvvv $DMG_FILENAME || true
|
||||
#xcrun altool --notarize-app -f $DMG_FILENAME -t osx --primary-bundle-id $APP_DOMAIN -u $APPLE_DEV_EMAIL
|
||||
#xcrun stapler staple $DMG_FILENAME
|
||||
#xcrun stapler validate $DMG_FILENAME
|
||||
fi
|
||||
|
||||
echo "Finished, artifact is $DMG_FILENAME"
|
||||
|
||||
# restore keychain
|
||||
security default-keychain -s login.keychain
|
||||
|
|
|
|||
|
|
@ -44,6 +44,12 @@ echo "PRO_FILE_PATH: %PRO_FILE_PATH%"
|
|||
echo "QMAKE_STASH_FILE: %QMAKE_STASH_FILE%"
|
||||
echo "TARGET_FILENAME: %TARGET_FILENAME%"
|
||||
|
||||
rem Signing staff
|
||||
powershell Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope LocalMachine
|
||||
powershell Get-ExecutionPolicy -List
|
||||
|
||||
powershell Import-PfxCertificate -FilePath %SCRIPT_DIR:"=%\PrivacyTechWindowsCert.pfx -CertStoreLocation Cert:\LocalMachine\My -Password $(ConvertTo-SecureString -String $Env:WIN_CERT_PW -AsPlainText -Force)
|
||||
|
||||
echo "Cleanup..."
|
||||
Rmdir /Q /S %RELEASE_DIR%
|
||||
Del %QMAKE_STASH_FILE%
|
||||
|
|
@ -59,7 +65,6 @@ cd %PROJECT_DIR%
|
|||
cd %WORK_DIR%
|
||||
set CL=/MP
|
||||
nmake /A /NOLOGO
|
||||
break
|
||||
nmake clean
|
||||
rem if not exist "%OUT_APP_DIR:"=%\%APP_FILENAME:"=%" break
|
||||
|
||||
|
|
@ -70,11 +75,11 @@ copy "%WORK_DIR:"=%\platform\post-uninstall\release\post-uninstall.exe" %OUT_APP
|
|||
|
||||
echo "Signing exe"
|
||||
cd %OUT_APP_DIR%
|
||||
signtool sign /f "%SCRIPT_DIR:"=%\PrivacyTechWindowsCert.pfx" /p %WIN_CERT_PW% /fd sha256 /tr http://timestamp.comodoca.com/?td=sha256 /td sha256 *.exe
|
||||
signtool sign /v /sm /s My /n "Privacy Technologies OU" /fd sha256 /tr http://timestamp.comodoca.com/?td=sha256 /td sha256 *.exe
|
||||
|
||||
"%QT_BIN_DIR:"=%\windeployqt" --release --force --no-translations "%OUT_APP_DIR:"=%\%APP_FILENAME:"=%"
|
||||
signtool sign /f "%SCRIPT_DIR:"=%\PrivacyTechWindowsCert.pfx" /p %WIN_CERT_PW% /fd sha256 /tr http://timestamp.comodoca.com/?td=sha256 /td sha256 *.dll
|
||||
|
||||
signtool sign /v /sm /s My /n "Privacy Technologies OU" /fd sha256 /tr http://timestamp.comodoca.com/?td=sha256 /td sha256 *.dll
|
||||
|
||||
echo "Copying deploy data..."
|
||||
xcopy %DEPLOY_DATA_DIR% %OUT_APP_DIR% /s /e /y /i /f
|
||||
|
|
@ -96,7 +101,7 @@ echo "Creating installer..."
|
|||
"%QIF_BIN_DIR:"=%\binarycreator" --offline-only -v -c config\windows.xml -p packages -f %TARGET_FILENAME%
|
||||
|
||||
cd %PROJECT_DIR%
|
||||
signtool sign /f "%SCRIPT_DIR:"=%\PrivacyTechWindowsCert.pfx" /p %WIN_CERT_PW% /fd sha256 /tr http://timestamp.comodoca.com/?td=sha256 /td sha256 %TARGET_FILENAME%
|
||||
signtool sign /v /sm /s My /n "Privacy Technologies OU" /fd sha256 /tr http://timestamp.comodoca.com/?td=sha256 /td sha256 %TARGET_FILENAME%
|
||||
|
||||
echo "Finished, see %TARGET_FILENAME%"
|
||||
exit 0
|
||||
Loading…
Add table
Add a link
Reference in a new issue