Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [tycho-user] Tycho and code signing on OS X

Hi, just joining your discussion:

Do I understand this right, that if we want to sign our app for OSX, we definitively need an OSX machine in our build-farm?
Or to put this a different way: The signing process can only be done if we do it "[...] on a OSX machine with the Xcode toolchain installed and you need to unlock your OSX keychain before." as Martin explained?

Just asking so I can get the people with the money get used to the idea, that I need a Mac to make it Jenkin's slave :-)

Regards,
Markward


2012/9/27 David Carver <d_a_carver@xxxxxxxxx>
You could do the same thing with the exec-maven-plugin.  Which would avoid the call to Ant.

Dave

On 09/27/2012 02:53 PM, Martin Lippert wrote:
Hey Valerio!

I guess you mean signing the OSX app with an Apple certificate to make Mountain Lion and Gatekeeper happy? I do the following in my build script for the products of the Spring Tool Suite:

(you would need to replace STS.app with the name of your app, of course, and <YourCompanyHere> with the correct ID of your Apple Developer certificate that you need from Apple)

<build>
    <plugins>
        <plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-antrun-plugin</artifactId>
            <version>1.7</version>
            <executions>
                <execution>
                    <id>osx-app-signing</id>
                    <phase>package</phase>
                    <configuration>
<skip>${skip.osx.signing}</skip>
                        <target>
                            <taskdef resource="net/sf/antcontrib/antcontrib.properties" />

                            <exec executable="codesign">
                                <arg value="-s"/>
                                <arg value="Developer ID Application: <YourCompanyHere>"/>
                                <arg value="${build.destination.cocoa.x86}/sts-${unqualifiedVersion}.${p2.qualifier}/STS.app"/>
                            </exec>

                            <exec executable="codesign">
                                <arg value="-s"/>
                                <arg value="Developer ID Application: <YourCompanyHere>"/>
                                <arg value="${build.destination.cocoa.x86_64}/sts-${unqualifiedVersion}.${p2.qualifier}/STS.app"/>
                            </exec>

                        </target>
                    </configuration>
                    <goals>
                        <goal>run</goal>
                    </goals>
                </execution>
            </executions>
        ...


But you need to run this on a OSX machine with the Xcode toolchain installed and you need to unlock your OSX keychain before.

HTH,
Martin



On 27.09.12 20:38, Valerio Santinelli wrote:
Hello there,

this is my first post on this list and I hope I'm not going to be off-topic.

Hre's the question: has anyone stumbled upon having to code sign an OS X binary (.app) built with Tycho?
Is there a script that can be run from Maven or a plugin for the Maven+Tycho couple?

Thanks!

Valerio Santinelli

Inviato da iPad
_______________________________________________
tycho-user mailing list
tycho-user@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/tycho-user

_______________________________________________
tycho-user mailing list
tycho-user@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/tycho-user

_______________________________________________
tycho-user mailing list
tycho-user@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/tycho-user


Back to the top