According to Apple's official description,Since macOS 10.15 rise,All downloaded from the Internet were not notarize the app,Default will not be opened,So distributed outside the App Store app,The app must also be uploaded to Apple's servers for processing before release。
Use Xcode comes archive tool can be easily notarize,But this operation can not be automated process,In order to facilitate distribution,I pocketed input method macOS 2 We have made the process of distribution automation scripts,Now,Had submitted the script to add functionality to automate the。
Command tool
Apple officials actually provide cli command,First you need to run xcode-select --install To install support,Then we use $ xcrun altool --notarize-app --primary-bundle-id "" --username "" --password "" --file "" To upload the app to the Apple server;use $ xcrun altool --notarization-info -in "" Polls check processing (although the official said in an hour,But generally soon,A few minutes to get);Finally use $ xcrun stapler staple "" To seal to the document。
What documents should I submit?
First of all,We wants to understand what (a) file should be submitted to the server,such as,You have a Great.app this compilation results,Then you may also have a Great.pkg,For the user to install Great.app,At last,In order to facilitate the distribution,You may also put this in pkg file into Great.dmg,Such,We have three files:Great.app,Great.pkg,Great.dmg 。
Actually,Great.app is a directory,so,If you only distribute app,Then you need to be packaged into Great.app.zip Great.app,And then upload it to Apple's servers notarize。
In short,If you're like me,There are three files contain such a mutually,[Only] then you need to upload can be nested up Great.dmg,Apple's server will automatically open your dmg file,Remove pkg,Then removed app,And for the [three] to complete notarize。
Such,When completed notarize,Although we do not have to upload app and pkg,But still can be done separately for these two staple documents。
Item Setting
Actually,When you use Xcode comes with the archive were notarize,It completed a lot of work for you,If we do use the command,The need for additional configuration,Open your Xcode project,Build Settings project in,Set the code signature contains a timestamp,This is a must notarize operation:
Moreover:
Upload
1 |
xcrun altool --notarize-app --primary-bundle-id "app bundle id" --username "your appleid" --password "one-time-password" --file "Great.dmg" -itc_provider "your team id" &> tmp |
Here are some points to note,Upload results to the first output tmp File Access and query id later,Note the use of &> rather than > ,The latter can not be placed in the contents of the output tmp ;
about -itc_provider "your team id" This parameter,If only one developer under your Apple ID account,It does not need this parameter the,If you're like me,Apple ID in addition to their developer account,Also he joined the others in the group,Then you have a number of " provider"I need to manually specify which is uploaded to,To see your provider ,To App Store Connect,After logging in the upper right-click menu,Select Edit account information,You can find one called "Team ID" field,Inside is the content;
about --primary-bundle-id "app bundle id" ,It is your app's bundle id,If you are uploading a Great.app.zip,Then this parameter is not required;
There is a note --password "one-time-password" This parameter,To generate a one-time password。
Wait and complete
In short,After a successful upload,We'll get tmp The last line of file:
1 |
RequestUUID = 2EFE2717-52EF-43A5-96DC-0797E4CA1041 |
Rely on this UUID,We can use the command to check the status of realization wait notarize,Upon successful,You can staple up。
1 |
uuid=[crayon-672dff39acdd0364595182 inline="true" ]cat tmp | grep -Eo '\w{8}-(\w{4}-){3}\w{12}$' |
while true; do
echo “checking for notarization…”
xcrun altool –notarization-info “$uuid” –username “Apple ID” –password “one time password” &> tmp
r=
cat tmp
t=
echo "$r" | grep "success"
f=
echo "$r" | grep "invalid"
if [[ “$t” != “” ]]; then
echo “notarization done!”
xcrun stapler staple “Great.app”
xcrun stapler staple “Great.dmg”
echo “stapler done!”
break
fi
if [[ “$f” != “” ]]; then
echo “$r”
return 1
fi
echo “not finish yet, sleep 2m then check again…”
sleep 120
done[/crayon]
In fact this is the content returned:
1 2 3 4 5 6 |
RequestUUID: 2EFE2717-52EF-43A5-96DC-0797E4CA1041 Date: 2018-07-02 20:32:01 +0000 Status: invalid LogFileURL: https://osxapps.itunes.apple.com/... Status Code: 2 Status Message: Package Invalid |
But we only detect the text contains success .,Once included,On the use of xcrun stapler staple "Great.app" To complete notarize。
Then,That is, the original operation,Generate sparkle update package,Upload Distribution。
References
- Customizing the Notarization Workflow
- How to notarize your software on macOS
- Notarizing Automator applications
Original article written by LogStudio:R0uter's Blog » macOS app script to automate notarize
Reproduced Please keep the source and description link:https://www.logcg.com/archives/3222.html
I took a look at xcrun altool –notarize-app primary-bundle-id documentation for this command,A bit crying and laughing。
Include the primary-bundle-id option — which is required — to specify an identifier that helps you keep track of automated correspondence from the notarization service. The value you give doesn’t need to match the bundle identifier of the submitted app or have any particular value, as long as it makes sense to you.
I feel like when uploading pkg,Will this bundle ID be filled in casually?
Ha ha ha,Yes,Say this is used to distinguish different items for yourself ~
What if there are two app files in the pkg package?
As described in the text,Just upload your pkg directly,This way your pkg file and both apps will be verified,The results can be directly signed to the three files。
This card has been xcrun altool not move,With xcode archive upload also been stuck in fixed,What reason do,
That may be a network problem,If Xcode archive can not be uploaded,Then you have to look at what your network configuration of the,Such as firewalls?
Every time that a packet must pass once it,Each version or just pass just once
Every need,So the best inflicted automation,Otherwise sick。
If my package is no longer compressed dmg in,For example, I have a pkg package and .zip package。I need you to upload 2 times
That's right.,You can not split out app pkg, To upload a zip and were pkg。