M gogio/build_info.go => gogio/build_info.go +32 -26
@@ 12,19 12,22 @@ import (
)
type buildInfo struct {
- appID string
- archs []string
- ldflags string
- minsdk int
- name string
- pkgDir string
- pkgPath string
- iconPath string
- tags string
- target string
- version int
- key string
- password string
+ appID string
+ archs []string
+ ldflags string
+ minsdk int
+ name string
+ pkgDir string
+ pkgPath string
+ iconPath string
+ tags string
+ target string
+ version int
+ key string
+ password string
+ notaryAppleID string
+ notaryPassword string
+ notaryTeamID string
}
func newBuildInfo(pkgPath string) (*buildInfo, error) {
@@ 42,19 45,22 @@ func newBuildInfo(pkgPath string) (*buildInfo, error) {
appName = *name
}
bi := &buildInfo{
- appID: appID,
- archs: getArchs(),
- ldflags: getLdFlags(appID),
- minsdk: *minsdk,
- name: appName,
- pkgDir: pkgMetadata.Dir,
- pkgPath: pkgPath,
- iconPath: appIcon,
- tags: *extraTags,
- target: *target,
- version: *version,
- key: *signKey,
- password: *signPass,
+ appID: appID,
+ archs: getArchs(),
+ ldflags: getLdFlags(appID),
+ minsdk: *minsdk,
+ name: appName,
+ pkgDir: pkgMetadata.Dir,
+ pkgPath: pkgPath,
+ iconPath: appIcon,
+ tags: *extraTags,
+ target: *target,
+ version: *version,
+ key: *signKey,
+ password: *signPass,
+ notaryAppleID: *notaryID,
+ notaryPassword: *notaryPass,
+ notaryTeamID: *notaryTeamID,
}
return bi, nil
}
M gogio/help.go => gogio/help.go +9 -0
@@ 68,4 68,13 @@ The -signkey flag specifies the path of the keystore, used for signing Android a
or specifies the name of key on Keychain to sign MacOS app.
The -signpass flag specifies the password of the keystore, ignored if -signkey is not provided.
+
+The -notaryid flag specifies the Apple ID to use for notarization of MacOS app.
+
+The -notarypass flag specifies the password of the Apple ID, ignored if -notaryid is not
+provided. That must be an app-specific password, see https://support.apple.com/en-us/HT204397
+for details. If not provided, the password will be prompted.
+
+The -notaryteamid flag specifies the team ID to use for notarization of MacOS app, ignored if
+-notaryid is not provided.
`
M gogio/macosbuild.go => gogio/macosbuild.go +27 -2
@@ 56,11 56,17 @@ func buildMac(tmpDir string, bi *buildInfo) error {
}
}
- if err := dittozip(tmpDest, finalDest+".zip"); err != nil {
+ if err := dittozip(tmpDest, tmpDest+".zip"); err != nil {
return err
}
- if err := dittounzip(finalDest+".zip", finalDest); err != nil {
+ if bi.notaryAppleID != "" {
+ if err := builder.notarize(bi, tmpDest+".zip"); err != nil {
+ return err
+ }
+ }
+
+ if err := dittounzip(tmpDest+".zip", finalDest); err != nil {
return err
}
}
@@ 222,6 228,25 @@ func (b *macBuilder) signProgram(buildInfo *buildInfo, binDest string, name stri
return err
}
+func (b *macBuilder) notarize(buildInfo *buildInfo, binDest string) error {
+ cmd := exec.Command(
+ "xcrun",
+ "notarytool",
+ "submit",
+ binDest,
+ "--apple-id", buildInfo.notaryAppleID,
+ "--team-id", buildInfo.notaryTeamID,
+ "--wait",
+ )
+
+ if buildInfo.notaryPassword != "" {
+ cmd.Args = append(cmd.Args, "--password", buildInfo.notaryPassword)
+ }
+
+ _, err := runCmd(cmd)
+ return err
+}
+
func dittozip(input, output string) error {
cmd := exec.Command("ditto", "-c", "-k", "-X", "--rsrc", input, output)
M gogio/main.go => gogio/main.go +3 -0
@@ 38,6 38,9 @@ var (
iconPath = flag.String("icon", "", "specify an icon for iOS and Android")
signKey = flag.String("signkey", "", "specify the path of the keystore to be used to sign Android apk files.")
signPass = flag.String("signpass", "", "specify the password to decrypt the signkey.")
+ notaryID = flag.String("notaryid", "", "specify the apple id to use for notarization.")
+ notaryPass = flag.String("notarypass", "", "specify app-specific password of the Apple ID to be used for notarization.")
+ notaryTeamID = flag.String("notaryteamid", "", "specify the team id to use for notarization.")
)
func main() {