Initial commit

.gitattributes

@@ -0,0 +1,2 @@
+# Auto detect text files and perform LF normalization
+* text=auto

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2023 Harald Schneider
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,51 @@
+
+
+![macos-sign-notarize-script](https://marketmix.com/git-assets/macos-sign-notarize/macos-sign-notarize-script.jpg)
+
+# macos-sign-notarize
+
+**Handle Apple's Sign- and Notarization-Process from commandline.** 
+
+You can sign and notarize macOS Apps, PKGs and DMGs right from your terminal. Just setup the baked-in credentials and you are good to go.
+
+## sign
+
+Setup:
+
+```bash
+# Setup.start
+#
+# The ID of your "Developer ID Application", assigned to your Keyring.
+# This is usually your first- and lastname:
+#
+ID="Your Name"  
+#
+# Setup.end
+```
+
+Usage:
+
+```bash
+./sign application.app
+```
+
+## notarize
+
+Setup:
+
+```bash
+# Setup.start
+#
+USR="[email protected]"           # Your Apple dev account's email address
+PWD="xxxx-xxxx-xxxx-xxxx"       # Your app specific password, NOT your login password
+TEAM="xxxxxxxx"                 # Your dev team ID
+#
+# Setup.end
+```
+
+Usage:
+
+```bash
+./notarize application.app
+```
+

notarize

@@ -0,0 +1,76 @@
+#!/bin/bash -u
+#
+# notarize 2.0.1
+#
+# Notarize an macOS app bundles, DMGs and PKGs.
+#
+# Changelog:
+# 2.0.1:
+# - Added quoted paths
+# 2.0.0:
+# - Rewritten from scratch and switched to notarytool
+# 1.0.5:
+# - Display logs after processing. Stops when package is invalid.
+# 1.0.2-1.0.4:
+# - Minor changes on the text displayed.
+# 1.0.1:
+# - Added automatic bundle id extraction from app bundles.
+# 1.0.0:
+# - Original script by rednoah
+# - Simplified command line parameters.
+# - Added automatic ZIP file creation.
+# - Fixed UUID extraction.
+# - Stapler won't be called, if the package is invalid.
+#
+# CALL:
+# notarize file (or app bundle)
+#
+# (c)2020-2023 Harald Schneider - marketmix.com
+
+# Setup.start
+#
+USR="[email protected]"           # Your Apple dev account's email address
+PWD="xxxx-xxxx-xxxx-xxxx"       # Your app specific password, NOT your login password
+TEAM="xxxxxxxx"                 # Your dev team ID
+#
+# Setup.end
+
+doCleanup() {
+    echo "Cleanup ..."
+    rm notarize.log > /dev/null 2>&1
+    rm devlog.json > /dev/null 2>&1
+    rm $FILE.zip > /dev/null 2>&1
+}
+
+FILE="${1%/}"
+
+echo 
+echo "Notarize script started ..."
+
+echo "Packing ..."
+ditto -ck --sequesterRsrc --keepParent "$FILE" "$FILE.zip"
+
+echo "Notarizing ..."
+xcrun notarytool submit "$FILE.zip" --apple-id=$USR --team-id=$TEAM --password=$PWD --wait|tee -a notarize.log
+
+UUID=$(awk '/id:(.*?)/ {print $2;found=1;exit}' notarize.log)
+echo "Extracted UUID is $UUID"
+echo
+
+if grep -q "Invalid" notarize.log; then
+    echo "ERROR: Status invalid"
+    echo "Trying to get the server's log ..."
+    xcrun notarytool log $UUID --apple-id=$USR --team-id=$TEAM --password=$PWD devlog.json
+    echo
+    cat devlog.json
+    echo
+    doCleanup
+    echo "KICKED OUT BY AN ERROR!"
+    exit
+fi
+
+echo "Stapling ..."
+xcrun stapler staple "$FILE"
+
+doCleanup
+echo "DONE!"

sign

@@ -0,0 +1,42 @@
+#!/bin/bash
+#
+# sign 1.0.9
+#
+# Signs a macOS App
+#
+# CALL:
+# sign appname
+#
+# (c)2014-2022 Harald Schneider - marketmix.com
+#
+
+# Setup.start
+#
+# The ID of your "Developer ID Application", assigned to your Keyring.
+# This is usually your first- and lastname:
+#
+ID="Your Name"  
+#
+# Setup.end
+
+echo
+echo "Signing ..."
+codesign  --force --deep --timestamp --verbose --options runtime -f --preserve-metadata=identifier,entitlements -s "Developer ID Application: ${ID}" "$1"
+
+echo "-------------------------------------------------"
+echo "Verifying (1) ..."
+codesign  -vvv "$1"
+
+echo "-------------------------------------------------"
+echo "Verifying (2) ..."
+codesign -dv "$1"
+
+echo "-------------------------------------------------"
+echo "Checking Acceptance ..."
+spctl -a -t exec -vv "$1"
+
+echo "-------------------------------------------------"
+echo "DONE !"
+
+
+