quiet = False
command = None
dry_run = False
+ use_git_reference = True
trees = Trees()
globals = Globals()
Option('osx_keychain_password'),
Option('apple_id'),
Option('apple_password'),
+ Option('apple_team_id'),
BoolOption('docker_sudo'),
BoolOption('docker_no_user'),
Option('docker_hub_repository'),
Option('flatpak_state_dir'),
Option('parallel', multiprocessing.cpu_count()),
- Option('temp', '/var/tmp')]
+ Option('temp', '/var/tmp'),
+ Option('osx_notarytool', ['xcrun', 'notarytool'])]
config_dir = '%s/.config' % os.path.expanduser('~')
if not os.path.exists(config_dir):
for k in self.options:
k.offer(s[0], s[1])
+ if not isinstance(self.get('osx_notarytool'), list):
+ self.set('osx_notarytool', [self.get('osx_notarytool')])
+
+
def has(self, k):
for o in self.options:
if o.key == k and o.value is not None:
self.build_dependencies = True
if directory is None:
+ try:
+ os.makedirs(config.get('temp'))
+ except OSError as e:
+ if e.errno != 17:
+ raise e
self.directory = tempfile.mkdtemp('', 'tmp', config.get('temp'))
self.rmdir = True
self.set('CCACHE_BASEDIR', os.path.realpath(self.directory))
self.mounts.append(m)
-class FlatpakTarget(Target):
- def __init__(self, project, checkout):
- super(FlatpakTarget, self).__init__('flatpak')
- self.build_dependencies = False
- self.project = project
- self.checkout = checkout
-
- def setup(self):
- pass
-
- def command(self, cmd):
- command(cmd)
-
- def checkout_dependencies(self):
- tree = globals.trees.get(self.project, self.checkout, self)
- return tree.checkout_dependencies()
-
- def flatpak(self):
- return 'flatpak'
-
- def flatpak_builder(self):
- b = 'flatpak-builder'
- if config.has('flatpak_state_dir'):
- b += ' --state-dir=%s' % config.get('flatpak_state_dir')
- return b
-
-
class WindowsDockerTarget(DockerTarget):
"""
This target exposes the following additional API:
- version: Windows version ('xp' or None)
bits: bitness of Windows (32 or 64)
name: name of our target e.g. x86_64-w64-mingw32.shared
environment_prefix: path to Windows environment for the appropriate target (libraries and some tools)
tool_path: path to 32- and 64-bit tools
"""
- def __init__(self, windows_version, bits, directory, environment_version):
+ def __init__(self, bits, directory, environment_version):
super(WindowsDockerTarget, self).__init__('windows', directory)
- self.version = windows_version
self.bits = bits
self.tool_path = '%s/usr/bin' % config.get('mxe_prefix')
"""
This target exposes the following additional API:
- version: Windows version ('xp' or None)
bits: bitness of Windows (32 or 64)
name: name of our target e.g. x86_64-w64-mingw32.shared
environment_prefix: path to Windows environment for the appropriate target (libraries and some tools)
"""
def __init__(self, directory):
super().__init__('windows', directory)
- self.version = None
self.bits = 64
self.environment_prefix = config.get('windows_native_environmnet_prefix')
self.privileged = True
-def notarize_dmg(dmg, bundle_id):
- p = subprocess.run(
- ['xcrun', 'altool', '--notarize-app', '-t', 'osx', '-f', dmg, '--primary-bundle-id', bundle_id, '-u', config.get('apple_id'), '-p', config.get('apple_password'), '--output-format', 'xml'],
- capture_output=True
- )
-
- def string_after(process, key):
- lines = p.stdout.decode('utf-8').splitlines()
- for i in range(0, len(lines)):
- if lines[i].find(key) != -1:
- return lines[i+1].strip().replace('<string>', '').replace('</string>', '')
-
- request_uuid = string_after(p, "RequestUUID")
- if request_uuid is None:
- print("Looking for upload ID")
- message = string_after(p, "message")
- print("Looking in %s" % message)
- if message:
- m = re.match('.*The upload ID is ([0-9a-f\-]*)', message)
- if m:
- request_uuid = m.groups()[0]
- if request_uuid is None:
- print("Response: %s" % p)
- raise Error('No RequestUUID found in response from Apple')
-
- for i in range(0, 30):
- print('%s: checking up on %s' % (datetime.datetime.now(), request_uuid))
- p = subprocess.run(['xcrun', 'altool', '--notarization-info', request_uuid, '-u', config.get('apple_id'), '-p', config.get('apple_password'), '--output-format', 'xml'], capture_output=True)
- status = string_after(p, 'Status')
- print('%s: got status %s' % (datetime.datetime.now(), status))
- if status == 'invalid':
- raise Error("Notarization failed")
- elif status == 'success':
- subprocess.run(['xcrun', 'stapler', 'staple', dmg])
- return
- elif status != "in progress":
- print("Could not understand xcrun response")
- print(p)
- time.sleep(30)
+class FlatpakTarget(Target):
+ def __init__(self, project, checkout, work):
+ super(FlatpakTarget, self).__init__('flatpak')
+ self.build_dependencies = False
+ self.project = project
+ self.checkout = checkout
+ # If we use git references we end up with a checkout in one mount trying
+ # to link to the git reference repo in other, which doesn't work.
+ globals.use_git_reference = False
+ if config.has('flatpak_state_dir'):
+ self.mount(config.get('flatpak_state_dir'))
- raise Error("Notarization timed out")
+ def command(self, c):
+ log_normal('host -> %s' % c)
+ command('%s %s' % (self.variables_string(), c))
+
+ def setup(self):
+ super().setup()
+ globals.trees.get(self.project, self.checkout, self).checkout_dependencies()
+
+ def flatpak(self):
+ return 'flatpak'
+
+ def flatpak_builder(self):
+ b = 'flatpak-builder'
+ if config.has('flatpak_state_dir'):
+ b += ' --state-dir=%s' % config.get('flatpak_state_dir')
+ return b
+
+
+def notarize_dmg(dmg):
+ p = subprocess.run(
+ config.get('osx_notarytool') + [
+ 'submit',
+ '--apple-id',
+ config.get('apple_id'),
+ '--password',
+ config.get('apple_password'),
+ '--team-id',
+ config.get('apple_team_id'),
+ '--wait',
+ dmg
+ ], capture_output=True)
+
+ last_line = [x.strip() for x in p.stdout.decode('utf-8').splitlines() if x.strip()][-1]
+ if last_line != 'status: Accepted':
+ print("Could not understand notarytool response")
+ print(p)
+ print(f"Last line: {last_line}")
+ raise Error('Notarization failed')
+
+ subprocess.run(['xcrun', 'stapler', 'staple', dmg])
class OSXTarget(Target):
def unlock_keychain(self):
self.command('security unlock-keychain -p %s %s' % (self.osx_keychain_password, self.osx_keychain_file))
+ def package(self, project, checkout, output_dir, options, notarize):
+ self.unlock_keychain()
+ tree = globals.trees.get(project, checkout, self)
+ with TreeDirectory(tree):
+ p = self._cscript_package_and_notarize(tree, options, self.can_notarize and notarize)
+ self._copy_packages(tree, p, output_dir)
+
def _copy_packages(self, tree, packages, output_dir):
for p in packages:
dest = os.path.join(output_dir, os.path.basename(devel_to_git(tree.commit, p)))
copyfile(p, dest)
- if os.path.exists(p + ".id"):
- copyfile(p + ".id", dest + ".id")
def _cscript_package_and_notarize(self, tree, options, notarize):
"""
Call package() in the cscript and notarize the .dmgs that are returned, if notarize == True
"""
- p = self._cscript_package(tree, options)
- for x in p:
- if not isinstance(x, tuple):
- raise Error('macOS packages must be returned from cscript as tuples of (dmg-filename, bundle-id)')
+ output = []
+ for x in self._cscript_package(tree, options):
+ # Some older cscripts give us the DMG filename and the bundle ID, even though
+ # (since using notarytool instead of altool for notarization) the bundle ID
+ # is no longer necessary. Cope with either type of cscript.
+ dmg = x[0] if isinstance(x, tuple) else x
if notarize:
- notarize_dmg(x[0], x[1])
- else:
- with open(x[0] + '.id', 'w') as f:
- print(x[1], file=f)
- return [x[0] for x in p]
+ notarize_dmg(dmg)
+ output.append(dmg)
+ return output
class OSXSingleTarget(OSXTarget):
def package(self, project, checkout, output_dir, options, notarize):
tree = self.build(project, checkout, options, for_package=True)
tree.add_defaults(options)
- self.unlock_keychain()
- p = self._cscript_package_and_notarize(tree, options, self.can_notarize and notarize)
- self._copy_packages(tree, p, output_dir)
+
+ super().package(project, checkout, output_dir, options, notarize)
class OSXUniversalTarget(OSXTarget):
target = OSXSingleTarget(arch, self.sdk, deployment, os.path.join(self.directory, arch, deployment))
target.ccache = self.ccache
self.sub_targets.append(target)
+ self.can_notarize = True
def package(self, project, checkout, output_dir, options, notarize):
for target in self.sub_targets:
tree.build_dependencies(options)
tree.build(options, for_package=True)
- self.unlock_keychain()
- tree = globals.trees.get(project, checkout, self)
- with TreeDirectory(tree):
- p = self._cscript_package_and_notarize(tree, options, notarize)
- self._copy_packages(tree, p, output_dir)
+ super().package(project, checkout, output_dir, options, notarize)
+
class SourceTarget(Target):
"""Build a source .tar.bz2 and .zst"""
x = s.split('-')
if platform.system() == "Windows":
target = WindowsNativeTarget(args.work)
+ elif len(x) == 2:
+ target = WindowsDockerTarget(int(x[1]), args.work, args.environment_version)
else:
- if len(x) == 2:
- target = WindowsDockerTarget(None, int(x[1]), args.work, args.environment_version)
- elif len(x) == 3:
- target = WindowsDockerTarget(x[1], int(x[2]), args.work, args.environment_version)
- else:
- raise Error("Bad Windows target name `%s'")
+ raise Error("Bad Windows target name `%s'")
elif s.startswith('ubuntu-') or s.startswith('debian-') or s.startswith('centos-') or s.startswith('fedora-') or s.startswith('mageia-'):
p = s.split('-')
if len(p) != 3:
elif s == 'source':
target = SourceTarget()
elif s == 'flatpak':
- target = FlatpakTarget(args.project, args.checkout)
+ target = FlatpakTarget(args.project, args.checkout, args.work)
elif s == 'appimage':
target = AppImageTarget(args.work)
if globals.quiet:
flags = '-q'
redirect = '>/dev/null'
- if config.has('git_reference'):
+ if config.has('git_reference') and globals.use_git_reference:
ref = '--reference-if-able %s/%s.git' % (config.get('git_reference'), self.name)
else:
ref = ''
urls = command_and_read('git config --file .gitmodules --get-regexp url')
for path, url in zip(paths, urls):
ref = ''
- if config.has('git_reference'):
+ if config.has('git_reference') and globals.use_git_reference:
url = url.split(' ')[1]
ref_path = os.path.join(config.get('git_reference'), os.path.basename(url))
if os.path.exists(ref_path):
parser_checkout = subparsers.add_parser("checkout", help="check out the project")
parser_revision = subparsers.add_parser("revision", help="print the head git revision number")
parser_dependencies = subparsers.add_parser("dependencies", help="print details of the project's dependencies as a .dot file")
- parser_notarize = subparsers.add_parser("notarize", help="notarize .dmgs in a directory using *.dmg.id files")
- parser_notarize.add_argument('--dmgs', help='directory containing *.dmg and *.dmg.id')
+ parser_notarize = subparsers.add_parser("notarize", help="notarize .dmgs in a directory")
+ parser_notarize.add_argument('--dmgs', help='directory containing *.dmg')
global args
args = parser.parse_args()
raise Error('you must specify ---dmgs')
for dmg in Path(args.dmgs).glob('*.dmg'):
- id = None
- try:
- with open(str(dmg) + '.id') as f:
- id = f.readline().strip()
- except OSError:
- raise Error('could not find ID file for %s' % dmg)
- notarize_dmg(dmg, id)
+ notarize_dmg(dmg)
try:
main()