Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Switch to notarytool for notarization #3642

Merged
merged 12 commits into from
Sep 19, 2023
Merged

Switch to notarytool for notarization #3642

merged 12 commits into from
Sep 19, 2023

Conversation

AlexeyTsvetkov
Copy link
Collaborator

@AlexeyTsvetkov AlexeyTsvetkov commented Sep 7, 2023
edited
Loading

This PR switches from using altool which has been deprecated in favor of notarytool
Also, now the plugin waits for the notarization process to finish, and staples the package automatically after that.

⚠️ Breaking changes

Now it is mandatory to specify teamID for notarization. The team ID can be passed using the compose.desktop.mac.notarization.teamID Gradle property:

./gradlew notarizeDmg \
          -Pcompose.desktop.mac.notarization.appleID=<APPLE_ID> \
          -Pcompose.desktop.mac.notarization.password=<PASSWORD> \
          -Pcompose.desktop.mac.notarization.teamID=<TEAM_ID>

Alternatively, the notarization settings can also be set using the DSL.
For example, it is possible to pass credentials using environment variables:

compose.desktop.application {
    nativeDistributions {
        macOS {
            notarization {
                val providers = project.providers
                appleID.set(providers.environmentVariable("NOTARIZATION_APPLE_ID"))
                password.set(providers.environmentVariable("NOTARIZATION_PASSWORD"))
                teamId.set(providers.environmentVariable("NOTARIZATION_TEAM_ID"))
            }
        }
    }
}

The compose.desktop.application.macOS.notarization.ascProvider DSL property and compose.desktop.mac.notarization.ascProvider Gradle property are now removed (the teamID property should be used instead).

The password for notarization cannot be passed using @keychain:PATH_TO_KEYCHAIN_LOCATION anymore.

The checkNotarizationStatus task is removed, since now the plugin waits for notarization to finish.

Additional information

Resolves #3208
Resolves #2253

The PR is based on the #3330 by @DRSchlaubi

@DRSchlaubi DRSchlaubi mentioned this pull request Sep 7, 2023
Closed
@AlexeyTsvetkov AlexeyTsvetkov merged commit 50d45f3 into master Sep 19, 2023
6 checks passed
@AlexeyTsvetkov AlexeyTsvetkov deleted the notarytool branch September 19, 2023 15:48
@sproctor sproctor mentioned this pull request Nov 24, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pjBooms pjBooms pjBooms approved these changes

@dima-avdeev-jb dima-avdeev-jb dima-avdeev-jb approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Switch to notarytool Docs should talk about how to staple the Apple notarization ticket to the application
4 participants
@AlexeyTsvetkov @pjBooms @dima-avdeev-jb @DRSchlaubi