-
Notifications
You must be signed in to change notification settings - Fork 335
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[helix][ios] Emulate deep signing of iOS app bundles on helix in order to support library mode builds #14164
Conversation
@mandel-macaque can you have a look at this one please? |
src/Microsoft.DotNet.Helix/Sdk/tools/xharness-runner/xharness-runner.apple.sh
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code looks good, but I have added a comment to make your liver much better. Aiming to sign all the Mach-O files will ensure that you do not find more surprises along the way.
@mandel-macaque @akoeplinger I adapted the signing to match your suggestions. |
Description
This PR adds support for properly signing iOS app bundles which include apps with shared libraries on Helix.
This is required so we can execute library mode tests on Helix properly when we target ios devices with Mono and NativeAOT using library mode.
Changes
In order to properly perform deep signing of iOS app bundles, I am adding a manual step which finds all:
Macho-O
.app
.framework
files in the bundle and signs them by respecting the bundle hierarchy (deepest files are signed first). This is achieved by looking up all the files in the bundle with
find -d
.This manual signing step is required as the
--deep
argument on thecodesign
tool seems to be deprecated.Validation
I have validated locally that the change properly signs the app, by signing and running the added tests in: dotnet/runtime#93658
Repro steps
build-apple-app.sh
to invokesign
function with my local settings and changes from this PR