New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature request - create and sign package file #5
Comments
@jasonhinkle I'm thinking about adding a second |
This feature may under be under some similar situation as mentioned in electron/packager#33. |
I can see a reason to split them because the osx-sign should be responsible for signing. But there is that pkg file that needs to be created and it seems a little weird that osx-sign would be responsible for that, which would make a case for osx-build. The only weird thing is that the creation of the pkg file also has a signing parameter. So, in a way creating the pkg does also include signing. And then the pkg file has to be additionally signed again as the last step. There is also electron-build module that already creates .dmg files to make osx distribution files, though I don't think it creates .pkg or does anything as far as the mac app store. |
I've just updated a branch which supports productbuild with |
Nice. So the usage is you run |
@jasonhinkle yep. That's what I thought may work, with which the
|
Awesome, I'll try to implement this into my build process and see how it goes. Thanks! |
@jasonhinkle No worries. Try adding the |
Ok so I went through the entire process and everything worked with producing a .pkg file, however the final signing of the pkg didn't occcur. I don't really understand why this is necessary because For my own app, as a final step I run this and my package has passed validation in itunesconnect:
Here's my command line output:
Then verifying the pkg is signed, though:
|
Here's exactly the commands that I ran by the way:
|
@jasonhinkle The code seems right. However, I'm not sure if the
When iTC gets back to me I could know more details about the signed |
Few notes from Mac Developer Library: |
I'll give it more testing after my current app is approved or declined (it's currently "in review"). Perhaps I signed it unnecessarily a 2nd time (which I thought was odd at the time anyway, but I was getting "not signed at all" errors. If my app status isn't updated soon, perhaps I'll create a dummy app just to test submitting binaries. |
@jasonhinkle My project's also currently in review. We'll see how the apps/pkgs go with the iTC checking. For the additional binary signing, I'll think about an easy solution to testing. |
UPDATE: disregard this, I think it was coming from ffmpeg which is packaged in my app. Looks like I might have to do a custom build to get rid of that. My app got rejected with this reason "The use of non-public APIs can lead to a poor user experience should these APIs change in the future, and is therefore not permitted. The app includes SecIdentityCreate from the framework '/System/Library/Frameworks/Security.framework/Versions/A/Security'." Wonder what that's about? Did you get anything similar? As far as I know my app doesn't have anything that references the Security framework. |
@jasonhinkle I'm still waiting for approval... But here's what I found online for you: |
Thanks for checking that out - funny that they bothered to comment above the line! I've been trying unsuccessfully to do a custom build today, it's a bit of a pain. So it looks like my app won't ever be accepted into the store because it downloads videos from YouTube but I have a couple more that use ffmpeg but I believe are fully MAS compatible. If you're curious, the app I've been working on all this time is at https://github.com/jasonhinkle/Tube-DL. It's a simple app, but I'd like to think it's somewhat interesting for Electron just because of the use of external binaries. |
@jasonhinkle I'm not sure, but I may help to see if there'll be alternatives that do not call |
In my build script, after signing the .app I create a .pkg file and sign that. Because Application Loader requires the app to be packaged up for submission. You must have this file in order to submit the app to the app store.
Even though it is more than technically signing - it seems like it would be appropriate to include in electron-osx-sign because it is the final step for MAS preparation (and there is more signing involved).
Here is the code in my script that does this:
The text was updated successfully, but these errors were encountered: