|
@@ -14,18 +14,21 @@ PRIVATE_KEY_LOC='LOCATION NOT COMMITTED' |
|
|
NIGHTLY_ICON_LOC=/Users/spbuildbot/buildbot/sequel-pro/build/Resources/Images/appIcon.icns |
|
|
NIGHTLY_KEYCHAIN_LOC=/Users/spbuildbot/Library/Keychains/spnightly.keychain-db |
|
|
NIGHTLY_KEYCHAIN_PASSWORD='PASSWORD NOT COMMITTED' |
|
|
FRAMEWORKS_LIST="/tmp/sp.frameworks.$$" |
|
|
FILES_TO_SIGN_LIST="/tmp/sp.filelist.$$" |
|
|
UPLOAD_AUTH_TOKEN="TOKEN_NOT_COMMITTED" |
|
|
|
|
|
# Ensure a revision hash was passed in |
|
|
REVISION_HASH=`echo "$1" | grep "\([0-9a-f]*\)"` |
|
|
if [ "$REVISION_HASH" == "" ] |
|
|
then |
|
|
echo "Unable to extract revision hash from first argument; cancelling nightly build (git rev-parse HEAD)." >&2 |
|
|
exit 1 |
|
|
fi |
|
|
fi |
|
|
SHORT_HASH=${REVISION_HASH:0:10} |
|
|
|
|
|
# Build a numeric revision for bundle version etc |
|
|
svn2git_migration_compensation=480 |
|
|
svn2git_migration_compensation=779 |
|
|
cd "$GIT_DIR" |
|
|
NUMERIC_REVISION=$((`git log --oneline | wc -l` + $svn2git_migration_compensation)) |
|
|
|
|
@@ -44,17 +47,59 @@ then |
|
|
exit 1 |
|
|
fi |
|
|
|
|
|
IBSTRINGSDIR=ibstrings |
|
|
#XIB_BASE="$GIT_DIR/Interfaces/English.lproj" |
|
|
remove_temp_files() |
|
|
{ |
|
|
rm "$FRAMEWORKS_LIST" &> /dev/null |
|
|
rm "$FILES_TO_SIGN_LIST" &> /dev/null |
|
|
} |
|
|
|
|
|
dist_sign_framework() |
|
|
{ |
|
|
codesign -f --keychain "$NIGHTLY_KEYCHAIN_LOC" -s 'Developer ID Application: MJ Media (Y48LQG59RS)' -r "${GIT_DIR}/Resources/spframeworkrequirement.bin" "$1" 2> /dev/null |
|
|
} |
|
|
|
|
|
dist_sign_resource() |
|
|
{ |
|
|
codesign -f --keychain "$NIGHTLY_KEYCHAIN_LOC" -s 'Developer ID Application: MJ Media (Y48LQG59RS)' -r "${GIT_DIR}/Resources/sprequirement.bin" "$1" 2> /dev/null |
|
|
} |
|
|
|
|
|
verify_signing() |
|
|
{ |
|
|
codesign --verify --deep "$1" 2>&1 |
|
|
} |
|
|
|
|
|
dist_code_sign() |
|
|
{ |
|
|
ERRORS='' |
|
|
|
|
|
while read FRAMEWORK_TO_SIGN |
|
|
do |
|
|
dist_sign_framework "${FRAMEWORK_TO_SIGN}" |
|
|
|
|
|
ERRORS+=$(verify_signing "${FRAMEWORK_TO_SIGN}") |
|
|
done < "$1" |
|
|
|
|
|
while read FILE_TO_SIGN |
|
|
do |
|
|
dist_sign_resource "${FILE_TO_SIGN}" |
|
|
|
|
|
ERRORS+=$(verify_signing "${FILE_TO_SIGN}") |
|
|
done < "$2" |
|
|
|
|
|
echo $ERRORS |
|
|
} |
|
|
|
|
|
|
|
|
echo "Cleaning remains of any previous nightly builds..." |
|
|
|
|
|
# Delete any previous disk images and translation files |
|
|
rm -f *.dmg &> /dev/null |
|
|
rm -f *.zip &> /dev/null |
|
|
rm -rf disttemp &> /dev/null |
|
|
rm -f languagetranslations.zip &> /dev/null |
|
|
rm -rf languagetranslations &> /dev/null |
|
|
rm -rf $IBSTRINGSDIR &> /dev/null |
|
|
remove_temp_files |
|
|
|
|
|
#echo "Creating IB strings files for rekeying..." |
|
|
#mkdir -p $IBSTRINGSDIR/English.lproj |
|
@@ -92,7 +137,7 @@ rm -rf $IBSTRINGSDIR &> /dev/null |
|
|
|
|
|
#echo "Copying nightly icon" |
|
|
|
|
|
# Copy in the nightly icon |
|
|
# Copy in the nightly icon - this is currently within this repo so this step isn't really necessary |
|
|
#cp -f "$NIGHTLY_ICON_LOC" Sequel\ Pro.app/Contents/Resources/appicon.icns |
|
|
|
|
|
echo "Updating version strings" |
|
@@ -102,66 +147,76 @@ php -r '$infoplistloc = "'$BUILD_DIR'/Sequel Pro.app/Contents/Info.plist"; |
|
|
$infoplist = file_get_contents($infoplistloc); |
|
|
$infoplist = preg_replace("/(\<key\>CFBundleShortVersionString\<\/key\>\s*\n?\r?\s*\<string\>)[^<]*(\<\/string\>)/i", "\\1Nightly build for revision '$SHORT_HASH'\\2", $infoplist); |
|
|
$infoplist = preg_replace("/(\<key\>CFBundleVersion\<\/key\>\s*\n?\r?\s*)\<string\>[^<]*(\<\/string\>)/i", "\\1<string>'$NUMERIC_REVISION'\\2", $infoplist); |
|
|
$infoplist = preg_replace("/(\<key\>NSHumanReadableCopyright\<\/key\>\s*\n?\r?\s*\<string\>)[^<]*(\<\/string\>)/i", "\\1Nightly build for revision '$SHORT_HASH'\\2", $infoplist); |
|
|
$infoplist = preg_replace("/(\<key\>SUFeedURL\<\/key\>\s*\n?\r?\s*\<string\>)[^<]*(\<\/string\>)/i", "\\1https://sequelpro.com/nightly/nightly-app-releases.php\\2", $infoplist); |
|
|
file_put_contents($infoplistloc, $infoplist);' |
|
|
|
|
|
# Update versions in localised string files |
|
|
php -r '$englishstringsloc = "/'$BUILD_DIR'/Sequel Pro.app/Contents/Resources/English.lproj/InfoPlist.strings"; |
|
|
$englishstrings = file_get_contents($englishstringsloc); |
|
|
$englishstrings = mb_convert_encoding($englishstrings, "UTF-8", "UTF-16"); |
|
|
$englishstrings = preg_replace("/version [^\,\"]+/iu", "nightly build for r'$SHORT_HASH'", $englishstrings); |
|
|
$englishstrings = preg_replace("/version [^\,\"]+/iu", "nightly build for '$SHORT_HASH'", $englishstrings); |
|
|
$englishstrings = mb_convert_encoding($englishstrings, "UTF-16", "UTF-8"); |
|
|
file_put_contents($englishstringsloc, $englishstrings);' |
|
|
|
|
|
echo "Signing build..." |
|
|
|
|
|
# Code sign and verify the nightly |
|
|
APP_LOC="Sequel Pro.app" |
|
|
ls -d -1 "$APP_LOC/Contents/Frameworks"/** > "$FRAMEWORKS_LIST" |
|
|
echo "${APP_LOC}/Contents/Library/QuickLook/Sequel Pro.qlgenerator" >> "$FILES_TO_SIGN_LIST" |
|
|
echo "${APP_LOC}/Contents/Resources/SequelProTunnelAssistant" >> "$FILES_TO_SIGN_LIST" |
|
|
echo "${APP_LOC}" >> "$FILES_TO_SIGN_LIST" |
|
|
|
|
|
security unlock-keychain -p "$NIGHTLY_KEYCHAIN_PASSWORD" "$NIGHTLY_KEYCHAIN_LOC" |
|
|
codesign -f --keychain "$NIGHTLY_KEYCHAIN_LOC" -s 'Developer ID Application: MJ Media (Y48LQG59RS)' -r $GIT_DIR"/Resources/spframeworkrequirement.bin" "Sequel Pro.app/Contents/Resources/SequelProTunnelAssistant" |
|
|
codesign -f --keychain "$NIGHTLY_KEYCHAIN_LOC" -s 'Developer ID Application: MJ Media (Y48LQG59RS)' -r $GIT_DIR"/Resources/sprequirement.bin" "Sequel Pro.app" |
|
|
VERIFY_ERRORS=$(dist_code_sign "$FRAMEWORKS_LIST" "$FILES_TO_SIGN_LIST") |
|
|
security lock-keychain "$NIGHTLY_KEYCHAIN_LOC" |
|
|
VERIFYERRORS=`codesign --verify "Sequel Pro.app" 2>&1` |
|
|
VERIFYERRORS+=`codesign --verify "Sequel Pro.app/Contents/Resources/SequelProTunnelAssistant" 2>&1` |
|
|
|
|
|
if [ "$VERIFYERRORS" != '' ] |
|
|
then |
|
|
remove_temp_files |
|
|
echo "Signing verification threw an error: $VERIFYERRORS" >&2 |
|
|
exit 1 |
|
|
fi |
|
|
|
|
|
echo "Build signed and verified successfully" |
|
|
echo "Building disk image..." |
|
|
echo "Compressing..." |
|
|
|
|
|
# Build the disk image |
|
|
mkdir disttemp |
|
|
cp -R -p Sequel\ Pro.app disttemp |
|
|
SetFile -a B disttemp/Sequel\ Pro.app |
|
|
hdiutil create -fs HFS+ -volname "Sequel Pro Nightly (r"$SHORT_HASH")" -srcfolder disttemp disttemp.dmg |
|
|
hdiutil convert disttemp.dmg -format UDBZ -o Sequel_Pro_r"$SHORT_HASH".dmg |
|
|
rm -rf disttemp* |
|
|
zip -q -r --symlinks "Sequel_Pro_r${SHORT_HASH}.zip" "Sequel Pro.app" |
|
|
|
|
|
# Make sure it was created |
|
|
if [ ! -e "Sequel_Pro_r${SHORT_HASH}.dmg" ] |
|
|
if [ ! -e "Sequel_Pro_r${SHORT_HASH}.zip" ] |
|
|
then |
|
|
echo "Disk image was not built successfully!" >&2 |
|
|
echo "Zip file was not built successfully!" >&2 |
|
|
exit 1 |
|
|
fi |
|
|
|
|
|
echo "Signing disk image" |
|
|
echo "Signing zip file" |
|
|
|
|
|
# Sign the disk image |
|
|
SIGNATURE=`openssl dgst -sha1 -binary < "Sequel_Pro_r${SHORT_HASH}.dmg" | openssl dgst -dss1 -sign "$PRIVATE_KEY_LOC" | openssl enc -base64 | tr -d "\n"` |
|
|
SIGNATURE=`openssl dgst -sha1 -binary < "Sequel_Pro_r${SHORT_HASH}.zip" | openssl dgst -dss1 -sign "$PRIVATE_KEY_LOC" | openssl enc -base64 | tr -d "\n"` |
|
|
URLENCODEDSIGNATURE=$(php -r 'echo urlencode("'$SIGNATURE'");') |
|
|
|
|
|
echo "Zip file ready (hashed as $SIGNATURE)" |
|
|
|
|
|
|
|
|
echo "Getting ID to upload zip file..." |
|
|
|
|
|
PENDING_BUILD_ID=$(curl 'https://sequelpro.com/api?action=pendingTestBuilds&authToken='$UPLOAD_AUTH_TOKEN | jq -r '.releases | map(select(.commit == "'$REVISION_HASH'")) | .[0]? | .id?') |
|
|
if [ $PENDING_BUILD_ID == 'null' ] |
|
|
then |
|
|
echo "Unable to get pending build ID!" >&2 |
|
|
exit 1 |
|
|
fi |
|
|
echo "Working with pending build ID "$PENDING_BUILD_ID |
|
|
|
|
|
echo "Disk image ready (hashed as $SIGNATURE)" |
|
|
echo "Uploading disk image..." |
|
|
FILESIZE=$(stat -f%z "Sequel_Pro_r"$SHORT_HASH".zip") |
|
|
echo "Uploading disk image of size ${FILESIZE}..." |
|
|
|
|
|
# Upload the disk image |
|
|
scp -P 32100 Sequel_Pro_r"$SHORT_HASH".dmg spnightlyuploader@sequelpro.com:nightlybuilds |
|
|
curl 'https://sequelpro.com/api?action=uploadBuild&uploadReleaseId='$PENDING_BUILD_ID'&uploadFilesize='$FILESIZE'&buildHash='$URLENCODEDSIGNATURE'&authToken='$UPLOAD_AUTH_TOKEN --upload-file Sequel_Pro_r"$SHORT_HASH".zip |
|
|
RETURNVALUE=$? |
|
|
if [ $RETURNVALUE -eq 0 ] |
|
|
then |
|
|
echo "Successfully uploaded disk image" |
|
|
ssh spnightlyuploader@sequelpro.com -p 32100 chmod 666 nightlybuilds/Sequel_Pro_r"$SHORT_HASH".dmg |
|
|
echo "Successfully uploaded zip file" |
|
|
fi |
|
|
|
|
|
# Clean up |
|
@@ -176,14 +231,4 @@ then |
|
|
exit 1 |
|
|
fi |
|
|
|
|
|
# Use curl to post the signature to the server |
|
|
echo "Informing nightly server about new build..." |
|
|
BUILD_ACTIVATE_OUTPUT=`curl --silent -F "filename=Sequel_Pro_r${SHORT_HASH}.dmg" -F "build_hash=$SIGNATURE" -F "build_id=$NUMERIC_REVISION" -F "full_revision=$REVISION_HASH" http://sequelpro.com/nightly/build.php?action=hash-submit` |
|
|
if [ "$BUILD_ACTIVATE_OUTPUT" != 'Successfully updated.' ] |
|
|
then |
|
|
echo "Unexpected status when informing nightly server about new build: " |
|
|
echo "$BUILD_ACTIVATE_OUTPUT" |
|
|
exit 1 |
|
|
fi |
|
|
|
|
|
echo "Done!" |