From 8d7f88ff2db53a41f43556982bdc3d8ba79bfe48 Mon Sep 17 00:00:00 2001 From: dreamer Date: Tue, 28 Oct 2025 12:09:37 +0100 Subject: [PATCH 1/3] optional notarization step --- utils/package-osx-bundles.sh | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/utils/package-osx-bundles.sh b/utils/package-osx-bundles.sh index 8406a19ef..16400cd6f 100755 --- a/utils/package-osx-bundles.sh +++ b/utils/package-osx-bundles.sh @@ -158,5 +158,12 @@ productbuild \ "${PKG_SIGN_ARGS[@]}" \ ${MACOS_PKG_SNAME}-macOS.pkg -# xcrun notarytool submit build/*-macOS.pkg --keychain-profile "build-notary" --wait -# xcrun notarytool log --keychain-profile "build-notary" 00000000-0000-0000-0000-000000000000 +if [ -n "${MACOS_NOTARIZATION_USER}" ] && [ -n "${MACOS_NOTARIZATION_PASS}" ] && [ -n "${MACOS_NOTARIZATION_TEAM}" ]; then + xcrun notarytool submit ${MACOS_PKG_NAME}-macOS.pkg \ + --apple-id ${MACOS_NOTARIZATION_USER} \ + --password ${MACOS_NOTARIZATION_PASS} \ + --team-id ${MACOS_NOTARIZATION_TEAM} \ + --wait + + xcrun stapler staple ${MACOS_PKG_NAME}-macOS.pkg +fi From 3043e80440e63710899e18cacfeb31d557efb409 Mon Sep 17 00:00:00 2001 From: dreamer Date: Tue, 28 Oct 2025 12:52:40 +0100 Subject: [PATCH 2/3] use correct package --- utils/package-osx-bundles.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utils/package-osx-bundles.sh b/utils/package-osx-bundles.sh index 16400cd6f..be687f805 100755 --- a/utils/package-osx-bundles.sh +++ b/utils/package-osx-bundles.sh @@ -159,11 +159,11 @@ productbuild \ ${MACOS_PKG_SNAME}-macOS.pkg if [ -n "${MACOS_NOTARIZATION_USER}" ] && [ -n "${MACOS_NOTARIZATION_PASS}" ] && [ -n "${MACOS_NOTARIZATION_TEAM}" ]; then - xcrun notarytool submit ${MACOS_PKG_NAME}-macOS.pkg \ + xcrun notarytool submit ${MACOS_PKG_SNAME}-macOS.pkg \ --apple-id ${MACOS_NOTARIZATION_USER} \ --password ${MACOS_NOTARIZATION_PASS} \ --team-id ${MACOS_NOTARIZATION_TEAM} \ --wait - xcrun stapler staple ${MACOS_PKG_NAME}-macOS.pkg + xcrun stapler staple ${MACOS_PKG_SNAME}-macOS.pkg fi From 28dcb4ed957c6f1c9a16a8975b4cbc6eb4877a19 Mon Sep 17 00:00:00 2001 From: dreamer Date: Tue, 28 Oct 2025 13:37:14 +0100 Subject: [PATCH 3/3] add optional keychain profile and log comment --- utils/package-osx-bundles.sh | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/utils/package-osx-bundles.sh b/utils/package-osx-bundles.sh index be687f805..ecfeb41a6 100755 --- a/utils/package-osx-bundles.sh +++ b/utils/package-osx-bundles.sh @@ -159,11 +159,21 @@ productbuild \ ${MACOS_PKG_SNAME}-macOS.pkg if [ -n "${MACOS_NOTARIZATION_USER}" ] && [ -n "${MACOS_NOTARIZATION_PASS}" ] && [ -n "${MACOS_NOTARIZATION_TEAM}" ]; then + # Notarize using credentials xcrun notarytool submit ${MACOS_PKG_SNAME}-macOS.pkg \ --apple-id ${MACOS_NOTARIZATION_USER} \ --password ${MACOS_NOTARIZATION_PASS} \ --team-id ${MACOS_NOTARIZATION_TEAM} \ --wait - + xcrun stapler staple ${MACOS_PKG_SNAME}-macOS.pkg +elif [ -n "${MACOS_KEYCHAIN_PROFILE}" ]; then + # Notarize using keychain profile + xcrun notarytool submit ${MACOS_PKG_SNAME}-macOS.pkg \ + --keychain-profile ${MACOS_KEYCHAIN_PROFILE} \ + --wait xcrun stapler staple ${MACOS_PKG_SNAME}-macOS.pkg fi + +# To get logs of your notarization note the notarization id (of the form `00000000-0000-0000-0000-000000000000`) +# and use either your credentials or keychain profile: +# xcrun notarytool log --keychain-profile ${MACOS_KEYCHAIN_PROFILE} ${NOTARIZATION_ID}