Re: Error signing built app for Catalina
On Oct 24, 2019, at 3:14 PM, Jeremy Roussak via 4D_Tech <4d_tech@xxx.xxx> wrote:
>
> App built with v17R6. Trying to sign a built application gives this:
>
> 20:07:01.341: Error 105553143319120 signing '/Users/jbr/Desktop/Final Application/PI calculator - Working/PI calculator.app/Contents/Resources/Internal User Components/4D Report.4dbase/Resources/Images/tbSave.png': Error Domain=NSPOSIXErrorDomain Code=9 "Bad file descriptor"
>
> Is there some documentation on the topic?
I’ve used a script for signing for years, and have now added notarization to it. I’ve never tried to use 4D’s signing when building functionality.
This link from Apple describes the notarization workflow and also includes a link to describe how to generate an app-specific password to use for command-line notarization.
If you copy/paste this, the email app probably converted to curly quotes so you’ll want to fix all the double-quotes. The script goes in the same folder as the built app you want to sign. If you name it with a .command extension, you can double-click to run it, and if you use a method to configure a buildapp.xml project file and run BUILD APPLICATION, you can use LAUNCH EXTERNAL PROCESS to automatically launch the script.
Jim Crate
----------------------------------------------------------------------------------------------------------------
#!/bin/bash
cd "${BASH_SOURCE%/*}" || exit
echo "current directory: `pwd`"
devID="Developer ID Application: James Crate (developerID)"
appPath="./MyBuiltApp.app"
filename=$(basename -- "$appPath")
appName="${filename%.*}"
if [[ -d $appPath ]]
then
echo "signing $appPath"
# clean up by removing file system extended attributes
xattr -cr "$appPath"
# sign application with developer signature
codesign --force --deep --verbose --sign "$devID" "$appPath"
# check code-signing
echo "checking signing"
spctl -av "$appPath"
codesign --verify -v "$appPath"
# zip with versioned name
version=$(/usr/libexec/PlistBuddy "${appPath}/Contents/Info.plist" -c 'Print CFBundleShortVersionString')
zipName="./${appName}-${version}.app.zip"
echo "zipping to ${zipName}"
rm "${zipName}"
ditto -c -k --sequesterRsrc --keepParent "${appPath}" "${zipName}"
echo "uploading for notarization"
xcrun altool --notarize-app --primary-bundle-id "com.vantine.MyBuiltApp.zip" \
--username "me@xxx.xxx" --password "@keychain:AC_PASSWORD_NotarizationScript" \
--file "${zipName}"
echo "finished uploading, watch for result email"
fi
# after notarization completes, run:
# xcrun stapler staple MyBuiltApp.app
# This command stores a password in the keychain. The keychain item can also be created manually.
# xcrun altool --store-password-in-keychain-item "AC_PASSWORD_NotarizationScript" -u "me@xxx.xxx" -p "generated_app_password"
————————————————————————————————————————————————————————
**********************************************************************
4D Internet Users Group (4D iNUG)
Archive: http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub: mailto:4D_Tech-Unsubscribe@xxx.xxx
**********************************************************************
Thanks, Lutz. If only I had a copy of v18!
Jeremy
> On 25 Oct 2019, at 08:14, Epperlein, Lutz (agendo) via 4D_Tech <4d_tech@xxx.xxx> wrote:
>
> Maybe this:
>
> https://blog.4d.com/?s=notarization
>
> Regards
> Lutz Epperlein
>
> -----Ursprüngliche Nachricht-----
> Von: 4D_Tech [mailto:4d_tech-bounces@xxx.xxx] Im Auftrag von Jeremy Roussak via 4D_Tech
> Gesendet: Donnerstag, 24. Oktober 2019 21:14
> An: 4D iNug Technical <4d_tech@xxx.xxx>
> Cc: Jeremy Roussak
> Betreff: Error signing built app for Catalina
>
> App built with v17R6. Trying to sign a built application gives this:
>
> 20:07:01.341: Error 105553143319120 signing '/Users/jbr/Desktop/Final Application/PI calculator - Working/PI calculator.app/Contents/Resources/Internal User Components/4D Report.4dbase/Resources/Images/tbSave.png': Error Domain=NSPOSIXErrorDomain Code=9 "Bad file descriptor"
>
> Is there some documentation on the topic?
>
> Jeremy
**********************************************************************
4D Internet Users Group (4D iNUG)
Archive: http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub: mailto:4D_Tech-Unsubscribe@xxx.xxx
**********************************************************************