Jim, I translated your shell commands into a series of LEPs in my build method and it worked beautifully.
Thanks again. Jeremy > On 25 Oct 2019, at 15:04, Jim Crate via 4D_Tech <[email protected]> wrote: > > On Oct 24, 2019, at 3:14 PM, Jeremy Roussak via 4D_Tech > <[email protected]> wrote: >> >> App built with v17R6. Trying to sign a built application gives this: >> >> 20:07:01.341: Error 105553143319120 signing '/Users/jbr/Desktop/Final >> Application/PI calculator - Working/PI >> calculator.app/Contents/Resources/Internal User Components/4D >> Report.4dbase/Resources/Images/tbSave.png': Error Domain=NSPOSIXErrorDomain >> Code=9 "Bad file descriptor" >> >> Is there some documentation on the topic? > > I’ve used a script for signing for years, and have now added notarization to > it. I’ve never tried to use 4D’s signing when building functionality. > > This link from Apple describes the notarization workflow and also includes a > link to describe how to generate an app-specific password to use for > command-line notarization. > > If you copy/paste this, the email app probably converted to curly quotes so > you’ll want to fix all the double-quotes. The script goes in the same folder > as the built app you want to sign. If you name it with a .command extension, > you can double-click to run it, and if you use a method to configure a > buildapp.xml project file and run BUILD APPLICATION, you can use LAUNCH > EXTERNAL PROCESS to automatically launch the script. > > Jim Crate > > ---------------------------------------------------------------------------------------------------------------- > #!/bin/bash > > cd "${BASH_SOURCE%/*}" || exit > echo "current directory: `pwd`" > > devID="Developer ID Application: James Crate (developerID)" > appPath="./MyBuiltApp.app" > > filename=$(basename -- "$appPath") > appName="${filename%.*}" > > if [[ -d $appPath ]] > then > echo "signing $appPath" > # clean up by removing file system extended attributes > xattr -cr "$appPath" > > # sign application with developer signature > codesign --force --deep --verbose --sign "$devID" "$appPath" > > # check code-signing > echo "checking signing" > spctl -av "$appPath" > codesign --verify -v "$appPath" > > # zip with versioned name > version=$(/usr/libexec/PlistBuddy "${appPath}/Contents/Info.plist" -c 'Print > CFBundleShortVersionString') > zipName="./${appName}-${version}.app.zip" > echo "zipping to ${zipName}" > rm "${zipName}" > ditto -c -k --sequesterRsrc --keepParent "${appPath}" "${zipName}" > > echo "uploading for notarization" > xcrun altool --notarize-app --primary-bundle-id "com.vantine.MyBuiltApp.zip" > \ > --username "[email protected]" --password > "@keychain:AC_PASSWORD_NotarizationScript" \ > --file "${zipName}" > echo "finished uploading, watch for result email" > fi > > # after notarization completes, run: > # xcrun stapler staple MyBuiltApp.app > > # This command stores a password in the keychain. The keychain item can also > be created manually. > # xcrun altool --store-password-in-keychain-item > "AC_PASSWORD_NotarizationScript" -u "[email protected]" -p > "generated_app_password" > ———————————————————————————————————————————————————————— > > ********************************************************************** > 4D Internet Users Group (4D iNUG) > Archive: http://lists.4d.com/archives.html > Options: https://lists.4d.com/mailman/options/4d_tech > Unsub: mailto:[email protected] > ********************************************************************** ********************************************************************** 4D Internet Users Group (4D iNUG) Archive: http://lists.4d.com/archives.html Options: https://lists.4d.com/mailman/options/4d_tech Unsub: mailto:[email protected] **********************************************************************
