Enable disable-library-validation entitlement to allow use of @executable_path

[dcpomatic.git] / platform / osx / make_dmg.sh

diff --git a/platform/osx/make_dmg.sh b/platform/osx/make_dmg.sh
index f55a0e8b14cfe969e6632f30c81e22385d366e34..850a2a4f7acd7b2ca0b005658927ef15b07203e8 100644 (file)
--- a/platform/osx/make_dmg.sh
+++ b/platform/osx/make_dmg.sh
@@ -28,6 +28,17 @@ fi
 mkdir -p build/platform/osx
 cd build/platform/osx
 
+cat <<EOF > entitlements.plist
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+  <key>com.apple.security.cs.disable-library-validation</key>
+  <true/>
+</dict>
+</plist>
+EOF
+
 function copy {
     case $TYPE in
        universal)
@@ -191,6 +202,7 @@ function copy_resources {
     cp $prefix/src/dcpomatic/graphics/osx/dcpomatic2_batch.icns "$dest"
     cp $prefix/src/dcpomatic/graphics/osx/dcpomatic2_playlist.icns "$dest"
     cp $prefix/src/dcpomatic/graphics/osx/dcpomatic2_disk.icns "$dest"
+    cp $prefix/src/dcpomatic/graphics/osx/dcpomatic2_combiner.icns "$dest"
     cp $prefix/src/dcpomatic/graphics/osx/preferences/defaults.png "$dest"
     cp $prefix/src/dcpomatic/graphics/osx/preferences/defaults@2x.png "$dest"
     cp $prefix/src/dcpomatic/graphics/osx/preferences/kdm_email.png "$dest"
@@ -229,7 +241,10 @@ function copy_resources {
     cp $prefix/src/dcpomatic/graphics/sequence.png "$dest"
     cp $prefix/src/dcpomatic/graphics/me.jpg "$dest"
     cp $prefix/src/dcpomatic/graphics/link.png "$dest"
+    cp $prefix/src/dcpomatic/graphics/tick.png "$dest"
+    cp $prefix/src/dcpomatic/graphics/no_tick.png "$dest"
     cp -r $prefix/share/libdcp/xsd "$dest"
+    cp -r $prefix/share/libdcp/tags "$dest"
 
     # i18n: DCP-o-matic .mo files
     for lang in de_DE es_ES fr_FR it_IT sv_SE nl_NL ru_RU pl_PL da_DK pt_PT pt_BR sk_SK cs_CZ uk_UA zh_CN tr_TR; do
@@ -288,7 +303,7 @@ function relink_absolute {
 }
 
 function sign {
-    codesign --deep --force --verify --verbose --options runtime --sign "Developer ID Application: Carl Hetherington (R82DXSR997)" "$1"
+    codesign --deep --force --verify --verbose --options runtime --entitlements entitlements.plist --sign "Developer ID Application: Carl Hetherington (R82DXSR997)" "$1"
     if [ "$?" != "0" ]; then
        echo "Failed to sign $1"
        exit 1
@@ -299,12 +314,10 @@ function sign {
 # @param #1 .app directory
 # @param #2 .pkg or ""
 # @param #3 full name e.g. DCP-o-matic Batch Converter
-# @param #4 bundle id e.g. com.dcpomatic.batch
 function make_dmg {
     local appdir="$1"
     local pkg="$2"
     local full_name="$3"
-    local bundle_id="$4"
     tmp_dmg=dcpomatic_tmp.dmg
     dmg="$full_name $version.dmg"
     vol_name=DCP-o-matic-$version
@@ -401,39 +414,7 @@ EOF
     xattr -c "$dmg"
 
     set -e
-    codesign --verify --verbose --options runtime --sign "Developer ID Application: Carl Hetherington (R82DXSR997)" "$dmg"
-
-    # We only notarize thin builds, as if we're building universal binaries we must be on an OS
-    # sufficiently old that it can't notarize anyway
-    if [ "$TYPE" == "thin" ]; then
-
-       id=$(xcrun altool --notarize-app -t osx -f "$dmg" --primary-bundle-id $bundle_id -u $APPLE_ID -p $APPLE_PASSWORD --output-format xml | grep -C1 RequestUUID | tail -n 1 | sed -e "s/<string>//g" | sed -e "s/<\/string>//g")
-       N=0
-       while [ 1 ]; do
-           echo "Checking up on $id"
-           set +e
-            status=$(xcrun altool --notarization-info $id -u $APPLE_ID -p $APPLE_PASSWORD --output-format xml)
-           set -e
-            summary=$(echo "$status" | grep -C1 "<key>Status</key>" | tail -n 1 | sed -e "s/   .//g")
-            echo "Got $summary"
-            if [ "$summary" == "<string>invalid</string>" ]; then
-                echo "Notarization failed."
-                echo $status
-                exit 1
-            fi
-           if [ "$summary" == "<string>success</string>" ]; then
-               break
-           fi
-           sleep 30
-           N=$((N+1))
-           if [ "$N" == "30" ]; then
-               echo "Timed out waiting for notarization"
-               exit 1
-           fi
-       done
-
-       xcrun stapler staple "$dmg"
-    fi
+    codesign --verify --verbose --options runtime --entitlements entitlements.plist --sign "Developer ID Application: Carl Hetherington (R82DXSR997)" "$dmg"
     set +e
 
     rm $tmp_dmg
@@ -473,7 +454,7 @@ copy $ROOT src/openssl/apps/openssl "$approot/MacOS"
 cp $prefix/src/dcpomatic/build/platform/osx/dcpomatic2.Info.plist "$approot/Info.plist"
 rl=("$approot/MacOS/dcpomatic2" "$approot/MacOS/dcpomatic2_cli" "$approot/MacOS/dcpomatic2_create" "$approot/MacOS/ffprobe" "$approot/Frameworks/"*.dylib)
 relink_relative "${rl[@]}"
-make_dmg "$appdir" "" "DCP-o-matic" com.dcpomatic
+make_dmg "$appdir" "" "DCP-o-matic"
 
 # DCP-o-matic KDM Creator
 setup "DCP-o-matic 2 KDM Creator.app"
@@ -483,7 +464,7 @@ copy $ROOT src/openssl/apps/openssl "$approot/MacOS"
 cp $prefix/src/dcpomatic/build/platform/osx/dcpomatic2_kdm.Info.plist "$approot/Info.plist"
 rl=("$approot/MacOS/dcpomatic2_kdm" "$approot/MacOS/dcpomatic2_kdm_cli" "$approot/Frameworks/"*.dylib)
 relink_relative "${rl[@]}"
-make_dmg "$appdir" "" "DCP-o-matic KDM Creator" com.dcpomatic.kdm
+make_dmg "$appdir" "" "DCP-o-matic KDM Creator"
 
 # DCP-o-matic Encode Server
 setup "DCP-o-matic 2 Encode Server.app"
@@ -493,7 +474,7 @@ copy $ROOT src/openssl/apps/openssl "$approot/MacOS"
 cp $prefix/src/dcpomatic/build/platform/osx/dcpomatic2_server.Info.plist "$approot/Info.plist"
 rl=("$approot/MacOS/dcpomatic2_server" "$approot/MacOS/dcpomatic2_server_cli" "$approot/Frameworks/"*.dylib)
 relink_relative "${rl[@]}"
-make_dmg "$appdir" "" "DCP-o-matic Encode Server" com.dcpomatic.server
+make_dmg "$appdir" "" "DCP-o-matic Encode Server"
 
 # DCP-o-matic Batch Converter
 setup "DCP-o-matic 2 Batch converter.app"
@@ -502,7 +483,7 @@ copy $ROOT src/openssl/apps/openssl "$approot/MacOS"
 cp $prefix/src/dcpomatic/build/platform/osx/dcpomatic2_batch.Info.plist "$approot/Info.plist"
 rl=("$approot/MacOS/dcpomatic2_batch" "$approot/Frameworks/"*.dylib)
 relink_relative "${rl[@]}"
-make_dmg "$appdir" "" "DCP-o-matic Batch Converter" com.dcpomatic.batch
+make_dmg "$appdir" "" "DCP-o-matic Batch Converter"
 
 # DCP-o-matic Player
 setup "DCP-o-matic 2 Player.app"
@@ -511,7 +492,7 @@ copy $ROOT src/openssl/apps/openssl "$approot/MacOS"
 cp $prefix/src/dcpomatic/build/platform/osx/dcpomatic2_player.Info.plist "$approot/Info.plist"
 rl=("$approot/MacOS/dcpomatic2_player" "$approot/Frameworks/"*.dylib)
 relink_relative "${rl[@]}"
-make_dmg "$appdir" "" "DCP-o-matic Player" com.dcpomatic.player
+make_dmg "$appdir" "" "DCP-o-matic Player"
 
 # DCP-o-matic Playlist Editor
 setup "DCP-o-matic 2 Playlist Editor.app"
@@ -520,7 +501,16 @@ copy $ROOT src/openssl/apps/openssl "$approot/MacOS"
 cp $prefix/src/dcpomatic/build/platform/osx/dcpomatic2_playlist.Info.plist "$approot/Info.plist"
 rl=("$approot/MacOS/dcpomatic2_playlist" "$approot/Frameworks/"*.dylib)
 relink_relative "${rl[@]}"
-make_dmg "$appdir" "" "DCP-o-matic Playlist Editor" com.dcpomatic.playlist
+make_dmg "$appdir" "" "DCP-o-matic Playlist Editor"
+
+# DCP-o-matic Combiner
+setup "DCP-o-matic 2 Combiner.app"
+copy $ROOT src/dcpomatic/build/src/tools/dcpomatic2_combiner "$approot/MacOS"
+copy $ROOT src/openssl/apps/openssl "$approot/MacOS"
+cp $prefix/src/dcpomatic/build/platform/osx/dcpomatic2_combiner.Info.plist "$approot/Info.plist"
+rl=("$approot/MacOS/dcpomatic2_combiner" "$approot/Frameworks/"*.dylib)
+relink_relative "${rl[@]}"
+make_dmg "$appdir" "" "DCP-o-matic Combiner"
 
 # DCP-o-matic Disk Writer .app
 setup "DCP-o-matic 2 Disk Writer.app"
@@ -602,5 +592,5 @@ mkdir -p "$pkgroot/Library/Application Support/com.dcpomatic"
 mv $pkgbin/* "$pkgroot/Library/Application Support/com.dcpomatic/"
 pkgbuild --root $pkgroot --identifier com.dcpomatic.disk.writer --scripts $pkgbase/scripts "DCP-o-matic Disk Writer.pkg"
 
-make_dmg "$appdir" "DCP-o-matic Disk Writer.pkg" "DCP-o-matic Disk Writer" com.dcpomatic.disk
+make_dmg "$appdir" "DCP-o-matic Disk Writer.pkg" "DCP-o-matic Disk Writer"