diff options
author | Michael Brüning <michael.bruning@qt.io> | 2020-03-27 11:31:08 +0100 |
---|---|---|
committer | Michael Brüning <michael.bruning@qt.io> | 2020-03-31 12:24:38 +0100 |
commit | 76b2d6ef3b438fbc50e89657b112f8edb3a0e120 (patch) | |
tree | e6b9deac8e0f1a3797c0c61e885643bdf6f27f7f | |
parent | 89ea26e93ee0410fb3a33b315d928fce05c3ef9e (diff) | |
download | qttools-76b2d6ef3b438fbc50e89657b112f8edb3a0e120.tar.gz |
[macdeployqt] Add sign-for-notarization option
For notarization to succeed, several options have to be activated when
signing the application:
* the hardened runtime has to be activated
* a secure timestamp must be generated
* the application has to be signed with a Developer ID certificate
Add the option sign-for-notarization to conveniently activate both
options.
Change-Id: I7ddf3f36091f4d5d081166d32f65a4ab446536ce
Reviewed-by: Morten Johan Sørvig <morten.sorvig@qt.io>
-rw-r--r-- | src/macdeployqt/macdeployqt/main.cpp | 42 |
1 files changed, 27 insertions, 15 deletions
diff --git a/src/macdeployqt/macdeployqt/main.cpp b/src/macdeployqt/macdeployqt/main.cpp index 074b4a82f..0f9164053 100644 --- a/src/macdeployqt/macdeployqt/main.cpp +++ b/src/macdeployqt/macdeployqt/main.cpp @@ -42,21 +42,22 @@ int main(int argc, char **argv) qDebug() << "Usage: macdeployqt app-bundle [options]"; qDebug() << ""; qDebug() << "Options:"; - qDebug() << " -verbose=<0-3> : 0 = no output, 1 = error/warning (default), 2 = normal, 3 = debug"; - qDebug() << " -no-plugins : Skip plugin deployment"; - qDebug() << " -dmg : Create a .dmg disk image"; - qDebug() << " -no-strip : Don't run 'strip' on the binaries"; - qDebug() << " -use-debug-libs : Deploy with debug versions of frameworks and plugins (implies -no-strip)"; - qDebug() << " -executable=<path> : Let the given executable use the deployed frameworks too"; - qDebug() << " -qmldir=<path> : Scan for QML imports in the given path"; - qDebug() << " -qmlimport=<path> : Add the given path to the QML module search locations"; - qDebug() << " -always-overwrite : Copy files even if the target file exists"; - qDebug() << " -codesign=<ident> : Run codesign with the given identity on all executables"; - qDebug() << " -hardened-runtime : Enable Hardened Runtime when code signing"; - qDebug() << " -timestamp : Include a secure timestamp when code signing (requires internet connection)"; - qDebug() << " -appstore-compliant: Skip deployment of components that use private API"; - qDebug() << " -libpath=<path> : Add the given path to the library search path"; - qDebug() << " -fs=<filesystem> : Set the filesystem used for the .dmg disk image (defaults to HFS+)"; + qDebug() << " -verbose=<0-3> : 0 = no output, 1 = error/warning (default), 2 = normal, 3 = debug"; + qDebug() << " -no-plugins : Skip plugin deployment"; + qDebug() << " -dmg : Create a .dmg disk image"; + qDebug() << " -no-strip : Don't run 'strip' on the binaries"; + qDebug() << " -use-debug-libs : Deploy with debug versions of frameworks and plugins (implies -no-strip)"; + qDebug() << " -executable=<path> : Let the given executable use the deployed frameworks too"; + qDebug() << " -qmldir=<path> : Scan for QML imports in the given path"; + qDebug() << " -qmlimport=<path> : Add the given path to the QML module search locations"; + qDebug() << " -always-overwrite : Copy files even if the target file exists"; + qDebug() << " -codesign=<ident> : Run codesign with the given identity on all executables"; + qDebug() << " -hardened-runtime : Enable Hardened Runtime when code signing"; + qDebug() << " -timestamp : Include a secure timestamp when code signing (requires internet connection)"; + qDebug() << " -sign-for-notarization=<ident>: Activate the necessary options for notarization (requires internet connection)"; + qDebug() << " -appstore-compliant : Skip deployment of components that use private API"; + qDebug() << " -libpath=<path> : Add the given path to the library search path"; + qDebug() << " -fs=<filesystem> : Set the filesystem used for the .dmg disk image (defaults to HFS+)"; qDebug() << ""; qDebug() << "macdeployqt takes an application bundle as input and makes it"; qDebug() << "self-contained by copying in the Qt frameworks and plugins that"; @@ -168,6 +169,17 @@ int main(int argc, char **argv) runCodesign = true; codesignIdentiy = argument.mid(index+1); } + } else if (argument.startsWith(QByteArray("-sign-for-notarization"))) { + LogDebug() << "Argument found:" << argument; + int index = argument.indexOf("="); + if (index < 0 || index >= argument.size()) { + LogError() << "Missing code signing identity"; + } else { + runCodesign = true; + hardenedRuntime = true; + secureTimestamp = true; + codesignIdentiy = argument.mid(index+1); + } } else if (argument.startsWith(QByteArray("-hardened-runtime"))) { LogDebug() << "Argument found:" << argument; hardenedRuntime = true; |