bockbuild/MacSDKRelease/profile.py

   1 import itertools
   2 import os
   3 import re
   4 import shutil
   5 import string
   6 import sys
   7 import tempfile
   8 import traceback
   9
  10 from glob import glob
  11
  12 from MacSDK import profile
  13 from bockbuild.util.util import *
  14
  15
  16 class MonoXamarinPackageProfile(MonoReleaseProfile):
  17     description = 'The Mono Framework for MacOS (official release)'
  18
  19     def setup (self):
  20         bockbuild.packages_to_build.extend(['mono-extensions'])
  21         if bockbuild.cmd_options.release_build:
  22             self.setup_codesign()
  23         else:
  24             info("'--release' option not set, will not attempt to sign package!")
  25
  26         self.cache_host = 'http://xamarin-storage/bockbuild_cache/'
  27
  28     def setup_codesign(self):
  29         self.identity = "Developer ID Installer: Xamarin Inc"
  30
  31         output = backtick("security -v find-identity")
  32         if self.identity not in " ".join(output):
  33             error("Identity '%s' was not found. You can create an unsigned package by removing '--release' to your command line." % self.identity)
  34
  35         password = os.getenv("CODESIGN_KEYCHAIN_PASSWORD")
  36         if password:
  37             print "Unlocking the keychain"
  38             run_shell("security unlock-keychain -p %s" % password)
  39         else:
  40             error("CODESIGN_KEYCHAIN_PASSWORD needs to be defined.")
  41
  42     def setup_release(self):
  43         MonoReleaseProfile.setup_release(self)
  44         self.release_packages['mono'].configure_flags.extend(
  45             ['--enable-extension-module=xamarin --enable-native-types --enable-pecrypt'])
  46         info('Xamarin extensions enabled')
  47
  48     def run_pkgbuild(self, working_dir, package_type):
  49         output = MonoReleaseProfile.run_pkgbuild(
  50             self, working_dir, package_type)
  51
  52         output_unsigned = os.path.join(os.path.dirname(
  53             output), os.path.basename(output).replace('.pkg', '.UNSIGNED.pkg'))
  54         shutil.move(output, output_unsigned)
  55
  56         if not self.cmd_options.release_build:
  57             return output_unsigned
  58
  59         productsign = "/usr/bin/productsign"
  60         productsign_cmd = ' '.join([productsign,
  61                                     "-s '%s'" % self.identity,
  62                                     "'%s'" % output_unsigned,
  63                                     "'%s'" % output])
  64         run_shell(productsign_cmd)
  65         os.remove(output_unsigned)
  66         self.verify_codesign(output)
  67
  68         return output
  69
  70     def verify_codesign(self, pkg):
  71         oldcwd = os.getcwd()
  72         try:
  73             name = os.path.basename(pkg)
  74             pkgdir = os.path.dirname(pkg)
  75             os.chdir(pkgdir)
  76             spctl = "/usr/sbin/spctl"
  77             spctl_cmd = ' '.join(
  78                 [spctl, "-vvv", "--assess", "--type install", name, "2>&1"])
  79             output = backtick(spctl_cmd)
  80
  81             if "accepted" in " ".join(output):
  82                 warn("%s IS SIGNED" % pkg)
  83             else:
  84                 error("%s IS NOT SIGNED:" % pkg)
  85         finally:
  86             os.chdir(oldcwd)
  87
  88 MonoXamarinPackageProfile()