12 from MacSDK import profile
13 from bockbuild.util.util import *
16 class MonoXamarinPackageProfile(MonoReleaseProfile):
17 description = 'Signed package'
19 def attach (self, bockbuild):
21 MonoReleaseProfile.attach(self, bockbuild)
22 bockbuild.packages_to_build.extend(['mono-extensions'])
23 if bockbuild.cmd_options.release_build:
26 info("'--release' option not set, will not attempt to sign package!")
28 self.cache_host = 'http://storage.bos.xamarin.com/bockbuild_cache/'
30 def setup_codesign(self):
31 self.identity = "Developer ID Installer: Xamarin Inc"
33 output = backtick("security -v find-identity")
34 if self.identity not in " ".join(output):
35 error("Identity '%s' was not found. You can create an unsigned package by removing '--release' to your command line." % self.identity)
37 password = os.getenv("CODESIGN_KEYCHAIN_PASSWORD")
39 print "Unlocking the keychain"
40 run_shell("security unlock-keychain -p %s" % password)
42 error("CODESIGN_KEYCHAIN_PASSWORD needs to be defined.")
44 def setup_release(self):
45 MonoReleaseProfile.setup_release(self)
46 self.release_packages['mono'].configure_flags.extend(
47 ['--enable-extension-module=xamarin --enable-native-types --enable-pecrypt'])
48 info('Xamarin extensions enabled')
50 def run_pkgbuild(self, working_dir, package_type):
51 output = MonoReleaseProfile.run_pkgbuild(
52 self, working_dir, package_type)
54 output_unsigned = os.path.join(os.path.dirname(
55 output), os.path.basename(output).replace('.pkg', '.UNSIGNED.pkg'))
56 shutil.move(output, output_unsigned)
58 if not self.cmd_options.release_build:
59 return output_unsigned
61 productsign = "/usr/bin/productsign"
62 productsign_cmd = ' '.join([productsign,
63 "-s '%s'" % self.identity,
64 "'%s'" % output_unsigned,
66 run_shell(productsign_cmd)
67 os.remove(output_unsigned)
68 self.verify_codesign(output)
72 def verify_codesign(self, pkg):
75 name = os.path.basename(pkg)
76 pkgdir = os.path.dirname(pkg)
78 spctl = "/usr/sbin/spctl"
80 [spctl, "-vvv", "--assess", "--type install", name, "2>&1"])
81 output = backtick(spctl_cmd)
83 if "accepted" in " ".join(output):
84 warn("%s IS SIGNED" % pkg)
86 error("%s IS NOT SIGNED:" % pkg)
90 MonoXamarinPackageProfile()