sigh 1.1.0 → 1.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/assets/resign.sh +14 -94
- data/lib/sigh/resign.rb +2 -10
- data/lib/sigh/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d67d7db17e2b5544c4e47e98ac8da10e04b9dd90
|
4
|
+
data.tar.gz: dad2fb8369a13e45d6e60637298d94504325aeff
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: fbd9d816a8f25c821f2c8ccd33880ad0c85c277f40308d52bbb33a5f0b7438957d8116c6cea732937b96ec15473005b770796738b8b14fa21e4e2fd72e10e2da
|
7
|
+
data.tar.gz: a4581ea28bed0dd0a301c00a980869e686a098ed9aa55494f57213eb5248c789569fb87399bbde7ba08365eb3fdc23aff862a3fbdc835d2657aa455f4d410354
|
data/lib/assets/resign.sh
CHANGED
@@ -55,7 +55,9 @@
|
|
55
55
|
# new features October 2015
|
56
56
|
# 1. now re-signs nested applications and app extensions, if present, prior to re-signing the application itself
|
57
57
|
# 2. enables the -p option to be used more than once
|
58
|
-
#
|
58
|
+
# 3. ensures the provisioning profile's bundle-identifier matches the app's bundle identifier
|
59
|
+
# 4. extracts the entitlements from the provisioning profile
|
60
|
+
# 5. copy the entitlements as archived-expanded-entitlements.xcent inside the app bundle (because Xcode does too)
|
59
61
|
#
|
60
62
|
|
61
63
|
|
@@ -69,10 +71,8 @@ fi
|
|
69
71
|
}
|
70
72
|
|
71
73
|
if [ $# -lt 3 ]; then
|
72
|
-
echo "usage: $0 source identity -p provisioning [-e entitlements] [-
|
74
|
+
echo "usage: $0 source identity -p provisioning [-e entitlements] [-d displayName] [-n version] [-b bundleId] outputIpa" >&2
|
73
75
|
echo " -p option may be provided multiple times" >&2
|
74
|
-
echo " -r flag requires a value '-r yes'" >&2
|
75
|
-
echo " -r flag is ignored if -e is also used" >&2
|
76
76
|
exit 1
|
77
77
|
fi
|
78
78
|
|
@@ -83,7 +83,6 @@ BUNDLE_IDENTIFIER=""
|
|
83
83
|
DISPLAY_NAME=""
|
84
84
|
KEYCHAIN=""
|
85
85
|
VERSION_NUMBER=""
|
86
|
-
ADJUST_BETA_REPORTS_ACTIVE_FLAG="0"
|
87
86
|
RAW_PROVISIONS=()
|
88
87
|
PROVISIONS_BY_ID=()
|
89
88
|
DEFAULT_PROVISION=""
|
@@ -91,7 +90,7 @@ TEMP_DIR="_floatsignTemp"
|
|
91
90
|
|
92
91
|
# options start index
|
93
92
|
OPTIND=3
|
94
|
-
while getopts p:d:e:k:b:
|
93
|
+
while getopts p:d:e:k:b:n: opt; do
|
95
94
|
case $opt in
|
96
95
|
p)
|
97
96
|
RAW_PROVISIONS+=("$OPTARG")
|
@@ -121,10 +120,6 @@ while getopts p:d:e:k:b:r:n: opt; do
|
|
121
120
|
VERSION_NUMBER="$OPTARG"
|
122
121
|
echo "Specified version to use: '$VERSION_NUMBER'" >&2
|
123
122
|
;;
|
124
|
-
r)
|
125
|
-
ADJUST_BETA_REPORTS_ACTIVE_FLAG="1"
|
126
|
-
echo "Enabled adjustment of beta-reports-active entitlements" >&2
|
127
|
-
;;
|
128
123
|
\?)
|
129
124
|
echo "Invalid option: -$OPTARG" >&2
|
130
125
|
exit 1
|
@@ -457,93 +452,18 @@ then
|
|
457
452
|
|
458
453
|
echo "Resigning application using certificate: '$CERTIFICATE'" >&2
|
459
454
|
echo "and entitlements: $ENTITLEMENTS" >&2
|
455
|
+
cp -- "$ENTITLEMENTS" "$APP_PATH/archived-expanded-entitlements.xcent"
|
460
456
|
/usr/bin/codesign -f -s "$CERTIFICATE" --entitlements="$ENTITLEMENTS" "$APP_PATH"
|
461
457
|
checkStatus
|
462
458
|
else
|
463
|
-
echo "Extracting
|
464
|
-
|
465
|
-
|
466
|
-
|
467
|
-
|
468
|
-
|
469
|
-
|
470
|
-
|
471
|
-
then
|
472
|
-
if [ "$TEAM_IDENTIFIER" != "" ];
|
473
|
-
then
|
474
|
-
PlistBuddy -c "Set :com.apple.developer.team-identifier ${TEAM_IDENTIFIER}" "$TEMP_DIR/newEntitlements"
|
475
|
-
checkStatus
|
476
|
-
fi
|
477
|
-
PlistBuddy -c "Set :application-identifier ${APP_IDENTIFER_PREFIX}.${BUNDLE_IDENTIFIER}" "$TEMP_DIR/newEntitlements"
|
478
|
-
checkStatus
|
479
|
-
PlistBuddy -c "Set :keychain-access-groups:0 ${APP_IDENTIFER_PREFIX}.${BUNDLE_IDENTIFIER}" "$TEMP_DIR/newEntitlements"
|
480
|
-
# checkStatus -- if this fails it's likely because the keychain-access-groups key does not exist, so we have nothing to update
|
481
|
-
if [[ "$CERTIFICATE" == *Distribution* ]]; then
|
482
|
-
IS_ENTERPRISE_PROFILE=`PlistBuddy -c "Print :ProvisionsAllDevices" "$TEMP_DIR/profile.plist" | tr -d '\n'`
|
483
|
-
ADHOC_PROVISIONING_DEVICES=`PlistBuddy -c "Print :ProvisionedDevices" "$TEMP_DIR/profile.plist" | tr -d '\n'`
|
484
|
-
|
485
|
-
echo "Assuming Distribution Identity"
|
486
|
-
if [ "$ADJUST_BETA_REPORTS_ACTIVE_FLAG" == "1" ]; then
|
487
|
-
if [ "$IS_ENTERPRISE_PROFILE" == "true" ]; then
|
488
|
-
echo "Ensuring beta-reports-active is not included for Enterprise environment"
|
489
|
-
PlistBuddy -c "Delete :beta-reports-active" "$TEMP_DIR/newEntitlements" || true
|
490
|
-
# checkStatus -- this can fail is beta-reports-active isn't present, which is OK
|
491
|
-
elif [ -n "$ADHOC_PROVISIONING_DEVICES" ]; then
|
492
|
-
echo "Ensuring beta-reports-active is not included for Adhoc environment"
|
493
|
-
PlistBuddy -c "Delete :beta-reports-active" "$TEMP_DIR/newEntitlements" || true
|
494
|
-
# checkStatus -- this can fail is beta-reports-active isn't present, which is OK
|
495
|
-
else
|
496
|
-
echo "Ensuring beta-reports-active is present and enabled"
|
497
|
-
# new beta key is only used for Distribution; might not exist yet, if we were building Development
|
498
|
-
PlistBuddy -c "Add :beta-reports-active bool true" "$TEMP_DIR/newEntitlements"
|
499
|
-
if [ $? -ne 0 ]; then
|
500
|
-
PlistBuddy -c "Set :beta-reports-active YES" "$TEMP_DIR/newEntitlements"
|
501
|
-
fi
|
502
|
-
checkStatus
|
503
|
-
fi
|
504
|
-
fi
|
505
|
-
echo "Setting get-task-allow entitlement to NO"
|
506
|
-
PlistBuddy -c "Set :get-task-allow NO" "$TEMP_DIR/newEntitlements"
|
507
|
-
else
|
508
|
-
echo "Assuming Development Identity"
|
509
|
-
if [ "$ADJUST_BETA_REPORTS_ACTIVE_FLAG" == "1" ]; then
|
510
|
-
# if we were building with Distribution profile, we have to delete the beta key
|
511
|
-
echo "Ensuring beta-reports-active is not included"
|
512
|
-
PlistBuddy -c "Delete :beta-reports-active" "$TEMP_DIR/newEntitlements"
|
513
|
-
# do not check status here, just let it fail if entry does not exist
|
514
|
-
fi
|
515
|
-
echo "Setting get-task-allow entitlement to YES"
|
516
|
-
PlistBuddy -c "Set :get-task-allow YES" "$TEMP_DIR/newEntitlements"
|
517
|
-
fi
|
518
|
-
checkStatus
|
519
|
-
plutil -lint "$TEMP_DIR/newEntitlements" > /dev/null
|
520
|
-
checkStatus
|
521
|
-
echo "Resigning application using certificate: '$CERTIFICATE'" >&2
|
522
|
-
echo "using existing entitlements updated with bundle identifier: '$APP_IDENTIFER_PREFIX.$BUNDLE_IDENTIFIER'" >&2
|
523
|
-
if [ "$TEAM_IDENTIFIER" != "" ];
|
524
|
-
then
|
525
|
-
echo "and team identifier: '$TEAM_IDENTIFIER'" >&2
|
526
|
-
fi
|
527
|
-
/usr/bin/codesign -f -s "$CERTIFICATE" --entitlements="$TEMP_DIR/newEntitlements" "$APP_PATH"
|
528
|
-
checkStatus
|
529
|
-
else
|
530
|
-
echo "Failed to create required intermediate file" >&2
|
531
|
-
exit 1;
|
532
|
-
fi
|
533
|
-
else
|
534
|
-
echo "No entitlements found" >&2
|
535
|
-
echo "Resigning application using certificate: '$CERTIFICATE'" >&2
|
536
|
-
echo "without entitlements" >&2
|
537
|
-
/usr/bin/codesign -f -s "$CERTIFICATE" "$APP_PATH"
|
538
|
-
checkStatus
|
539
|
-
fi
|
540
|
-
else
|
541
|
-
echo "Failed to extract entitlements" >&2
|
542
|
-
echo "Resigning application using certificate: '$CERTIFICATE'" >&2
|
543
|
-
echo "without entitlements" >&2
|
544
|
-
/usr/bin/codesign -f -s "$CERTIFICATE" "$APP_PATH"
|
545
|
-
checkStatus
|
546
|
-
fi
|
459
|
+
echo "Extracting entitlements from provisioning profile" >&2
|
460
|
+
PlistBuddy -x -c "Print Entitlements" "$TEMP_DIR/profile.plist" > "$TEMP_DIR/newEntitlements"
|
461
|
+
checkStatus
|
462
|
+
echo "Resigning application using certificate: '$CERTIFICATE'" >&2
|
463
|
+
echo "and entitlements from provisioning profile: $NEW_PROVISION" >&2
|
464
|
+
cp -- "$TEMP_DIR/newEntitlements" "$APP_PATH/archived-expanded-entitlements.xcent"
|
465
|
+
/usr/bin/codesign -f -s "$CERTIFICATE" --entitlements="$TEMP_DIR/newEntitlements" "$APP_PATH"
|
466
|
+
checkStatus
|
547
467
|
fi
|
548
468
|
|
549
469
|
# Remove the temporary files if they were created before generating ipa
|
data/lib/sigh/resign.rb
CHANGED
@@ -32,22 +32,14 @@ module Sigh
|
|
32
32
|
resign_path.shellescape,
|
33
33
|
ipa.shellescape,
|
34
34
|
signing_identity.shellescape,
|
35
|
-
"-r yes",
|
36
35
|
provisioning_options,
|
37
36
|
ipa.shellescape
|
38
37
|
].join(' ')
|
39
38
|
|
40
39
|
puts command.magenta
|
41
|
-
|
42
|
-
puts output
|
40
|
+
puts `#{command}`
|
43
41
|
|
44
|
-
if
|
45
|
-
ptn = 'Assuming Development Identity'
|
46
|
-
else
|
47
|
-
ptn = 'Assuming Distribution Identity'
|
48
|
-
end
|
49
|
-
|
50
|
-
if output.include?(ptn) && $?.to_i == 0
|
42
|
+
if $?.to_i == 0
|
51
43
|
Helper.log.info "Successfully signed #{ipa}!".green
|
52
44
|
true
|
53
45
|
else
|
data/lib/sigh/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sigh
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.1.
|
4
|
+
version: 1.1.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Felix Krause
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-10-
|
11
|
+
date: 2015-10-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: fastlane_core
|