diff --git a/.github/scripts/notarize-osx-distro-file.sh b/.github/scripts/notarize-osx-distro-file.sh index e3d2880e4..95245d5b3 100755 --- a/.github/scripts/notarize-osx-distro-file.sh +++ b/.github/scripts/notarize-osx-distro-file.sh @@ -7,9 +7,7 @@ dmg_filename="$(basename -- $dmg_file)" dir="$(dirname "$dmg_file")" cd $dir -submission_id=`xcrun notarytool submit ./${dmg_filename} --keychain-profile $notarize_profile --wait --no-progress -f json | jq -r .id` -echo $submission_id -xcrun notarytool log --keychain-profile $notarize_profile $submission_id +xcrun notarytool submit ./${dmg_filename} --keychain-profile $notarize_profile --wait echo "Staple and generate checksums for ${dmg_filename}" xcrun stapler staple $dmg_filename if [ $? -eq 0 ]; then diff --git a/.github/scripts/sign-osx-distro-file.sh b/.github/scripts/sign-osx-distro-file.sh index 7c2e69c21..dc01ad6aa 100755 --- a/.github/scripts/sign-osx-distro-file.sh +++ b/.github/scripts/sign-osx-distro-file.sh @@ -24,6 +24,32 @@ do codesign --verbose --deep --force --timestamp --entitlements "${entitlements}" --options=runtime --keychain "${KEYCHAIN}" -s "${MACOS_CERTIFICATE_ID}" $f done +function signExecutableInsideJar() { + # sign libjansi.jnilib inside kotlin-compiler-embeddable.jar + for f in `find ${dir}/${destination_folder_name}/SpringToolSuite4.app -type f | grep -E $1` + do + echo "Looking for '$2' files inside ${f} to sign..." + f_name="$(basename -- $f)" + extracted_jar_dir=extracted_${f_name} + rm -rf $extracted_jar_dir + mkdir $extracted_jar_dir + echo "Extracting archive ${f}" + unzip -q $f -d ./${extracted_jar_dir} + for jnilib_file in `find $extracted_jar_dir -type f | grep -E "$3"` + do + echo "Signing binary file: ${jnilib_file}" + codesign --verbose --deep --force --timestamp --entitlements "${entitlements}" --options=runtime --keychain "${KEYCHAIN}" -s "${MACOS_CERTIFICATE_ID}" $jnilib_file + done + cd $extracted_jar_dir + zip -r -u ../$f . + cd .. + rm -rf $extracted_jar_dir + + echo "Signing binary file: ${f}" + codesign --verbose --deep --force --timestamp --entitlements "${entitlements}" --options=runtime --keychain "${KEYCHAIN}" -s "${MACOS_CERTIFICATE_ID}" $f + done +} + # sign libjansi.jnilib inside kotlin-compiler-embeddable.jar for f in `find ${dir}/${destination_folder_name}/SpringToolSuite4.app -type f | grep -E ".*/kotlin-compiler-embeddable.*\.jar$"` do @@ -48,13 +74,13 @@ do codesign --verbose --deep --force --timestamp --entitlements "${entitlements}" --options=runtime --keychain "${KEYCHAIN}" -s "${MACOS_CERTIFICATE_ID}" $f done +# sign libsnappyjava.jnilib inside snappy-java.jar +signExecutableInsideJar ".*/snappy-java.*\.jar$" "libsnappyjava.jnilib" ".*/libsnappyjava\.jnilib$" + # Sign the app ls -la ${dir}/${destination_folder_name}/SpringToolSuite4.app/ codesign --verbose --deep --force --timestamp --entitlements "${entitlements}" --options=runtime --keychain "${KEYCHAIN}" -s "${MACOS_CERTIFICATE_ID}" ${dir}/${destination_folder_name}/SpringToolSuite4.app -#Verify codesign -codesign --verify --deep --verbose ${dir}/${destination_folder_name}/SpringToolSuite4.app - cd ${dir}/${destination_folder_name} echo "Generating dmg-config.json..." echo '{' >> dmg-config.json diff --git a/headless-services/spring-boot-language-server/pom.xml b/headless-services/spring-boot-language-server/pom.xml index e0fcd5f43..c366c6648 100644 --- a/headless-services/spring-boot-language-server/pom.xml +++ b/headless-services/spring-boot-language-server/pom.xml @@ -118,19 +118,7 @@ org.eclipse.jdt org.eclipse.jdt.core ${jdt.core.version} - - - org.eclipse.platform - org.eclipse.equinox.preferences - - - - - org.eclipse.platform - org.eclipse.equinox.preferences - 3.10.1 - commons-io