diff --git a/.github/scripts/sign-osx-distro-file.sh b/.github/scripts/sign-osx-distro-file.sh index 84313a2ac..266e5257f 100755 --- a/.github/scripts/sign-osx-distro-file.sh +++ b/.github/scripts/sign-osx-distro-file.sh @@ -25,32 +25,6 @@ do done function signExecutableInsideJar() { - # sign libjansi.jnilib inside kotlin-compiler-embeddable.jar - for f in `find ${dir}/${destination_folder_name}/SpringToolSuite4.app -type f | grep -E $1` - do - echo "Looking for '$2' files inside ${f} to sign..." - local f_name="$(basename -- $f)" - local extracted_jar_dir=extracted_${f_name} - rm -rf $extracted_jar_dir - mkdir $extracted_jar_dir - echo "Extracting archive ${f}" - unzip -q $f -d ./${extracted_jar_dir} - for jnilib_file in `find $extracted_jar_dir -type f | grep -E "$3"` - do - echo "Signing binary file: ${jnilib_file}" - codesign --verbose --deep --force --timestamp --entitlements "${entitlements}" --options=runtime --keychain "${KEYCHAIN}" -s "${MACOS_CERTIFICATE_ID}" $jnilib_file - done - cd $extracted_jar_dir - zip -r -u ../$f . - cd .. - rm -rf $extracted_jar_dir - - echo "Signing binary file: ${f}" - codesign --verbose --deep --force --timestamp --entitlements "${entitlements}" --options=runtime --keychain "${KEYCHAIN}" -s "${MACOS_CERTIFICATE_ID}" $f - done -} - -function signExecutableInsideJar2() { local pwd=`pwd` for f in `find $1 -type f | grep -E $2` do @@ -71,7 +45,7 @@ function signExecutableInsideJar2() { cd .. rm -rf $extracted_jar_dir - echo "Signing binary file: ${f}" + echo "Signing JAR file: ${f}" codesign --verbose --deep --force --timestamp --entitlements "${entitlements}" --options=runtime --keychain "${KEYCHAIN}" -s "${MACOS_CERTIFICATE_ID}" $f done cd $pwd @@ -87,48 +61,25 @@ function signExecutableInsideNestedJar() { mkdir $extracted_jar_dir echo "Extracting archive ${jar_file}" unzip -q $jar_file -d ./${extracted_jar_dir} - signExecutableInsideJar2 $extracted_jar_dir $3 $4 $5 + signExecutableInsideJar $extracted_jar_dir $3 $4 $5 cd $extracted_jar_dir - ls zip -r -u ../$jar_file . cd .. rm -rf $extracted_jar_dir - echo "Signing binary file: ${jar_file}" + echo "Signing JAR file: ${jar_file}" codesign --verbose --deep --force --timestamp --entitlements "${entitlements}" --options=runtime --keychain "${KEYCHAIN}" -s "${MACOS_CERTIFICATE_ID}" $jar_file done cd $pwd } # sign libjansi.jnilib inside kotlin-compiler-embeddable.jar -signExecutableInsideJar2 ${dir}/${destination_folder_name}/SpringToolSuite4.app ".*/kotlin-compiler-embeddable.*\.jar$" "libjansi.jnilib" ".*/libjansi\.jnilib$" -#for f in `find ${dir}/${destination_folder_name}/SpringToolSuite4.app -type f | grep -E ".*/kotlin-compiler-embeddable.*\.jar$"` -#do -# echo "Looking for 'libjansi.jnilib' files inside ${f} to sign..." -# f_name="$(basename -- $f)" -# extracted_jar_dir=extracted_${f_name} -# rm -rf $extracted_jar_dir -# mkdir $extracted_jar_dir -# echo "Extracting archive ${f}" -# unzip -q $f -d ./${extracted_jar_dir} -# for jnilib_file in `find $extracted_jar_dir -type f | grep -E ".*/libjansi\.jnilib$"` -# do -# echo "Signing binary file: ${jnilib_file}" -# codesign --verbose --deep --force --timestamp --entitlements "${entitlements}" --options=runtime --keychain "${KEYCHAIN}" -s "${MACOS_CERTIFICATE_ID}" $jnilib_file -# done -# cd $extracted_jar_dir -# zip -r -u ../$f . -# cd .. -# rm -rf $extracted_jar_dir -# -# echo "Signing binary file: ${f}" -# codesign --verbose --deep --force --timestamp --entitlements "${entitlements}" --options=runtime --keychain "${KEYCHAIN}" -s "${MACOS_CERTIFICATE_ID}" $f -#done +signExecutableInsideJar ${dir}/${destination_folder_name}/SpringToolSuite4.app ".*/kotlin-compiler-embeddable.*\.jar$" "libjansi.jnilib" ".*/libjansi\.jnilib$" # sign libsnappyjava.jnilib and libsnappyjava.dylib inside snappy-java.jar -signExecutableInsideJar2 ${dir}/${destination_folder_name}/SpringToolSuite4.app ".*/snappy-java.*\.jar$" "libsnappyjava.jnilib" ".*/libsnappyjava\.(jni|dy)lib$" +signExecutableInsideJar ${dir}/${destination_folder_name}/SpringToolSuite4.app ".*/snappy-java.*\.jar$" "libsnappyjava.jnilib" ".*/libsnappyjava\.(jni|dy)lib$" # sign libjnidispatch.jnilib inside jna.jar -signExecutableInsideJar2 ${dir}/${destination_folder_name}/SpringToolSuite4.app ".*/jna-\d+.*\.jar$" "libjnidispatch.jnilib.jnilib" ".*/libjnidispatch\.jnilib$" +signExecutableInsideJar ${dir}/${destination_folder_name}/SpringToolSuite4.app ".*/jna-\d+.*\.jar$" "libjnidispatch.jnilib.jnilib" ".*/libjnidispatch\.jnilib$" #sign libjnidispatch.jnilib inside jna.jar which is inside org.springframework.ide.eclipse.docker.client.jar bundle signExecutableInsideNestedJar ${dir}/${destination_folder_name}/SpringToolSuite4.app ".*/org.springframework.ide.eclipse.docker.client.*\.jar$" ".*/jna-\d+.*\.jar$" "libjnidispatch.jnilib" ".*/libjnidispatch\.jnilib$"