Codesign binaries in Mac OS X distribution packages

2016-01-16 19:43:50 +01:00 · 2016-01-16 19:43:50 +01:00 · d5d330413b
parent 74a210f198
commit d5d330413b
1 changed files with 23 additions and 0 deletions
--- a/build.go
+++ b/build.go
@ -255,6 +255,9 @@ func buildTar() {
 		files = append(files, archiveFile{src: file, dst: name + "/" + filepath.Base(file)})
 	}

+	if goos == "darwin" {
+		macosCodesign("syncthing")
+	}
 	tarGz(filename, files)
 	log.Println(filename)
 }
@ -743,3 +746,23 @@ func lint(pkg string) {
 		}
 	}
 }
+
+func macosCodesign(file string) {
+	if pass := os.Getenv("CODESIGN_KEYCHAIN_PASS"); pass != "" {
+		bs, err := runError("security", "unlock-keychain", "-p", pass)
+		if err != nil {
+			log.Println("Codesign: unlocking keychain failed:", string(bs))
+			return
+		}
+	}
+
+	if id := os.Getenv("CODESIGN_IDENTITY"); id != "" {
+		bs, err := runError("codesign", "-s", id, file)
+		if err != nil {
+			log.Println("Codesign: signing failed:", string(bs))
+			return
+		}
+	}
+
+	log.Println("Codesign: successfully signed", file)
+}