From 463d0c7f246c5fc4d7325c1a1b6f7eab0baa9ccf Mon Sep 17 00:00:00 2001 From: Armin Briegel <1933192+scriptingosx@users.noreply.github.com> Date: Thu, 4 Jan 2024 16:37:04 +0100 Subject: [PATCH] improvements to build workflow --- README.md | 2 ++ desktoppr.xcodeproj/project.pbxproj | 10 +++++----- desktoppr/Info.plist | 2 -- pkgAndNotarize.zsh | 15 ++++++--------- 4 files changed, 13 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index a6240af..f96986d 100644 --- a/README.md +++ b/README.md @@ -84,6 +84,8 @@ When you run `desktoppr` with the `manage` verb, it will read the settings from The idea is to run `desktoppr manage` with a LaunchAgent plist at login and/or at regular intervals. You can find [a sample LaunchAgent plist here](examples/com.scriptingosx.desktopprmanage.plist). The sample LaunchAgent will run `desktoppr manage` at login and every three hours (10800 sec). You can build a pkg that installs the desktoppr binary, the LaunchAgent plist and an image file very early in the deployment workflow and then desktoppr sets the desktop background when the user reaches the desktop for the first time. +For Ventura and higher, binaries and applications run by LaunchAgents need to be approved with a `com.apple.servicemanagement` profile so they appear as managed in the login items section in Settings.app. The above sample configuration profile contains those settings, as well. + desktoppr uses the following keys: diff --git a/desktoppr.xcodeproj/project.pbxproj b/desktoppr.xcodeproj/project.pbxproj index 36e9708..7838cae 100644 --- a/desktoppr.xcodeproj/project.pbxproj +++ b/desktoppr.xcodeproj/project.pbxproj @@ -172,7 +172,7 @@ C6DFA08222B77599009E16BE /* Run Script (BuildNumber) */ = { isa = PBXShellScriptBuildPhase; alwaysOutOfDate = 1; - buildActionMask = 12; + buildActionMask = 8; files = ( ); inputFileListPaths = ( @@ -184,9 +184,9 @@ ); outputPaths = ( ); - runOnlyForDeploymentPostprocessing = 0; + runOnlyForDeploymentPostprocessing = 1; shellPath = /bin/zsh; - shellScript = "buildNumber=$(/usr/libexec/PlistBuddy -c \"Print BuildNumber\" \"$SRCROOT/desktoppr/Info.plist\")\n\nnewBuildNumber=$(($buildNumber + 1))\n\n/usr/libexec/PlistBuddy -c \"Set :BuildNumber $newBuildNumber\" \"$SRCROOT/desktoppr/Info.plist\"\nxcrun agvtool new-version $newBuildNumber\n"; + shellScript = "buildNumber=$(xcrun agvtool what-version -terse)\n\nnewBuildNumber=$(($buildNumber + 1))\n\nxcrun agvtool new-version $newBuildNumber\n"; showEnvVarsInLog = 0; }; /* End PBXShellScriptBuildPhase section */ @@ -347,7 +347,7 @@ buildSettings = { CODE_SIGN_IDENTITY = "Developer ID Application"; CODE_SIGN_STYLE = Manual; - CURRENT_PROJECT_VERSION = 213; + CURRENT_PROJECT_VERSION = 215; DEAD_CODE_STRIPPING = YES; DEVELOPMENT_TEAM = JME5BW3F3R; ENABLE_HARDENED_RUNTIME = YES; @@ -365,7 +365,7 @@ buildSettings = { CODE_SIGN_IDENTITY = "Developer ID Application"; CODE_SIGN_STYLE = Manual; - CURRENT_PROJECT_VERSION = 213; + CURRENT_PROJECT_VERSION = 215; DEAD_CODE_STRIPPING = YES; DEVELOPMENT_TEAM = JME5BW3F3R; ENABLE_HARDENED_RUNTIME = YES; diff --git a/desktoppr/Info.plist b/desktoppr/Info.plist index 1322c9b..b049f18 100644 --- a/desktoppr/Info.plist +++ b/desktoppr/Info.plist @@ -2,8 +2,6 @@ - BuildNumber - 213 CFBundleIdentifier com.scriptingosx.desktoppr CFBundleName diff --git a/pkgAndNotarize.zsh b/pkgAndNotarize.zsh index 0129d59..a4a3353 100755 --- a/pkgAndNotarize.zsh +++ b/pkgAndNotarize.zsh @@ -10,7 +10,7 @@ pkg_name="$PRODUCT_NAME" identifier="$PRODUCT_BUNDLE_IDENTIFIER" version="$MARKETING_VERSION" -build_number=$(/usr/libexec/PlistBuddy -c "Print BuildNumber" "$SRCROOT/desktoppr/Info.plist") +build_number="$CURRENT_PROJECT_VERSION" min_os_version="$MACOSX_DEPLOYMENT_TARGET" build_dir="$BUILD_DIR" @@ -53,7 +53,7 @@ echo "note: Installer cert ID: $sign_cert" echo # print environment variables -env | sort +# env | sort echo @@ -126,8 +126,10 @@ echo # staple xcrun stapler staple "$product_path" +echo + # also create a zip archive -zippath="$artifacts_dir/$pkg_name-$version.zip" +zippath="$artifacts_dir/$pkg_name-$version-$build_number.zip" echo "note: zip archive: $zippath" zip "$zippath" -j "$pkgroot"/usr/local/bin/desktoppr @@ -136,15 +138,10 @@ echo "note: notarizing zip archive" xcrun notarytool submit "$zippath" \ --keychain-profile "$credential_profile" \ --wait -xcrun stapler staple "$product_path" - +echo echo '## Done!' - -exit 0 - - # notify osascript -e "display notification \"$pkg_name ($version, $build_number) built and notarized\""