Apple Notarisation - Notarytool (altool depracated)
-
Is anyone using notarytool yet? Altool will be deprecated tomorrow. If anyone can share an example if so that would be very helpful!
Thanks!
-
This is the command I use for the new notarytool:
xcrun notarytool submit "MyPluginInstaller.pkg" --keychain-profile "Mykeychain" --wait -
Yeah I've been using it for a long while, works just fine. My script is a bit complicated to share as it downloads my project from github, compiles it, codesigns it, builds an installer, notarizes, and then checks for the confirmation.
Libre Wave - Freedom respecting instruments and effects
My Patreon - HISE tutorials
YouTube Channel - Public HISE tutorials -
@bendurso thanks! How do you define the keychain?
DHPlugins / DC Breaks | Artist / Producer / DJ / Developer
https://dhplugins.com/ | https://dcbreaks.com/
London, UK -
@d-healey could just take the notarisation line?
DHPlugins / DC Breaks | Artist / Producer / DJ / Developer
https://dhplugins.com/ | https://dcbreaks.com/
London, UK -
@DanH said in Apple Notarisation - Notarytool (altool depracated):
could just take the notarisation line?
It's more than a line :)
echo "Notarizing" response=$(xcrun notarytool submit --apple-id "$apple_id" --password "$app_specific_password" --team-id "$team_id_for_notarization" "$output/$project_name Installer $version.pkg" --wait); # Get notarization ID job_id_line=$(grep -m 1 ' id:' < <(echo -e "${response}")) job_id=$(echo "${job_id_line}" | cut -d ":" -s -f 2 | cut -d " " -f 2) # Get the notarization status from the response status_line=$(grep -m 1 ' status:' < <(echo -e "${response}")) status_result=$(echo "${status_line}" | cut -d ":" -s -f 2 | cut -d " " -f 2) echo "${response}" if [[ ${status_result} != "Accepted" ]]; then exit 1 fi # Staple the notarization result echo "Adding notarization to $project_name Installer $version.pkg" success=$(xcrun stapler staple "$output/$project_name Installer $version.pkg") if [[ -z "${success}" ]]; then echo "[ERROR] Could not staple notarization to app" exit 1 fi # Confirm stapling echo "Checking notarization to $project_name Installer $version.pkg " spctl --assess -vvv --type install "$output/$project_name Installer $version.pkg" -
@DanH Mm I don't remember how I created that keychain. But I think you can make it with your app specific password and team ID, like this: https://forum.hise.audio/topic/7714/apple-altool-vs-notarytool/4
-
you are best reading this:
--which I see you posted at the thread start -- hang on I will be on the mac in about an hour so I will post an example...
HISE Development for hire.
www.channelrobot.com -
@Lindon ok here a bit quicker than I thought
So the "keychain" option is really a short cut but if you havent been using it before then ..lets go with the standard replacement notarytool command
to submit something:
xcrun notarytool submit --apple-id "<your apple id>" --password "<your altool password>" --team-id "<your team ID>" "<path to your zip or pkg>" --waityour old altool cammand for notarization should give you everything you need - except perhaps your teamID - but its in there is like a string like this. "7734UZ9PFG". - or its available in your apple developer account...
adding --wait at the end will make the process not complete until it gets a final status, this is useful as apple will no longer be emailing you with the results....instead in the command window once you've started this command you should see a percentage for the upload, then probably a status of "In Progress..." and eventually(if all goes well): "Accepted"
HISE Development for hire.
www.channelrobot.com -
@Lindon amazing - really appreciate that thank you!
