Resolve issue with notarising using incorrect command

AmmarAbouZor · Sep 19, 2024 · b334aa0 · b334aa0
1 parent 567ed84
commit b334aa0
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 25 deletions.
diff --git a/application/apps/indexer/Cargo.lock b/application/apps/indexer/Cargo.lock
diff --git a/application/apps/rustcore/rs-bindings/Cargo.lock b/application/apps/rustcore/rs-bindings/Cargo.lock
diff --git a/cli/codesign_config/macos.toml b/cli/codesign_config/macos.toml
@@ -28,7 +28,7 @@ single_paths = [
     "chipmunk.app",
 ]
 # Patterns to be used with glob to retrieve all matching files under that patterns.
-glob_patterns = ["chipmunk.app/Contents/Frameworks/*.framework/Versions/A/**/**"]
+glob_patterns = ["chipmunk.app/Contents/Frameworks/*.framework/Versions/A/**/*"]
 
 # Represents the components for the final sign command (Command for deep and strict code signing)
 [final_sign_command]

diff --git a/cli/src/release/codesign/macos.rs b/cli/src/release/codesign/macos.rs
@@ -104,40 +104,48 @@ pub fn apply_codesign(config: &MacOsConfig) -> anyhow::Result<()> {
     let app_root = Target::App.cwd();
     let release_build_path = release_build_path();
 
+    let release_build_path_str = release_build_path.to_string_lossy();
+
     // Retrieve sign paths
-    // First: single paths.
-    let mut sign_paths: Vec<_> = config
-        .sign_paths
-        .single_paths
-        .iter()
-        .map(|p| release_build_path.join(p))
-        .collect();
+    let mut sign_paths: Vec<_> = Vec::new();
 
-    // Second: glob paths.
+    // First: glob paths.
     for glob_path in config
         .sign_paths
         .glob_patterns
         .iter()
-        .map(|p| release_build_path.join(p))
+        .map(|p| format!("{release_build_path_str}/{p}"))
     {
-        sign_paths.extend(
-            glob::glob(&glob_path.to_string_lossy())
-                .context("Error while retrieving file paths via glob")?
-                .flat_map(|p| p.ok())
-                .filter(|p| p.is_file())
-                .filter(|p| !p.is_symlink()),
-        );
+        let paths: Vec<_> = glob::glob(&glob_path)
+            .context("Error while retrieving file paths via glob")?
+            .flat_map(|p| p.ok())
+            .filter(|p| p.is_file())
+            .filter(|p| !p.is_symlink())
+            .collect();
+
+        sign_paths.extend(paths);
     }
 
+    // Second: single paths.
+    sign_paths.extend(
+        config
+            .sign_paths
+            .single_paths
+            .iter()
+            .map(|p| release_build_path.join(p))
+    );
+
+
     // Start signing files
     let sign_id = env::var(&config.env_vars.signing_id)
         .context("Error while retrieving signing ID environment variable")?;
     for path in sign_paths {
         let cmd = format!(
-            "codesign --sign \"{sign_id}\" {} {}",
+            "codesign --sign \"{sign_id}\" {} \"{}\"",
             config.sign_cmd_options,
             path.to_string_lossy()
         );
+        println!("DEBUG: CodeSign CMD: '{cmd}'");
         let cmd_status = std::process::Command::new("sh")
             .arg("-c")
             .arg(&cmd)
@@ -198,7 +206,7 @@ pub fn notarize(config: &MacOsConfig) -> anyhow::Result<()> {
     let release_file_path = release_path().join(archname);
 
     let cmd = format!(
-        "{} {}  --apple-id {apple_id} --team-id {team_id} --password {team_id} --password {password}",
+        "{} \"{}\"  --apple-id \"{apple_id}\" --team-id \"{team_id}\" --password \"{password}\"",
         config.notarize_command.command,
         release_file_path.to_string_lossy()
     );