diff --git a/.gitignore b/.gitignore index 5ac3c67..3bba4da 100644 --- a/.gitignore +++ b/.gitignore @@ -10,6 +10,7 @@ cache /dist .direnv/ src/camera.rs +scripts/macos_build_secrets.sh *.patch *.txt /tags diff --git a/Cargo.toml b/Cargo.toml index 350bf89..66f5866 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -86,6 +86,10 @@ android-activity = { version = "0.4", features = [ "native-activity" ] } winit = { version = "0.29", features = [ "android-native-activity" ] } #winit = { git="https://github.com/rust-windowing/winit.git", rev = "2a58b785fed2a3746f7c7eebce95bce67ddfd27c", features = ["android-native-activity"] } +[package.metadata.bundle] +identifier = "com.damus.notedeck" +icon = ["assets/app_icon.icns"] + [package.metadata.android] package = "com.damus.app" apk_name = "damus" diff --git a/assets/app_icon.icns b/assets/app_icon.icns new file mode 100644 index 0000000..b3af25e Binary files /dev/null and b/assets/app_icon.icns differ diff --git a/entitlements.plist b/entitlements.plist new file mode 100644 index 0000000..3435819 --- /dev/null +++ b/entitlements.plist @@ -0,0 +1,12 @@ + + + + + com.apple.security.app-sandbox + + com.apple.security.cs.allow-unsigned-executable-memory + + com.apple.security.network.client + + + diff --git a/scripts/macos_build.sh b/scripts/macos_build.sh new file mode 100755 index 0000000..b070b66 --- /dev/null +++ b/scripts/macos_build.sh @@ -0,0 +1,95 @@ +#!/bin/bash + +set -e # Exit immediately if a command exits with a non-zero status +set -u # Treat unset variables as an error +set -o pipefail # Catch errors in pipelines + +# Ensure the script is running in the correct directory +REQUIRED_DIR="notedeck" +CURRENT_DIR=$(basename "$PWD") + +if [ "$CURRENT_DIR" != "$REQUIRED_DIR" ]; then + echo "Error: This script must be run from the '$REQUIRED_DIR' directory." + exit 1 +fi + +# Load environment variables from macos_build_secrets.sh +SECRETS_FILE="./scripts/macos_build_secrets.sh" +if [ ! -f "$SECRETS_FILE" ]; then + echo "Error: Secrets file '$SECRETS_FILE' not found. Please create it with the required variables." >&2 + exit 1 +fi + +# Source the secrets +source "$SECRETS_FILE" + +# Ensure all required variables are set +REQUIRED_VARS=(NOTEDECK_APPLE_RELEASE_CERT_ID NOTEDECK_RELEASE_APPLE_ID NOTEDECK_APPLE_APP_SPECIFIC_PW NOTEDECK_APPLE_TEAM_ID) +for VAR in "${REQUIRED_VARS[@]}"; do + if [ -z "${!VAR:-}" ]; then + echo "Error: Required variable '$VAR' is not set in $SECRETS_FILE." >&2 + exit 1 + fi +done + +# Ensure required tools are installed +if ! command -v cargo &> /dev/null; then + echo "Error: cargo is not installed." >&2 + exit 1 +fi + +if ! command -v xcrun &> /dev/null; then + echo "Error: xcrun is not installed." >&2 + exit 1 +fi + +if ! command -v create-dmg &> /dev/null; then + echo "Error: create-dmg is not installed." >&2 + exit 1 +fi + +# Build the .app bundle +echo "Building .app bundle..." +cargo bundle --release + +# Sign the app +echo "Codesigning the app..." +codesign \ + --deep \ + --force \ + --verify \ + --options runtime \ + --entitlements entitlements.plist \ + --sign "$NOTEDECK_APPLE_RELEASE_CERT_ID" \ + target/release/bundle/osx/notedeck.app + +# Create a zip for notarization +echo "Creating zip for notarization..." +zip -r notedeck.zip target/release/bundle/osx/notedeck.app + +# Submit for notarization +echo "Submitting for notarization..." +xcrun notarytool submit \ + --apple-id "$NOTEDECK_RELEASE_APPLE_ID" \ + --password "$NOTEDECK_APPLE_APP_SPECIFIC_PW" \ + --team-id "$NOTEDECK_APPLE_TEAM_ID" \ + --wait \ + notedeck.zip + +# Staple the notarization +echo "Stapling notarization to the app..." +xcrun stapler staple target/release/bundle/osx/notedeck.app + +echo "Removing notedeck.zip" +rm notedeck.zip + +# Create the .dmg package +echo "Creating .dmg package..." +mkdir -p dist +create-dmg \ + --window-size 600 400 \ + --app-drop-link 400 100 \ + dist/notedeck.dmg \ + target/release/bundle/osx/notedeck.app + +echo "Build and signing process completed successfully."