flik/termora
1
0
Fork 0
mirror of https://github.com/TermoraDev/termora.git synced 2026-01-16 02:12:58 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: 修复 macOS 没有对二进制依赖进行签名的问题

Browse Source
This commit is contained in:
hstyi
2025-01-15 13:57:16 +08:00
committed by hstyi
parent 6881b6376f
commit cb327f218c
1 changed files with 42 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

85
build.gradle.kts
View File

@@ -3,6 +3,7 @@ import org.gradle.kotlin.dsl.support.uppercaseFirstChar
import org.gradle.nativeplatform.platform.internal.DefaultNativePlatform import org.gradle.nativeplatform.platform.internal.DefaultNativePlatform
import org.jetbrains.kotlin.org.apache.commons.io.FileUtils import org.jetbrains.kotlin.org.apache.commons.io.FileUtils
import org.jetbrains.kotlin.org.apache.commons.lang3.StringUtils import org.jetbrains.kotlin.org.apache.commons.lang3.StringUtils
import java.nio.file.Files
plugins { plugins {
java java
@@ -36,7 +37,7 @@ repositories {
dependencies { dependencies {
// 由于签名和公证macOS 不携带 natives // 由于签名和公证macOS 不携带 natives
val useNoNativesFlatLaf = os.isMacOsX && System.getenv("ENABLE_BUILD").toBoolean() val useNoNativesFlatLaf = os.isMacOsX && macOSNotary && System.getenv("ENABLE_BUILD").toBoolean()
testImplementation(kotlin("test")) testImplementation(kotlin("test"))
testImplementation(libs.hutool) testImplementation(libs.hutool)
@@ -136,7 +137,7 @@ tasks.register<Copy>("copy-dependencies") {
// 对 JNA 和 PTY4J 的本地库提取 // 对 JNA 和 PTY4J 的本地库提取
// 提取出来是为了单独签名,不然无法通过公证 // 提取出来是为了单独签名,不然无法通过公证
if (os.isMacOsX) { if (os.isMacOsX && macOSSign) {
doLast { doLast {
val jna = libs.jna.asProvider().get() val jna = libs.jna.asProvider().get()
val dylib = dir.get().dir("dylib").asFile val dylib = dir.get().dir("dylib").asFile
@@ -167,6 +168,15 @@ tasks.register<Copy>("copy-dependencies") {
exec { commandLine("zip", "-d", file.absolutePath, "resources/*") } exec { commandLine("zip", "-d", file.absolutePath, "resources/*") }
} }
} }
// 对二进制签名
Files.walk(dylib.toPath()).use { paths ->
for (path in paths) {
if (Files.isRegularFile(path)) {
signMacOSLocalFile(path.toFile())
}
}
}
} }
} }
} }
@@ -274,7 +284,8 @@ tasks.register<Exec>("jpackage") {
tasks.register("dist") { tasks.register("dist") {
doLast { doLast {
val vendor = Jvm.current().vendor ?: StringUtils.EMPTY val vendor = Jvm.current().vendor ?: StringUtils.EMPTY
@Suppress("UnstableApiUsage") if (!JvmVendorSpec.JETBRAINS.matches(vendor)) { @Suppress("UnstableApiUsage")
if (!JvmVendorSpec.JETBRAINS.matches(vendor)) {
throw GradleException("JVM: $vendor is not supported") throw GradleException("JVM: $vendor is not supported")
} }
@@ -285,9 +296,7 @@ tasks.register("dist") {
val macOSFinalFilePath = distributionDir.file("${finalFilenameWithoutExtension}.dmg").asFile.absolutePath val macOSFinalFilePath = distributionDir.file("${finalFilenameWithoutExtension}.dmg").asFile.absolutePath
// 清空目录 // 清空目录
exec { exec { commandLine(gradlew, "clean") }
commandLine(gradlew, "clean")
}
// 打包并复制依赖 // 打包并复制依赖
exec { exec {
@@ -299,10 +308,7 @@ tasks.register("dist") {
exec { commandLine(gradlew, "check-license") } exec { commandLine(gradlew, "check-license") }
// jlink // jlink
exec { exec { commandLine(gradlew, "jlink") }
commandLine(gradlew, "jlink")
environment("ENABLE_BUILD" to true)
}
// 打包 // 打包
exec { commandLine(gradlew, "jpackage") } exec { commandLine(gradlew, "jpackage") }
@@ -312,8 +318,7 @@ tasks.register("dist") {
// zip // zip
exec { exec {
commandLine( commandLine(
"tar", "tar", "-vacf",
"-vacf",
distributionDir.file("${finalFilenameWithoutExtension}.zip").asFile.absolutePath, distributionDir.file("${finalFilenameWithoutExtension}.zip").asFile.absolutePath,
project.name.uppercaseFirstChar() project.name.uppercaseFirstChar()
) )
@@ -332,8 +337,7 @@ tasks.register("dist") {
} else if (os.isLinux) { // tar.gz } else if (os.isLinux) { // tar.gz
exec { exec {
commandLine( commandLine(
"tar", "tar", "-czvf",
"-czvf",
distributionDir.file("${finalFilenameWithoutExtension}.tar.gz").asFile.absolutePath, distributionDir.file("${finalFilenameWithoutExtension}.tar.gz").asFile.absolutePath,
project.name.uppercaseFirstChar() project.name.uppercaseFirstChar()
) )
@@ -354,30 +358,17 @@ tasks.register("dist") {
// sign dmg // sign dmg
if (os.isMacOsX && macOSSign) { if (os.isMacOsX && macOSSign) {
exec {
commandLine(
"/usr/bin/codesign",
"-s",
macOSSignUsername,
"--timestamp",
"--force",
"-vvvv",
"--options",
"runtime",
macOSFinalFilePath
)
}
// 公证 // sign
signMacOSLocalFile(File(macOSFinalFilePath))
// notary
if (macOSNotary) { if (macOSNotary) {
exec { exec {
commandLine( commandLine(
"/usr/bin/xcrun", "/usr/bin/xcrun", "notarytool",
"notarytool", "submit", macOSFinalFilePath,
"submit", "--keychain-profile", macOSNotaryKeychainProfile,
macOSFinalFilePath,
"--keychain-profile",
macOSNotaryKeychainProfile,
"--wait", "--wait",
) )
} }
@@ -405,21 +396,29 @@ tasks.register("check-license") {
thirdParty[nameWithVersion.replace(StringUtils.SPACE, "-")] = license thirdParty[nameWithVersion.replace(StringUtils.SPACE, "-")] = license
thirdPartyNames.add(nameWithVersion.split(StringUtils.SPACE).first()) thirdPartyNames.add(nameWithVersion.split(StringUtils.SPACE).first())
} }
}
}
for (file in configurations.runtimeClasspath.get()) { /**
val name = file.nameWithoutExtension * macOS 对本地文件进行签名
if (!thirdParty.containsKey(name)) { */
if (logger.isWarnEnabled) { fun signMacOSLocalFile(file: File) {
logger.warn("$name does not exist in third-party") if (os.isMacOsX && macOSSign) {
} if (file.exists() && file.isFile) {
if (!thirdPartyNames.contains(name)) { exec {
throw GradleException("$name No license found") commandLine(
} "/usr/bin/codesign",
"-s", macOSSignUsername,
"--timestamp", "--force",
"-vvvv", "--options", "runtime",
file.absolutePath,
)
} }
} }
} }
} }
kotlin { kotlin {
jvmToolchain { jvmToolchain {
languageVersion = JavaLanguageVersion.of(21) languageVersion = JavaLanguageVersion.of(21)