Merge pull request #107 from MesquiteProject/development

Development

Executables/MacOS via Automator and Script/INSTRUCTIONS-signingCode.txt

@@ -0,0 +1,75 @@
+For Apple Java executables:
+
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Info.plist
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/MacOS/Mesquite
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Resources/Java/Mesquite.jar
+codesign --force -s "Developer ID Application: Wayne Maddison" Mesquite.app
+codesign -d --verbose=4 Mesquite.app
+spctl --assess --verbose=4 --type execute Mesquite.app
+======
+
+For Oracle Java Executables 1.7: (used as of January 2018)
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Info.plist
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/MacOS/JavaAppLauncher
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Java/mesquite.jar
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Resources/Mesquite.icns
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/PkgInfo
+codesign --force -s "Developer ID Application: Wayne Maddison" Mesquite.app
+codesign -d --verbose=4 Mesquite.app
+spctl --assess --verbose=4 --type execute Mesquite.app
+
+======
+
+For Oracle Java Executables 1.8:
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Info.plist
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/MacOS/Mesquite
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/MacOS/libpackager.dylib
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Java/Mesquite.jar
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Java/Mesquite.cfg
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Resources/Mesquite.icns
+codesign --force -s "Developer ID Application: Wayne Maddison" Mesquite.app
+codesign -d --verbose=4 Mesquite.app
+spctl --assess --verbose=4 --type execute Mesquite.app
+
+=====
+Mesquite (1GB).app
+Mesquite (2GB).app
+Mesquite (500MB).app
+
+FROM http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/packagingAppsForMac.html
+
+Sign your app using the codesign(1) tool, as shown in the following example:
+
+% codesign -s "Developer ID Application: CommonNameFromCertificate" ExampleApp.app
+To verify that the app is signed, the following command provides information about the signing status of the app:
+
+% codesign -d --verbose=4 ExampleApp.app
+To check whether an application can be launched when Gatekeeper is enabled, use the spctl command:
+
+% spctl --assess --verbose=4 --type execute ExampleApp.app
+
+=======
+Then codesign
+
+codesign --force --sign "Developer ID Application: Wayne Maddison" <pathToDMG>
+
+
+If you leave off the --verbose tag, and it does not print any output, indicates 'success'.
+
+====
+If certificate is expired
+Open the Keychain Access app which can be found in Applications → Utilities.
+Select Keychain Access → Certificate Assistant → Create a Certificate from the menubar.
+For Name, enter mac-dev-env.
+For Identity Type, leave Self-Signed Root.
+For Certificate Type, select Code Signing.
+Leave Let me override defaults unchecked.
+Create the certificate and follow through until the window is closed.
+Next, select the certificate in the login keychain and press ⌘-I.
+Expand the Trust section.
+Select Always Trust for Code Signing, close and save.
+
+then on commandline
+sudo xcodebuild -license
+
+then try to sign again

Executables/MacOS via Automator and Script/INSTRUCTIONS-signingNotarizingCode.txt

@@ -0,0 +1,172 @@
+For Apple Java executables:
+
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Info.plist
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/MacOS/Mesquite
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Resources/Java/Mesquite.jar
+codesign --force -s "Developer ID Application: Wayne Maddison" Mesquite.app
+codesign -d --verbose=4 Mesquite.app
+spctl --assess --verbose=4 --type execute Mesquite.app
+======
+
+For Oracle Java Executables 1.7: (used as of January 2018)
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Info.plist
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/MacOS/JavaAppLauncher
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Java/mesquite.jar
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Resources/Mesquite.icns
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/PkgInfo
+codesign --force -s "Developer ID Application: Wayne Maddison" Mesquite.app
+codesign -d --verbose=4 Mesquite.app
+spctl --assess --verbose=4 --type execute Mesquite.app
+
+======
+
+For Oracle Java Executables 1.8:
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Info.plist
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/MacOS/Mesquite
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/MacOS/libpackager.dylib
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Java/Mesquite.jar
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Java/Mesquite.cfg
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Resources/Mesquite.icns
+codesign --force -s "Developer ID Application: Wayne Maddison" Mesquite.app
+codesign -d --verbose=4 Mesquite.app
+spctl --assess --verbose=4 --type execute Mesquite.app
+
+=====
+
+For Oracle Java Executables JDK14:
+EITHER
+codesign --options=runtime -s "Developer ID Application: Wayne Maddison" Mesquite.app
+codesign -d --verbose=4 Mesquite.app
+spctl --assess --verbose=4 --type execute Mesquite.app
+
+
+codesign --force --options=runtime -s "Developer ID Application: Wayne Maddison" Mesquite.app
+codesign -d --verbose=4 Mesquite.app
+spctl --assess --verbose=4 --type execute Mesquite.app
+
+
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/app/mesquite.jar
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/app/Mesquite.cfg
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/Info.plist
+codesign --options=runtime -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/MacOS/Mesquite 
+codesign -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/MacOS/libapplauncher.dylib
+codesign --verbose=4 --deep --force -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/runtime/Contents/MacOS/libjli.dylib
+codesign --force --deep --options=runtime -s "Developer ID Application: Wayne Maddison" Mesquite.app
+codesign -d --verbose=4 Mesquite.app
+spctl --assess --verbose=4 --type execute Mesquite.app
+
+
+OR:
+
+for f in $(find Mesquite.app/Contents); 
+do 
+	codesign -s "Developer ID Application: Wayne Maddison" $f;
+done
+codesign --verbose=4 --deep --force -s "Developer ID Application: Wayne Maddison" Mesquite.app/Contents/runtime/Contents/MacOS/libjli.dylib
+codesign --force --deep --options=runtime -s "Developer ID Application: Wayne Maddison" Mesquite.app
+codesign -d --verbose=4 Mesquite.app
+spctl --assess --verbose=4 --type execute Mesquite.app
+
+(all of this is done by signBundle.sh)
+=====
+Mesquite (1GB).app
+Mesquite (2GB).app
+Mesquite (500MB).app
+
+FROM http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/packagingAppsForMac.html
+
+Sign your app using the codesign(1) tool, as shown in the following example:
+
+% codesign -s "Developer ID Application: CommonNameFromCertificate" ExampleApp.app
+To verify that the app is signed, the following command provides information about the signing status of the app:
+
+% codesign -d --verbose=4 ExampleApp.app
+To check whether an application can be launched when Gatekeeper is enabled, use the spctl command:
+
+% spctl --assess --verbose=4 --type execute ExampleApp.app
+
+====
+If certificate is expired
+NEW:
+Use XCode, Preferences, accounts:
+https://help.apple.com/xcode/mac/current/#/dev154b28f09
+
+====================================================
+NOTARIZING
+Sign app, as above
+Zip using 
+	/usr/bin/ditto -c -k --keepParent Mesquite.app Mesquite.zip
+Submit for notarization using
+	xcrun altool --eval-app --primary-bundle-id org.mesquiteproject -u [email protected] -f Mesquite.zip
+
+Give not Apple-id password, but rather app-specific PASSWORD. (https://support.apple.com/en-us/HT204397)
+
+For regular Mesquite.app: hjbt-fpiw-yhus-tukk
+
+Will respond with a RequestUUID. To check status, enter (replace strange request uu id)
+
+	xcrun altool --eval-info <RequestUUID> -u [email protected]
+	xcrun altool --eval-info 62e0a34a-d94e-451a-8f1a-b2cf23a5e8aa -u [email protected]
+
+To get more details use  the URL given
+
+Somethow this might help also???
+xcrun altool --notarization-info <RequestUUID> -u [email protected]
+
+
+Once it's approved, run
+	xcrun stapler staple Mesquite.app
+
+
+========
+xcrun altool --eval-info 5a7b3743-39e3-4362-8204-404f9bdac65a -u [email protected]
+
+xcrun altool --notarization-info 6000f74f-fe6f-463a-bf41-4595dfd8d1a3 -u [email protected]
+
+====================================================
+Then codesign and notarize the APP
+
+codesign --force --sign "Developer ID Application: Wayne Maddison" MesquiteDMG.dmg
+
+If you leave off the --verbose tag, and it does not print any output, indicates 'success'.
+
+Then sign and notarize the dmg
+xattr -cr MesquiteDMG.dmg
+codesign --force --sign "Developer ID Application: Wayne Maddison" MesquiteDMG.dmg
+xcrun altool --eval-app --primary-bundle-id org.mesquiteproject -u [email protected] -f MesquiteDMG.dmg
+(wait and it will give you the request UUID)
+
+App specific password for MesquiteDMG: ondx-llog-pdue-mxoo
+
+To check status:
+xcrun altool --eval-info 25beae4a-dbc9-4fca-b922-a35bd3e47974 -u [email protected]
+(where the weird thing is replaced by the request UUID)
+
+xcrun stapler staple MesquiteDMG.dmg
+
+
+https://stackoverflow.com/questions/52911791/hardened-runtime-for-java-and-mojave
+https://developer.apple.com/documentation/xcode/notarizing_macos_software_before_distribution/customizing_the_notarization_workflow
+https://github.com/AdoptOpenJDK/openjdk-support/issues/97
+https://stackoverflow.com/questions/56890749/macos-notarize-in-script
+
+
+
+
+-----------------
+OLD
+Open the Keychain Access app which can be found in Applications → Utilities.
+Select Keychain Access → Certificate Assistant → Create a Certificate from the menubar.
+For Name, enter mac-dev-env.
+For Identity Type, leave Self-Signed Root.
+For Certificate Type, select Code Signing.
+Leave Let me override defaults unchecked.
+Create the certificate and follow through until the window is closed.
+Next, select the certificate in the login keychain and press ⌘-I.
+Expand the Trust section.
+Select Always Trust for Code Signing, close and save.
+
+then on commandline
+sudo xcodebuild -license
+
+then try to sign again

Executables/MacOS via Automator and Script/Mesquite_Starter_Flex.app/Contents/Info.plist

@@ -0,0 +1,109 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>AMIsApplet</key>
+	<true/>
+	<key>AMStayOpen</key>
+	<false/>
+	<key>BuildMachineOSBuild</key>
+	<string>17A405001</string>
+	<key>CFBundleAllowMixedLocalizations</key>
+	<true/>
+	<key>CFBundleDevelopmentRegion</key>
+	<string>English</string>
+	<key>CFBundleDocumentTypes</key>
+	<array>
+		<dict>
+			<key>CFBundleTypeExtensions</key>
+			<array>
+				<string>*</string>
+			</array>
+			<key>CFBundleTypeName</key>
+			<string>Automator workflow file</string>
+			<key>CFBundleTypeOSTypes</key>
+			<array>
+				<string>****</string>
+			</array>
+			<key>CFBundleTypeRole</key>
+			<string>Viewer</string>
+		</dict>
+	</array>
+	<key>CFBundleExecutable</key>
+	<string>Application Stub</string>
+	<key>CFBundleIconFile</key>
+	<string>Mesquite.icns</string>
+	<key>CFBundleIdentifier</key>
+	<string>com.apple.automator.Mesquite_Starter_Flex-01AutomatorOrig-2021superFlex</string>
+	<key>CFBundleInfoDictionaryVersion</key>
+	<string>6.0</string>
+	<key>CFBundleName</key>
+	<string>Mesquite_Starter_Flex-01AutomatorOrig-2021superFlex</string>
+	<key>CFBundlePackageType</key>
+	<string>APPL</string>
+	<key>CFBundleShortVersionString</key>
+	<string>1.3</string>
+	<key>CFBundleSignature</key>
+	<string>????</string>
+	<key>CFBundleSupportedPlatforms</key>
+	<array>
+		<string>MacOSX</string>
+	</array>
+	<key>CFBundleURLTypes</key>
+	<array/>
+	<key>CFBundleVersion</key>
+	<string>444.42</string>
+	<key>DTCompiler</key>
+	<string>com.apple.compilers.llvm.clang.1_0</string>
+	<key>DTPlatformBuild</key>
+	<string>10P70r</string>
+	<key>DTPlatformName</key>
+	<string>macosx</string>
+	<key>DTPlatformVersion</key>
+	<string>10.14</string>
+	<key>DTSDKBuild</key>
+	<string>18F82</string>
+	<key>DTSDKName</key>
+	<string>macosx10.14internal</string>
+	<key>DTXcode</key>
+	<string>1020</string>
+	<key>DTXcodeBuild</key>
+	<string>10P70r</string>
+	<key>LSMinimumSystemVersion</key>
+	<string>10.6</string>
+	<key>LSUIElement</key>
+	<true/>
+	<key>NSAppleEventsUsageDescription</key>
+	<string>This workflow needs to control other applications to run.</string>
+	<key>NSAppleMusicUsageDescription</key>
+	<string>This workflow needs access to your music to run.</string>
+	<key>NSAppleScriptEnabled</key>
+	<string>YES</string>
+	<key>NSCalendarsUsageDescription</key>
+	<string>This workflow needs access to your calendars to run.</string>
+	<key>NSCameraUsageDescription</key>
+	<string>This workflow needs access to your camera to run.</string>
+	<key>NSContactsUsageDescription</key>
+	<string>This workflow needs access to your contacts to run.</string>
+	<key>NSHomeKitUsageDescription</key>
+	<string>This workflow needs access to your HomeKit Home to run.</string>
+	<key>NSMicrophoneUsageDescription</key>
+	<string>This workflow needs access to your microphone to run.</string>
+	<key>NSPhotoLibraryUsageDescription</key>
+	<string>This workflow needs access to your photos to run.</string>
+	<key>NSPrincipalClass</key>
+	<string>NSApplication</string>
+	<key>NSRemindersUsageDescription</key>
+	<string>This workflow needs access to your reminders to run.</string>
+	<key>NSServices</key>
+	<array/>
+	<key>NSSiriUsageDescription</key>
+	<string>This workflow needs access to Siri to run.</string>
+	<key>NSSystemAdministrationUsageDescription</key>
+	<string>This workflow needs access to administer this system in order to run.</string>
+	<key>UTExportedTypeDeclarations</key>
+	<array/>
+	<key>UTImportedTypeDeclarations</key>
+	<array/>
+</dict>
+</plist>