Open vinaysshenoy opened 1 year ago
MorrisRH
commented
1 year ago I take it you're using the photo library support then? If not then make sure the usage descriptions are empty strings and code-signing won't be performed.
Are you using Unity 2020.3 or a more recent version? If so then the freeze when code-signing would be a bug with Unity.
We'll certainly look into adding a code-signing option to the settings.
vinaysshenoy
commented
1 year ago I take it you're using the photo library support then? If not then make sure the usage descriptions are empty strings and code-signing won't be performed.
Yeah, we are using the photo library support. Removing usage description strings will also require us to manually update the generated Plist ourselves to update the descriptions ourselves, correct?
Are you using Unity 2020.3 or a more recent version? If so then the freeze when code-signing would be a bug with Unity.
Yes, we are using 2021.3.10f1. I am guessing the implementation on the Unity scene expects code signing certificates to be present in the default keychain and just locks up if it doesn't.
We'll certainly look into adding a code-signing option to the settings.
To be honest, it seems rather unusual for a plugin that does video recording functionality to take responsibility for the final build signing since the two are unrelated concerns. It would be great if an explicit toggle could be added though, since removing this feature might break builds for your downstream consumers.
Thanks!
MorrisRH
commented
1 year ago Yeah, we are using the photo library support. Removing usage description strings will also require us to manually update the generated Plist ourselves to update the descriptions ourselves, correct?
Correct
To be honest, it seems rather unusual for a plugin that does video recording functionality to take responsibility for the final build signing since the two are unrelated concerns. It would be great if an explicit toggle could be added though, since removing this feature might break builds for your downstream consumers.
Unity code-signs the build as part of its process. The trouble is that modifying the plist breaks the signature so the macOS gatekeeper would step in and prevent things from working, and we have no way to access the plist until the build is done. This seemed the best way to keep builds from Unity working for the end-user should they want to be able to use the photo library support. It was also quite necessary for our testing that builds from Unity work.
vinaysshenoy
commented
1 year ago Ah, I see. I didn't know that Unity attempted to sign the build on its own.
Would an option toggle in the plugin be something we could expect at some point? Or would you say we should remove the descriptions and manipulate the plist ourselves?
MorrisRH
commented
1 year ago Yes, you can expect it at some point. I'm afraid I can't give you a timeframe though.
vinaysshenoy
commented
1 year ago That's totally ok! We can manually disable the code signing in the plugin for now and update it later.
Thanks!
stale[bot]
commented
9 months ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
We discovered recently that AVPro automatically signs the macOS build whenever we build an app bundle (See
Assets/Plugins/RenderHeads/AVProMovieCapture/Editor/Scripts/PostProcessBuild_macOS.cs).This is problematic for us since we have builds for both the App Store and Standalone releases, both of which require different types of certificates. We already have CI pipelines with everything setup to build and sign for different workflows, so we would like to disable codesigning from the AVPro plugin and manage it ourselves.
We are not entirely sure why the plugin is taking on the responsibility for codesigning releases, but we would like the capability to disable it at a project level.
Describe the solution you'd like We would like a toggle option for codesigning in the AVPro plugin settings.
Describe alternatives you've considered For now, we have manually disabled the codepath in AVPro which signs the build and only left in the path which modifies the PList.
Additional context If codesigning certificates are not present in the login keychain of the mac that is creating the build, it just freezes since codesign cannot find any certificates. It took a while to figure this out and realise that AVPro was trying to sign the builds.