search

corretto / corretto-8

Amazon Corretto 8 is a no-cost, multi-platform, production-ready distribution of OpenJDK 8
GNU General Public License v2.0
2.11k stars 221 forks source link

Javapackager can't create and sign pkg on MacOS #267

Open nestoleh opened 3 years ago

nestoleh commented 3 years ago

Describe the bug

Javapackager can't create and sign pkg on MacOS and throw an error. The bug reproduced started from version 8.242.08.2 and above, on version 8.242.08.1 all works fine.

Error log:

Building PKG package for App Name
Preparing Info.plist: /var/folders/j0/frj02zfj76b1gl32cz8xm9bw0000gp/T/fxbundler2525375670903059591/macosx/Info.plist
  Using default package resource [Bundle config file]  (add package/macosx/Info.plist to the class path to customize)
   Using custom package resource [icon]  (loaded from file /Users/username/Desktop/dev/appfolder/installer/./out/icons.icns)
Running [codesign, -s, Developer ID Application: COMPANY NAME (CODE), --prefix, org.springframework.boot.loader., -vvvv, /var/folders/j0/frj02zfj76b1gl32cz8xm9bw0000gp/T/fxbundler2525375670903059591/images/image-6676019087539812945/App Name.app/Contents/MacOS/libpackager.dylib]
/var/folders/j0/frj02zfj76b1gl32cz8xm9bw0000gp/T/fxbundler2525375670903059591/images/image-6676019087539812945App Name.app/Contents/MacOS/libpackager.dylib: is already signed
java.io.IOException: Exec failed with code 1 command [[codesign, -s, Developer ID Application: COMPANY NAME (CODE), --prefix, org.springframework.boot.loader., -vvvv, /var/folders/j0/frj02zfj76b1gl32cz8xm9bw0000gp/T/fxbundler2525375670903059591/images/image-6676019087539812945/App Name.app/Contents/MacOS/libpackager.dylib] in unspecified directory
java.io.IOException: Exec failed with code 1 command [[codesign, -s, Developer ID Application: COMPANY NAME (CODE), --prefix, org.springframework.boot.loader., -vvvv, /var/folders/j0/frj02zfj76b1gl32cz8xm9bw0000gp/T/fxbundler2525375670903059591/images/image-6676019087539812945/App Name.app/Contents/MacOS/libpackager.dylib] in unspecified directory
 at com.oracle.tools.packager.IOUtils.exec(IOUtils.java:165)
 at com.oracle.tools.packager.IOUtils.exec(IOUtils.java:138)
 at com.oracle.tools.packager.IOUtils.exec(IOUtils.java:132)
 at com.oracle.tools.packager.mac.MacBaseInstallerBundler.lambda$signAppBundle$18(MacBaseInstallerBundler.java:277)
 at java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:183)
 at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:175)
 at java.util.stream.ReferencePipeline$11$1.accept(ReferencePipeline.java:440)
 at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193)
 at java.util.Iterator.forEachRemaining(Iterator.java:116)
 at java.util.Spliterators$IteratorSpliterator.forEachRemaining(Spliterators.java:1801)
 at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:482)
 at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:472)
 at java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150)
 at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173)
 at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
 at java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:485)
 at com.oracle.tools.packager.mac.MacBaseInstallerBundler.signAppBundle(MacBaseInstallerBundler.java:246)
 at com.oracle.tools.packager.mac.MacBaseInstallerBundler.signAppBundle(MacBaseInstallerBundler.java:219)
 at com.oracle.tools.packager.mac.MacAppBundler.doBundle(MacAppBundler.java:546)
 at com.oracle.tools.packager.mac.MacBaseInstallerBundler.prepareAppBundle(MacBaseInstallerBundler.java:210)
 at com.oracle.tools.packager.mac.MacPkgBundler.bundle(MacPkgBundler.java:128)
 at com.oracle.tools.packager.mac.MacPkgBundler.execute(MacPkgBundler.java:559)
 at com.sun.javafx.tools.packager.PackagerLib.generateNativeBundles(PackagerLib.java:352)
 at com.sun.javafx.tools.packager.PackagerLib.generateDeploymentPackages(PackagerLib.java:319)
 at com.sun.javafx.tools.packager.Main.main(Main.java:476)
  Config files are saved to /var/folders/j0/frj02zfj76b1gl32cz8xm9bw0000gp/T/fxbundler2525375670903059591/macosx. Use them to customize package.
Config files are saved to /var/folders/j0/frj02zfj76b1gl32cz8xm9bw0000gp/T/fxbundler2525375670903059591/macosx. Use them to customize package.
Exception in thread "main" com.sun.javafx.tools.packager.PackagerException: Error: Bundler "PKG Installer" (pkg) failed to produce a bundle.
 at com.sun.javafx.tools.packager.PackagerLib.generateNativeBundles(PackagerLib.java:354)
 at com.sun.javafx.tools.packager.PackagerLib.generateDeploymentPackages(PackagerLib.java:319)
 at com.sun.javafx.tools.packager.Main.main(Main.java:476)

To Reproduce

Install JDK from this release https://github.com/corretto/corretto-8/releases/tag/8.242.08.2 and try to package some jar to pkg on MacOS Example of my code

javapackager -deploy -native pkg -v \
    -BjvmProperties=file.encoding=UTF-8 \
    -BappVersion="${VERSION}" \
    -Bicon=${ICON} \
    -BinstalldirChooser=true \
    -BshortcutHint=true \
    -BsystemWide=true \
    -Bcopyright="${DEVELOPER}" \
    -Bvendor="${DEVELOPER}" \
    -Bmac.CFBundleIdentifier="${BUNDLE_ID}" \
    -Bmac.signing-key-developer-id-installer="${MAC_INSTALLER_SIGN_KEY_ID}" \
    -Bmac.signing-key-developer-id-app="${MAC_APP_SIGN_KEY_ID}" \
    -name "${APP_NAME}" \
    -appclass org.springframework.boot.loader.JarLauncher \
    -srcdir ${OUT_DIR}/appdirectory \
    -srcfiles client.jar \
    -srcfiles application.yml \
    -srcfiles lib \
    -srcfiles certificates \
    -srcfiles security \
    -outdir "${OUT_DIR}" \
    -outfile "${APP_NAME}"

Expected behavior

pkg file created and signed with the provided key

Platform information

OS: MacOS 10.14.6, MacOS 10.15.7
Version: build 1.8.0_242-b08
ziyiluo commented 3 years ago

Hi, as you pointed out the issue starts in 8.242.08.2, this might be related to the MacOS signing. In 8.242.08.2, due to the enforcement of binary signing during the mac app notarization, the Corretto team started to sign all binaries in the Corretto 8 mac app bundle. The error message:

Exec failed with code 1 command [[codesign, -s, Developer ID Application: COMPANY NAME (CODE), --prefix, org.springframework.boot.loader., -vvvv, /var/folders/j0/frj02zfj76b1gl32cz8xm9bw0000gp/T/fxbundler2525375670903059591/images/image-6676019087539812945/App Name.app/Contents/MacOS/libpackager.dylib] in unspecified directory

shows that the error is thrown when the script attempted to sign the libpackager.dylib (which is already signed by us) using your certificate. Let me take a closer look at it.

sieqwish commented 2 years ago

Hello, any update in this matter? I have similar issue now.

yasargil commented 2 years ago

Any news on this? @nestoleh did you manage to workaround this issue?