Open gregoiregentil opened 1 year ago
sanjubhambhani
commented
1 year ago Make sure you're building a mas build and not darwin/mac
You'll also need to use the "Apple Distribution" + "3rd Party Mac Developer Installer" certificates with the matching provisional profile.
Hope this helps.
sanjubhambhani
commented
1 year ago Hey! Where you able to get a working build on the Mac App Store (TestFlight) ?
gregoiregentil
commented
1 year ago No. :-( :-(
I build both mac and mas and I'm sure that I'm dealing with the right mas file when dealing with transporter.
Here is my keys. I do I have "Apple Distribution" and "3rd Party Mac Developer Installer".
I'm unsure what kind of configuration I should have to make sure that the build system use the right certificates. Can you be more precise or is there a recent WORKING tutorial somewhere?
sanjubhambhani
commented
1 year ago That's annoying man. Share your config files here... I can take a look and let you know if anything stands out. What package builder are you using? I'm currently using electron-forge which uses electron-packager & electron-osx-sign.
I have now managed to successfully package the app and upload via Transporter to TestFlight BUT the app directly hits status "Not Available for Testing" without any error messages or logs. Such a pain.
gregoiregentil
commented
1 year ago I'm a little bit confused. Do you have success or do you have (you too) an issue which would be different from mine?
I'm disappointed by Apple. Their certificates are just pure nightmare. All the error messages are completely cryptic. I have complained multiple times on their forums but they don't care. It's like complaining against a wall.
I'm using:
@capacitor-community/electron@4.1.2 @electron/notarize@1.2.3 electron-builder@23.6.0 electron@22.0.3 electron-osx-sign@0.6.0
I'm building mas:
"mac": {
"category": "public.app-category.utilities",
"target": ["dmg", "mas"],
"icon": "assets/main.icns",
"hardenedRuntime": true,
"entitlements": "entitlements.mac.plist",
"entitlementsInherit": "entitlements.mac.plist",
"gatekeeperAssess": false
},
"dmg": {
"title": "GoodIP App",
"background": "assets/background.tiff",
},
"mas": {
"entitlements": "entitlements.mas.plist",
"entitlementsInherit": "entitlements.mas.plist",
},
"afterSign": "./notarize.js",
"afterAllArtifactBuild": "./post.js"and notarize.js:
const { notarize } = require ("@electron/notarize");
module.exports = async () => {
if (process.platform === 'darwin') {
console.log("Starting notarization");
try {
await notarize({
appBundleId: "...",
appPath: "./dist/mac/GoodIP.app",
appleId: "....",
appleIdPassword: "...",
ascProvider: "G..."
});
await notarize({
appBundleId: "...",
appPath: "./dist/mas/GoodIP.app",
appleId: "....",
appleIdPassword: "...",
ascProvider: "G..."
});
console.log("Ending notarization");
} catch (error) {
console.log("Error: ", error);
}
}
}You don't have to notarize the app for Mac App Store submission.
Im stuck on a different issue. I can successfully package and upload the build to TestFlight. However it reaches TestFlight with status "Not Available For Testing" - No error message/logs on TestFlight & No help from apple developer support.
gregoiregentil
commented
1 year ago Can you share your setup and configuration similarly to what I have written above?
ntbosscher
commented
1 year ago @gregoiregentil I was able to solve that same error by switching to electron-forge. But now I'm also getting the "Not available for testing" error
ntbosscher
commented
1 year ago @gregoiregentil, I think I was also able to fix the error you saw by running this on the .app that was produced by electron-builder. Then repackaging with productbuild into a pkg.
const { signAsync } = require('@electron/osx-sign');
const app = 'packages/mas-universal/APPNAME.app';
console.log('signing ' + app);
signAsync({
app: app,
entitlements: 'build/entitlements.mas.plist',
identity: 'Apple Distribution: APPNAME (AAAAAAAA)',
platform: 'mas',
provisioningProfile: 'embedded.provisionprofile',
version: '23.1.1', // electron version
optionsForFile: (file) => {
const index = file.replace('APPNAME.app', '').indexOf('.app');
const inherit = index !== -1;
if (inherit) {
console.log(file);
}
return {
entitlements: inherit
? 'build/entitlements.mas.inherit.plist'
: 'build/entitlements.mas.plist',
};
},
})
.then(function () {
// Application signed
console.log('success');
})
.catch(function (err) {
// Handle the error
console.log(err);
});but that resulted in this error
WARNING ITMS-90885: ""Cannot be used with TestFlight because the executable “${executable}” in bundle “${bundle}” is missing a provisioning profile but has an application identifier in its signature. Nested executables are expected to have provisioning profiles with application identifiers matching the identifier in the signature in order to be eligible for TestFlight.""which Quinn Eskimo helped me a bit with over at https://developer.apple.com/forums/thread/730398
nathanarritt
commented
1 year ago @gregoiregentil I'm new to Electron and experiencing my own issues so I'm no expert, but it looks like your electron-builder config may be missing some things required for the mas build. I've included my configs below along with the back story.
@sanjubhambhani @ntbosscher I'm having the same problem with Forge. I was able to get a working build using electron-builder, but I'm still hoping to get Forge working. (Forge config at bottom)
I'm using Electron (25.0.0) Forge (6.1.1). I can package with Forge and "make" (dist) with electron-builder (^22.14.13), but I can't figure out how to make with Forge (App Store Connect says "Not Available for Testing" and app crashes on launch).
yarn package ("package": "electron-forge package --arch=universal --platform=mas")
Works: yarn dist ("dist": "yarn package && electron-builder --config builder.config.js")
Doesn't work: yarn make ("make": "electron-forge make --arch=universal --platform=mas")
"main": ".webpack/main", (package.json default from Forge for reference)
Note: The latest version of electron-builder (23.x.x) didn't work. I had to downgrade for it to work (^22.14.13).
// mas build certificates required
security find-identity -v
4) myHash "Apple Distribution: myEntityName (myTeamId)"
6) myHash "3rd Party Mac Developer Installer: myEntityName (myTeamId)"
2 valid identities found// mas build code signing certificate required
security find-identity -p codesigning -v
3) myHash "Apple Distribution: myEntityName (myTeamId)"
1 valid identities found// builder.config.js
module.exports = {
appId: 'com.myApp.myAppName',
copyright: `Copyright © 2023 ${myEntityName}`,
mac: {
category: 'public.app-category.myCategory',
icon: './build/logo.icns',
target: {
arch: 'universal',
target: 'mas',
},
},
mas: {
entitlements: './build/entitlements.mas.plist',
entitlementsInherit: './build/entitlements.mas.inherit.plist',
entitlementsLoginHelper: './build/entitlements.mas.loginhelper.plist',
hardenedRuntime: false,
provisioningProfile: './build/Mac_App_Store.provisionprofile',
type: 'distribution',
},
}// entitlements.mas.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.application-groups</key>
<string>myTeamId.com.myApp.myAppName</string>
<key>com.apple.application-identifier</key>
<string>myTeamId.com.myApp.myAppName</string>
<key>com.apple.developer.team-identifier</key>
<string>myTeamId</string>
<key>com.apple.security.cs.allow-jit</key>
<true/>
<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
<true/>
<key>com.apple.security.cs.allow-dyld-environment-variables</key>
<true/>
<key>com.apple.security.network.client</key>
<true/>
<key>com.apple.security.files.user-selected.read-only</key>
<true/>
<key>com.apple.security.files.user-selected.read-write</key>
<true/>
</dict>
</plist>// entitlements.mas.inherit.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.inherit</key>
<true/>
<key>com.apple.security.cs.allow-jit</key>
<true/>
<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
<true/>
</dict>
</plist>// entitlements.mas.loginhelper.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.app-sandbox</key>
<true/>
</dict>
</plist>// forge.config.ts
const config: ForgeConfig = {
makers: [new MakerPKG({ identity: `3rd Party Mac Developer Installer: ${myEntityName} (${myTeamId})` }),
],
packagerConfig: {
appBundleId: 'com.myApp.myAppName',
appCopyright: `Copyright © 2023 ${myEntityName}`,
icon: './build/logo',
osxSign: {
identity: `Apple Distribution: ${myEntityName} (${myTeamId})`,
optionsForFile: () => ({ hardenedRuntime: false }),
provisioningProfile: './build/Mac_App_Store.provisionprofile',
type: 'distribution',
},
},
}
pauljonescodes
commented
4 months ago @nathanarritt One thing that stands out to me is that com.apple.security.application-groups is an array of strings.
For an approach that worked for me: https://github.com/electron-userland/electron-builder/issues/4553#issuecomment-1967527022
I have an app that I can notarize, sign and execute properly. But when I upload it to Mac App Store for review via transporter, I get the following errors:
I suspect that I have a mis-configuration somewhere rather than a bug, but I can't find the problem.
To give more precisions:
What could be wrong? I apologize if it's not a bug.
The only thing that doesn't make sense is that I'm not using the provisioning file downloaded from the apple website for the platform "macOS".