Michael-F-Bryan
commented
3 years ago @meelislootus did a test run of using rune on his M1 and ran into this issue:
Open Michael-F-Bryan opened 3 years ago
Michael-F-Bryan
commented
3 years ago @meelislootus did a test run of using rune on his M1 and ran into this issue:
saidinesh5
commented
3 years ago This should help us get there I think .. https://github.com/koordinates/kart/blob/master/.github/workflows/build.yml#L228-L269
Michael-F-Bryan
commented
3 years ago I stumbled across the actual commands we'll need while browsing Reddit:
Our desktop application (written mostly in Rust) is notarized via command line tools. Notarizing assumes several steps:
- Signing the binaries, the app bundle and the installer pkg
- Notarizing the pkg file
- Stapling the pkg file
You need two certificates linked to your Apple developer account: one for signing applications (binaries and bundles) and another for signing pkg installer files.
For signing binaries you run
codesignutility, something like:codesign -s "$APP_CERT_ID" --deep -v -f -o runtime <your_exe_or_app>For signing pkg installers:
productsign --sign "$PKG_CERT_ID" "yourpackage.pkg" "signedpackage.pkg"Once signed you can do the notarization:
xcrun altool --notarize-app \ --primary-bundle-id "com.acme.appid" \ --username "$APPLE_ID" \ --password "$APP_PASSWORD" \ --file "/path/to/signed.pkg"Where APPLE_ID - is your Apple ID (email), APP_PASSWORD - application password created in your account.
It will upload the pkg file to Apple server. You will get an email when it is completed (ok or nok).
You can staple it afterwards (not strictly necessary though but is recommended):
xcrun stapler staple "signed.pkg"
@Mi1ind was going through his workshop today and when he tried to run the
runebinary MacOS stopped him with a "Cannot Be Opened Because the Developer Cannot be Verified" error.Some solutions are: