[Tracking] Compiled for darwin/arm64

[skyzyx]

Important Factoids

Apple M1 chip is here. Porting work is occurring for everyone. Opening a tracking ticket to provide public visibility on the work.

References

Are there any other GitHub issues (open or closed) or Pull Requests that should be linked here? For example:

• https://github.com/golang/go/issues/38485
• https://golang.org/doc/go1.16#darwin

[juliangruber]

Some resources for this:

• https://github.com/neurolabusc/NotarizeC/blob/master/notarize.sh
• https://eclecticlight.co/2020/08/27/building-and-notarizing-command-tools-as-universal-binaries/
• https://developer.apple.com/forums/thread/130379

Has anyone looked into which changes are required to make this work with gon?

[skyzyx]

I ended up just switching to Apple’s notarytool and adding that to my GoReleaser pipeline.

https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/customizing_the_notarization_workflow

[juliangruber]

That's good to know! Do you have this set up in an open source repository by chance, or could share the relevant bits?

[skyzyx]

No, but in .goreleaser.yml, here's how I sign Windows/Linux with GPG and notarize the Mac binary.

signs:
  - id: gpg
    ids:
      - linux-archive
      - windows-archive
    signature: "${artifact}.sig"
    cmd: gpg2
    args:
      [
        "-u",
        "{{ .Var.GPGKeyID }}",
        "--output",
        "${signature}",
        "--detach-sign",
        "${artifact}",
      ]
    artifacts: all

  - id: gatekeeper
    ids:
      - macos-archive
    signature: "${artifact}"
    cmd: xcrun
    args:
      [
        "notarytool",
        "submit",
        "./dist/{{ .ProjectName }}-{{ .Version }}.darwin.universal.zip",
        "--apple-id",
        "{{ .Env.AC_APPLE_ID }}",
        "--password",
        "{{ .Env.AC_PASSWORD }}",
        "--team-id",
        "{{ .Env.AC_TEAM_ID }}",
        "--progress",
        "--wait",
      ]
    artifacts: all