Update MacOS DMG signing and notarization process

[dmitrii-ubskii]

What is the goal of this PR?

We switch to using jpackage to sign the AppImage rather than signing the files manually. We also switch from altool, which is now deprecated for notarization, to notarytool.

What are the changes implemented in this PR?

JVM17 jpackage, unlike before, always attempts to sign Home/runtime when assembling an AppImage. In the absence of credentials, it uses ad-hoc signing, in the process stripping the Oracle signatures from the JVM runtime files, which causes the notary to reject the submitted app. This behaviour does not appear to be configurable outside of being able to provide credentials to the signing process, which we now do instead of running codesign ourselves.

The altool deprecation appears to have been a red herring, but upgrading to notarytool was past due regardless.

[vaticle-bot]

PR Review Checklist

Do not edit the content of this comment. The PR reviewer should simply update this comment by ticking each review item below, as they get completed.

---

Trivial Change

• [x] This change is trivial and does not require a code or architecture review.

Code

• [ ] Packages, classes, and methods have a single domain of responsibility.
• [ ] Packages, classes, and methods are grouped into cohesive and consistent domain model.
• [ ] The code is canonical and the minimum required to achieve the goal.
• [ ] Modules, libraries, and APIs are easy to use, robust (foolproof and not errorprone), and tested.
• [ ] Logic and naming has clear narrative that communicates the accurate intent and responsibility of each module (e.g. method, class, etc.).
• [ ] The code is algorithmically efficient and scalable for the whole application.

Architecture

• [ ] Any required refactoring is completed, and the architecture does not introduce technical debt incidentally.
• [ ] Any required build and release automations are updated and/or implemented.
• [ ] Any new components follows a consistent style with respect to the pre-existing codebase.
• [ ] The architecture intuitively reflects the application domain, and is easy to understand.
• [ ] The architecture has a well-defined hierarchy of encapsulated components.
• [ ] The architecture is extensible and scalable.