sandey/blender
1
0
Fork 0
forked from bartvdbraak/blender
Code Pull Requests Activity
d7a8a60688
blender/release/darwin
History
Brecht Van Lommel 77d82ed1fd macOS: add missing info to code signing instructions regarding key files 
The instructions for this part are not exactly clear, but better to document
what took us a while to figure out to get a new system set up for signing.
2019-12-12 13:58:22 +01:00
..
Blender.app/Contents Fix T71342: macOS does not always use the discrete GPU for Blender 2019-12-06 19:21:02 +01:00
buildbot Buildbot: support building releases, make non-releases more consistent 2019-09-03 12:23:39 +02:00
background.tif Compress macOS DMG background image 2019-06-25 11:37:02 +02:00
blender.applescript macOS DMG bundle, codesign and notarization script 2019-06-21 20:30:17 +03:00
bundle.sh Fix macOS bundling error with latest release, increase DMG disk space a little 2019-12-04 19:21:23 +01:00
entitlements.plist Fix T66986: fix dylib plugins on macOS not working in code signed release 2019-07-15 22:22:50 +02:00
README.txt macOS: add missing info to code signing instructions regarding key files 2019-12-12 13:58:22 +01:00

README.txt 

macOS app bundling guide
========================

Install Code Signing Certificate
--------------------------------

* Go to https://developer.apple.com/account/resources/certificates/list
* Download the Developer ID Application certificate.
* Double click the file and add to key chain (default options).
* Delete the file from the Downloads folder.

* You will also need to install a .p12 public/private key file for the
  certificate. This is only available for the owner of the Blender account,
  or can be exported and copied from another system that already has code
  signing set up.

Find the codesigning identity by running:

$ security find-identity -v -p codesigning

"Developer ID Application: Stichting Blender Foundation" is the identity needed.
The long code at the start of the line is used as <identity> below.

Setup Apple ID
--------------

* The Apple ID must have two step verification enabled.
* Create an app specific password for the code signing app (label can be anything):
https://support.apple.com/en-us/HT204397
* Add the app specific password to keychain:

$ security add-generic-password -a <apple-id> -w <app-specific-password> -s altool-password

When running the bundle script, there will be a popup. To avoid that either:
* Click Always Allow in the popup
* In the Keychain Access app, change the Access Control settings on altool-password

Bundle
------

Then the bundle is created as follows:

$ ./bundle.sh --source <sourcedir> --dmg <dmg> --bundle-id <bundleid> --username <apple-id> --password "@keychain:altool-password" --codesign <identity>

<sourcedir>  directory where built Blender.app is
<dmg>	       location and name of the final disk image
<bundleid>   id on notarization, for example org.blenderfoundation.blender.release
<apple-id>   your appleid email
<identity>   codesigning identity

When specifying only --sourcedir and --dmg, the build will not be signed.

Example :
$ ./bundle.sh --source /data/build/bin --dmg /data/Blender-2.8-alpha-macOS-10.11.dmg --bundle-id org.blenderfoundation.blender.release --username "foo@mac.com" --password "@keychain:altool-password" --codesign AE825E26F12D08B692F360133210AF46F4CF7B97