How to encode a wrapper script executable inside a Mac app bundle?
I have an executable shell script under myApp.app/Contents/MacOS/
. Our coded pipeline is complaining that the subcomponent (this script) is not signed.
How can I sign it? There are calls codesign --sign
in our current pipeline with hardcoded certificate numbers and field information that I don't fully understand. Basically only the app and some plugin packages inside the app got code-signed.
I cannot find dedicated documentation on how to encode shell scripts.
source to share
FWIW ... late answer ... however, this might help someone: if you assigned (via Info.plist CFBundleExecutable
key value) a script to your application executable, by the time you try to sign said script, you should make sure that everything the rest has already been signed.
Note. This is my experience using codesign
via a bash script (therefore not using XCode
). Apple docs state that you must sign an application package "from the inside"; that was my interpretation, and it looks like it's fine for us.
source to share
Something similar to the following shell script under Build Phases> Run script of your project options should work ...
/usr/bin/codesign --force --sign "iPhone Developer" --preserve-metadata=identifier,entitlements --timestamp=none $BUILT_PRODUCTS_DIR/$PRODUCT_NAME.app/Frameworks/$framework
source to share