dryark/strawberry
2
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
3d10414a886bdd2b2148b776452a1c321e8827d6
strawberry/build_tools
History
David Helkowski 3d10414a88 Refactor notarization process and enhance build scripts for macOS 
This commit updates the build_sign_notarize.sh script to improve the notarization process by introducing a conditional stapling option. It also cleans up temporary files and clears macOS provenance metadata to prevent issues during builds. The Dmg.cmake script is modified to remove the reliance on environment variables for codesigning, streamlining the build process. Additionally, the build_app.sh script is enhanced with heartbeat logging for long-running commands and improved cleanup procedures for build directories.
2026-01-22 18:37:02 +09:00
..
macos
Refactor notarization process and enhance build scripts for macOS
2026-01-22 18:37:02 +09:00
README.md
Enhance macOS build process with DMG support and notarization improvements
2026-01-22 17:14:30 +09:00

README.md

Build helper scripts

This build_tools/ directory contains helper scripts and notes for building Strawberry.

  • It is not intended to be your CMake build output directory.
  • Recommended CMake build output directories: cmake-build/, build-release/, etc.

macOS

  • Install dependencies via Homebrew:
./build_tools/macos/install_brew_deps.sh
  • Build Strawberry:
./build_tools/macos/build_app.sh --release
open ./cmake-build-macos-release/strawberry.app

macOS signing + notarization (Developer ID distribution)

This repo includes build_tools/macos/build_sign_notarize.sh to automate:

  • build → (optional deploy) → codesign → notarize → staple → verify

One-time setup (Apple Developer)

  • Install certificates:

    • In the Apple Developer portal, create (or download) a Developer ID Application certificate.
    • Install it into your login keychain (Xcode can manage this via Xcode → Settings → Accounts).

  • Provisioning profiles:

    • For Developer ID distribution (outside the Mac App Store), you typically do not need a provisioning profile.
    • You do need profiles if you are building a Mac App Store-signed app (not what this repos scripts target).

  • Notarization credentials:

    • Create a notarytool keychain profile (recommended) so you dont have to pass secrets on the command line:
# NOTE: <profile-name> is a positional argument (not a flag).
# Pick any name you want, e.g. "strawberry-notary".
xcrun notarytool store-credentials "<profile-name>" \
  --apple-id "<your-apple-id>" \
  --team-id "<TEAMID>" \
  --password "<app-specific-password>"

Listing whats installed locally

Run with no args to list local signing identities + notarytool profiles:

./build_tools/macos/build_sign_notarize.sh

Build + sign + notarize

./build_tools/macos/build_sign_notarize.sh --run --release --clean --deploy \
  --identity "Developer ID Application: Your Name (TEAMID)" \
  --notary-profile "<profile-name>"

Build + sign + notarize + DMG (recommended for public distribution)

This produces:

  • a notarized strawberry.app (stapled)
  • a notarized strawberry-notarize.zip (useful for Sparkle / downloads)
  • a notarized strawberry-*.dmg (stapled)
./build_tools/macos/build_sign_notarize.sh --run --release --clean --deploy --dmg \
  --identity "Developer ID Application: Your Name (TEAMID)" \
  --notary-profile "<profile-name>"
Reference in New Issue View Git Blame Copy Permalink