Closed Bug 1036424 Opened 10 years ago Closed 9 years ago

Add ability to sign individual files on OSX

Categories

(Release Engineering :: General, defect)

Product:
Release Engineering
Component:
General
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1046306

People

(Reporter: spohl, Unassigned)

References

Details

Bug 983728 requires the signing of an individual binary on OSX. Currently, we only support the signing of .app bundles. Here's my layman's understanding of what needs to change in our signing scripts:
1. We should not require a .app extension[1][2] and simply sign what's found at the specified path.
2. Make the presence of a code resources file optional[3]. For individual binaries, no code resources file will be necessary.

One way to implement this might be to differentiate between .app bundles and individual files in dmg_signpackage[4]. We could then rename dmg_signfile[5] to dmg_signbundle and write a new dmg_signfile function for signing of individual files. dmg_signpackage could then call the appropriate one based on whether it's dealing with a .app bundle or an individual file.

[1] http://mxr.mozilla.org/build/source/tools/lib/python/signing/utils.py#320
[2] http://mxr.mozilla.org/build/source/tools/lib/python/signing/utils.py#414
[3] http://mxr.mozilla.org/build/source/tools/lib/python/signing/utils.py#326
[4] http://mxr.mozilla.org/build/source/tools/lib/python/signing/utils.py#301
[5] http://mxr.mozilla.org/build/source/tools/lib/python/signing/utils.py#221
This was resolved by bug 1046306 and all its dependencies.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → DUPLICATE
Component: General Automation → General
You need to log in before you can comment on or make changes to this bug.