Add Mac Hardened Runtime entitlement files to the tree
Categories
(Firefox Build System :: General, defect, P1)
Tracking
(firefox-esr60 fixed, firefox68 fixed)
People
(Reporter: haik, Assigned: haik)
References
Details
Attachments
(2 files)
|
47 bytes,
text/x-phabricator-request
|
Details | Review | |
|
4.64 KB,
patch
|
Details | Diff | Splinter Review |
This bug is filed to cover landing hardened runtime entitlement files that will be used with the codesign command by release engineering to set the appropriate flags needed for notarization and hardened runtime.
|
Assignee | |
Updated•6 years ago
|
|
|
Assignee | |
Comment 1•6 years ago
|
||
Add entitlement files for Hardened Runtime configuration to be used by Release Engineering for official builds and try builds and developers for local builds. These entitlement files are input to the codesign command.
Hardened Runtime and codesigning is not yet enabled for local builds or try builds so for now these files will only be used by Release Engineering.
production.entitlements.xml is intended to be used for official channel builds that will be codesigned, notarized, and shipped to users.
developer.entitlements.xml is intended to be used for developer and try builds that will be codesigned, but not notarized or shipped to users. The developer file enables debugging which is not compatible with notarization, but is otherwise the same as the production file.
codesign.bash is a stop-gap script to allow developers who setup Apple Developer ID certificates to codesign Nightly themselves and enabled Hardened Runtime.
|
|
Assignee | |
Comment 2•6 years ago
|
||
|
||
Comment 4•6 years ago
|
||
| bugherder | ||
|
||
Comment 5•5 years ago
|
||
| uplift | ||
Aki pushed this to ESR60 to fix OSX signing bustage after uplifting the Notarization changes.
https://hg.mozilla.org/releases/mozilla-esr60/rev/95e9e64fecd8729236b9c7ee7c6f2687f4abaa7a
Description
•