Home Explore Help
Sign In
Apq
/
SwitchHosts
mirror of https://github.com/oldj/SwitchHosts.git
1
0
Fork 0
Files Issues 0 Wiki
Branch: master
Branches Tags
SwitchHosts
/
scripts
/
hooks
/
notarize-options.mjs

notarize-options.mjs 2.8 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105 
  1. import { execFile } from 'node:child_process'
    2. 

  2. import { isEnvFlagEnabled } from '../libs/build-env.mjs'
    3. 

  3. 

  4. function getPasswordFromKeychain(account, service) {
    5. 

  5.   return new Promise((resolve, reject) => {
    6. 

  6.     execFile(
    7. 

  7.       'security',
    8. 

  8.       ['find-generic-password', '-a', account, '-s', service, '-w'],
    9. 

  9.       (error, stdout, stderr) => {
    10. 

  10.         if (error) {
    11. 

  11.           reject(new Error(stderr || error.message))
    12. 

  12.           return
    13. 

  13.         }
    14. 

  14. 

  15.         resolve(stdout.trim())
    16. 

  16.       },
    17. 

  17.     )
    18. 

  18.   })
    19. 

  19. }
    20. 

  20. 

  21. export async function prepareNotarizeEnv(env = process.env) {
    22. 

  22.   if (isEnvFlagEnabled(env.SKIP_NOTARIZATION) || env.MAKE_FOR === 'dev') {
    23. 

  23.     return env
    24. 

  24.   }
    25. 

  25. 

  26.   if (!env.APPLE_TEAM_ID && env.TEAM_ID) {
    27. 

  27.     env.APPLE_TEAM_ID = env.TEAM_ID
    28. 

  28.   }
    29. 

  29. 

  30.   const hasCompleteCredentials =
    31. 

  31.     !!env.APPLE_KEYCHAIN_PROFILE ||
    32. 

  32.     (!!env.APPLE_API_KEY && !!env.APPLE_API_KEY_ID && !!env.APPLE_API_ISSUER) ||
    33. 

  33.     (!!env.APPLE_ID && !!env.APPLE_APP_SPECIFIC_PASSWORD && !!env.APPLE_TEAM_ID)
    34. 

  34. 

  35.   if (hasCompleteCredentials || !env.APPLE_ID) {
    36. 

  36.     return env
    37. 

  37.   }
    38. 

  38. 

  39.   try {
    40. 

  40.     env.APPLE_APP_SPECIFIC_PASSWORD = await getPasswordFromKeychain(
    41. 

  41.       env.APPLE_ID,
    42. 

  42.       `Apple Notarize: ${env.APPLE_ID}`,
    43. 

  43.     )
    44. 

  44.   } catch (error) {
    45. 

  45.     console.log(`Legacy notarization keychain lookup skipped: ${error.message}`)
    46. 

  46.   }
    47. 

  47. 

  48.   return env
    49. 

  49. }
    50. 

  50. 

  51. export function hasNotarizeCredentials(env = process.env) {
    52. 

  52.   return Boolean(
    53. 

  53.     env.APPLE_KEYCHAIN_PROFILE ||
    54. 

  54.       (env.APPLE_API_KEY && env.APPLE_API_KEY_ID && env.APPLE_API_ISSUER) ||
    55. 

  55.       (env.APPLE_ID && env.APPLE_APP_SPECIFIC_PASSWORD && env.APPLE_TEAM_ID),
    56. 

  56.   )
    57. 

  57. }
    58. 

  58. 

  59. export async function getNotarizeOptions(appPath, env = process.env) {
    60. 

  60.   await prepareNotarizeEnv(env)
    61. 

  61. 

  62.   const {
    63. 

  63.     APPLE_API_KEY: appleApiKey,
    64. 

  64.     APPLE_API_KEY_ID: appleApiKeyId,
    65. 

  65.     APPLE_API_ISSUER: appleApiIssuer,
    66. 

  66.     APPLE_ID: appleId,
    67. 

  67.     APPLE_APP_SPECIFIC_PASSWORD: appleIdPassword,
    68. 

  68.     APPLE_KEYCHAIN: keychain,
    69. 

  69.     APPLE_KEYCHAIN_PROFILE: keychainProfile,
    70. 

  70.     APPLE_TEAM_ID: teamId,
    71. 

  71.   } = env
    72. 

  72. 

  73.   const tool = 'notarytool'
    74. 

  74. 

  75.   if (appleId || appleIdPassword) {
    76. 

  76.     if (!appleId) {
    77. 

  77.       throw new Error('APPLE_ID env var needs to be set')
    78. 

  78.     }
    79. 

  79.     if (!appleIdPassword) {
    80. 

  80.       throw new Error('APPLE_APP_SPECIFIC_PASSWORD env var needs to be set')
    81. 

  81.     }
    82. 

  82.     if (!teamId) {
    83. 

  83.       throw new Error('APPLE_TEAM_ID env var needs to be set')
    84. 

  84.     }
    85. 

  85.     return { tool, appPath, appleId, appleIdPassword, teamId }
    86. 

  86.   }
    87. 

  87. 

  88.   if (appleApiKey || appleApiKeyId || appleApiIssuer) {
    89. 

  89.     if (!appleApiKey || !appleApiKeyId || !appleApiIssuer) {
    90. 

  90.       throw new Error('Env vars APPLE_API_KEY, APPLE_API_KEY_ID and APPLE_API_ISSUER need to be set')
    91. 

  91.     }
    92. 

  92.     return { tool, appPath, appleApiKey, appleApiKeyId, appleApiIssuer }
    93. 

  93.   }
    94. 

  94. 

  95.   if (keychainProfile) {
    96. 

  96.     return {
    97. 

  97.       tool,
    98. 

  98.       appPath,
    99. 

  99.       keychainProfile,
    100. 

  100.       ...(keychain ? { keychain } : {}),
    101. 

  101.     }
    102. 

  102.   }
    103. 

  103. 

  104.   return null
    105. 

  105. }
    106.