Documentation ¶
Overview ¶
Package notarize notarizes packages with Apple.
Index ¶
Constants ¶
const ( LogSeverityError = "error" LogSeverityWarning = "warning" )
These are the log severities that may exist.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Error ¶
type Error struct { Code int64 `plist:"code"` Message string `plist:"message"` UserInfo map[string]string `plist:"userInfo"` }
Error is the error structure generated by the notarization tool.
type Errors ¶
type Errors []Error
Errors is a list of error and also implements error.
func (Errors) ContainsCode ¶
ContainsCode returns true if the errors list has an error with the given code.
type Info ¶
type Info struct { // RequestUUID is the UUID provided by Apple after submitting the // notarization request. This can be used to look up notarization information // using the Apple tooling. RequestUUID string `plist:"RequestUUID"` // Date is the date and time of submission Date time.Time `plist:"Date"` // Hash is the encoded hash value for the submitted file. This is provided // by Apple. This is not decoded into a richer type like hash/sha256 because // it doesn't seem to be guaranteed by Apple anywhere what format this is in. Hash string `plist:"Hash"` // LogFileURL is a URL to a log file for more details. LogFileURL string `plist:"LogFileURL"` // Status the status of the notarization. // // StatusMessage is a human-friendly message associated with a status. Status string `plist:"Status"` StatusMessage string `plist:"Status Message"` }
Info is the information structure for the state of a notarization request.
All fields should be checked against their zero value since certain values only become available at different states of the notarization process. If we were only able to submit a notarization request and not check the status once, only RequestUUID will be set.
func Notarize ¶
Notarize performs the notarization process for macOS applications. This will block for the duration of this process which can take many minutes. The Status field in Options can be used to get status change notifications.
This will return the notarization info and an error if any occurred. The Info result _may_ be non-nil in the presence of an error and can be used to gather more information about the notarization attempt.
If error is nil, then Info is guaranteed to be non-nil. If error is not nil, notarization failed and Info _may_ be non-nil.
type Log ¶
type Log struct { JobId string `json:"jobId"` Status string `json:"status"` StatusSummary string `json:"statusSummary"` StatusCode int `json:"statusCode"` ArchiveFilename string `json:"archiveFilename"` UploadDate string `json:"uploadDate"` SHA256 string `json:"sha256"` Issues []LogIssue `json:"issues"` TicketContents []LogTicketContent `json:"ticketContents"` }
Log is the structure that is available when downloading the log file that the notarization service creates.
This may not be complete with all fields. I only included fields that I saw and even then only the more useful ones.
func DownloadLog ¶
DownloadLog downloads a log file and parses it using a default HTTP client. If you want more fine-grained control over the download, download it using your own client and use ParseLog.
type LogIssue ¶
type LogIssue struct { Severity string `json:"severity"` Path string `json:"path"` Message string `json:"message"` }
LogIssue is a single issue that may have occurred during notarization.
type LogTicketContent ¶
type LogTicketContent struct { Path string `json:"path"` DigestAlgorithm string `json:"digestAlgorithm"` CDHash string `json:"cdhash"` Arch string `json:"arch"` }
LogTicketContent is an entry that was noted as being within the archive.
type Options ¶
type Options struct { // File is the file to notarize. This must be in zip, dmg, or pkg format. File string // BundleId is the bundle ID for the package. Ex. "com.example.myapp" BundleId string // Username is your Apple Connect username. Username string // Password is your Apple Connect password. This must be specified. // This also supports `@keychain:<value>` and `@env:<value>` formats to // read from the keychain and environment variables, respectively. Password string // Provider is the Apple Connect provider to use. This is optional // and is only used for Apple Connect accounts that support multiple // providers. Provider string // UploadLock, if specified, will limit concurrency when uploading // packages. The notary submission process does not allow concurrent // uploads of packages with the same bundle ID, it appears. If you set // this lock, we'll hold the lock while we upload. UploadLock *sync.Mutex // Status, if non-nil, will be invoked with status updates throughout // the notarization process. Status Status // Logger is the logger to use. If this is nil then no logging will be done. Logger hclog.Logger // BaseCmd is the base command for executing app submission. This is // used for tests to overwrite where the codesign binary is. If this isn't // specified then we use `xcrun altool` as the base. BaseCmd *exec.Cmd }
Options are the options for notarization.
type Status ¶
type Status interface { // Submitting is called when the file is being submitted for notarization. Submitting() // Submitted is called when the file is submitted to Apple for notarization. // The arguments give you access to the requestUUID to query more information. Submitted(requestUUID string) // Status is called as the status of the submitted package changes. // The info argument contains additional information about the status. // Note that some fields in the info argument may not be populated, please // refer to the docs. Status(Info) }
Status is an interface that can be implemented to receive status callbacks.
All the methods in this interface must NOT block for too long or it'll block the notarization process.