[CMake] Signing individual binary and problem with PackageMaker CPack generator
Craig Scott
craig.scott at crascit.com
Mon Oct 22 17:05:22 EDT 2018
On Tue, Oct 23, 2018 at 12:32 AM Eric Noulard <eric.noulard at gmail.com>
wrote:
>
>
> Le lun. 22 oct. 2018 à 11:56, Anatoly Belyaev <cross at cryptopro.ru> a
> écrit :
>
>> We use "PackageMaker" generator on MacOS. But i don't think it is CPack
>> specific tool does call strip command. The code for RPATH rewrite and
>> strip cmd is located in cmake_install.cmake. As i understand CPack calls
>> make install to tmp dir and then creates package.
>>
> Unrelated to your question, but PackageMaker is deprecated (by Apple).
Recent macOS releases don't even have it. You may want to look into
productbuild instead.
>
> Sorry I've just realized it was in the title of your message.
> I wasn't aware that stripping was done during install.
>
>
>> Having different RPATH for build tree is useful. May be there is a way to
>> call sign tool in the install stage? But reading the doc to CMake install
>> command, doesn't help me find solution for this.
>>
>
> Yes I agree that having build rpath is useful.
> I am not aware of any mechanism that enable calling some tool during
> CPack's install step.
> Moreover I don't use MacOS at all so I don't have any experience with
> PackageMaker.
>
> May be some Mac user may shed some more light on this.
>
You should be able to do this using install(SCRIPT) or install(CODE),
invoking the code signing through execute_process() as part of that
script/code.
Taking a step back though, I don't know what your package contains, but if
you're creating an app bundle, then you don't need CPack at all. An app
bundle is already self contained and you should be able to get it to build
with install RPATH, at which point it should find everything it needs. An
advantage of building with install RPATH is that you can also make use of
the XCODE_ATTRIBUTE target property support to set up the code signing and
have Xcode/xcodebuild drive the whole code signing process for you. It's
likely to be easier that way and is more compatible with tools like Fastlane
<https://fastlane.tools>, if you end up heading in that direction. But if
you have embedded frameworks, then yeah, you probably end up having to do
things manually yourself (CMake doesn't yet handle those well and has no
direct support for it).
--
Craig Scott
Melbourne, Australia
https://crascit.com
New book released: Professional CMake: A Practical Guide
<https://crascit.com/professional-cmake/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://cmake.org/pipermail/cmake/attachments/20181023/4bf3d9a7/attachment.html>
More information about the CMake
mailing list