Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / skqp / 443a913b8f0e3fc4a5f6abfa6be2fd6e79641ffe^! / . / gn / codesign_ios.py
commit443a913b8f0e3fc4a5f6abfa6be2fd6e79641ffe[log] [tgz]
authorJim Van Verth <jvanverth@google.com>Tue Nov 28 09:45:26 2017 -0500
committerSkia Commit-Bot <skia-commit-bot@chromium.org>Tue Nov 28 15:29:07 2017 +0000
tree9463b8ae0b35268ae0c8229ec561cbde5eeb8c06
parent9f553932a4a4e986db323d8f4da2f78d9a729254 [diff] [blame]
Add create_bundle support for GN

Docs-Preview: https://skia.org/?cl=75383
Bug: skia:7339
Change-Id: I985734e8b7b5af21a82cb8ee59acbfb5ff1d3ff7
Reviewed-on: https://skia-review.googlesource.com/75383
Commit-Queue: Jim Van Verth <jvanverth@google.com>
Reviewed-by: Mike Klein <mtklein@chromium.org>

diff --git a/gn/codesign_ios.py b/gn/codesign_ios.py
new file mode 100644
index 0000000..66a97d3
--- /dev/null
+++ b/gn/codesign_ios.py

@@ -0,0 +1,67 @@
+#!/usr/bin/env python2.7
+#
+# Copyright 2017 Google Inc.
+#
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+import glob
+import os
+import re
+import shutil
+import subprocess
+import sys
+import tempfile
+
+# Arguments to the script:
+#  pkg              path to application directory, e.g. out/Debug/dm.app
+#                   executable and plist should already be in this directory
+pkg, = sys.argv[1:]
+
+# Find the Google signing identity.
+identity = None
+for line in subprocess.check_output(['security', 'find-identity']).split('\n'):
+  m = re.match(r'''.*\) (.*) ".*Google.*"''', line)
+  if m:
+    identity = m.group(1)
+assert identity
+
+# Find the Google mobile provisioning profile.
+mobileprovision = None
+for p in glob.glob(os.path.join(os.environ['HOME'], 'Library', 'MobileDevice',
+                                'Provisioning Profiles', '*.mobileprovision')):
+  if re.search(r'''<key>Name</key>
+\t<string>Google Development</string>''', open(p).read(), re.MULTILINE):
+    mobileprovision = p
+assert mobileprovision
+
+# The .mobileprovision just gets copied into the package.
+shutil.copy(mobileprovision,
+            os.path.join(pkg, 'embedded.mobileprovision'))
+
+# Extract the appliciation identitifer prefix from the .mobileprovision.
+m = re.search(r'''<key>ApplicationIdentifierPrefix</key>
+\t<array>
+\t<string>(.*)</string>''', open(mobileprovision).read(), re.MULTILINE)
+prefix = m.group(1)
+
+app, _ = os.path.splitext(os.path.basename(pkg))
+
+# Write a minimal entitlements file, then codesign.
+with tempfile.NamedTemporaryFile() as f:
+  f.write('''
+<plist version="1.0">
+  <dict>
+    <key>application-identifier</key> <string>{prefix}.com.google.{app}</string>
+    <key>get-task-allow</key>         <true/>
+  </dict>
+</plist>
+'''.format(prefix=prefix, app=app))
+  f.flush()
+
+  subprocess.check_call(['codesign',
+                         '--force',
+                         '--sign', identity,
+                         '--entitlements', f.name,
+                         '--timestamp=none',
+                         pkg])