From 770024f1aba314866212033fb9dedb2936eac30a Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Tue, 11 Jul 2023 14:42:24 +0100 Subject: [PATCH 01/33] Improve codesigning --- sign.sh | 38 +++++++++++++++++++++++++++++++++++--- 1 file changed, 35 insertions(+), 3 deletions(-) diff --git a/sign.sh b/sign.sh index 32959f4b5..2bf1652d4 100755 --- a/sign.sh +++ b/sign.sh @@ -119,6 +119,7 @@ signRelease() echo "Signing OSX release" ENTITLEMENTS="$WORKSPACE/entitlements.plist" + MACSIGNSTRING="Apple Certification Authority" # Sign all files with the executable permission bit set. FILES=$(find "${TMP_DIR}" -perm +111 -type f -o -name '*.dylib' -type f || find "${TMP_DIR}" -perm /111 -type f -o -name '*.dylib' -type f) @@ -132,11 +133,42 @@ signRelease() file=$(basename "$f") mv "$f" "${dir}/unsigned_${file}" curl --fail --silent --show-error -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign - chmod --reference="${dir}/unsigned_${file}" "$f" - rm -rf "${dir}/unsigned_${file}" + TESTMACSIGN=`grep -i "$MACSIGNSTRING" "$f"|wc -l` + if [ $TESTMACSIGN -gt 0 ] + then + echo "Code Signed" + chmod --reference="${dir}/unsigned_${file}" "$f" + rm -rf "${dir}/unsigned_${file}" + else + echo "Retrying Code Signing" + max_iterations=20 + iteration=1 + while [ $iteration -le $max_iterations ] + do + echo "Code Not Signed - Have Another Try" + sleep 1 + curl --fail -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign + TESTMACSIGN2=`grep -i "$MACSIGNSTRING" "$f"|wc -l` + if [ $TESTMACSIGN2 -gt 0 ] + then + echo "$f Signed OK On Attempt $iteration" + chmod --reference="${dir}/unsigned_${file}" "$f" + rm -rf "${dir}/unsigned_${file}" + break + else + echo "$f Failed Signing On Attempt $iteration" + iteration=$((iteration+1)) + fi + if [ $iteration -eq $max_iterations ] + then + echo "Reached Max Attempts = $max_iterations" + exit 1 + fi + done + fi done JDK_DIR=$(ls -d "${TMP_DIR}"/jdk*) - JDK=$(basename "${JDK_DIR}") + JDK=$(basename "${JDK_DIR}") cd "${TMP_DIR}" zip -q -r "${TMP_DIR}/unsigned.zip" "${JDK}" cd - From 8a405002c5087869bb94041a2f4788dc8920c57b Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Tue, 11 Jul 2023 16:21:26 +0100 Subject: [PATCH 02/33] Retry zip signing. --- sign.sh | 35 +++++++++++++++++++++++++++++++++-- 1 file changed, 33 insertions(+), 2 deletions(-) diff --git a/sign.sh b/sign.sh index 2bf1652d4..f4a9d0eac 100755 --- a/sign.sh +++ b/sign.sh @@ -173,8 +173,39 @@ signRelease() zip -q -r "${TMP_DIR}/unsigned.zip" "${JDK}" cd - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign - rm -rf "${JDK_DIR}" - unzip -q -d "${TMP_DIR}" "${TMP_DIR}/signed.zip" + TESTMACSIGN=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` + if [ $TESTMACSIGN -gt 0 ] + then + echo "Code Signed" + rm -rf "${JDK_DIR}" + unzip -q -d "${TMP_DIR}" "${TMP_DIR}/signed.zip" + else + echo "Retrying Code Signing" + max_iterations=20 + iteration=1 + while [ $iteration -le $max_iterations ] + do + echo "Code Not Signed - Have Another Try" + sleep 1 + curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign + TESTMACSIGN2=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` + if [ $TESTMACSIGN2 -gt 0 ] + then + echo "$f Signed OK On Attempt $iteration" + rm -rf "${JDK_DIR}" + unzip -q -d "${TMP_DIR}" "${TMP_DIR}/signed.zip" + break + else + echo "$f Failed Signing On Attempt $iteration" + iteration=$((iteration+1)) + fi + if [ $iteration -eq $max_iterations ] + then + echo "Reached Max Attempts = $max_iterations" + exit 1 + fi + done + fi else # Login to KeyChain # shellcheck disable=SC2046 From 3fac0a90c468ba50009a51d890b7876a506c41ba Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Tue, 11 Jul 2023 16:53:51 +0100 Subject: [PATCH 03/33] Add debug --- sign.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sign.sh b/sign.sh index f4a9d0eac..f4443df5d 100755 --- a/sign.sh +++ b/sign.sh @@ -134,6 +134,7 @@ signRelease() mv "$f" "${dir}/unsigned_${file}" curl --fail --silent --show-error -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign TESTMACSIGN=`grep -i "$MACSIGNSTRING" "$f"|wc -l` + grep -i "$MACSIGNSTRING" "$f" if [ $TESTMACSIGN -gt 0 ] then echo "Code Signed" @@ -148,6 +149,7 @@ signRelease() echo "Code Not Signed - Have Another Try" sleep 1 curl --fail -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign + grep -i "$MACSIGNSTRING" "$f" TESTMACSIGN2=`grep -i "$MACSIGNSTRING" "$f"|wc -l` if [ $TESTMACSIGN2 -gt 0 ] then From af334caddd2d5ffe2a93b8fea4b5bf2522dd1590 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Tue, 11 Jul 2023 17:59:35 +0100 Subject: [PATCH 04/33] Fix formatting. --- sign.sh | 78 +++++++++++++++++++++------------------------------------ 1 file changed, 28 insertions(+), 50 deletions(-) diff --git a/sign.sh b/sign.sh index f4443df5d..04fd80c5e 100755 --- a/sign.sh +++ b/sign.sh @@ -119,7 +119,10 @@ signRelease() echo "Signing OSX release" ENTITLEMENTS="$WORKSPACE/entitlements.plist" + MACSIGNSTRING="Apple Certification Authority" + + # Sign all files with the executable permission bit set. FILES=$(find "${TMP_DIR}" -perm +111 -type f -o -name '*.dylib' -type f || find "${TMP_DIR}" -perm /111 -type f -o -name '*.dylib' -type f) @@ -133,41 +136,47 @@ signRelease() file=$(basename "$f") mv "$f" "${dir}/unsigned_${file}" curl --fail --silent --show-error -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign + echo File = $f TESTMACSIGN=`grep -i "$MACSIGNSTRING" "$f"|wc -l` - grep -i "$MACSIGNSTRING" "$f" - if [ $TESTMACSIGN -gt 0 ] + echo "Sign Result = $TESTMACSIGN" + if [[ $TESTMACSIGN -gt 0 ]] then - echo "Code Signed" + echo "Code Signed For File $f" chmod --reference="${dir}/unsigned_${file}" "$f" rm -rf "${dir}/unsigned_${file}" else - echo "Retrying Code Signing" - max_iterations=20 - iteration=1 - while [ $iteration -le $max_iterations ] - do - echo "Code Not Signed - Have Another Try" + MAX_ITERATIONS=20 + ITERATION=1 + SUCCESS=false + ERRCOUNT=0 + echo "Code Not Signed For File $f" + while [[ $iteration -le $max_iterations ]] && [ $success = false ]; do + echo $iteration Of $max_iterations sleep 1 curl --fail -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign - grep -i "$MACSIGNSTRING" "$f" TESTMACSIGN2=`grep -i "$MACSIGNSTRING" "$f"|wc -l` - if [ $TESTMACSIGN2 -gt 0 ] + echo TESTMACSIGN2 = $TESTMACSIGN2 + if [[ $TESTMACSIGN2 -gt 0 ]] then echo "$f Signed OK On Attempt $iteration" chmod --reference="${dir}/unsigned_${file}" "$f" rm -rf "${dir}/unsigned_${file}" - break + success=true else echo "$f Failed Signing On Attempt $iteration" + success=false iteration=$((iteration+1)) - fi - if [ $iteration -eq $max_iterations ] - then - echo "Reached Max Attempts = $max_iterations" - exit 1 + errcount=$((errcount+1)) + echo $MACSIGNSTRING >> 3.txt fi done fi + if [[ $errcount -gt 0 ]] + then + echo "Errors Encountered During Signing" + echo "Error Count = $errcount" + exit 1 + fi done JDK_DIR=$(ls -d "${TMP_DIR}"/jdk*) JDK=$(basename "${JDK_DIR}") @@ -175,39 +184,8 @@ signRelease() zip -q -r "${TMP_DIR}/unsigned.zip" "${JDK}" cd - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign - TESTMACSIGN=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` - if [ $TESTMACSIGN -gt 0 ] - then - echo "Code Signed" - rm -rf "${JDK_DIR}" - unzip -q -d "${TMP_DIR}" "${TMP_DIR}/signed.zip" - else - echo "Retrying Code Signing" - max_iterations=20 - iteration=1 - while [ $iteration -le $max_iterations ] - do - echo "Code Not Signed - Have Another Try" - sleep 1 - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign - TESTMACSIGN2=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` - if [ $TESTMACSIGN2 -gt 0 ] - then - echo "$f Signed OK On Attempt $iteration" - rm -rf "${JDK_DIR}" - unzip -q -d "${TMP_DIR}" "${TMP_DIR}/signed.zip" - break - else - echo "$f Failed Signing On Attempt $iteration" - iteration=$((iteration+1)) - fi - if [ $iteration -eq $max_iterations ] - then - echo "Reached Max Attempts = $max_iterations" - exit 1 - fi - done - fi + rm -rf "${JDK_DIR}" + unzip -q -d "${TMP_DIR}" "${TMP_DIR}/signed.zip" else # Login to KeyChain # shellcheck disable=SC2046 From 7d8f13b6e7ec05a153bea9077ecc26752a71ddb3 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Tue, 11 Jul 2023 18:14:36 +0100 Subject: [PATCH 05/33] Fix case of variables. --- sign.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/sign.sh b/sign.sh index 04fd80c5e..ddf71b71d 100755 --- a/sign.sh +++ b/sign.sh @@ -145,10 +145,10 @@ signRelease() chmod --reference="${dir}/unsigned_${file}" "$f" rm -rf "${dir}/unsigned_${file}" else - MAX_ITERATIONS=20 - ITERATION=1 - SUCCESS=false - ERRCOUNT=0 + max_iterations=20 + iteration=1 + success=false + errcount=0 echo "Code Not Signed For File $f" while [[ $iteration -le $max_iterations ]] && [ $success = false ]; do echo $iteration Of $max_iterations From dd30b50d4e83cb376f81bc34c6a82521274fee5f Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Tue, 11 Jul 2023 18:31:28 +0100 Subject: [PATCH 06/33] Fix errcount check --- sign.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/sign.sh b/sign.sh index ddf71b71d..d0f1971e0 100755 --- a/sign.sh +++ b/sign.sh @@ -170,12 +170,12 @@ signRelease() echo $MACSIGNSTRING >> 3.txt fi done - fi - if [[ $errcount -gt 0 ]] - then - echo "Errors Encountered During Signing" - echo "Error Count = $errcount" - exit 1 + if [[ $errcount -gt 0 ]] + then + echo "Errors Encountered During Signing" + echo "Error Count = $errcount" + exit 1 + fi fi done JDK_DIR=$(ls -d "${TMP_DIR}"/jdk*) From 04ab9a861765cfd3004f38b7e8c7b96c8f1b5d25 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 09:25:33 +0100 Subject: [PATCH 07/33] Add retry logic for zip signing --- sign.sh | 47 +++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 45 insertions(+), 2 deletions(-) diff --git a/sign.sh b/sign.sh index d0f1971e0..b936e07e5 100755 --- a/sign.sh +++ b/sign.sh @@ -184,8 +184,51 @@ signRelease() zip -q -r "${TMP_DIR}/unsigned.zip" "${JDK}" cd - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign - rm -rf "${JDK_DIR}" - unzip -q -d "${TMP_DIR}" "${TMP_DIR}/signed.zip" + TESTMACSIGN=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` + echo "Sign Result = $TESTMACSIGN" + if [[ $TESTMACSIGN -gt 0 ]] + then + echo "Code Signed For File ${TMP_DIR}/signed.zip" + rm -rf "${JDK_DIR}" + unzip -q -d "${TMP_DIR}" "${TMP_DIR}/signed.zip" + else + max_iterations=20 + iteration=1 + success=false + errcount=0 + echo "Code Not Signed For File ${TMP_DIR}/signed.zip" + while [[ $iteration -le $max_iterations ]] && [ $success = false ]; do + echo $iteration Of $max_iterations + sleep 1 + curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign + TESTMACSIGN2=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` + echo TESTMACSIGN2 = $TESTMACSIGN2 + if [[ $TESTMACSIGN2 -gt 0 ]] + then + echo "${TMP_DIR}/signed.zip Signed OK On Attempt $iteration" + rm -rf "${JDK_DIR}" + unzip -q -d "${TMP_DIR}" "${TMP_DIR}/signed.zip" + success=true + else + echo "${TMP_DIR}/signed.zip Failed Signing On Attempt $iteration" + success=false + iteration=$((iteration+1)) + errcount=$((errcount+1)) + echo $MACSIGNSTRING >> 3.txt + fi + done + if [[ $errcount -gt 0 ]] + then + echo "Errors Encountered During Signing" + echo "Error Count = $errcount" + exit 1 + fi + + + + + + else # Login to KeyChain # shellcheck disable=SC2046 From 7b7574d052ce2fc999eec83e1795220223bdd51e Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 09:37:05 +0100 Subject: [PATCH 08/33] fix syntax error --- sign.sh | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/sign.sh b/sign.sh index b936e07e5..38a91ef05 100755 --- a/sign.sh +++ b/sign.sh @@ -217,18 +217,13 @@ signRelease() echo $MACSIGNSTRING >> 3.txt fi done - if [[ $errcount -gt 0 ]] - then + fi + if [[ $errcount -gt 0 ]] + then echo "Errors Encountered During Signing" echo "Error Count = $errcount" exit 1 - fi - - - - - - + fi else # Login to KeyChain # shellcheck disable=SC2046 From 56ca38d4f46bf027418d59f7e1df147efe644690 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 09:50:56 +0100 Subject: [PATCH 09/33] Debugging zip signing --- sign.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sign.sh b/sign.sh index 38a91ef05..d8d8d0aa3 100755 --- a/sign.sh +++ b/sign.sh @@ -167,7 +167,6 @@ signRelease() success=false iteration=$((iteration+1)) errcount=$((errcount+1)) - echo $MACSIGNSTRING >> 3.txt fi done if [[ $errcount -gt 0 ]] @@ -184,6 +183,8 @@ signRelease() zip -q -r "${TMP_DIR}/unsigned.zip" "${JDK}" cd - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign + echo "Debug 1 = $MACSIGNSTRING" + strings "${TMP_DIR}/signed.zip" TESTMACSIGN=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` echo "Sign Result = $TESTMACSIGN" if [[ $TESTMACSIGN -gt 0 ]] @@ -214,7 +215,6 @@ signRelease() success=false iteration=$((iteration+1)) errcount=$((errcount+1)) - echo $MACSIGNSTRING >> 3.txt fi done fi From 07597a75f0069264b7d901738947237d8eba64b6 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 10:02:26 +0100 Subject: [PATCH 10/33] Debugging --- sign.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sign.sh b/sign.sh index d8d8d0aa3..b0192bea1 100755 --- a/sign.sh +++ b/sign.sh @@ -184,7 +184,7 @@ signRelease() cd - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign echo "Debug 1 = $MACSIGNSTRING" - strings "${TMP_DIR}/signed.zip" + cat "${TMP_DIR}/signed.zip" TESTMACSIGN=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` echo "Sign Result = $TESTMACSIGN" if [[ $TESTMACSIGN -gt 0 ]] From 02fb4b1159ec1e1868f37e75061402b62f58fa66 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 10:26:21 +0100 Subject: [PATCH 11/33] Debug zip signing --- sign.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sign.sh b/sign.sh index b0192bea1..8371b9c57 100755 --- a/sign.sh +++ b/sign.sh @@ -184,7 +184,7 @@ signRelease() cd - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign echo "Debug 1 = $MACSIGNSTRING" - cat "${TMP_DIR}/signed.zip" + ls -l@ "${TMP_DIR}/signed.zip" TESTMACSIGN=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` echo "Sign Result = $TESTMACSIGN" if [[ $TESTMACSIGN -gt 0 ]] From b3db87bd51e0dbe6cb074d4223c21f7f30305ac5 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 10:32:07 +0100 Subject: [PATCH 12/33] Debug zip file signing --- sign.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sign.sh b/sign.sh index 8371b9c57..81aacfb73 100755 --- a/sign.sh +++ b/sign.sh @@ -184,7 +184,7 @@ signRelease() cd - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign echo "Debug 1 = $MACSIGNSTRING" - ls -l@ "${TMP_DIR}/signed.zip" + unzip -vl "${TMP_DIR}/signed.zip" TESTMACSIGN=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` echo "Sign Result = $TESTMACSIGN" if [[ $TESTMACSIGN -gt 0 ]] From a3a1f48e852d4eadc058327b9b795412c8833659 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 10:39:58 +0100 Subject: [PATCH 13/33] Debug zip signing --- sign.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sign.sh b/sign.sh index 81aacfb73..df68f8422 100755 --- a/sign.sh +++ b/sign.sh @@ -185,6 +185,9 @@ signRelease() curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign echo "Debug 1 = $MACSIGNSTRING" unzip -vl "${TMP_DIR}/signed.zip" + unzip -p . "${TMP_DIR}/signed.zip" jdk-17.0.8+6/Contents/_CodeSignature/CodeResources + unzip -dj . "${TMP_DIR}/signed.zip" jdk-17.0.8+6/Contents/_CodeSignature/CodeResources + ls TESTMACSIGN=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` echo "Sign Result = $TESTMACSIGN" if [[ $TESTMACSIGN -gt 0 ]] From 1a73c38dd6f865b421b21a6bf4c59991b2ce9bac Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 10:51:45 +0100 Subject: [PATCH 14/33] Debug zip signing --- sign.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/sign.sh b/sign.sh index df68f8422..e0e537899 100755 --- a/sign.sh +++ b/sign.sh @@ -185,8 +185,11 @@ signRelease() curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign echo "Debug 1 = $MACSIGNSTRING" unzip -vl "${TMP_DIR}/signed.zip" - unzip -p . "${TMP_DIR}/signed.zip" jdk-17.0.8+6/Contents/_CodeSignature/CodeResources + echo "Debug 2 = $MACSIGNSTRING" + unzip -p . "${TMP_DIR}/signed.zip" jdk-17.0.8+6/Contents/_CodeSignature/CodeResources + echo "Debug 3 = $MACSIGNSTRING" unzip -dj . "${TMP_DIR}/signed.zip" jdk-17.0.8+6/Contents/_CodeSignature/CodeResources + echo "Debug 4 = $MACSIGNSTRING" ls TESTMACSIGN=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` echo "Sign Result = $TESTMACSIGN" From c11a2adb80efcf6e47586a547c9ae956d1c16dbf Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 11:02:27 +0100 Subject: [PATCH 15/33] Fix zip signing check --- sign.sh | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/sign.sh b/sign.sh index e0e537899..5e955c57a 100755 --- a/sign.sh +++ b/sign.sh @@ -183,15 +183,9 @@ signRelease() zip -q -r "${TMP_DIR}/unsigned.zip" "${JDK}" cd - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign - echo "Debug 1 = $MACSIGNSTRING" - unzip -vl "${TMP_DIR}/signed.zip" echo "Debug 2 = $MACSIGNSTRING" - unzip -p . "${TMP_DIR}/signed.zip" jdk-17.0.8+6/Contents/_CodeSignature/CodeResources - echo "Debug 3 = $MACSIGNSTRING" - unzip -dj . "${TMP_DIR}/signed.zip" jdk-17.0.8+6/Contents/_CodeSignature/CodeResources - echo "Debug 4 = $MACSIGNSTRING" - ls - TESTMACSIGN=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` + TESTMACSIGN=`unzip -p . "${TMP_DIR}/signed.zip" "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources"|grep -i "$MACSIGNSTRING"|wc -l` + # TESTMACSIGN=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` echo "Sign Result = $TESTMACSIGN" if [[ $TESTMACSIGN -gt 0 ]] then @@ -208,7 +202,7 @@ signRelease() echo $iteration Of $max_iterations sleep 1 curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign - TESTMACSIGN2=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` + TESTMACSIGN2=`unzip -p . "${TMP_DIR}/signed.zip" "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources"|grep -i "$MACSIGNSTRING"|wc -l` echo TESTMACSIGN2 = $TESTMACSIGN2 if [[ $TESTMACSIGN2 -gt 0 ]] then From 3e9d90b48a8a9023b57b0cf04167b25ef4597d18 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 11:14:32 +0100 Subject: [PATCH 16/33] Fix zip signing test --- sign.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sign.sh b/sign.sh index 5e955c57a..f067fa869 100755 --- a/sign.sh +++ b/sign.sh @@ -184,7 +184,7 @@ signRelease() cd - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign echo "Debug 2 = $MACSIGNSTRING" - TESTMACSIGN=`unzip -p . "${TMP_DIR}/signed.zip" "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources"|grep -i "$MACSIGNSTRING"|wc -l` + TESTMACSIGN=`unzip -l jdk.zip | grep -c "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources"` # TESTMACSIGN=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` echo "Sign Result = $TESTMACSIGN" if [[ $TESTMACSIGN -gt 0 ]] @@ -202,7 +202,7 @@ signRelease() echo $iteration Of $max_iterations sleep 1 curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign - TESTMACSIGN2=`unzip -p . "${TMP_DIR}/signed.zip" "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources"|grep -i "$MACSIGNSTRING"|wc -l` + TESTMACSIGN2=`unzip -l jdk.zip | grep -c "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources"` echo TESTMACSIGN2 = $TESTMACSIGN2 if [[ $TESTMACSIGN2 -gt 0 ]] then From 12f6b51a750a0795278e004a33585989c53ae539 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 11:19:11 +0100 Subject: [PATCH 17/33] Fix zip file name --- sign.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sign.sh b/sign.sh index f067fa869..81306d952 100755 --- a/sign.sh +++ b/sign.sh @@ -184,7 +184,7 @@ signRelease() cd - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign echo "Debug 2 = $MACSIGNSTRING" - TESTMACSIGN=`unzip -l jdk.zip | grep -c "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources"` + TESTMACSIGN=`unzip -l "${TMP_DIR}/signed.zip" | grep -c "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources"` # TESTMACSIGN=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` echo "Sign Result = $TESTMACSIGN" if [[ $TESTMACSIGN -gt 0 ]] @@ -202,7 +202,7 @@ signRelease() echo $iteration Of $max_iterations sleep 1 curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign - TESTMACSIGN2=`unzip -l jdk.zip | grep -c "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources"` + TESTMACSIGN2=`unzip -l "${TMP_DIR}/signed.zip" | grep -c "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources"` echo TESTMACSIGN2 = $TESTMACSIGN2 if [[ $TESTMACSIGN2 -gt 0 ]] then From 62e5ba9f270dd82bb10cdddde0624f54dc714a82 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 11:20:14 +0100 Subject: [PATCH 18/33] Debug zip sign checks --- sign.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sign.sh b/sign.sh index 81306d952..c516fe518 100755 --- a/sign.sh +++ b/sign.sh @@ -181,6 +181,8 @@ signRelease() JDK=$(basename "${JDK_DIR}") cd "${TMP_DIR}" zip -q -r "${TMP_DIR}/unsigned.zip" "${JDK}" + echo "Debug 1" + zip -vl "${TMP_DIR}/unsigned.zip" cd - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign echo "Debug 2 = $MACSIGNSTRING" From 818f95d3ae1084971e8cf0d65a23f44e2308a5f9 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 11:27:23 +0100 Subject: [PATCH 19/33] Debug zip signing --- sign.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sign.sh b/sign.sh index c516fe518..200a48152 100755 --- a/sign.sh +++ b/sign.sh @@ -181,10 +181,10 @@ signRelease() JDK=$(basename "${JDK_DIR}") cd "${TMP_DIR}" zip -q -r "${TMP_DIR}/unsigned.zip" "${JDK}" - echo "Debug 1" - zip -vl "${TMP_DIR}/unsigned.zip" cd - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign + echo "Debug 1" + unzip -vl "@${TMP_DIR}/unsigned.zip" echo "Debug 2 = $MACSIGNSTRING" TESTMACSIGN=`unzip -l "${TMP_DIR}/signed.zip" | grep -c "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources"` # TESTMACSIGN=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` From 0224e8096746b2244cae4e2031c8580cb700a031 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 11:33:59 +0100 Subject: [PATCH 20/33] Debug zip signing --- sign.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sign.sh b/sign.sh index 200a48152..698b7dfa2 100755 --- a/sign.sh +++ b/sign.sh @@ -180,11 +180,11 @@ signRelease() JDK_DIR=$(ls -d "${TMP_DIR}"/jdk*) JDK=$(basename "${JDK_DIR}") cd "${TMP_DIR}" - zip -q -r "${TMP_DIR}/unsigned.zip" "${JDK}" + zip -r "${TMP_DIR}/unsigned.zip" "${JDK}" cd - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign echo "Debug 1" - unzip -vl "@${TMP_DIR}/unsigned.zip" + unzip -vl "${TMP_DIR}/unsigned.zip" echo "Debug 2 = $MACSIGNSTRING" TESTMACSIGN=`unzip -l "${TMP_DIR}/signed.zip" | grep -c "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources"` # TESTMACSIGN=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` From 33d077f667dd9b4d519ce8f444b3f6c7cae8536c Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 11:42:23 +0100 Subject: [PATCH 21/33] Debugging Zip Signing --- sign.sh | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/sign.sh b/sign.sh index 698b7dfa2..000c043c7 100755 --- a/sign.sh +++ b/sign.sh @@ -180,11 +180,17 @@ signRelease() JDK_DIR=$(ls -d "${TMP_DIR}"/jdk*) JDK=$(basename "${JDK_DIR}") cd "${TMP_DIR}" - zip -r "${TMP_DIR}/unsigned.zip" "${JDK}" + zip -q -r "${TMP_DIR}/unsigned.zip" "${JDK}" cd - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign echo "Debug 1" - unzip -vl "${TMP_DIR}/unsigned.zip" + unzip -p "${TMP_DIR}/unsigned.zip" "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources" > adb.txt + unzip -p "${TMP_DIR}/signed.zip" "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources" > adb2.txt + diff adb.txt adb2.txt + echo "File 1" + cat adb.txt + echo "File 2" + cat adb2.txt echo "Debug 2 = $MACSIGNSTRING" TESTMACSIGN=`unzip -l "${TMP_DIR}/signed.zip" | grep -c "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources"` # TESTMACSIGN=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` @@ -219,12 +225,12 @@ signRelease() errcount=$((errcount+1)) fi done - fi - if [[ $errcount -gt 0 ]] - then - echo "Errors Encountered During Signing" - echo "Error Count = $errcount" - exit 1 + if [[ $errcount -gt 0 ]] + then + echo "Errors Encountered During Signing" + echo "Error Count = $errcount" + exit 1 + fi fi else # Login to KeyChain From 049c45b5c98d4bb6363c9c5dd76aebb12a8fdb10 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 11:50:36 +0100 Subject: [PATCH 22/33] Remove zip signing check with strings --- sign.sh | 52 +++------------------------------------------------- 1 file changed, 3 insertions(+), 49 deletions(-) diff --git a/sign.sh b/sign.sh index 000c043c7..28efd0296 100755 --- a/sign.sh +++ b/sign.sh @@ -183,55 +183,9 @@ signRelease() zip -q -r "${TMP_DIR}/unsigned.zip" "${JDK}" cd - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign - echo "Debug 1" - unzip -p "${TMP_DIR}/unsigned.zip" "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources" > adb.txt - unzip -p "${TMP_DIR}/signed.zip" "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources" > adb2.txt - diff adb.txt adb2.txt - echo "File 1" - cat adb.txt - echo "File 2" - cat adb2.txt - echo "Debug 2 = $MACSIGNSTRING" - TESTMACSIGN=`unzip -l "${TMP_DIR}/signed.zip" | grep -c "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources"` - # TESTMACSIGN=`grep -i "$MACSIGNSTRING" "${TMP_DIR}/signed.zip"|wc -l` - echo "Sign Result = $TESTMACSIGN" - if [[ $TESTMACSIGN -gt 0 ]] - then - echo "Code Signed For File ${TMP_DIR}/signed.zip" - rm -rf "${JDK_DIR}" - unzip -q -d "${TMP_DIR}" "${TMP_DIR}/signed.zip" - else - max_iterations=20 - iteration=1 - success=false - errcount=0 - echo "Code Not Signed For File ${TMP_DIR}/signed.zip" - while [[ $iteration -le $max_iterations ]] && [ $success = false ]; do - echo $iteration Of $max_iterations - sleep 1 - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign - TESTMACSIGN2=`unzip -l "${TMP_DIR}/signed.zip" | grep -c "jdk-17.0.8+6/Contents/_CodeSignature/CodeResources"` - echo TESTMACSIGN2 = $TESTMACSIGN2 - if [[ $TESTMACSIGN2 -gt 0 ]] - then - echo "${TMP_DIR}/signed.zip Signed OK On Attempt $iteration" - rm -rf "${JDK_DIR}" - unzip -q -d "${TMP_DIR}" "${TMP_DIR}/signed.zip" - success=true - else - echo "${TMP_DIR}/signed.zip Failed Signing On Attempt $iteration" - success=false - iteration=$((iteration+1)) - errcount=$((errcount+1)) - fi - done - if [[ $errcount -gt 0 ]] - then - echo "Errors Encountered During Signing" - echo "Error Count = $errcount" - exit 1 - fi - fi + diff "${TMP_DIR}/unsigned.zip" "${TMP_DIR}/signed.zip" + rm -rf "${JDK_DIR}" + unzip -q -d "${TMP_DIR}" "${TMP_DIR}/signed.zip" else # Login to KeyChain # shellcheck disable=SC2046 From 67de2ebed6355c094bab952ee851ebf52fe95638 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 12:13:19 +0100 Subject: [PATCH 23/33] Remove debugs --- sign.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/sign.sh b/sign.sh index 28efd0296..728c11572 100755 --- a/sign.sh +++ b/sign.sh @@ -183,7 +183,6 @@ signRelease() zip -q -r "${TMP_DIR}/unsigned.zip" "${JDK}" cd - curl --fail --silent --show-error -o "${TMP_DIR}/signed.zip" -F file="@${TMP_DIR}/unsigned.zip" https://cbi.eclipse.org/macos/codesign/sign - diff "${TMP_DIR}/unsigned.zip" "${TMP_DIR}/signed.zip" rm -rf "${JDK_DIR}" unzip -q -d "${TMP_DIR}" "${TMP_DIR}/signed.zip" else From 0e8d1f502e1ce4ae2c27a28347fab1fed189b153 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 12:39:41 +0100 Subject: [PATCH 24/33] Linter fixes. --- sign.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sign.sh b/sign.sh index 728c11572..6ebba2b12 100755 --- a/sign.sh +++ b/sign.sh @@ -136,8 +136,8 @@ signRelease() file=$(basename "$f") mv "$f" "${dir}/unsigned_${file}" curl --fail --silent --show-error -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign - echo File = $f - TESTMACSIGN=`grep -i "$MACSIGNSTRING" "$f"|wc -l` + echo File = "$f" + TESTMACSIGN=(grep -ic "$MACSIGNSTRING" "$f") echo "Sign Result = $TESTMACSIGN" if [[ $TESTMACSIGN -gt 0 ]] then @@ -154,7 +154,7 @@ signRelease() echo $iteration Of $max_iterations sleep 1 curl --fail -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign - TESTMACSIGN2=`grep -i "$MACSIGNSTRING" "$f"|wc -l` + TESTMACSIGN2==(grep -ic "$MACSIGNSTRING" "$f") echo TESTMACSIGN2 = $TESTMACSIGN2 if [[ $TESTMACSIGN2 -gt 0 ]] then From 94a9c804e66a1668a4765129f4b4e45b3c7908bb Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 12:43:42 +0100 Subject: [PATCH 25/33] Linter fix --- sign.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/sign.sh b/sign.sh index 6ebba2b12..5a84eb74e 100755 --- a/sign.sh +++ b/sign.sh @@ -177,6 +177,7 @@ signRelease() fi fi done + fi JDK_DIR=$(ls -d "${TMP_DIR}"/jdk*) JDK=$(basename "${JDK_DIR}") cd "${TMP_DIR}" From 94eee2096df697611f6f3b0b9c936766a7cc827e Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 12:54:07 +0100 Subject: [PATCH 26/33] Fix formatting --- sign.sh | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/sign.sh b/sign.sh index 5a84eb74e..18413c6a1 100755 --- a/sign.sh +++ b/sign.sh @@ -154,7 +154,7 @@ signRelease() echo $iteration Of $max_iterations sleep 1 curl --fail -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign - TESTMACSIGN2==(grep -ic "$MACSIGNSTRING" "$f") + TESTMACSIGN2=(grep -ic "$MACSIGNSTRING" "$f") echo TESTMACSIGN2 = $TESTMACSIGN2 if [[ $TESTMACSIGN2 -gt 0 ]] then @@ -169,15 +169,14 @@ signRelease() errcount=$((errcount+1)) fi done - if [[ $errcount -gt 0 ]] - then - echo "Errors Encountered During Signing" - echo "Error Count = $errcount" - exit 1 - fi + fi + if [[ $errcount -gt 0 ]] + then + echo "Errors Encountered During Signing" + echo "Error Count = $errcount" + exit 1 fi done - fi JDK_DIR=$(ls -d "${TMP_DIR}"/jdk*) JDK=$(basename "${JDK_DIR}") cd "${TMP_DIR}" From 18e8e169c8f601e41cb32cfdcc996a4cf504dd39 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 12:58:27 +0100 Subject: [PATCH 27/33] Linter fix --- sign.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sign.sh b/sign.sh index 18413c6a1..cc25fdf53 100755 --- a/sign.sh +++ b/sign.sh @@ -155,7 +155,7 @@ signRelease() sleep 1 curl --fail -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign TESTMACSIGN2=(grep -ic "$MACSIGNSTRING" "$f") - echo TESTMACSIGN2 = $TESTMACSIGN2 + echo TESTMACSIGN2 = "$TESTMACSIGN2" if [[ $TESTMACSIGN2 -gt 0 ]] then echo "$f Signed OK On Attempt $iteration" From e63e2feafd8950252dbbda15578a51f80a1a53a2 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 13:04:11 +0100 Subject: [PATCH 28/33] Linter fixes --- sign.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sign.sh b/sign.sh index cc25fdf53..3a0209ac9 100755 --- a/sign.sh +++ b/sign.sh @@ -138,8 +138,8 @@ signRelease() curl --fail --silent --show-error -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign echo File = "$f" TESTMACSIGN=(grep -ic "$MACSIGNSTRING" "$f") - echo "Sign Result = $TESTMACSIGN" - if [[ $TESTMACSIGN -gt 0 ]] + echo Sign Result = "$TESTMACSIGN" + if [[ "$TESTMACSIGN" -gt 0 ]] then echo "Code Signed For File $f" chmod --reference="${dir}/unsigned_${file}" "$f" @@ -156,7 +156,7 @@ signRelease() curl --fail -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign TESTMACSIGN2=(grep -ic "$MACSIGNSTRING" "$f") echo TESTMACSIGN2 = "$TESTMACSIGN2" - if [[ $TESTMACSIGN2 -gt 0 ]] + if [[ "$TESTMACSIGN2" -gt 0 ]] then echo "$f Signed OK On Attempt $iteration" chmod --reference="${dir}/unsigned_${file}" "$f" From 28eb7ae66d748a2b15f2b57cd91275d10ab97e61 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 13:07:26 +0100 Subject: [PATCH 29/33] Linter fixes --- sign.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/sign.sh b/sign.sh index 3a0209ac9..f1efe053b 100755 --- a/sign.sh +++ b/sign.sh @@ -139,7 +139,7 @@ signRelease() echo File = "$f" TESTMACSIGN=(grep -ic "$MACSIGNSTRING" "$f") echo Sign Result = "$TESTMACSIGN" - if [[ "$TESTMACSIGN" -gt 0 ]] + if [ "$TESTMACSIGN" -gt 0 ] then echo "Code Signed For File $f" chmod --reference="${dir}/unsigned_${file}" "$f" @@ -150,13 +150,13 @@ signRelease() success=false errcount=0 echo "Code Not Signed For File $f" - while [[ $iteration -le $max_iterations ]] && [ $success = false ]; do + while [ $iteration -le $max_iterations ] && [ $success = false ]; do echo $iteration Of $max_iterations sleep 1 curl --fail -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign TESTMACSIGN2=(grep -ic "$MACSIGNSTRING" "$f") echo TESTMACSIGN2 = "$TESTMACSIGN2" - if [[ "$TESTMACSIGN2" -gt 0 ]] + if [ "$TESTMACSIGN2" -gt 0 ] then echo "$f Signed OK On Attempt $iteration" chmod --reference="${dir}/unsigned_${file}" "$f" @@ -170,7 +170,7 @@ signRelease() fi done fi - if [[ $errcount -gt 0 ]] + if [ $errcount -gt 0 ] then echo "Errors Encountered During Signing" echo "Error Count = $errcount" From 3e30b8cce7ccc1568b184b3bf8ffee1194553f49 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 13:14:29 +0100 Subject: [PATCH 30/33] Linter fix --- sign.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sign.sh b/sign.sh index f1efe053b..5dc51217c 100755 --- a/sign.sh +++ b/sign.sh @@ -170,7 +170,7 @@ signRelease() fi done fi - if [ $errcount -gt 0 ] + if [ "$errcount" -gt 0 ] then echo "Errors Encountered During Signing" echo "Error Count = $errcount" From 7a7ab2278dcbe4f227fa9c30cae8a01b53654cb7 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 13:20:25 +0100 Subject: [PATCH 31/33] Linter fixes --- sign.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sign.sh b/sign.sh index 5dc51217c..0003fb48a 100755 --- a/sign.sh +++ b/sign.sh @@ -137,7 +137,7 @@ signRelease() mv "$f" "${dir}/unsigned_${file}" curl --fail --silent --show-error -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign echo File = "$f" - TESTMACSIGN=(grep -ic "$MACSIGNSTRING" "$f") + TESTMACSIGN=$(grep -ic "$MACSIGNSTRING" "$f") echo Sign Result = "$TESTMACSIGN" if [ "$TESTMACSIGN" -gt 0 ] then @@ -154,7 +154,7 @@ signRelease() echo $iteration Of $max_iterations sleep 1 curl --fail -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign - TESTMACSIGN2=(grep -ic "$MACSIGNSTRING" "$f") + TESTMACSIGN2=$(grep -ic "$MACSIGNSTRING" "$f") echo TESTMACSIGN2 = "$TESTMACSIGN2" if [ "$TESTMACSIGN2" -gt 0 ] then From c8c273630508c695f9a7f52eca28d7c4adf67503 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 14:38:01 +0100 Subject: [PATCH 32/33] Fix unbound var --- sign.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/sign.sh b/sign.sh index 0003fb48a..f616599f7 100755 --- a/sign.sh +++ b/sign.sh @@ -169,12 +169,12 @@ signRelease() errcount=$((errcount+1)) fi done - fi - if [ "$errcount" -gt 0 ] - then - echo "Errors Encountered During Signing" - echo "Error Count = $errcount" - exit 1 + if [ "$errcount" -gt 0 ] + then + echo "Errors Encountered During Signing" + echo "Error Count = $errcount" + exit 1 + fi fi done JDK_DIR=$(ls -d "${TMP_DIR}"/jdk*) From bc585bba284df5d5927c492f80942b1f7e435942 Mon Sep 17 00:00:00 2001 From: Scott Fryer Date: Wed, 12 Jul 2023 16:17:44 +0100 Subject: [PATCH 33/33] Fix exit loop --- sign.sh | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/sign.sh b/sign.sh index f616599f7..2a3238ef9 100755 --- a/sign.sh +++ b/sign.sh @@ -148,7 +148,6 @@ signRelease() max_iterations=20 iteration=1 success=false - errcount=0 echo "Code Not Signed For File $f" while [ $iteration -le $max_iterations ] && [ $success = false ]; do echo $iteration Of $max_iterations @@ -166,15 +165,13 @@ signRelease() echo "$f Failed Signing On Attempt $iteration" success=false iteration=$((iteration+1)) - errcount=$((errcount+1)) + if [ $iteration -gt $max_iterations ] + then + echo "Errors Encountered During Signing" + exit 1 + fi fi done - if [ "$errcount" -gt 0 ] - then - echo "Errors Encountered During Signing" - echo "Error Count = $errcount" - exit 1 - fi fi done JDK_DIR=$(ls -d "${TMP_DIR}"/jdk*)