KVR Audio

Aleksey Vaneev · Post by **Aleksey Vaneev** » Thu Oct 10, 2019 5:09 am

Hello!

If you are experienced enough and interested, please contact me via info@voxengo.com - the following work is necessary: create a generic .sh script which creates a package using standard developer tools out of signed .component file located in standard Components folder, plus several files like image and license file, plus a post-install script, all located in a separate folder, then submits for notarization and waits for notarization result, then stamps. I'm personally aware of the processes, but I thought it would be fine to cooperate with someone experienced on this. Of course, I will pay for work an agreed sum via PayPal.

quikquak · Post by **quikquak** » Thu Oct 10, 2019 12:02 pm

Excellent idea! If you can make a MacOSX App for the App Store that does the process, just by taking the licence info, then I’d easily pay $50 for it, and I’m sure many others would do too.

Angus_FX · Post by **Angus_FX** » Thu Oct 10, 2019 1:17 pm

Will this work though..? AFAIK notarization won't succeed unless you're using hardened runtime, sandboxing entitlements and possibly some other "new" stuff.

quikquak · Post by **quikquak** » Thu Oct 10, 2019 2:29 pm

As long as the user has the requirements, surely you could execute scripts from a program to do it?
Or at least print the procedure to a file that the user can run themselves.
If not then... *sigh*

Aleksey Vaneev · Post by **Aleksey Vaneev** » Thu Oct 10, 2019 6:02 pm

Not sure I understand your messages. I just need a single .sh script with required util calls, and maybe some loop that waits for notarization. If I'm not mistaken, it's possible to create a package with standard devutils, and attach a post-install script to it, I just have no details. maybe it needs to be zipped first for notarization, or component should be submitted for notarization separately - you see, I just have an overview of the process, so need an experienced help.

discoDSP · Post by **discoDSP** » Thu Oct 10, 2019 6:10 pm

This might be of help: https://bitbucket.org/jpommier/notarize ... tarize-app

Aleksey Vaneev · Post by **Aleksey Vaneev** » Fri Oct 11, 2019 4:19 am

Thanks, will check this out if nobody goes online. Anyway, still need to create pkg - my previous attempts to use proprietary applications for package creation failed miserably, I think there should be a way to just use command-line tools to create packages. And I'd really like to pay for the help, maybe ask a couple of questions. I'm fine with Windows way of producing software, but MacOS tools and technology makes me sad. (not only me - xcode has 2.6/5 rating on App Store)

discoDSP · Post by **discoDSP** » Fri Oct 11, 2019 9:48 am

WhiteBox Packages http://s.sudre.free.fr/Software/Packages/ has command line tools, but I'm using the GUI version. Be aware with GUI version you need to codesign via command line with productsign because secure time stamp isn't supported in 1.2.6. Drop me a line to contactus@discodsp.com if you are looking for some assistance. I'd be glad to help you.

Command Line Tool
Integrating Packages into an automated production workflow is easy with the packagesbuild command line tool. Once you have created your Packages project, the packagesbuild tool will let you build it from the Terminal, a shell script or an Xcode Run Script Build phase.

Also, I posted a how to some weeks ago: viewtopic.php?p=7518248#p7518248

Wild Hades · Post by **Wild Hades** » Fri Oct 11, 2019 12:31 pm

Aleksey Vaneev wrote: ↑Fri Oct 11, 2019 4:19 amI think there should be a way to just use command-line tools to create packages. And I'd really like to pay for the help, maybe ask a couple of questions.

I'm currently using .sh scripts to automate the creation of my packages for OSX distribution using the standard tools provided by the OS.
I'd be glad to help you out just to thank you for your amazing R8Brain library

Here is an example of what I'm doing to create the .pkg installer

Code: Select all

#Variables
PLUGIN_IDENTIFIER=com.yourcompany.yourproductid
PLUGIN_VERSION=1.0.0
PLUGIN_NAME="Your Plug-In name"

#Echo on
set -x -e

#Here we create the .pkg for all the plug-in formats

#AAX
pkgbuild --install-location "/Library/Application Support/Avid/Audio/Plug-Ins" --identifier "$PLUGIN_IDENTIFIER-aax.pkg" --version $PLUGIN_VERSION --component "/Library/Application Support/Avid/Audio/Plug-Ins/$PLUGIN_NAME.aaxplugin" "$PLUGIN_IDENTIFIER-aax.pkg"

#AU
pkgbuild --install-location "/Library/Audio/Plug-Ins/Components" --identifier "$PLUGIN_IDENTIFIER-au.pkg" --version $PLUGIN_VERSION --component "$HOME/Library/Audio/Plug-Ins/Components/$PLUGIN_NAME.component" "$PLUGIN_IDENTIFIER-au.pkg"

#VST2.4
pkgbuild --install-location "/Library/Audio/Plug-Ins/VST" --identifier "$PLUGIN_IDENTIFIER-vst.pkg" --version $PLUGIN_VERSION --component "$HOME/Library/Audio/Plug-Ins/VST/$PLUGIN_NAME.vst" "$PLUGIN_IDENTIFIER-vst.pkg"

#VST3
pkgbuild --install-location "/Library/Audio/Plug-Ins/VST3" --identifier "$PLUGIN_IDENTIFIER-vst3.pkg" --version $PLUGIN_VERSION --component "$HOME/Library/Audio/Plug-Ins/VST3/$PLUGIN_NAME.vst3" "$PLUGIN_IDENTIFIER-vst3.pkg"

#Here we create the .pkg for the standalone version and all the support files (Manual, Banks, IRs, etc.)

#Standalone
pkgbuild --install-location "/tmp/your_standalone_app" --identifier "$PLUGIN_IDENTIFIER-app.pkg" --version $PLUGIN_VERSION --root "../../Builds/MacOSX/build/Release/$PLUGIN_NAME.app" "$PLUGIN_IDENTIFIER-app.pkg"

#IRs
pkgbuild --install-location "/tmp/your_support_files_temp_folder/IRs" --identifier "$PLUGIN_IDENTIFIER-irs.pkg" --version $PLUGIN_VERSION --root "../Common/Resources/IRs" "$PLUGIN_IDENTIFIER-irs.pkg"

#Banks
pkgbuild --install-location "/tmp/your_support_files_temp_folder/Banks" --identifier "$PLUGIN_IDENTIFIER-banks.pkg" --version $PLUGIN_VERSION --root "../Common/Resources/Banks" "$PLUGIN_IDENTIFIER-banks.pkg"

#Manual
pkgbuild --install-location "/tmp/your_support_files_temp_folder/Manual" --identifier "$PLUGIN_IDENTIFIER-manual.pkg" --version $PLUGIN_VERSION --root "../Common/Resources/Manual" "$PLUGIN_IDENTIFIER-manual.pkg"

#Here we pack the postinstall script

#Post install scripts
pkgbuild --install-location "/" --identifier "$PLUGIN_IDENTIFIER-postinstall.pkg" --version $PLUGIN_VERSION --nopayload --scripts ./Scripts "$PLUGIN_IDENTIFIER-postinstall.pkg"

You should now create a distribution.xml file to customize the installer. You can do this once and then manually edit it to link your resources (adding the license, icons, images, etc.).
If you're a shell wizard you could add it to the above script along with the editing instructions and use a single .sh to manage this as well.

Code: Select all

#Create default distribution.xml
productbuild --synthesize --package "$PLUGIN_IDENTIFIER-au.pkg" --package "$PLUGIN_IDENTIFIER-aax.pkg" --package "$PLUGIN_IDENTIFIER-vst.pkg" --package "$PLUGIN_IDENTIFIER-vst3.pkg" --package "$PLUGIN_IDENTIFIER-app.pkg" --package "$PLUGIN_IDENTIFIER-irs.pkg" --package "$PLUGIN_IDENTIFIER-banks.pkg" --package "$PLUGIN_IDENTIFIER-manual.pkg" --package "$PLUGIN_IDENTIFIER-postinstall.pkg" distribution.xml

You can now build the installer by packing all those .pkgs created above into one, using your distribution.xml customizations and sign it with your Apple Developer Installer certificate:

Code: Select all

#Build installer
productbuild --distribution distribution.xml --resources ../Common/Resources/ "$PLUGIN_NAME $PLUGIN_VERSION.unsigned.pkg"

#Sign installer
productsign --sign "Developer ID Installer: Federico Berti" "$PLUGIN_NAME $PLUGIN_VERSION.unsigned.pkg" "$PLUGIN_NAME $PLUGIN_VERSION.pkg"

For the notarization part, you need an altool password as suggested by discoDSP in his tutorial: https://support.apple.com/en-us/HT204397

Code: Select all

#Notarize installer
xcrun altool --notarize-app -f "$PLUGIN_NAME $PLUGIN_VERSION.pkg" --primary-bundle-id "$PLUGIN_IDENTIFIER.installer" --username "your_apple_id" --password "your_altool_password"

After the notarization is confirmed, you can staple and verify.
Again, a shell wizard could somehow automate this process into a single .sh by polling the verification service until the output code is different from -65.

Code: Select all

#Staple installer
xcrun stapler staple "$PLUGIN_NAME $PLUGIN_VERSION.pkg"

#Verify notarization
spctl -a -vvv -t install "$PLUGIN_NAME $PLUGIN_VERSION.pkg"

Please note that the standalone app needs to be signed, zipped and notarized before the main .pkg creation, here is an example of how I do it:

Code: Select all

#Sign standalone app
codesign --deep --force --sign "Developer ID Application: Federico Berti" "../../Builds/MacOSX/build/Release/$PLUGIN_NAME.app"

#Zip standalone app
zip -r "$PLUGIN_NAME.zip" "../../Builds/MacOSX/build/Release/$PLUGIN_NAME.app"

#Notarize standalone app
xcrun altool --notarize-app -f "$PLUGIN_NAME.zip" --primary-bundle-id "$PLUGIN_IDENTIFIER.app" --username "your_apple_id" --password "your_altool_password"

And then must be stapled and verified, as usual:

Code: Select all

#Staple installer
xcrun stapler staple "../../Builds/MacOSX/build/Release/$PLUGIN_NAME.app"

#Verify notarization
spctl --assess --verbose "../../Builds/MacOSX/build/Release/$PLUGIN_NAME.app"

In the postinstall script you'll have to move the files from the temp installation folders into the user actual folders.
The reason for this is that you can't use the tilde (~) in the main .sh script because it would translate into YOUR user folder, so it won't work for the customer.
(if someone has a better way to solve this without the postinstall calls I'm all ears)

Here is my postinstall, please note that in this example I'm copying the support files into the user's Document folder:

Code: Select all

#!/bin/sh
set -e

mkdir -p ~/Documents/your_support_files_root_folder/
cp -Rf /tmp/your_support_files_temp_folder/ ~/Documents/your_support_files_root_folder/

#temporary hack to solve Garageband 10 Sandboxing
mkdir -p ~/Library/Containers/com.apple.garageband10/Data/Documents/your_support_files_root_folder/
cp -Rf /tmp/your_support_files_root_folder/ ~/Library/Containers/com.apple.garageband10/Data/Documents/your_support_files_root_folder/

#Copy the standalone app into the Applications
cp -Rf /tmp/your_standalone_app /Applications/your_standalone_application.app

#Cleanup the installer temporary folders
rm -R /tmp/your_support_files_temp_folder
rm -R /tmp/your_standalone_app

exit 0

And that's all.

Now, if some shell guru would like to help in automating the notarization stapling and distribution.xml editing, this entire process could be merged into a single .sh script...

Hope it helps,
Federico

Aleksey Vaneev · Post by **Aleksey Vaneev** » Sat Oct 12, 2019 5:57 pm

Federico, thank you very much. When I have enough energy I'll experiment with your suggestions. I have my own "generator" application which generates any required supporting files for any project installer (that's why I've tried several options already).

discoDSP · Post by **discoDSP** » Sun Oct 13, 2019 9:23 am

Federico, I saw your hack for GarageBand 10 sandbox but Logic Pro X is missing. I'm using symlinks instead copying files.

Code: Select all

if [ -d "$HOME/Library/Containers/com.apple.logic10/Data" ]
then

	if [ ! -d "$HOME/Library/Containers/com.apple.logic10/Data/Documents/discoDSP" ]
	
	then
   
	ln -s "$HOME/Documents/discoDSP" "$HOME/Library/Containers/com.apple.logic10/Data/Documents/"    
    
	fi

fi

Cheers,
George.

Wild Hades · Post by **Wild Hades** » Sun Oct 13, 2019 12:28 pm

discoDSP wrote: ↑Sun Oct 13, 2019 9:23 am Federico, I saw your hack for GarageBand 10 sandbox but Logic Pro X is missing. I'm using symlinks instead copying files.

Ah yes! Simlink, nice idea, thank you!

Btw the reason I didn't put the hack for the Logic sandbox is that no customer has ever complained about it, I've only got reports from GarageBand users. Is the sandbox even working for Logic?

discoDSP · Post by **discoDSP** » Sun Oct 13, 2019 5:37 pm

Wild Hades wrote: ↑Sun Oct 13, 2019 12:28 pm Btw the reason I didn't put the hack for the Logic sandbox is that no customer has ever complained about it, I've only got reports from GarageBand users. Is the sandbox even working for Logic?

I got it implemented years ago for a sandboxed Logic internal Apple release. Better safe than sorry

Aleksey Vaneev · Post by **Aleksey Vaneev** » Thu Oct 31, 2019 11:41 pm

Federico, how distribution.xml is defined, is there a standard for it? Or does "productbuild --synthesize" create a default XML? What is postinstallscript - you refer it is a pkg, is it really just a sh script?

Wild Hades · Post by **Wild Hades** » Fri Nov 01, 2019 9:31 am

Aleksey Vaneev wrote: ↑Thu Oct 31, 2019 11:41 pm Federico, how distribution.xml is defined, is there a standard for it? Or does "productbuild --synthesize" create a default XML? What is postinstallscript - you refer it is a pkg, is it really just a sh script?

I usually build it with "productbuild --synthesize", then customize it manually, for example by adding this:

Code: Select all

<background file="Logo.png" alignment="topleft" scaling="none"/>
<readme file="readme.txt" />
<license file="EULA.txt" />

inside the <installer-gui-script minSpecVersion="1"> tag.

When you then execute the productbuild command, you need to specify the folder where those resources (Logo.png, EULA.txt, etc.) are, like:

Code: Select all

productbuild --distribution distribution.xml --resources ../Common/Resources/ "$PLUGIN_NAME $PLUGIN_VERSION.unsigned.pkg"

The postinstall is just a sh script, but iirc you have to name it "postinstall" without extension by contract.

Be aware that I had issues when I edited and saved that postinstall file on a Windows machine and it was causing the installation to fail.
Recreating it with the identical script on OSX solved the issue, maybe there could be some file encoding problems, so better to create and edit it on OSX directly.

A small work offer to create a script that creates a notarized install pkg for macOS Catalina