summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRoman Wüger <office@wueger.at>2017-01-15 00:29:34 (GMT)
committerBrad King <brad.king@kitware.com>2017-02-04 13:07:48 (GMT)
commit48aad9cda099005f5f58a7e83d604877f6f84c6d (patch)
tree1e0981a7fd5edadbbb0e7ddc54defb196d689098
parent6286d26ca6408cfc45031536ed54b1679e6d5ac2 (diff)
downloadCMake-48aad9cda099005f5f58a7e83d604877f6f84c6d.zip
CMake-48aad9cda099005f5f58a7e83d604877f6f84c6d.tar.gz
CMake-48aad9cda099005f5f58a7e83d604877f6f84c6d.tar.bz2
CPackProductBuild: Add options to sign packages
-rw-r--r--Help/release/dev/cpack-productbuild-signing.rst8
-rw-r--r--Modules/CPackProductBuild.cmake20
-rw-r--r--Source/CPack/cmCPackProductBuildGenerator.cxx22
3 files changed, 50 insertions, 0 deletions
diff --git a/Help/release/dev/cpack-productbuild-signing.rst b/Help/release/dev/cpack-productbuild-signing.rst
new file mode 100644
index 0000000..0b91b38
--- /dev/null
+++ b/Help/release/dev/cpack-productbuild-signing.rst
@@ -0,0 +1,8 @@
+cpack-productbuild-signing
+--------------------------
+
+* The :module:`CPackProductBuild` module gained options to sign packages.
+ See the variables :variable:`CPACK_PRODUCTBUILD_IDENTITY_NAME`,
+ :variable:`CPACK_PRODUCTBUILD_KEYCHAIN_PATH`,
+ :variable:`CPACK_PKGBUILD_IDENTITY_NAME`, and
+ :variable:`CPACK_PKGBUILD_KEYCHAIN_PATH`.
diff --git a/Modules/CPackProductBuild.cmake b/Modules/CPackProductBuild.cmake
index ea2fa7c..d545d3e 100644
--- a/Modules/CPackProductBuild.cmake
+++ b/Modules/CPackProductBuild.cmake
@@ -20,9 +20,29 @@
# the automatically detected command (or specify its location if the
# auto-detection fails to find it.)
#
+# .. variable:: CPACK_PRODUCTBUILD_IDENTITY_NAME
+#
+# Adds a digital signature to the resulting package.
+#
+#
+# .. variable:: CPACK_PRODUCTBUILD_KEYCHAIN_PATH
+#
+# Specify a specific keychain to search for the signing identity.
+#
+#
# .. variable:: CPACK_COMMAND_PKGBUILD
#
# Path to the pkgbuild(1) command used to generate an OS X component package
# on OS X. This variable can be used to override the automatically detected
# command (or specify its location if the auto-detection fails to find it.)
#
+#
+# .. variable:: CPACK_PKGBUILD_IDENTITY_NAME
+#
+# Adds a digital signature to the resulting package.
+#
+#
+# .. variable:: CPACK_PKGBUILD_KEYCHAIN_PATH
+#
+# Specify a specific keychain to search for the signing identity.
+#
diff --git a/Source/CPack/cmCPackProductBuildGenerator.cxx b/Source/CPack/cmCPackProductBuildGenerator.cxx
index a46e3a6..a5a18dc 100644
--- a/Source/CPack/cmCPackProductBuildGenerator.cxx
+++ b/Source/CPack/cmCPackProductBuildGenerator.cxx
@@ -75,6 +75,14 @@ int cmCPackProductBuildGenerator::PackageFiles()
std::string version = this->GetOption("CPACK_PACKAGE_VERSION");
std::string productbuild = this->GetOption("CPACK_COMMAND_PRODUCTBUILD");
+ std::string identityName;
+ if (const char* n = this->GetOption("CPACK_PRODUCTBUILD_IDENTITY_NAME")) {
+ identityName = n;
+ }
+ std::string keychainPath;
+ if (const char* p = this->GetOption("CPACK_PRODUCTBUILD_KEYCHAIN_PATH")) {
+ keychainPath = p;
+ }
pkgCmd << productbuild << " --distribution \"" << packageDirFileName
<< "/Contents/distribution.dist\""
@@ -82,6 +90,9 @@ int cmCPackProductBuildGenerator::PackageFiles()
<< "\""
<< " --resources \"" << resDir << "\""
<< " --version \"" << version << "\""
+ << (identityName.empty() ? "" : " --sign \"" + identityName + "\"")
+ << (keychainPath.empty() ? ""
+ : " --keychain \"" + keychainPath + "\"")
<< " \"" << packageFileNames[0] << "\"";
// Run ProductBuild
@@ -193,12 +204,23 @@ bool cmCPackProductBuildGenerator::GenerateComponentPackage(
std::string version = this->GetOption("CPACK_PACKAGE_VERSION");
std::string pkgbuild = this->GetOption("CPACK_COMMAND_PKGBUILD");
+ std::string identityName;
+ if (const char* n = this->GetOption("CPACK_PKGBUILD_IDENTITY_NAME")) {
+ identityName = n;
+ }
+ std::string keychainPath;
+ if (const char* p = this->GetOption("CPACK_PKGBUILD_KEYCHAIN_PATH")) {
+ keychainPath = p;
+ }
pkgCmd << pkgbuild << " --root \"" << packageDir << "\""
<< " --identifier \"" << pkgId << "\""
<< " --scripts \"" << scriptDir << "\""
<< " --version \"" << version << "\""
<< " --install-location \"/\""
+ << (identityName.empty() ? "" : " --sign \"" + identityName + "\"")
+ << (keychainPath.empty() ? ""
+ : " --keychain \"" + keychainPath + "\"")
<< " \"" << packageFile << "\"";
// Run ProductBuild