diff options
author | Roman Wüger <office@wueger.at> | 2017-01-15 00:29:34 (GMT) |
---|---|---|
committer | Brad King <brad.king@kitware.com> | 2017-02-04 13:07:48 (GMT) |
commit | 48aad9cda099005f5f58a7e83d604877f6f84c6d (patch) | |
tree | 1e0981a7fd5edadbbb0e7ddc54defb196d689098 | |
parent | 6286d26ca6408cfc45031536ed54b1679e6d5ac2 (diff) | |
download | CMake-48aad9cda099005f5f58a7e83d604877f6f84c6d.zip CMake-48aad9cda099005f5f58a7e83d604877f6f84c6d.tar.gz CMake-48aad9cda099005f5f58a7e83d604877f6f84c6d.tar.bz2 |
CPackProductBuild: Add options to sign packages
-rw-r--r-- | Help/release/dev/cpack-productbuild-signing.rst | 8 | ||||
-rw-r--r-- | Modules/CPackProductBuild.cmake | 20 | ||||
-rw-r--r-- | Source/CPack/cmCPackProductBuildGenerator.cxx | 22 |
3 files changed, 50 insertions, 0 deletions
diff --git a/Help/release/dev/cpack-productbuild-signing.rst b/Help/release/dev/cpack-productbuild-signing.rst new file mode 100644 index 0000000..0b91b38 --- /dev/null +++ b/Help/release/dev/cpack-productbuild-signing.rst @@ -0,0 +1,8 @@ +cpack-productbuild-signing +-------------------------- + +* The :module:`CPackProductBuild` module gained options to sign packages. + See the variables :variable:`CPACK_PRODUCTBUILD_IDENTITY_NAME`, + :variable:`CPACK_PRODUCTBUILD_KEYCHAIN_PATH`, + :variable:`CPACK_PKGBUILD_IDENTITY_NAME`, and + :variable:`CPACK_PKGBUILD_KEYCHAIN_PATH`. diff --git a/Modules/CPackProductBuild.cmake b/Modules/CPackProductBuild.cmake index ea2fa7c..d545d3e 100644 --- a/Modules/CPackProductBuild.cmake +++ b/Modules/CPackProductBuild.cmake @@ -20,9 +20,29 @@ # the automatically detected command (or specify its location if the # auto-detection fails to find it.) # +# .. variable:: CPACK_PRODUCTBUILD_IDENTITY_NAME +# +# Adds a digital signature to the resulting package. +# +# +# .. variable:: CPACK_PRODUCTBUILD_KEYCHAIN_PATH +# +# Specify a specific keychain to search for the signing identity. +# +# # .. variable:: CPACK_COMMAND_PKGBUILD # # Path to the pkgbuild(1) command used to generate an OS X component package # on OS X. This variable can be used to override the automatically detected # command (or specify its location if the auto-detection fails to find it.) # +# +# .. variable:: CPACK_PKGBUILD_IDENTITY_NAME +# +# Adds a digital signature to the resulting package. +# +# +# .. variable:: CPACK_PKGBUILD_KEYCHAIN_PATH +# +# Specify a specific keychain to search for the signing identity. +# diff --git a/Source/CPack/cmCPackProductBuildGenerator.cxx b/Source/CPack/cmCPackProductBuildGenerator.cxx index a46e3a6..a5a18dc 100644 --- a/Source/CPack/cmCPackProductBuildGenerator.cxx +++ b/Source/CPack/cmCPackProductBuildGenerator.cxx @@ -75,6 +75,14 @@ int cmCPackProductBuildGenerator::PackageFiles() std::string version = this->GetOption("CPACK_PACKAGE_VERSION"); std::string productbuild = this->GetOption("CPACK_COMMAND_PRODUCTBUILD"); + std::string identityName; + if (const char* n = this->GetOption("CPACK_PRODUCTBUILD_IDENTITY_NAME")) { + identityName = n; + } + std::string keychainPath; + if (const char* p = this->GetOption("CPACK_PRODUCTBUILD_KEYCHAIN_PATH")) { + keychainPath = p; + } pkgCmd << productbuild << " --distribution \"" << packageDirFileName << "/Contents/distribution.dist\"" @@ -82,6 +90,9 @@ int cmCPackProductBuildGenerator::PackageFiles() << "\"" << " --resources \"" << resDir << "\"" << " --version \"" << version << "\"" + << (identityName.empty() ? "" : " --sign \"" + identityName + "\"") + << (keychainPath.empty() ? "" + : " --keychain \"" + keychainPath + "\"") << " \"" << packageFileNames[0] << "\""; // Run ProductBuild @@ -193,12 +204,23 @@ bool cmCPackProductBuildGenerator::GenerateComponentPackage( std::string version = this->GetOption("CPACK_PACKAGE_VERSION"); std::string pkgbuild = this->GetOption("CPACK_COMMAND_PKGBUILD"); + std::string identityName; + if (const char* n = this->GetOption("CPACK_PKGBUILD_IDENTITY_NAME")) { + identityName = n; + } + std::string keychainPath; + if (const char* p = this->GetOption("CPACK_PKGBUILD_KEYCHAIN_PATH")) { + keychainPath = p; + } pkgCmd << pkgbuild << " --root \"" << packageDir << "\"" << " --identifier \"" << pkgId << "\"" << " --scripts \"" << scriptDir << "\"" << " --version \"" << version << "\"" << " --install-location \"/\"" + << (identityName.empty() ? "" : " --sign \"" + identityName + "\"") + << (keychainPath.empty() ? "" + : " --keychain \"" + keychainPath + "\"") << " \"" << packageFile << "\""; // Run ProductBuild |