mirrors
/
SDWebImage
mirror of https://github.com/SDWebImage/SDWebImage.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added self-sign for XCFramework 

The private key is only available during GitHub Action release pipeline
This commit is contained in:
DreamPiggy 2024-05-07 16:08:42 +08:00
parent 50a3c9159b
commit 201096d7bf
6 changed files with 70 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
Certificate/SDWebImage Signing Certificate.cer Normal file
View File

Binary file not shown.

9
Certificate/SDWebImage Signing Certificate.pem Normal file
View File

@ -0,0 +1,9 @@
-----BEGIN RSA PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAQgkh+tXn5fT3+pWuyZ
LvIwPoSObko1CbZ8IBOAaPsDQXuinv2BPQ85z2ccjoM4RIJ9MSNK9iMkW3NOQRIy
BVHO8bSi8HQSvm3pt3CEjCwP0o3wd1fGA/P/hHOO5Mu7iJ4isBbsgMXT0pjx0Zjg
HkeR046UyCAm3cYX20lA483NpVH8g7U1LI7YfbMy66KPI0joFnLQ09FGSaVsVdeS
JqaCBCB8IsYjOUPB1vwEvwCxv96APZ58cFwdeSYIzLdTtv3F6pkVpfEKLcV1KE3N
nmHIIiik2UJFUidUnmQJ72HcFIF1tirrZcRr301UCZanI2nei76XtEn//jMW9+2o
ZwIDAQAB
-----END RSA PUBLIC KEY-----

19
SDWebImage.xcodeproj/project.pbxproj
View File

@ -13,6 +13,7 @@
buildPhases = ( buildPhases = (
326CA51322BA1A270033A92F /* Build Frameworks */, 326CA51322BA1A270033A92F /* Build Frameworks */,
326CA51422BA25F70033A92F /* Create XCFramework */, 326CA51422BA25F70033A92F /* Create XCFramework */,
32F4EC0E2BEA18C400EAADD2 /* Sign XCFramework */,
); );
dependencies = ( dependencies = (
); );
@ -1161,6 +1162,24 @@
shellPath = /bin/sh; shellPath = /bin/sh;
shellScript = "sh ${SRCROOT}/Scripts/create-xcframework.sh\n"; shellScript = "sh ${SRCROOT}/Scripts/create-xcframework.sh\n";
}; };
32F4EC0E2BEA18C400EAADD2 /* Sign XCFramework */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
);
inputFileListPaths = (
);
inputPaths = (
);
name = "Sign XCFramework";
outputFileListPaths = (
);
outputPaths = (
);
runOnlyForDeploymentPostprocessing = 0;
shellPath = /bin/sh;
shellScript = "sh ${SRCROOT}/Scripts/sign-xcframework.sh\n";
};
/* End PBXShellScriptBuildPhase section */ /* End PBXShellScriptBuildPhase section */
/* Begin PBXSourcesBuildPhase section */ /* Begin PBXSourcesBuildPhase section */

4
Scripts/build-frameworks.sh
View File

@ -5,6 +5,8 @@ set -o pipefail
XCODE_VERSION=$(xcodebuild -version | head -n 1| awk -F ' ' '{print $2}') XCODE_VERSION=$(xcodebuild -version | head -n 1| awk -F ' ' '{print $2}')
XCODE_VERSION_MAJOR=$(echo $XCODE_VERSION | awk -F '.' '{print $1}') XCODE_VERSION_MAJOR=$(echo $XCODE_VERSION | awk -F '.' '{print $1}')
XCODE_VERSION_MINOR=$(echo $XCODE_VERSION | awk -F '.' '{print $2}')
XCODE_VERSION_PATCH=$(echo $XCODE_VERSION | awk -F '.' '{print $3}')
if [ -z "$SRCROOT" ] if [ -z "$SRCROOT" ]
then then
SRCROOT=$(pwd) SRCROOT=$(pwd)
@ -18,7 +20,7 @@ then
PLATFORMS+=("macCatalyst") PLATFORMS+=("macCatalyst")
fi fi
if [ $XCODE_VERSION_MAJOR -ge 15 ] if [[ ($XCODE_VERSION_MAJOR -gt 15) || ($XCODE_VERSION_MAJOR -eq 15 && $XCODE_VERSION_MINOR -ge 2) ]]
then then
PLATFORMS+=("visionOS") PLATFORMS+=("visionOS")
PLATFORMS+=("visionOSSimulator") PLATFORMS+=("visionOSSimulator")

4
Scripts/create-xcframework.sh
View File

@ -5,6 +5,8 @@ set -o pipefail
XCODE_VERSION=$(xcodebuild -version | head -n 1| awk -F ' ' '{print $2}') XCODE_VERSION=$(xcodebuild -version | head -n 1| awk -F ' ' '{print $2}')
XCODE_VERSION_MAJOR=$(echo $XCODE_VERSION | awk -F '.' '{print $1}') XCODE_VERSION_MAJOR=$(echo $XCODE_VERSION | awk -F '.' '{print $1}')
XCODE_VERSION_MINOR=$(echo $XCODE_VERSION | awk -F '.' '{print $2}')
XCODE_VERSION_PATCH=$(echo $XCODE_VERSION | awk -F '.' '{print $3}')
if [ -z "$SRCROOT" ] if [ -z "$SRCROOT" ]
then then
SRCROOT=$(pwd) SRCROOT=$(pwd)
@ -25,7 +27,7 @@ then
PLATFORMS+=("macCatalyst") PLATFORMS+=("macCatalyst")
fi fi
if [ $XCODE_VERSION_MAJOR -ge 15 ] if [[ ($XCODE_VERSION_MAJOR -gt 15) || ($XCODE_VERSION_MAJOR -eq 15 && $XCODE_VERSION_MINOR -ge 2) ]]
then then
PLATFORMS+=("visionOS") PLATFORMS+=("visionOS")
PLATFORMS+=("visionOSSimulator") PLATFORMS+=("visionOSSimulator")

36
Scripts/sign-xcframework.sh Executable file
View File

@ -0,0 +1,36 @@
#!/bin/bash
set -e
set -o pipefail
if [ -z "$SRCROOT" ]
then
SRCROOT=$(pwd)
fi
# Self-sign XCFramework
if [ -z CODESIGN_KEY_BASE64 ]; then
echo "Ignore Codesign XCFramework! You must sign SDWebImage before shipping to App Store. See: https://developer.apple.com/support/third-party-SDK-requirements"
exit 0
fi
KEYCHAIN=~/Library/Keychains/ios.keychain
KEYCHAIN_PASSWORD=SDWebImage
CODESIGN_IDENTIFY_NAME=SDWebImage\ Signing\ Certificate
KEY_PASSWORD=""
echo $CODESIGN_KEY_BASE64 | base64 -D > "$(PWD)/Certificate/${CODESIGN_IDENTIFY_NAME}.p12"
security create-keychain -p "$KEYCHAIN_PASSWORD" ios.keychain
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN
security import "$(PWD)/Certificate/${CODESIGN_IDENTIFY_NAME}.cer" -k $KEYCHAIN -T /usr/bin/codesign -T /usr/bin/security
security import "$(PWD)/Certificate/${CODESIGN_IDENTIFY_NAME}.p12" -k $KEYCHAIN -P "$KEY_PASSWORD" -T /usr/bin/codesign -T /usr/bin/security
security list-keychains -s ios.keychain
security set-key-partition-list -S "apple-tool:,apple:" -k "$KEYCHAIN_PASSWORD" $KEYCHAIN
echo "Codesign XCFramework"
/usr/bin/codesign --force --timestamp -v --sign "SDWebImage Signing Certificate" "${SRCROOT}/build/SDWebImage.xcframework"
rm -rf "$(PWD)/Certificate/${CODESIGN_IDENTIFY_NAME}.p12"
security delete-keychain ios.keychain