Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support easier integration of rcodesign with other tools #120

Open
netomi opened this issue Dec 6, 2023 · 0 comments
Open

Support easier integration of rcodesign with other tools #120

netomi opened this issue Dec 6, 2023 · 0 comments

Comments

@netomi
Copy link
Contributor

netomi commented Dec 6, 2023

We developed a notarization service that allows to notarize files via a web API in a secured environment, this service is available at: https://github.com/eclipse-cbi/macos-notarization-service

So far we used the xcode utilities to do the heavy lifting (notarytool / stapler), but that means that the service has to run on a macos machine. In order to be able to deploy and run that anywhere, we were looking into your amazing rcodesign tool and tried to integrate it in our service.

The result so far can be found here: eclipse-cbi/macos-notarization-service#278
The relevant part to access rcodesign can be found here: https://github.com/eclipse-cbi/macos-notarization-service/pull/278/files#diff-6987d3b8c7ca9d95cb15429174615f1a2831ecf176d064c8cf0270242cd50592

While in general it works, there are a couple of things that would make the integration easier and I wanted to discuss whether there would be interest to integrate them:

  • right now, rcodesign does not provide a structured output of its operation, so one has to parse the captured stderr output for patterns, e.g. the submission id, status of notarization, it would be great if the tool, with some option maybe, would return data in json format that can easily be parsed and also do not mix logging statements with the actual structured output, e.g. logging goes to stderr (like the xcode utils) and the structured output goes to stdout

  • the various notary commands take a --max-wait-seconds parameter but there is no way to specify that no wait should happen, i.e. the tool should return immediately. Right now I use a setting of --max-waith-seconds of 1 which still result in a wait of a couple of seconds:

waiting up to 1s for package upload 81090140-48d6-4f89-81a0-f7b9d00b6603 to finish processing
poll state after 0s: InProgress
poll state after 4s: InProgress

  • provide an option for the notary-wait command to not download and attach the log by default, so that when needed the log can be downloaded with the notary-log command

I would also be happy to work on a PR, please let me know what you think about these changes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant