darwin: Use notarytool to notarize instead of altool#25407
Merged
Conversation
Switch to using the newer `notarytool` to notarize MacOS binaries instead of the older `altool`, as `altool` is deprecated and will no longer work come Fall 2023. This also makes for a quieter build as altool's output was quite verbose, and anecdotally, it seems to be more reliable - I haven't had a single notarization failure this way as opposed to the many we see in CI with `altool`. We used to use `gon` as part of our notarizing tool. `gon` still has an open issue to upgrade to `notarytool`, so we've switched away from it and used the Apple CLI tools instead to do the notarization. This is available now that we have moved to GitHub Actions for builds as it has a newer Xcode that contains notarytool. Update the Teleport Connect notarization, which was quite a bit simpler, although we do need an extra `$TEAMID` input, so handle it when that is not supplied and document in the README that it is needed.
camscale
force-pushed
the
camh/notarize-with-notarytool
branch
from
f318848 to
7b5ebd6
Compare
r0mant
approved these changes
May 1, 2023
wadells
reviewed
May 1, 2023
wadells
approved these changes
May 1, 2023
Contributor
Author
Yes. Sorry I meant to note I would follow up removing that. It should be safe to remove but I haven't double-checked yet. |
Collaborator
|
@camscale Can we backport this as well? |
Contributor
Author
|
Yes, i'll be backporting it shortly |
camscale
added a commit
that referenced
this pull request
May 2, 2023
Switch to using the newer `notarytool` to notarize MacOS binaries instead of the older `altool`, as `altool` is deprecated and will no longer work come Fall 2023. This also makes for a quieter build as altool's output was quite verbose, and anecdotally, it seems to be more reliable - I haven't had a single notarization failure this way as opposed to the many we see in CI with `altool`. We used to use `gon` as part of our notarizing tool. `gon` still has an open issue to upgrade to `notarytool`, so we've switched away from it and used the Apple CLI tools instead to do the notarization. This is available now that we have moved to GitHub Actions for builds as it has a newer Xcode that contains notarytool. Update the Teleport Connect notarization, which was quite a bit simpler, although we do need an extra `$TEAMID` input, so handle it when that is not supplied and document in the README that it is needed. Backport: #25407
camscale
added a commit
that referenced
this pull request
May 2, 2023
Switch to using the newer `notarytool` to notarize MacOS binaries instead of the older `altool`, as `altool` is deprecated and will no longer work come Fall 2023. This also makes for a quieter build as altool's output was quite verbose, and anecdotally, it seems to be more reliable - I haven't had a single notarization failure this way as opposed to the many we see in CI with `altool`. We used to use `gon` as part of our notarizing tool. `gon` still has an open issue to upgrade to `notarytool`, so we've switched away from it and used the Apple CLI tools instead to do the notarization. This is available now that we have moved to GitHub Actions for builds as it has a newer Xcode that contains notarytool. Update the Teleport Connect notarization, which was quite a bit simpler, although we do need an extra `$TEAMID` input, so handle it when that is not supplied and document in the README that it is needed. Backport: #25407
This was referenced May 2, 2023
camscale
added a commit
that referenced
this pull request
May 2, 2023
Switch to using the newer `notarytool` to notarize MacOS binaries instead of the older `altool`, as `altool` is deprecated and will no longer work come Fall 2023. This also makes for a quieter build as altool's output was quite verbose, and anecdotally, it seems to be more reliable - I haven't had a single notarization failure this way as opposed to the many we see in CI with `altool`. We used to use `gon` as part of our notarizing tool. `gon` still has an open issue to upgrade to `notarytool`, so we've switched away from it and used the Apple CLI tools instead to do the notarization. This is available now that we have moved to GitHub Actions for builds as it has a newer Xcode that contains notarytool. Update the Teleport Connect notarization, which was quite a bit simpler, although we do need an extra `$TEAMID` input, so handle it when that is not supplied and document in the README that it is needed. Backport: #25407
camscale
added a commit
that referenced
this pull request
May 2, 2023
Switch to using the newer `notarytool` to notarize MacOS binaries instead of the older `altool`, as `altool` is deprecated and will no longer work come Fall 2023. This also makes for a quieter build as altool's output was quite verbose, and anecdotally, it seems to be more reliable - I haven't had a single notarization failure this way as opposed to the many we see in CI with `altool`. We used to use `gon` as part of our notarizing tool. `gon` still has an open issue to upgrade to `notarytool`, so we've switched away from it and used the Apple CLI tools instead to do the notarization. This is available now that we have moved to GitHub Actions for builds as it has a newer Xcode that contains notarytool. Update the Teleport Connect notarization, which was quite a bit simpler, although we do need an extra `$TEAMID` input, so handle it when that is not supplied and document in the README that it is needed. Backport: #25407
camscale
added a commit
that referenced
this pull request
May 2, 2023
Switch to using the newer `notarytool` to notarize MacOS binaries instead of the older `altool`, as `altool` is deprecated and will no longer work come Fall 2023. This also makes for a quieter build as altool's output was quite verbose, and anecdotally, it seems to be more reliable - I haven't had a single notarization failure this way as opposed to the many we see in CI with `altool`. We used to use `gon` as part of our notarizing tool. `gon` still has an open issue to upgrade to `notarytool`, so we've switched away from it and used the Apple CLI tools instead to do the notarization. This is available now that we have moved to GitHub Actions for builds as it has a newer Xcode that contains notarytool. Update the Teleport Connect notarization, which was quite a bit simpler, although we do need an extra `$TEAMID` input, so handle it when that is not supplied and document in the README that it is needed. Backport: #25407
camscale
added a commit
that referenced
this pull request
May 2, 2023
Switch to using the newer `notarytool` to notarize MacOS binaries instead of the older `altool`, as `altool` is deprecated and will no longer work come Fall 2023. This also makes for a quieter build as altool's output was quite verbose, and anecdotally, it seems to be more reliable - I haven't had a single notarization failure this way as opposed to the many we see in CI with `altool`. We used to use `gon` as part of our notarizing tool. `gon` still has an open issue to upgrade to `notarytool`, so we've switched away from it and used the Apple CLI tools instead to do the notarization. This is available now that we have moved to GitHub Actions for builds as it has a newer Xcode that contains notarytool. Update the Teleport Connect notarization, which was quite a bit simpler, although we do need an extra `$TEAMID` input, so handle it when that is not supplied and document in the README that it is needed. Backport: #25407
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Switch to using the newer
notarytoolto notarize MacOS binariesinstead of the older
altool, asaltoolis deprecated and will nolonger work come Fall 2023. This also makes for a quieter build as
altool's output was quite verbose, and anecdotally, it seems to be more
reliable - I haven't had a single notarization failure this way as
opposed to the many we see in CI with
altool.We used to use
gonas part of our notarizing tool.gonstill has anopen issue to upgrade to
notarytool, so we've switched away from itand used the Apple CLI tools instead to do the notarization. This is
available now that we have moved to GitHub Actions for builds as it has
a newer Xcode that contains notarytool.
Update the Teleport Connect notarization, which was quite a bit simpler,
although we do need an extra
$TEAMIDinput, so handle it when that isnot supplied and document in the README that it is needed.
Issue: #20319