Merge pull request #94677 from bruvzg/no_sign_err

[macOS export] Do not stop export on signing errors.
This commit is contained in:
Rémi Verschelde 2024-07-24 09:59:38 +02:00
commit 693b69d65f
No known key found for this signature in database
GPG key ID: C3336907360768E1
2 changed files with 20 additions and 30 deletions

View file

@ -1064,7 +1064,7 @@ Error EditorExportPlatformMacOS::_notarize(const Ref<EditorExportPreset> &p_pres
return OK; return OK;
} }
Error EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_preset, const String &p_path, const String &p_ent_path, bool p_warn, bool p_set_id) { void EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_preset, const String &p_path, const String &p_ent_path, bool p_warn, bool p_set_id) {
int codesign_tool = p_preset->get("codesign/codesign"); int codesign_tool = p_preset->get("codesign/codesign");
switch (codesign_tool) { switch (codesign_tool) {
case 1: { // built-in ad-hoc case 1: { // built-in ad-hoc
@ -1074,7 +1074,7 @@ Error EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_pre
Error err = CodeSign::codesign(false, true, p_path, p_ent_path, error_msg); Error err = CodeSign::codesign(false, true, p_path, p_ent_path, error_msg);
if (err != OK) { if (err != OK) {
add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), vformat(TTR("Built-in CodeSign failed with error \"%s\"."), error_msg)); add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), vformat(TTR("Built-in CodeSign failed with error \"%s\"."), error_msg));
return Error::FAILED; return;
} }
#else #else
add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), TTR("Built-in CodeSign require regex module.")); add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), TTR("Built-in CodeSign require regex module."));
@ -1086,7 +1086,7 @@ Error EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_pre
String rcodesign = EDITOR_GET("export/macos/rcodesign").operator String(); String rcodesign = EDITOR_GET("export/macos/rcodesign").operator String();
if (rcodesign.is_empty()) { if (rcodesign.is_empty()) {
add_message(EXPORT_MESSAGE_ERROR, TTR("Code Signing"), TTR("Xrcodesign path is not set. Configure rcodesign path in the Editor Settings (Export > macOS > rcodesign).")); add_message(EXPORT_MESSAGE_ERROR, TTR("Code Signing"), TTR("Xrcodesign path is not set. Configure rcodesign path in the Editor Settings (Export > macOS > rcodesign)."));
return Error::FAILED; return;
} }
List<String> args; List<String> args;
@ -1124,13 +1124,13 @@ Error EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_pre
Error err = OS::get_singleton()->execute(rcodesign, args, &str, &exitcode, true); Error err = OS::get_singleton()->execute(rcodesign, args, &str, &exitcode, true);
if (err != OK) { if (err != OK) {
add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), TTR("Could not start rcodesign executable.")); add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), TTR("Could not start rcodesign executable."));
return err; return;
} }
if (exitcode != 0) { if (exitcode != 0) {
print_line("rcodesign (" + p_path + "):\n" + str); print_line("rcodesign (" + p_path + "):\n" + str);
add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), TTR("Code signing failed, see editor log for details.")); add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), TTR("Code signing failed, see editor log for details."));
return Error::FAILED; return;
} else { } else {
print_verbose("rcodesign (" + p_path + "):\n" + str); print_verbose("rcodesign (" + p_path + "):\n" + str);
} }
@ -1141,7 +1141,7 @@ Error EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_pre
if (!FileAccess::exists("/usr/bin/codesign") && !FileAccess::exists("/bin/codesign")) { if (!FileAccess::exists("/usr/bin/codesign") && !FileAccess::exists("/bin/codesign")) {
add_message(EXPORT_MESSAGE_ERROR, TTR("Code Signing"), TTR("Xcode command line tools are not installed.")); add_message(EXPORT_MESSAGE_ERROR, TTR("Code Signing"), TTR("Xcode command line tools are not installed."));
return Error::FAILED; return;
} }
bool ad_hoc = (p_preset->get("codesign/identity") == "" || p_preset->get("codesign/identity") == "-"); bool ad_hoc = (p_preset->get("codesign/identity") == "" || p_preset->get("codesign/identity") == "-");
@ -1190,13 +1190,13 @@ Error EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_pre
Error err = OS::get_singleton()->execute("codesign", args, &str, &exitcode, true); Error err = OS::get_singleton()->execute("codesign", args, &str, &exitcode, true);
if (err != OK) { if (err != OK) {
add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), TTR("Could not start codesign executable, make sure Xcode command line tools are installed.")); add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), TTR("Could not start codesign executable, make sure Xcode command line tools are installed."));
return err; return;
} }
if (exitcode != 0) { if (exitcode != 0) {
print_line("codesign (" + p_path + "):\n" + str); print_line("codesign (" + p_path + "):\n" + str);
add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), TTR("Code signing failed, see editor log for details.")); add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), TTR("Code signing failed, see editor log for details."));
return Error::FAILED; return;
} else { } else {
print_verbose("codesign (" + p_path + "):\n" + str); print_verbose("codesign (" + p_path + "):\n" + str);
} }
@ -1205,11 +1205,9 @@ Error EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_pre
default: { default: {
}; };
} }
return OK;
} }
Error EditorExportPlatformMacOS::_code_sign_directory(const Ref<EditorExportPreset> &p_preset, const String &p_path, void EditorExportPlatformMacOS::_code_sign_directory(const Ref<EditorExportPreset> &p_preset, const String &p_path,
const String &p_ent_path, const String &p_helper_ent_path, bool p_should_error_on_non_code) { const String &p_ent_path, const String &p_helper_ent_path, bool p_should_error_on_non_code) {
static Vector<String> extensions_to_sign; static Vector<String> extensions_to_sign;
@ -1224,7 +1222,8 @@ Error EditorExportPlatformMacOS::_code_sign_directory(const Ref<EditorExportPres
Ref<DirAccess> dir_access{ DirAccess::open(p_path, &dir_access_error) }; Ref<DirAccess> dir_access{ DirAccess::open(p_path, &dir_access_error) };
if (dir_access_error != OK) { if (dir_access_error != OK) {
return dir_access_error; add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), vformat(TTR("Cannot sign directory %s."), p_path));
return;
} }
dir_access->list_dir_begin(); dir_access->list_dir_begin();
@ -1247,28 +1246,19 @@ Error EditorExportPlatformMacOS::_code_sign_directory(const Ref<EditorExportPres
set_bundle_id = true; set_bundle_id = true;
} }
} }
Error code_sign_error{ _code_sign(p_preset, current_file_path, ent_path, false, set_bundle_id) }; _code_sign(p_preset, current_file_path, ent_path, false, set_bundle_id);
if (code_sign_error != OK) {
return code_sign_error;
}
if (is_executable(current_file_path)) { if (is_executable(current_file_path)) {
// chmod with 0755 if the file is executable. // chmod with 0755 if the file is executable.
FileAccess::set_unix_permissions(current_file_path, 0755); FileAccess::set_unix_permissions(current_file_path, 0755);
} }
} else if (dir_access->current_is_dir()) { } else if (dir_access->current_is_dir()) {
Error code_sign_error{ _code_sign_directory(p_preset, current_file_path, p_ent_path, p_helper_ent_path, p_should_error_on_non_code) }; _code_sign_directory(p_preset, current_file_path, p_ent_path, p_helper_ent_path, p_should_error_on_non_code);
if (code_sign_error != OK) {
return code_sign_error;
}
} else if (p_should_error_on_non_code) { } else if (p_should_error_on_non_code) {
add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), vformat(TTR("Cannot sign file %s."), current_file)); add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), vformat(TTR("Cannot sign file %s."), current_file));
return Error::FAILED;
} }
current_file = dir_access->get_next(); current_file = dir_access->get_next();
} }
return OK;
} }
Error EditorExportPlatformMacOS::_copy_and_sign_files(Ref<DirAccess> &dir_access, const String &p_src_path, Error EditorExportPlatformMacOS::_copy_and_sign_files(Ref<DirAccess> &dir_access, const String &p_src_path,
@ -1364,7 +1354,7 @@ Error EditorExportPlatformMacOS::_copy_and_sign_files(Ref<DirAccess> &dir_access
if (err == OK && p_sign_enabled) { if (err == OK && p_sign_enabled) {
if (dir_access->dir_exists(p_src_path) && p_src_path.get_extension().is_empty()) { if (dir_access->dir_exists(p_src_path) && p_src_path.get_extension().is_empty()) {
// If it is a directory, find and sign all dynamic libraries. // If it is a directory, find and sign all dynamic libraries.
err = _code_sign_directory(p_preset, p_in_app_path, p_ent_path, p_helper_ent_path, p_should_error_on_non_code_sign); _code_sign_directory(p_preset, p_in_app_path, p_ent_path, p_helper_ent_path, p_should_error_on_non_code_sign);
} else { } else {
if (extensions_to_sign.has(p_in_app_path.get_extension())) { if (extensions_to_sign.has(p_in_app_path.get_extension())) {
String ent_path = p_ent_path; String ent_path = p_ent_path;
@ -1376,7 +1366,7 @@ Error EditorExportPlatformMacOS::_copy_and_sign_files(Ref<DirAccess> &dir_access
set_bundle_id = true; set_bundle_id = true;
} }
} }
err = _code_sign(p_preset, p_in_app_path, ent_path, false, set_bundle_id); _code_sign(p_preset, p_in_app_path, ent_path, false, set_bundle_id);
} }
if (dir_access->file_exists(p_in_app_path) && is_executable(p_in_app_path)) { if (dir_access->file_exists(p_in_app_path) && is_executable(p_in_app_path)) {
// chmod with 0755 if the file is executable. // chmod with 0755 if the file is executable.
@ -2157,7 +2147,7 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p
String hlp_path = helpers[i]; String hlp_path = helpers[i];
err = da->copy(hlp_path, tmp_app_path_name + "/Contents/Helpers/" + hlp_path.get_file()); err = da->copy(hlp_path, tmp_app_path_name + "/Contents/Helpers/" + hlp_path.get_file());
if (err == OK && sign_enabled) { if (err == OK && sign_enabled) {
err = _code_sign(p_preset, tmp_app_path_name + "/Contents/Helpers/" + hlp_path.get_file(), hlp_ent_path, false, true); _code_sign(p_preset, tmp_app_path_name + "/Contents/Helpers/" + hlp_path.get_file(), hlp_ent_path, false, true);
} }
FileAccess::set_unix_permissions(tmp_app_path_name + "/Contents/Helpers/" + hlp_path.get_file(), 0755); FileAccess::set_unix_permissions(tmp_app_path_name + "/Contents/Helpers/" + hlp_path.get_file(), 0755);
} }
@ -2202,7 +2192,7 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p
if (ep.step(TTR("Code signing bundle"), 2)) { if (ep.step(TTR("Code signing bundle"), 2)) {
return ERR_SKIP; return ERR_SKIP;
} }
err = _code_sign(p_preset, tmp_app_path_name, ent_path, true, false); _code_sign(p_preset, tmp_app_path_name, ent_path, true, false);
} }
String noto_path = p_path; String noto_path = p_path;
@ -2220,7 +2210,7 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p
if (ep.step(TTR("Code signing DMG"), 3)) { if (ep.step(TTR("Code signing DMG"), 3)) {
return ERR_SKIP; return ERR_SKIP;
} }
err = _code_sign(p_preset, p_path, ent_path, false, false); _code_sign(p_preset, p_path, ent_path, false, false);
} }
} else if (export_format == "pkg") { } else if (export_format == "pkg") {
// Create a Installer. // Create a Installer.

View file

@ -90,8 +90,8 @@ class EditorExportPlatformMacOS : public EditorExportPlatform {
void _make_icon(const Ref<EditorExportPreset> &p_preset, const Ref<Image> &p_icon, Vector<uint8_t> &p_data); void _make_icon(const Ref<EditorExportPreset> &p_preset, const Ref<Image> &p_icon, Vector<uint8_t> &p_data);
Error _notarize(const Ref<EditorExportPreset> &p_preset, const String &p_path); Error _notarize(const Ref<EditorExportPreset> &p_preset, const String &p_path);
Error _code_sign(const Ref<EditorExportPreset> &p_preset, const String &p_path, const String &p_ent_path, bool p_warn = true, bool p_set_id = false); void _code_sign(const Ref<EditorExportPreset> &p_preset, const String &p_path, const String &p_ent_path, bool p_warn = true, bool p_set_id = false);
Error _code_sign_directory(const Ref<EditorExportPreset> &p_preset, const String &p_path, const String &p_ent_path, const String &p_helper_ent_path, bool p_should_error_on_non_code = true); void _code_sign_directory(const Ref<EditorExportPreset> &p_preset, const String &p_path, const String &p_ent_path, const String &p_helper_ent_path, bool p_should_error_on_non_code = true);
Error _copy_and_sign_files(Ref<DirAccess> &dir_access, const String &p_src_path, const String &p_in_app_path, Error _copy_and_sign_files(Ref<DirAccess> &dir_access, const String &p_src_path, const String &p_in_app_path,
bool p_sign_enabled, const Ref<EditorExportPreset> &p_preset, const String &p_ent_path, const String &p_helper_ent_path, bool p_sign_enabled, const Ref<EditorExportPreset> &p_preset, const String &p_ent_path, const String &p_helper_ent_path,
bool p_should_error_on_non_code_sign, bool p_sandbox); bool p_should_error_on_non_code_sign, bool p_sandbox);