async def staple_notarization(all_paths, path_attr="app_path"): """Staple the notarization results to each app. Args: all_paths (list): the list of App objects path_attr (str, optional): the path attribute to staple. Defaults to ``app_path`` Raises: IScriptError: on failure """ log.info("Stapling apps") futures = [] for app in all_paths: app.check_required_attrs([path_attr, "parent_dir"]) cwd = os.path.dirname(getattr(app, path_attr)) path = os.path.basename(getattr(app, path_attr)) futures.append( asyncio.ensure_future( retry_async( run_command, args=[["xcrun", "stapler", "staple", path]], kwargs={ "cwd": cwd, "exception": IScriptError, "log_level": logging.DEBUG, }, retry_exceptions=(IScriptError, ), attempts=10, ))) await raise_future_exceptions(futures)
async def wrap_notarization_with_sudo(config, key_config, all_paths, path_attr="zip_path"): """Wrap the notarization requests with sudo. Apple creates a lockfile per user for notarization. To notarize concurrently, we use sudo against a set of accounts (``config['local_notarization_accounts']``). Args: config (dict): the running config key_config (dict): the config for this signing key all_paths (list): the list of ``App`` objects path_attr (str, optional): the attribute that the zip path is under. Defaults to ``zip_path`` Raises: IScriptError: on failure Returns: dict: uuid to log path """ futures = [] accounts = config["local_notarization_accounts"] counter = 0 uuids = {} for app in all_paths: app.check_required_attrs([path_attr, "parent_dir"]) while counter < len(all_paths): futures = [] for account in accounts: app = all_paths[counter] app.notarization_log_path = f"{app.parent_dir}-notarization.log" bundle_id = get_bundle_id(key_config["base_bundle_id"], counter=str(counter)) zip_path = getattr(app, path_attr) base_cmdln = " ".join([ "xcrun", "altool", "--notarize-app", "-f", zip_path, "--primary-bundle-id", '"{}"'.format(bundle_id), "-u", key_config["apple_notarization_account"], "--asc-provider", key_config["apple_asc_provider"], "--password", ]) cmd = [ "sudo", "su", account, "-c", base_cmdln + " {}".format( shlex.quote(key_config["apple_notarization_password"])), ] log_cmd = ["sudo", "su", account, "-c", base_cmdln + " ********"] futures.append( asyncio.ensure_future( retry_async( run_command, args=[cmd], kwargs={ "log_path": app.notarization_log_path, "log_cmd": log_cmd, "exception": IScriptError, }, retry_exceptions=(IScriptError, ), attempts=10, ))) counter += 1 if counter >= len(all_paths): break await raise_future_exceptions(futures) for app in all_paths: uuids[get_uuid_from_log( app.notarization_log_path)] = app.notarization_log_path return uuids