Is it possible to use pkgbuild to create an installer for a signed Automator app?

App & System Services Core OS
Coriana OP
Created Jan ’21
Replies 1
Boosts 0
Views 933
Participants 2
I have an Automator application that I've signed and verified.

When I create a package installer using pkgbuild and install the application, the signature for document.wflow is no longer there when it previously was.

From what I've read I'm guessing this is because document.wflow is located in the root of the Contents directory.

Is there actually anything that can be done to work around this such that I can use pkgbuild to create a package that will install a signed Automator application?
Replies  1
Boosts  0
Views  933
Participants  2
DTS Engineer OP
Apple
Jan ’21
Automator apps are weird because they don’t follow the standard macOS nested code rules (as described in Technote 2206 macOS Code Signing In Depth). I discuss this in some detail in this thread. Note this quote from there:

Oh, one other thing. The resulting signature will rely on extended
attributes, so you have to make sure your package your final product
in a way that preserves extended attributes.

I suspect that your packaging process is dropping extended attributes and that’s what’s breaking your code signature. Two questions:

  • Why are you using pkgbuild directly? I generally prefer to use the higher-level productbuild.

  • If you must stick with pkgbuild, can you describe how you’re invoking it?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
0
Is it possible to use pkgbuild to create an installer for a signed Automator app?
First post date Last post date
 
 
Q