I'm building an application which bundles several CLI tools and present a GUI for them. 2 of the CLI tools are standalone executables. I've been able to successfully bundle, codesign, and notarize these tools and include them in a "Copy Files" step and placing them in the "Executables" destination.
I'm now attempting to package the remaining CLI tools. They are a mix of executables, dylibs, and configurations files. I've been able to get them working in development by including them in a "Copy Files" step and placing them in the "Resources" destination.
Problems arise when trying to create an Archive for my app to distribute directly. The notarization process complains about the remaining CLI tools not being built with "hardened runtime" enabled. I get around this by signing the tool executables. This allows the app to be notarized successfully. However, when these executables are used, I'm presented with errors like:
I assume this is an issue with the tool's included dylibs not being codesigned as well. After codesigning the dylibs, I receive errors about missing symbols inside the dylibs:
I've done many hours of researching and debugging and just can't seem to find the right incantation to successfully codesign and notarize my application for distribution. I'm hoping there's just something foundational I'm missing in this whole process that can be rectified easily. Any help is appreciated!
I'm now attempting to package the remaining CLI tools. They are a mix of executables, dylibs, and configurations files. I've been able to get them working in development by including them in a "Copy Files" step and placing them in the "Resources" destination.
Problems arise when trying to create an Archive for my app to distribute directly. The notarization process complains about the remaining CLI tools not being built with "hardened runtime" enabled. I get around this by signing the tool executables. This allows the app to be notarized successfully. However, when these executables are used, I'm presented with errors like:
Code Block stat() failed with errno=1 file system relative paths not allowed in hardened programs
I assume this is an issue with the tool's included dylibs not being codesigned as well. After codesigning the dylibs, I receive errors about missing symbols inside the dylibs:
Code Block dyld: Symbol not found: __nw_endpoint_alternative_unknown Referenced from: /System/Library/Frameworks/CFNetwork.framework/Versions/A/CFNetwork Expected in: /Users/david/Library/Developer/Xcode/DerivedData/Valet_Lite-defzwmegdslzcagdhpvowwklbsky/Build/Products/Debug/Valet Lite.app/Contents/Resources/php/php-8.0.3/bin/../dylibs/libnetwork.dylib in /System/Library/Frameworks/CFNetwork.framework/Versions/A/CFNetwork
I've done many hours of researching and debugging and just can't seem to find the right incantation to successfully codesign and notarize my application for distribution. I'm hoping there's just something foundational I'm missing in this whole process that can be rectified easily. Any help is appreciated!
