I want to sign an application that I have maintained for years. It compiles, passes its own tests, and runs without error on Mac OSX. It is a variant of an upstream project that is properly signed. I want to sign my own application, using the upstream build chain. The upstream build chain is a bash script that calls for several values to perform signing with codesign:
DEVELOPER_ID=
KEYCHAIN=
KEYCHAIN_PASSWORD=
NOTARIZATION_BUNDLE_ID=
NOTARIZATION_USER=
NOTARIZATION_PASSWORD=
For a start, I'm stuck at DEVELOPER_ID. The value is meant to be a hash, but from the XCode documentation and various third-party explainers, I've been unable to figure out how to acquire that value. In codesign, the upstream script applies it like so:
/usr/bin/codesign --force --options runtime \
--entitlements "$entitlements_file" \
--sign "$DEVELOPER_ID" \
<path_to_application>
(The entitlements file is provided in the source.) I don't have any experience working in XCode, and I've been unable to solve this problem. Apple Developer Support have pointed me back at the documentation, where I had been unable to find the answer. I'm stuck. Any advice or pointers would be extremely helpful at this stage.