Hello,
I’m encountering a confusing issue on macOS related to distributing a notarized app via PKG inside a DMG, built in a Docker environment. Here’s the full workflow:
Steps:
-
I build and notarize my macOS app on macOS.
-
I package the app into a PKG and also notarize the PKG.
-
I put the PKG and additional resources into a Docker container.
-
Inside Docker, I download the resources and use genisoimage to create a DMG containing the PKG + resources.
-
I mount the DMG on macOS, then double-click the PKG inside the DMG to install the app.
-
After installation, when I try to open the app, macOS reports:
“App is damaged and can’t be opened. You should move it to the Trash.”
- However, if I first copy the PKG from the DMG to /tmp via a script, then run the installation, the app opens and runs correctly.
Observations:
-
Both the app and PKG are properly notarized.
-
This only happens when installing directly from the DMG built via Docker + genisoimage.
-
Copying to a temporary location seems to bypass the issue.
-
Using hdiutil to create the DMG may mitigate the issue, but I need to reproduce this in a Docker-based CI/CD workflow.
Questions:
-
Why does installing a notarized PKG directly from a DMG generated in Docker via genisoimage sometimes cause macOS to report the app as damaged?
-
Could this be related to quarantine/xattr, permissions, or some subtle notarization issue when creating DMGs in Docker?
-
What is the recommended way to structure DMG + PKG in an automated environment to ensure Gatekeeper and notarization work correctly?
Thanks in advance for any insights or guidance!