CPack/DragNDrop: automatically collect dependencies, sign, notorize, and staple
Having to call fixup_bundle
from BundleUtilities with install(CODE
or install(SCRIPT
with the DragNDrop generator for macOS bundles is clumsy. It took me a week of frustration to figure out how to do it. The documentation was not very helpful, but I don't understand why this is even required. Building a macOS package could be greatly simplified if the DragNDrop generator automatically ran fixup_bundle
. The libraries and directories parameters to fixup_bundle
could be provided to the generator as variables (the generator should already know where the application bundle is for the first fixup_bundle
parameter).
Furthermore, DragNDrop should be able to code sign and notorize bundles automatically after running fixup_bundle
when provided with required credentials and the entitlements file path. Currently, signing bundles requires a custom install(CODE
script which first calls fixup_bundle
. This must be done by CMake and getting the required variables into an install(CODE
script is cumbersome. If CMake does not do this, the user would have to mount the DMG, copy the application bundle out of it, then code sign the bundle and create a new DMG. After CMake has created the DMG, it should be signed and notorized (signing the app bundle inside is not the same as signing the DMG).