Add darwin code signing wrt #322 and #318

This commit is contained in:
Julian Ospald 2022-03-02 13:53:45 +01:00
parent d67dafaf1b
commit 8cc333d8d5
Signed by: hasufell
GPG Key ID: 3786C5262ECB4A3F
3 changed files with 25 additions and 0 deletions

View File

@ -2626,6 +2626,7 @@ upgradeGHCup :: ( MonadMask m
upgradeGHCup mtarget force' = do upgradeGHCup mtarget force' = do
Dirs {..} <- lift getDirs Dirs {..} <- lift getDirs
GHCupInfo { _ghcupDownloads = dls } <- lift getGHCupInfo GHCupInfo { _ghcupDownloads = dls } <- lift getGHCupInfo
PlatformRequest {..} <- lift getPlatformReq
lift $ logInfo "Upgrading GHCup..." lift $ logInfo "Upgrading GHCup..."
let latestVer = fromJust $ fst <$> getLatest dls GHCup let latestVer = fromJust $ fst <$> getLatest dls GHCup
@ -2645,6 +2646,7 @@ upgradeGHCup mtarget force' = do
copyFileE p copyFileE p
destFile destFile
lift $ chmod_755 destFile lift $ chmod_755 destFile
liftE $ catchWarn $ lEM @_ @'[ProcessError] $ darwinCodeSign _rPlatform destFile
liftIO (isInPath destFile) >>= \b -> unless b $ liftIO (isInPath destFile) >>= \b -> unless b $
lift $ logWarn $ T.pack (takeFileName destFile) <> " is not in PATH! You have to add it in order to use ghcup." lift $ logWarn $ T.pack (takeFileName destFile) <> " is not in PATH! You have to add it in order to use ghcup."

View File

@ -1028,6 +1028,17 @@ darwinNotarization Darwin path = exec
Nothing Nothing
darwinNotarization _ _ = pure $ Right () darwinNotarization _ _ = pure $ Right ()
darwinCodeSign :: (MonadReader env m, HasDirs env, MonadIO m)
=> Platform
-> FilePath
-> m (Either ProcessError ())
darwinCodeSign Darwin path = exec
"codesign"
["-s", "-", path]
Nothing
Nothing
darwinCodeSign _ _ = pure $ Right ()
getChangeLog :: GHCupDownloads -> Tool -> Either Version Tag -> Maybe URI getChangeLog :: GHCupDownloads -> Tool -> Either Version Tag -> Maybe URI
getChangeLog dls tool (Left v') = getChangeLog dls tool (Left v') =

View File

@ -296,6 +296,18 @@ download_ghcup() {
esac esac
EOF EOF
case "${plat}" in
"Darwin"|"darwin")
case "${arch}" in
aarch64|arm64|armv8l)
codesign -s - "${GHCUP_BIN}"/ghcup
;;
*) : ;;
esac
;;
*) : ;;
esac
# shellcheck disable=SC1090 # shellcheck disable=SC1090
edo . "${GHCUP_DIR}"/env edo . "${GHCUP_DIR}"/env
eghcup upgrade eghcup upgrade