macOS: tweaks for macOS bundle script

* Follow Blender code style a bit more closely
* Fix mixed tabs and spaces
* Remove old README now that it's part of the script
* Make less tied to specific Blender version numbers

2 files changed, 110 insertions, 142 deletions

diff --git a/release/darwin/README_codesigning.txt b/release/darwin/README_codesigning.txt
deleted file mode 100644
index 34de5dc74a7..00000000000
--- a/release/darwin/README_codesigning.txt
+++ /dev/null
@@ -1,26 +0,0 @@
-Tutorial for codesigning Blender releases on OSX ( atm. i do manually when needed ):
-Updated as by august 01.2014 - removed deprecated rules and not recommended deep codesigning
-
-1. You need to obtain the certificates for blender foundation, they can bw pulled at Apple developer account for BF
-2. Run the following commands from terminal:
-
-codesign -s <IDENTITY> <path_to_Blender.app>
-
-codesign -s <IDENTITY> <path_to_blenderplayer.app>
-
-
-3. Checking:
-
-codesign -vv <path_to_blenderplayer.app>
-codesign -vv <path_to_Blender.app>
-
-The result should be something like:
-
-<build_path>/Blender.app: valid on disk
-<build_path>/Blender.app: satisfies its Designated Requirement
-
-<build_path>/blenderplayer.app: valid on disk
-<build_path>/blenderplayer.app: satisfies its Designated Requirement
-
-Jens Verwiebe
-
diff --git a/release/darwin/bundle.sh b/release/darwin/bundle.sh
index 85084e07ee2..73fba0f30e6 100755
--- a/release/darwin/bundle.sh
+++ b/release/darwin/bundle.sh
@@ -1,71 +1,69 @@
 #!/usr/bin/env bash
+#
+# Script to create a macOS dmg file for Blender builds, including code
+# signing and notarization for releases.
 
-# create blender distribution dmg
-
-# check that we have all needed tools
-
+# Check that we have all needed tools.
 for i in osascript git codesign hdiutil xcrun ; do
     if [ ! -x "$(which ${i})" ]; then
-	echo "Unable to execute command $i, macOS broken?"
-	exit 1
+        echo "Unable to execute command $i, macOS broken?"
+        exit 1
     fi
 done
 
-# some defaults settings
-
-_scriptdir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
-_volname="Blender"
-_tmpdir="$(mktemp -d)"
-_tmpdmg="/tmp/blender-tmp.dmg"
-BACKGROUND_IMAGE="${_scriptdir}/background.tif"
-MOUNT_DIR="/Volumes/${_volname}"
-
-# handle arguments
+# Defaults settings.
+_script_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
+_volume_name="Blender"
+_tmp_dir="$(mktemp -d)"
+_tmp_dmg="/tmp/blender-tmp.dmg"
+_background_image="${_script_dir}/background.tif"
+_mount_dir="/Volumes/${_volume_name}"
 
+# Handle arguments.
 while [[ $# -gt 0 ]]; do
     key=$1
     case $key in
-	-s|--source)
-	    SRC_DIR="$2"
-	    shift
-	    shift
-	    ;;
-	-d|--dmg)
-	    DEST_DMG="$2"
-	    shift
-	    shift
-	    ;;
-	-b|--bundle-id)
-	    N_BUNDLE_ID="$2"
-	    shift
-	    shift
-	    ;;
-	-u|--username)
-	    N_USERNAME="$2"
-	    shift
-	    shift
-	    ;;
-	-p|--password)
-	    N_PASSWORD="$2"
-	    shift
-	    shift
-	    ;;
-	-c|--codesign)
-	    C_CERT="$2"
-	    shift
-	    shift
-	    ;;
-	-h|--help)
-	    echo "Usage:"
-	    echo " $(basename "$0") --source DIR --dmg IMAGENAME "
-	    echo "    optional arguments:"
-	    echo "    --codesign <certname>"
-	    echo "    --username <username>"
-	    echo "    --password <password>"
-	    echo "    --bundle-id <bundleid>"
-	    echo " Check https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution/customizing_the_notarization_workflow "
-	    exit 1
-	    ;;
+        -s|--source)
+            SRC_DIR="$2"
+            shift
+            shift
+            ;;
+        -d|--dmg)
+            DEST_DMG="$2"
+            shift
+            shift
+            ;;
+        -b|--bundle-id)
+            N_BUNDLE_ID="$2"
+            shift
+            shift
+            ;;
+        -u|--username)
+            N_USERNAME="$2"
+            shift
+            shift
+            ;;
+        -p|--password)
+            N_PASSWORD="$2"
+            shift
+            shift
+            ;;
+        -c|--codesign)
+            C_CERT="$2"
+            shift
+            shift
+            ;;
+        -h|--help)
+            echo "Usage:"
+            echo " $(basename "$0") --source DIR --dmg IMAGENAME "
+            echo "    optional arguments:"
+            echo "    --codesign <certname>"
+            echo "    --username <username>"
+            echo "    --password <password>"
+            echo "    --bundle-id <bundleid>"
+            echo " Check https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution/customizing_the_notarization_workflow "
+            exit 1
+            ;;
     esac
 done
 
@@ -79,120 +77,116 @@ if [ -z "${DEST_DMG}" ]; then
     exit 1
 fi
 
-# destroy destination dmg if there is any. be warned.
-
+# Destroy destination dmg if there is any.
 test -f "${DEST_DMG}" && rm "${DEST_DMG}"
-if [ -d "${MOUNT_DIR}" ]; then
+if [ -d "${_mount_dir}" ]; then
     echo -n "Ejecting existing blender volume.."
-    DEV_FILE=$(mount | grep "${MOUNT_DIR}" | awk '{ print $1 }')
+    DEV_FILE=$(mount | grep "${_mount_dir}" | awk '{ print $1 }')
     diskutil eject "${DEV_FILE}" || exit 1
     echo
 fi
 
-# let's go.
-
+# Copy dmg contents.
 echo -n "Copying Blender.app..."
-cp -r "${SRC_DIR}/Blender.app" "${_tmpdir}/" || exit 1
+cp -r "${SRC_DIR}/Blender.app" "${_tmp_dir}/" || exit 1
 echo
 
-# Create the disk image
+# Create the disk image.
+_directory_size=$(du -sh ${_tmp_dir} | awk -F'[^0-9]*' '$0=$1')
+_image_size=$(echo "${_directory_size}" + 200 | bc) # extra 200 need for codesign to work (why on earth?)
 
-_ds=$(du -sh ${_tmpdir} | awk -F'[^0-9]*' '$0=$1') # directory size
-_is=$(echo "${_ds}" + 200 | bc) # image size with extra 200 ! (why on earth!) for codesign to work
 echo
-echo -n "Creating disk image of size ${_is}M.."
-test -f "${_tmpdmg}" && rm "${_tmpdmg}"
-hdiutil create -size "${_is}m" -fs HFS+ -srcfolder "${_tmpdir}" -volname "${_volname}" -format UDRW "${_tmpdmg}"
+echo -n "Creating disk image of size ${_image_size}M.."
+test -f "${_tmp_dmg}" && rm "${_tmp_dmg}"
+hdiutil create -size "${_image_size}m" -fs HFS+ -srcfolder "${_tmp_dir}" -volname "${_volume_name}" -format UDRW "${_tmp_dmg}"
 
 echo "Mounting readwrite image..."
-hdiutil attach -readwrite -noverify -noautoopen "${_tmpdmg}"
+hdiutil attach -readwrite -noverify -noautoopen "${_tmp_dmg}"
 
 echo "Setting background picture.."
-if ! test -z "${BACKGROUND_IMAGE}"; then
+if ! test -z "${_background_image}"; then
     echo "Copying background image ..."
-    test -d "${MOUNT_DIR}/.background" || mkdir "${MOUNT_DIR}/.background"
-    BACKGROUND_IMAGE_NAME=$(basename "${BACKGROUND_IMAGE}")
-    cp "${BACKGROUND_IMAGE}" "${MOUNT_DIR}/.background/${BACKGROUND_IMAGE_NAME}"
+    test -d "${_mount_dir}/.background" || mkdir "${_mount_dir}/.background"
+    _background_image_NAME=$(basename "${_background_image}")
+    cp "${_background_image}" "${_mount_dir}/.background/${_background_image_NAME}"
 fi
 
-# echo "Creating link to /Applications ..."
-ln -s /Applications "${MOUNT_DIR}/Applications"
+echo "Creating link to /Applications ..."
+ln -s /Applications "${_mount_dir}/Applications"
 echo "Renaming Applications to empty string."
-mv ${MOUNT_DIR}/Applications "${MOUNT_DIR}/ "
+mv ${_mount_dir}/Applications "${_mount_dir}/ "
 
 echo "Running applescript to set folder looks ..."
-cat "${_scriptdir}/blender.applescript" | osascript
+cat "${_script_dir}/blender.applescript" | osascript
 
 echo "Waiting after applescript ..."
 sleep 5
 
 if [ ! -z "${C_CERT}" ]; then
-    # codesigning seems to be thingie. all libs and binaries need to be
-    # signed separately. todo: use some find magic to find those
+    # Codesigning requires all libs and binaries to be signed separately.
+    # TODO: use find to get the list automatically
     echo -n "Codesigning..."
-    codesign --timestamp --options runtime --sign "${C_CERT}" "${MOUNT_DIR}/Blender.app/Contents/Resources/2.80/python/bin/python3.7m"
-    codesign --timestamp --options runtime --sign "${C_CERT}" "${MOUNT_DIR}/Blender.app/Contents/Resources/2.80/python/lib/python3.7/site-packages/libextern_draco.dylib"
-    codesign --timestamp --options runtime --sign "${C_CERT}" "${MOUNT_DIR}/Blender.app/Contents/Resources/lib/libomp.dylib"
-    codesign --timestamp --options runtime --sign "${C_CERT}" "${MOUNT_DIR}/Blender.app"
+    codesign --timestamp --options runtime --sign "${C_CERT}" "${_mount_dir}/Blender.app/Contents/Resources/*/python/bin/python*"
+    codesign --timestamp --options runtime --sign "${C_CERT}" "${_mount_dir}/Blender.app/Contents/Resources/*/python/lib/python*/site-packages/libextern_draco.dylib"
+    codesign --timestamp --options runtime --sign "${C_CERT}" "${_mount_dir}/Blender.app/Contents/Resources/lib/libomp.dylib"
+    codesign --timestamp --options runtime --sign "${C_CERT}" "${_mount_dir}/Blender.app"
     echo
 else
     echo "No codesigning cert given, skipping..."
 fi
 
-
+# Need to eject dev files to remove /dev files and free .dmg for converting
 echo "Unmounting rw disk image ..."
-# need to eject dev files to remove /dev files and free .dmg for converting
-DEV_FILE=$(mount | grep "${MOUNT_DIR}" | awk '{ print $1 }')
+DEV_FILE=$(mount | grep "${_mount_dir}" | awk '{ print $1 }')
 diskutil eject "${DEV_FILE}"
 
 sleep 3
 
 echo "Compressing disk image ..."
-hdiutil convert "${_tmpdmg}" -format UDZO -o "${DEST_DMG}"
-
-# codesign the dmg
+hdiutil convert "${_tmp_dmg}" -format UDZO -o "${DEST_DMG}"
 
+# Codesign the dmg
 if [ ! -z "${C_CERT}" ]; then
     echo -n "Codesigning dmg..."
     codesign --timestamp --force --sign "${C_CERT}" "${DEST_DMG}"
     echo
 fi
 
-# cleanup
+# Cleanup
+rm -rf "${_tmp_dir}"
+rm "${_tmp_dmg}"
 
-rm -rf "${_tmpdir}"
-rm "${_tmpdmg}"
-
-# send notarization
+# Notarize
 if [ ! -z "${N_USERNAME}" ] && [ ! -z "${N_PASSWORD}" ] && [ ! -z "${N_BUNDLE_ID}" ]; then
+    # Send to Apple
     echo -n "Sending ${DEST_DMG} for notarization..."
     _tmpout=$(mktemp)
     xcrun altool --notarize-app -f "${DEST_DMG}" --primary-bundle-id "${N_BUNDLE_ID}" --username "${N_USERNAME}" --password "${N_PASSWORD}" >${_tmpout} 2>&1
 
-    # check the request uuid
-
+    # Parse request uuid
     _requuid=$(cat "${_tmpout}" | grep "RequestUUID" | awk '{ print $3 }')
     echo "RequestUUID: ${_requuid}"
     if [ ! -z "${_requuid}" ]; then
-	echo "Waiting for notarization to be complete.."
-	for c in {20..0};do
-	    sleep 600
-	    xcrun altool --notarization-info "${_requuid}" --username "${N_USERNAME}" --password "${N_PASSWORD}" >${_tmpout} 2>&1
-	    _status=$(cat "${_tmpout}" | grep "Status:" | awk '{ print $2 }')
-	    if [ "${_status}" == "invalid" ]; then
-		echo "Got invalid notarization!"
-		break;
-	    fi
-
-	    if [ "${_status}" == "success" ]; then
-		echo -n "Notarization successful! Stapling..."
-		xcrun stapler staple -v "${DEST_DMG}"
-		break;
-	    fi
-	    echo "Notarization in progress, waiting..."
-	done
+        # Wait for Apple to confirm notarization is complete
+        echo "Waiting for notarization to be complete.."
+        for c in {20..0};do
+            sleep 600
+            xcrun altool --notarization-info "${_requuid}" --username "${N_USERNAME}" --password "${N_PASSWORD}" >${_tmpout} 2>&1
+            _status=$(cat "${_tmpout}" | grep "Status:" | awk '{ print $2 }')
+            if [ "${_status}" == "invalid" ]; then
+                echo "Got invalid notarization!"
+                break;
+            fi
+
+            if [ "${_status}" == "success" ]; then
+                echo -n "Notarization successful! Stapling..."
+                xcrun stapler staple -v "${DEST_DMG}"
+                break;
+            fi
+            echo "Notarization in progress, waiting..."
+        done
     else
-	echo "Error getting RequestUUID, notarization unsuccessful"
+        echo "Error getting RequestUUID, notarization unsuccessful"
     fi
 else
     echo "No notarization credentials supplied, skipping..."