1#!/usr/bin/env python2.7
2#
3# Copyright 2017 Google Inc.
4#
5# Use of this source code is governed by a BSD-style license that can be
6# found in the LICENSE file.
7
8import glob
9import os
10import re
11import shutil
12import subprocess
13import sys
14import tempfile
15
16# Arguments to the script:
17#  app              path to binary to package, e.g. out/Debug/dm
18app, = sys.argv[1:]
19
20# Find the Google signing identity.
21identity = None
22for line in subprocess.check_output(['security', 'find-identity']).split('\n'):
23  m = re.match(r'''.*\) (.*) ".*Google.*"''', line)
24  if m:
25    identity = m.group(1)
26assert identity
27
28# Find the Google mobile provisioning profile.
29mobileprovision = None
30for p in glob.glob(os.path.join(os.environ['HOME'], 'Library', 'MobileDevice',
31                                'Provisioning Profiles', '*.mobileprovision')):
32  if re.search(r'''<key>Name</key>
33\t<string>Google Development</string>''', open(p).read(), re.MULTILINE):
34    mobileprovision = p
35assert mobileprovision
36
37out, app = os.path.split(app)
38
39pkg = os.path.join(out, app + '.app')
40if not os.path.exists(pkg):
41  os.mkdir(pkg)
42
43# The binary and .mobileprovision just get copied into the package.
44shutil.copy(os.path.join(out, app), pkg)
45shutil.copy(mobileprovision,
46            os.path.join(pkg, 'embedded.mobileprovision'))
47
48# Write a minimal Info.plist to name the package and point at the binary.
49with open(os.path.join(pkg, 'Info.plist'), 'w') as f:
50  f.write('''
51<plist version="1.0">
52  <dict>
53    <key>CFBundleExecutable</key> <string>{app}</string>
54    <key>CFBundleIdentifier</key> <string>com.google.{app}</string>
55  </dict>
56</plist>
57'''.format(app=app))
58
59# Extract the appliciation identitifer prefix from the .mobileprovision.
60m = re.search(r'''<key>ApplicationIdentifierPrefix</key>
61\t<array>
62\t<string>(.*)</string>''', open(mobileprovision).read(), re.MULTILINE)
63prefix = m.group(1)
64
65# Write a minimal entitlements file, then codesign.
66with tempfile.NamedTemporaryFile() as f:
67  f.write('''
68<plist version="1.0">
69  <dict>
70    <key>application-identifier</key> <string>{prefix}.com.google.{app}</string>
71    <key>get-task-allow</key>         <true/>
72  </dict>
73</plist>
74'''.format(prefix=prefix, app=app))
75  f.flush()
76
77  subprocess.check_call(['codesign',
78                         '--force',
79                         '--sign', identity,
80                         '--entitlements', f.name,
81                         '--timestamp=none',
82                         pkg])
83