highperfocused/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-07-03 20:21:34 +02:00
Code Issues Packages Projects Releases Wiki Activity

build: remove dmg dependencies

Browse Source
This commit is contained in:
fanquake
2022-11-18 12:36:20 +00:00
committed by Hennadii Stepanov
parent 33ae0bd1e4
commit b5790c35f7
10 changed files with 15 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
contrib/macdeploy/README.md
View File

@ -6,7 +6,7 @@ The `macdeployqtplus` script should not be run manually. Instead, after building
make deploy
```
When complete, it will have produced `Bitcoin-Core.dmg`.
When complete, it will have produced `Bitcoin-Core.zip`.
## SDK Extraction
@ -60,10 +60,10 @@ previous stage) as the first argument.
The `sha256sum` of the generated TAR.GZ archive should be `df75d30ecafc429e905134333aeae56ac65fac67cb4182622398fd717df77619`.
## Deterministic macOS DMG Notes
## Deterministic macOS App Notes
Working macOS DMGs are created in Linux by combining a recent `clang`, the Apple
`binutils` (`ld`, `ar`, etc) and DMG authoring tools.
macOS Applications are created in Linux by combining a recent `clang` and the Apple
`binutils` (`ld`, `ar`, etc).
Apple uses `clang` extensively for development and has upstreamed the necessary
functionality so that a vanilla clang can take advantage. It supports the use of `-F`,
@ -93,20 +93,15 @@ created using these tools. The build process has been designed to avoid includin
SDK's files in Guix's outputs. All interim tarballs are fully deterministic and may be freely
redistributed.
[`xorrisofs`](https://www.gnu.org/software/xorriso/) is used to create the DMG.
A background image is added to DMG files by inserting a `.DS_Store` during creation.
As of OS X 10.9 Mavericks, using an Apple-blessed key to sign binaries is a requirement in
order to satisfy the new Gatekeeper requirements. Because this private key cannot be
shared, we'll have to be a bit creative in order for the build process to remain somewhat
deterministic. Here's how it works:
- Builders use Guix to create an unsigned release. This outputs an unsigned DMG which
- Builders use Guix to create an unsigned release. This outputs an unsigned ZIP which
users may choose to bless and run. It also outputs an unsigned app structure in the form
of a tarball, which also contains all of the tools that have been previously (deterministically)
built in order to create a final DMG.
of a tarball.
- The Apple keyholder uses this unsigned app to create a detached signature, using the
script that is also included there. Detached signatures are available from this [repository](https://github.com/bitcoin-core/bitcoin-detached-sigs).
- Builders feed the unsigned app + detached signature back into Guix. It uses the
pre-built tools to recombine the pieces into a deterministic DMG.
pre-built tools to recombine the pieces into a deterministic ZIP.