I am distributing my Python/Kivy app on Mac OS and within the signing and notarizing course of.
(My app was not developed inside Xcode).
In my Apple Developer management panel, I created my certificates and “identifier”, and downloaded my certificates including it to my Keychain.
I collect I’ve to signal my Python app one thing like the next (noting that Python apps must be signed –deep):
codesign -s Developer -v --deep --timestamp --entitlements entitlements.plist -o runtime "dist/My Software.app"
Here is my query: when is the “identifier” I created utilized to this course of. I assumed it needed to be inserted into the Data.plist file that accompanied the app?
There may be probably a spot the place it may very well be utilized within the construct course of with my Pyinstaller .spec file:
app = BUNDLE(coll,
title="My Software.app",
icon='my_application/sources/my_application.icns',
bundle_identifier="com.instance.my_application",
info_plist={
'CFBundleName': 'My Software',
'CFBundleDisplayName': 'My Software',
'CFBundleVersion': package_version,
'CFBundleShortVersionString': package_version,
'NSRequiresAquaSystemAppearance': 'No',
'NSHighResolutionCapable': 'True',
},
)
entitlements.plist:
<?xml model="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist model="1.0">
<!--
These are required for binaries constructed by PyInstaller.
For more information, see:
https://developer.apple.com/documentation/safety/hardened_runtime
https://github.com/pyinstaller/pyinstaller/points/4629
-->
<dict>
<key>com.apple.safety.cs.allow-unsigned-executable-memory</key>
<true/>
</dict>
</plist>
reference: https://haim.dev/posts/2020-08-08-python-macos-app/
