chore: updates macos notarize step from altool to notarytool (#370)

.circleci/config.yml

@@ -68,7 +68,6 @@ workflows:
               platform: [amd_centos, arm_ubuntu, amd_macos, amd_windows]
               rust_channel: [stable]
               command: [package]
-              options: ["--verbose"]
           requires:
             - "Run cargo tests (stable rust on amd_centos)"
             - "Run cargo tests (stable rust on arm_ubuntu)"
@@ -114,7 +113,7 @@ jobs:
         enum: [lint, test, publish, package, dist]
       options:
         type: string
-        default: "--verbose"
+        default: ""
     executor: << parameters.platform >>
     steps:
       - checkout
@@ -146,7 +145,7 @@ jobs:
       - exec_xtask:
           platform: << parameters.platform >>
           command: dist
-          options: --verbose --debug
+          options: --debug
      # this should be run before the GitHub release is created
      # because it ensures that all of the files it needs
      # are in place before proceeding.
@@ -356,7 +355,7 @@ commands:
         enum: [lint, test, publish, package, dist]
       options:
         type: string
-        default: --verbose
+        default: ""
       platform:
         type: executor
       working_directory:

.gitignore

@@ -1,4 +1,5 @@
 /target
 /artifacts
 **/.DS_Store
-.idea/
+.idea/
+.env

xtask/Cargo.toml

@@ -17,6 +17,7 @@ semver = "1"
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
 serde_json_traversal = "0.2"
+shell-candy = "0.4"
 structopt = { version = "0.3", default-features = false }
 tar = "0.4"
 tempfile = "3.4"

xtask/src/commands/dist.rs

@@ -23,8 +23,8 @@ pub(crate) struct Dist {
 
 impl Dist {
     /// Builds binary crates
-    pub(crate) fn run(&self, verbose: bool) -> Result<()> {
-        let cargo_runner = CargoRunner::new(verbose)?;
+    pub(crate) fn run(&self) -> Result<()> {
+        let cargo_runner = CargoRunner::new()?;
         if let Some(package) = &self.package {
             let workspace_dir = package.get_workspace_dir()?;
             cargo_runner.build(&self.target, !self.debug, &workspace_dir)?;

xtask/src/commands/lint.rs

@@ -12,14 +12,14 @@ pub(crate) struct Lint {
 }
 
 impl Lint {
-    pub(crate) fn run(&self, verbose: bool) -> Result<()> {
-        let cargo_runner = CargoRunner::new(verbose)?;
+    pub(crate) fn run(&self) -> Result<()> {
+        let cargo_runner = CargoRunner::new()?;
         if let Some(package) = &self.package {
             cargo_runner.lint(&package.get_workspace_dir()?)?;
         } else {
             cargo_runner.lint_all()?;
         }
-        let npm_runner = NpmRunner::new(verbose)?;
+        let npm_runner = NpmRunner::new()?;
         npm_runner.lint()?;
         Ok(())
     }

xtask/src/commands/package/macos.rs

@@ -1,11 +1,11 @@
-use anyhow::{bail, ensure, Context, Result};
+use anyhow::{ensure, Context, Result};
 use semver::Version;
-use serde_json_traversal::serde_json_traversal;
 use std::io::Write as _;
 use std::path::Path;
 use std::process::{Command, Stdio};
 use structopt::StructOpt;
 
+use crate::tools::XcrunRunner;
 use crate::utils::PKG_PROJECT_ROOT;
 
 const ENTITLEMENTS: &str = "macos-entitlements.plist";
@@ -24,10 +24,6 @@ pub struct PackageMacos {
     #[structopt(long, env = "MACOS_CERT_BUNDLE_PASSWORD", hide_env_values = true)]
     cert_bundle_password: String,
 
-    /// Primary bundle ID.
-    #[structopt(long, env = "MACOS_PRIMARY_BUNDLE_ID")]
-    primary_bundle_id: String,
-
     /// Apple team ID.
     #[structopt(long, env = "APPLE_TEAM_ID")]
     apple_team_id: String,
@@ -207,82 +203,19 @@ impl PackageMacos {
         )?;
         zip.finish()?;
 
-        crate::info!("Beginning notarization process...");
-        let output = Command::new("xcrun")
-            .args(["altool", "--notarize-app", "--primary-bundle-id"])
-            .arg(&self.primary_bundle_id)
-            .arg("--username")
-            .arg(&self.apple_username)
-            .arg("--password")
-            .arg(&self.notarization_password)
-            .arg("--asc-provider")
-            .arg(&self.apple_team_id)
-            .arg("--file")
-            .arg(&dist_zip)
-            .args(["--output-format", "json"])
-            .stderr(Stdio::inherit())
-            .output()
-            .context("could not start command xcrun")?;
-        let _ = std::io::stdout().write(&output.stdout);
-        ensure!(output.status.success(), "command exited with error",);
-        let json: serde_json::Value =
-            serde_json::from_slice(&output.stdout).context("could not parse json output")?;
-        let success_message = serde_json_traversal!(json => success-message)
-            .unwrap()
-            .as_str()
-            .unwrap();
-        let request_uuid = serde_json_traversal!(json => notarization-upload => RequestUUID)
-            .unwrap()
-            .as_str()
-            .unwrap();
-        crate::info!("Success message: {}", success_message);
-        crate::info!("Request UUID: {}", request_uuid);
-
-        let start_time = std::time::Instant::now();
-        let duration = std::time::Duration::from_secs(60 * 10);
-        let result = loop {
-            crate::info!("Checking notarization status...");
-            let output = Command::new("xcrun")
-                .args(["altool", "--notarization-info"])
-                .arg(request_uuid)
-                .arg("--username")
-                .arg(&self.apple_username)
-                .arg("--password")
-                .arg(&self.notarization_password)
-                .args(["--output-format", "json"])
-                .stderr(Stdio::inherit())
-                .output()
-                .context("could not start command xcrun")?;
-
-            let status = if !output.status.success() {
-                // NOTE: if the exit status is failure we need to keep trying otherwise the
-                //       process becomes a bit flaky
-                crate::info!("command exited with error");
-                None
-            } else {
-                let json: serde_json::Value = serde_json::from_slice(&output.stdout)
-                    .context("could not parse json output")?;
-                serde_json_traversal!(json => notarization-info => Status)
-                    .ok()
-                    .and_then(|x| x.as_str())
-                    .map(|x| x.to_string())
-            };
-
-            if !matches!(
-                status.as_deref(),
-                Some("in progress") | None if start_time.elapsed() < duration
-            ) {
-                break status;
-            }
-
-            std::thread::sleep(std::time::Duration::from_secs(5));
-        };
-        match result.as_deref() {
-            Some("success") => crate::info!("Notarization successful"),
-            Some("in progress") => bail!("Notarization timeout"),
-            Some(other) => bail!("Notarization failed: {}", other),
-            None => bail!("Notarization failed without status message"),
-        }
+        let dist_zip = dist_zip.to_str().unwrap_or_else(|| {
+            panic!(
+                "path to zipped directory '{}' is not valid utf-8",
+                dist_zip.display()
+            )
+        });
+
+        XcrunRunner::new().notarize(
+            dist_zip,
+            &self.apple_username,
+            &self.apple_team_id,
+            &self.notarization_password,
+        )?;
 
         Ok(())
     }

xtask/src/commands/package/mod.rs

@@ -36,13 +36,13 @@ pub struct Package {
 }
 
 impl Package {
-    pub fn run(&self, verbose: bool) -> Result<()> {
+    pub fn run(&self) -> Result<()> {
         Dist {
             target: self.target.clone(),
             package: Some(self.package.clone()),
             debug: self.debug,
         }
-        .run(verbose)
+        .run()
         .context("Could not build package")?;
         self.package_tarball()?;
         Ok(())