From 5bd08a343ca9b4d9088972146a00bcbaa3747e82 Mon Sep 17 00:00:00 2001
From: Alessandro Muntoni <muntoni.alessandro@gmail.com>
Date: Thu, 8 Jun 2023 11:22:58 +0200
Subject: [PATCH] add notarization team

---
 .github/workflows/CreateRelease.yml             | 2 +-
 scripts/macOS/2_deploy.sh                       | 7 ++++++-
 scripts/macOS/internal/2c_notarize_appbundle.sh | 7 ++++++-
 3 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/CreateRelease.yml b/.github/workflows/CreateRelease.yml
index eed8a321d..ec0770101 100644
--- a/.github/workflows/CreateRelease.yml
+++ b/.github/workflows/CreateRelease.yml
@@ -90,7 +90,7 @@ jobs:
     - name: Deploy
       shell: bash
       run: |
-        bash scripts/${{ runner.os }}/2_deploy.sh --cert_pssw='${{ secrets.WIN_CERTIFICATE_PSSW }}' --cert_id='${{ secrets.MACOS_CERT_ID }}' --notarization_user='${{ secrets.MACOS_NOTARIZATION_USER }}' --notarization_pssw='${{ secrets.MACOS_NOTARIZATION_PSSW }}'
+        bash scripts/${{ runner.os }}/2_deploy.sh --cert_pssw='${{ secrets.WIN_CERTIFICATE_PSSW }}' --cert_id='${{ secrets.MACOS_CERT_ID }}' --notarization_user='${{ secrets.MACOS_NOTARIZATION_USER }}' --notarization_team='${{ secrets.MACOS_NOTARIZATION_TEAM_ID }}' --notarization_pssw='${{ secrets.MACOS_NOTARIZATION_PSSW }}'
     - name: Upload MeshLab Portable
       uses: actions/upload-artifact@v3
       with:
diff --git a/scripts/macOS/2_deploy.sh b/scripts/macOS/2_deploy.sh
index 7f5f32a6d..f359e86e6 100755
--- a/scripts/macOS/2_deploy.sh
+++ b/scripts/macOS/2_deploy.sh
@@ -9,6 +9,7 @@ SIGN=false
 NOTARIZE=false
 CERT_ID=""
 NOTAR_USER=""
+NOTAR_TEAM_ID=""
 NOTAR_PASSWORD=""
 
 #checking for parameters
@@ -45,6 +46,10 @@ case $i in
         NOTAR_PASSWORD="${i#*=}"
         shift # past argument=value
         ;;
+    -nt=*|--notarization_team=*)
+        NOTAR_TEAM_ID="${i#*=}"
+        shift # past argument=value
+        ;;
     *)
         # unknown option
         ;;
@@ -62,7 +67,7 @@ if [ "$SIGN" = true ] ; then
 fi
 
 if [ "$NOTARIZE" = true ] ; then
-    bash $SCRIPTS_PATH/internal/2c_notarize_appbundle.sh -i=$INSTALL_PATH -nu=$NOTAR_USER -np=$NOTAR_PASSWORD
+    bash $SCRIPTS_PATH/internal/2c_notarize_appbundle.sh -i=$INSTALL_PATH -nu=$NOTAR_USER -nt=$NOTAR_TEAM_ID -np=$NOTAR_PASSWORD
 
     echo "======= AppBundle Notarized ======="
 fi
diff --git a/scripts/macOS/internal/2c_notarize_appbundle.sh b/scripts/macOS/internal/2c_notarize_appbundle.sh
index 29025b79c..3eb6346ca 100644
--- a/scripts/macOS/internal/2c_notarize_appbundle.sh
+++ b/scripts/macOS/internal/2c_notarize_appbundle.sh
@@ -5,6 +5,7 @@ SCRIPTS_PATH="$(dirname "$(realpath "$0")")"/..
 INSTALL_PATH=$SCRIPTS_PATH/../../install
 NOTAR_USER=""
 NOTAR_PASSWORD=""
+NOTAR_TEAM_ID=""
 
 #checking for parameters
 for i in "$@"
@@ -18,6 +19,10 @@ case $i in
         NOTAR_USER="${i#*=}"
         shift # past argument=value
         ;;
+    -nt=*|--notarization_team=*)
+        NOTAR_TEAM_ID="${i#*=}"
+        shift # past argument=value
+        ;;
     -np=*|--notarization_pssw=*)
         NOTAR_PASSWORD="${i#*=}"
         shift # past argument=value
@@ -28,7 +33,7 @@ case $i in
 esac
 done
 
-xcrun notarytool store-credentials "notarytool-profile" --apple-id "$NOTAR_USER" --password "$NOTAR_PASSWORD"
+xcrun notarytool store-credentials "notarytool-profile" --apple-id $NOTAR_USER --team-id $NOTAR_TEAM_ID --password $NOTAR_PASSWORD
 
 ditto -c -k --keepParent "$INSTALL_PATH/meshlab.app" "$INSTALL_PATH/notarization.zip"