PlanToCode
Zurück zur Dokumentation
Deployment

macOS Distribution

Signing, notarization, DMG packaging, and updater artifacts.

10 min Lesezeit

Distributing on macOS requires code signing, notarization, and proper packaging. This document covers the complete process for PlanToCode.

Code Signing

All binaries must be signed with an Apple Developer ID:

  • Developer ID Application certificate for app signing
  • Developer ID Installer certificate for PKG signing
  • Certificates stored in CI secrets, imported to keychain
  • Hardened runtime enabled for notarization compatibility

Entitlements

Required entitlements for PlanToCode features:

  • com.apple.security.cs.allow-jit
  • com.apple.security.cs.allow-unsigned-executable-memory
  • com.apple.security.device.audio-input
  • com.apple.security.network.client
  • com.apple.security.files.user-selected.read-write

Build Process

Steps to build a signed release:

  1. Run pnpm tauri build --target universal-apple-darwin
  2. Tauri signs with APPLE_SIGNING_IDENTITY from environment
  3. Universal binary created with lipo for Intel + ARM
  4. DMG packaged with custom background and layout

Universal Binaries

PlanToCode ships as a universal binary:

  • Single .app supports both Intel and Apple Silicon
  • Built with --target universal-apple-darwin
  • Slightly larger binary but simpler distribution
  • Native performance on both architectures

Notarization

Apple notarization is required for Gatekeeper approval:

  • DMG submitted to Apple notary service
  • Uses notarytool with App Store Connect credentials
  • Stapling attaches notarization ticket to DMG
  • Process takes 1-5 minutes typically

In-App Updates

tauri-plugin-updater handles automatic updates:

  • Checks update endpoint on launch
  • Downloads new version in background
  • Prompts user to restart to apply
  • Signature verification before installation

Update Manifest

latest.json describes available updates:

  • version: Semantic version string
  • platforms.darwin-universal: URL and signature
  • notes: Release notes in markdown
  • pub_date: ISO 8601 publish timestamp

Common Pitfalls

Issues frequently encountered:

  • Keychain locked during CI: Unlock before signing
  • Notarization timeout: Retry with exponential backoff
  • Invalid signature: Check entitlements match capabilities
  • Gatekeeper rejection: Verify notarization stapled correctly

Verification Commands

Commands to verify signing and notarization:

  • codesign -dv --verbose=4 PlanToCode.app
  • spctl --assess --verbose PlanToCode.app
  • stapler validate PlanToCode.dmg
  • xcrun notarytool log <submission-id>