Deprecation Notifier (Part One): Building
2 minute read
Categories: macos macops deprecation_notifier
Let this post serve as a brief overview on how to build a customized, signed build of Google’s Deprecation Notifier utility. I say brief as it assumes you’ve got a mechanism to deploy, and already have a means by which to trigger the application. I’ll touch on this a bit more near the end, but for now… Onward!
Pre-Requisites:
- GitHub account
- Apple Developer Account
Requirements:
- Xcode IDE
- Local clone of Google’s macops repository
Steps:
First, let’s clone the repository and open it in Xcode:
$ git clone https://github.com/google/macops.git
$ open macops/deprecation_notifier/DeprecationNotifier.xcodeproj
Next, we need to modify Localizable.strings
to declare the macOS version that is desired (expectedVersion
) and a variety of other settings which determine Deprecation Notifier’s behavior. As you’ll see, all of these settings are commented with descriptions, so you can piece that together.
We’ve now done all that is absolutely necessary for us to build and deploy Deprecation Notifier, but I want to go a step further and put that Apple Developer certificate to good use, so let’s configure the project to sign our .app
after building.
Navigate back to the projects root in Xcode’s left-hand pane, and then head to the ‘General’ view from the top navigation bar. Here we’re going to modify the Bundle Identifier to match our company’s reverse domain name, and allow Xcode to sign our build of DeprecationNotifier.app
with the Apple Developer certificate in our Keychain:
Ready to build? Not so fast; let’s test this sucker, first.
Xcode allows us to build and execute the application within the IDE before we actually churn out a .app
file by going to ‘Product’ > ‘Run’ from the toolbar (or Command+R
). Assuming your local macOS version does not meet the expectedVersion
set in Localizable.strings
, you should be hit with the infamous blackout.
Finally, we’re ready to let Xcode throw together DeprecationNotifier.app
and sign it, then we will validate the code signature and you’ll have a deployable application!
To build our production application, we navigate to ‘Product’ > ‘Build For’ > ‘Running’ from the toolbar (or Command+Shift+R
). After thinking for a moment, you’ll see that glorious alert…
“Build Succeeded”
After you see your build was successful, we can then verify the code signature using:
$ /usr/bin/codesign -dv /path/to/your/DeprecationNotifier.app
That’s it!
Now you just need to deploy it, and determine your preferred means of invoking it; I prefer using a custom LaunchAgent, but there’s no reason that you couldn’t have it triggered by a run of Chef, as a postflight to a Munki run, or whatever ace you’ve got up your sleeve.