Bug 1558082 - Port bug 1471004: add entitlements url for hardened runtime signing. r=aki a=jorgk
authorRob Lemley <rob@thunderbird.net>
Tue, 11 Jun 2019 21:48:25 +0000
changeset 32269 91c99c5e2ccf481f38fb672d4ec0aadbd711eda7
parent 32268 ce375b76e006757c272f83d237c23aef6b33e9d3
child 32270 53e9ac7ed1b72fe5467f1b098c813cb1bde3ff47
push id210
push usermozilla@jorgk.com
push dateSat, 17 Aug 2019 20:45:18 +0000
treeherdercomm-esr60@009cd7edaeab [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersaki, jorgk
bugs1558082, 1471004
Bug 1558082 - Port bug 1471004: add entitlements url for hardened runtime signing. r=aki a=jorgk Use an in-tree entitlements file (path is relative to $moztopsrcdir). Use the same files as Firefox. There shouldn't be any changes needed for Thunderbird. Ported from D33859 Depends on D34636 Differential Revision: https://phabricator.services.mozilla.com/D34637
taskcluster/ci/config.yml
--- a/taskcluster/ci/config.yml
+++ b/taskcluster/ci/config.yml
@@ -77,8 +77,15 @@ partner-urls:
 
 mac-notarization:
     mac-behavior:
         by-release-type:
             nightly.*: mac_notarize
             beta.*: mac_notarize
             release.*: mac_notarize
             default: mac_sign_and_pkg
+    mac-entitlements:
+        by-platform:
+            macosx64.*:
+                by-project:
+                    comm-(central|beta|esr68): security/mac/hardenedruntime/production.entitlements.xml
+                    default: security/mac/hardenedruntime/developer.entitlements.xml
+            default: ''