def _sign_bundle_with

def _sign_bundle_with_manifest()

in tools/dossier_codesigningtool/dossier_codesigningtool.py [0:0]
35 lines of code
4 McCabe index (conditional complexity)

def _sign_bundle_with_manifest(
    root_bundle_path,
    manifest,
    dossier_directory,
    codesign_path,
    override_codesign_identity=None,
    executor=concurrent.futures.ThreadPoolExecutor()):
  """Signing a bundle with a dossier.

  Provided a bundle, dossier path, and the path to the codesign tool, will sign
  a bundle using the dossier's information.

  Args:
    root_bundle_path: The absolute path to the bundle that will be signed.
    manifest: The contents of the manifest in this dossier.
    dossier_directory: Directory of dossier to be used for signing.
    codesign_path: Path to the codesign tool as a string.
    override_codesign_identity: If set, this will override the identity
      specified in the manifest. This is primarily useful when signing an
      embedded bundle, as all bundles must use the same codesigning identity,
      and so lookup logic can be short circuited.
    executor: concurrent.futures.Executor instance to use for concurrent
      codesign invocations.

  Raises:
    SystemExit: if unable to infer codesign identity when not provided.
  """
  codesign_identity = override_codesign_identity
  provisioning_profile_filename = manifest.get(_PROVISIONING_PROFILE_KEY)
  provisioning_profile_file_path = os.path.join(dossier_directory,
                                                provisioning_profile_filename)
  if not codesign_identity:
    codesign_identity = _fetch_preferred_signing_identity(
        manifest, provisioning_profile_file_path)
  if not codesign_identity:
    raise SystemExit(
        'Signing failed - codesigning identity not specified in manifest '
        'and unable to infer identity.')

  entitlements_filename = manifest.get(_ENTITLEMENTS_KEY)
  entitlements_file_path = os.path.join(dossier_directory,
                                        entitlements_filename)

  # submit each embedded manifest to sign concurrently
  codesign_futures = _sign_embedded_bundles_with_manifest(
      manifest, root_bundle_path, dossier_directory, codesign_path,
      codesign_identity, executor)
  _wait_embedded_manifest_futures(codesign_futures)

  if provisioning_profile_file_path:
    _copy_embedded_provisioning_profile(
        provisioning_profile_file_path, root_bundle_path)

  _invoke_codesign(
      codesign_path=codesign_path,
      identity=codesign_identity,
      entitlements=entitlements_file_path,
      force_signing=True,
      disable_timestamp=False,
      full_path_to_sign=root_bundle_path)