Fix XCBuild issue related to codesigning WebContent process
authorkrollin@apple.com <krollin@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 7 Feb 2019 19:26:29 +0000 (19:26 +0000)
committerkrollin@apple.com <krollin@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 7 Feb 2019 19:26:29 +0000 (19:26 +0000)
commit862ea593f3e35fa6a878f0cbb583997bb6def796
treee1b4960a1d1b0591349de52d8a2236960d4e6e2c
parent11e323bea27f470596b81402950c2d6e355957b7
Fix XCBuild issue related to codesigning WebContent process
https://bugs.webkit.org/show_bug.cgi?id=193799
<rdar://problem/47533890>

Reviewed by Brent Fulgham.

Building with XCBuild enabled results in the error message "cannot
read entitlement data" when trying to codesign the macOS XPC
processes. The reason for this error message is that there is a build
step that deletes any previous "stale" generated .xcent file before
building up a new one. With XCBuild enabled, the build steps got
re-ordered, such that the step that deletes this file could get
executed after the steps that build up the file. The built-up set of
entitlements is now gone, and the build process fails when `codesign`
tries to access it.

The apparent quick-fix to this problem -- of tweaking dependencies so
that the build steps execute in the desired order -- wouldn't work
with XCBuild. Establishing these dependencies would require both
having multiple build phases produce the same .xcent file as output,
as well as a build phase that has this file as an input and an output.
XCBuild either forbids or frowns upon these configurations.

Ultimately, the solution that worked was to take over complete control
of the codesigning process. This means (a) not specifying a base
.entitlements file that XCode uses to start with (and which was
subsequently altered via custom build scripts), (b) not letting XCode
automatically and silently inject a 'get-task-all' entitlement used to
facilitate debugging (we now add that entitlement by hand), and (c)
building up all of our entitlements by hand via a single custom
script. Because of the addition of this custom script, many other
scripts and entitlements files could now be removed.

* Configurations/BaseXPCService.xcconfig:
* Configurations/Databases-iOS.entitlements: Removed.
* Configurations/Network-OSX-restricted.entitlements: Removed.
* Configurations/Network-OSX-sandbox.entitlements: Removed.
* Configurations/Network-OSX.entitlements: Removed.
* Configurations/NetworkService.xcconfig:
* Configurations/PluginService.64.xcconfig:
* Configurations/PluginService.entitlements: Removed.
* Configurations/WebContent-OSX-sandbox.entitlements: Removed.
* Configurations/WebContent-OSX.entitlements: Removed.
* Configurations/WebContent-or-Plugin-OSX-restricted.entitlements: Removed.
* Configurations/WebContentService.xcconfig:
* Scripts/copy-webcontent-resources-to-private-headers.sh:
* Scripts/process-entitlements.sh: Added.
* Scripts/process-network-sandbox-entitlements.sh: Removed.
* Scripts/process-webcontent-or-plugin-entitlements.sh: Removed.
* Scripts/process-webcontent-sandbox-entitlements.sh: Removed.
* WebKit.xcodeproj/project.pbxproj:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241135 268f45cc-cd09-0410-ab3c-d52691b4dbfc
19 files changed:
Source/WebKit/ChangeLog
Source/WebKit/Configurations/BaseXPCService.xcconfig
Source/WebKit/Configurations/Databases-iOS.entitlements [deleted file]
Source/WebKit/Configurations/Network-OSX-restricted.entitlements [deleted file]
Source/WebKit/Configurations/Network-OSX-sandbox.entitlements [deleted file]
Source/WebKit/Configurations/Network-OSX.entitlements [deleted file]
Source/WebKit/Configurations/NetworkService.xcconfig
Source/WebKit/Configurations/PluginService.64.xcconfig
Source/WebKit/Configurations/PluginService.entitlements [deleted file]
Source/WebKit/Configurations/WebContent-OSX-sandbox.entitlements [deleted file]
Source/WebKit/Configurations/WebContent-OSX.entitlements [deleted file]
Source/WebKit/Configurations/WebContent-or-Plugin-OSX-restricted.entitlements [deleted file]
Source/WebKit/Configurations/WebContentService.xcconfig
Source/WebKit/Scripts/copy-webcontent-resources-to-private-headers.sh
Source/WebKit/Scripts/process-entitlements.sh [new file with mode: 0755]
Source/WebKit/Scripts/process-network-sandbox-entitlements.sh [deleted file]
Source/WebKit/Scripts/process-webcontent-or-plugin-entitlements.sh [deleted file]
Source/WebKit/Scripts/process-webcontent-sandbox-entitlements.sh [deleted file]
Source/WebKit/WebKit.xcodeproj/project.pbxproj