#!/bin/bash
set -e

function exit_error {
  for msg in "$@"
  do
    echo "$msg" >&2
  done
  exit 1
}

test $# -eq 2 || exit_error "Wrong number of arguments"
dmg_file="$1"
Proj_Name="$2"

rcodesign_signing_p12_file=/home/signing-macos/keys/key-1.p12
test -f "$rcodesign_signing_p12_file" || exit_error "$rcodesign_signing_p12_file is missing"

tmpdir=$(mktemp -d)
trap "rm -Rf $tmpdir" EXIT
cd "$tmpdir"
7z x "$dmg_file"

pwdir=/run/lock/rcodesign-pw
trap "rm -Rf $pwdir" EXIT
rm -Rf "$pwdir"
mkdir "$pwdir"
chmod 700 "$pwdir"
cat > "$pwdir/rcodesign-pw-2" << EOF
$RCODESIGN_PW
EOF
tr -d '\n' < "$pwdir/rcodesign-pw-2" > "$pwdir/rcodesign-pw"
rm "$pwdir/rcodesign-pw-2"
/signing/rcodesign/rcodesign sign \
  --code-signature-flags runtime \
  --entitlements-xml-path /signing/tor-browser-build/tools/signing/${tbb_version_type}.entitlements.xml \
  --timestamp-url http://timestamp.apple.com:8080/ts01 \
  --p12-file "$rcodesign_signing_p12_file" \
  --p12-password-file "$pwdir/rcodesign-pw" \
  -- "$Proj_Name/$Proj_Name.app"
rm -f "$pwdir/rcodesign-pw"
rmdir "$pwdir"
tar -C "$Proj_Name" -caf "/home/signing-macos/last-signed-$Proj_Name.tar.zst" "$Proj_Name.app"
cd -
rm -Rf "$tmpdir"
