git-adm/applepy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Changed from onedir to one file to fix pyinstaller workflow

Browse Source
This commit is contained in:
Warezpeddler
2026-05-05 11:00:59 +01:00
parent 2adb75fc0d
commit a67459e7e0
2 changed files with 10 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
applepy.spec
View File

@@ -1,5 +1,5 @@
# PyInstaller spec: `pip install -e ".[bundle]"` then `pyinstaller applepy.spec` # PyInstaller spec: `pip install -e ".[bundle]"` then `pyinstaller applepy.spec`
# Produces dist/applepy (one-folder) with bundled applepy data (JSON, optional compliance trees). # Produces dist/applepy (single self-contained binary) with bundled applepy data (JSON, optional compliance trees).
# Run scripts/vendor_compliance_assets.sh before building to embed mSCP + Lynis (not in git). # Run scripts/vendor_compliance_assets.sh before building to embed mSCP + Lynis (not in git).
from pathlib import Path from pathlib import Path
@@ -11,12 +11,7 @@ _SPEC_DIR = Path(SPECPATH)
def _mscp_data_files_excluding_generated(mscp: Path) -> list[tuple[str, str]]: def _mscp_data_files_excluding_generated(mscp: Path) -> list[tuple[str, str]]:
""" """Per-file datas for mSCP: omit ``build/`` (generate_guidance output) and ``.git``."""
Per-file datas for mSCP: omit ``build/`` (output from generate_guidance on the host) and ``.git``.
Shipping ``build/`` bloats the bundle and, after ``sudo dist/.../applepy``, can leave root-owned
trees that break the next PyInstaller clean of ``dist/applepy``.
"""
prefix = Path("applepy/data/macos_security") prefix = Path("applepy/data/macos_security")
out: list[tuple[str, str]] = [] out: list[tuple[str, str]] = []
for p in mscp.rglob("*"): for p in mscp.rglob("*"):
@@ -97,8 +92,10 @@ pyz = PYZ(a.pure)
exe = EXE( exe = EXE(
pyz, pyz,
a.scripts, a.scripts,
a.binaries,
a.datas,
[], [],
exclude_binaries=True, exclude_binaries=False,
name="applepy", name="applepy",
debug=False, debug=False,
bootloader_ignore_signals=False, bootloader_ignore_signals=False,
@@ -111,11 +108,3 @@ exe = EXE(
codesign_identity=None, codesign_identity=None,
entitlements_file=None, entitlements_file=None,
) )
coll = COLLECT(
exe,
a.binaries,
a.datas,
strip=False,
upx=False,
name="applepy",
)

17
scripts/build_bundle.sh
View File

@@ -1,5 +1,5 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# Build one-folder PyInstaller distribution (see applepy.spec). Requires: pip install -e ".[bundle]" # Build single-file PyInstaller binary (see applepy.spec). Requires: pip install -e ".[bundle]"
# By default fetches NIST macos_security + Lynis into applepy/data/ (git + network). Offline: # By default fetches NIST macos_security + Lynis into applepy/data/ (git + network). Offline:
# SKIP_VENDOR_COMPLIANCE=1 ./scripts/build_bundle.sh # SKIP_VENDOR_COMPLIANCE=1 ./scripts/build_bundle.sh
set -euo pipefail set -euo pipefail
@@ -17,15 +17,8 @@ fi
python -m pip install -q -e ".[bundle]" python -m pip install -q -e ".[bundle]"
DIST_OUT="${ROOT}/dist/applepy" DIST_OUT="${ROOT}/dist/applepy"
if [[ -e "${DIST_OUT}" ]]; then if [[ -e "${DIST_OUT}" ]]; then
echo "Removing previous bundle: ${DIST_OUT}" echo "Removing previous binary: ${DIST_OUT}"
if ! rm -rf "${DIST_OUT}"; then rm -rf "${DIST_OUT}"
echo "ERROR: Could not remove ${DIST_OUT}." >&2
echo "This usually means root-owned files under .../macos_security/build from a prior sudo run of the bundle." >&2
echo "Fix: sudo rm -rf \"${DIST_OUT}\"" >&2
echo "Then re-run this script. The spec omits mSCP build/ from the bundle to avoid shipping host output." >&2
exit 1
fi
fi fi
python -m PyInstaller --noconfirm "${ROOT}/applepy.spec" python -m PyInstaller --noconfirm --clean "${ROOT}/applepy.spec"
echo "Output: ${ROOT}/dist/applepy/ → run: dist/applepy/applepy --help" echo "Output: ${ROOT}/dist/applepy → run: dist/applepy --help"
echo "Note: build/applepy/ is PyInstallers work dir only (no _internal/). Do not run that copy."