Tuesday, March 9, 2021

Provisioning MacOS Big Sur Devices

 When you need to set up one of your brand new macOS Big Sur computers as a test device (as described in "Register Test Devices" in a previous post), be aware that Apple has changed the required value for current devices.  When you visit System Report -> Hardware, there are now two entries in the Hardware Overview: Hardware UDID and Provisioning UDID.  You must use the Provisioning UDID when you register your device on your developer device list.  For Macs that have been upgraded to Big Sur, these two IDs are probably the same.  But on a fresh new Big Sur device, they most likely will not be the same.

If you try to use the incorrect Hardware ID, you will probably get a cryptic error message saying something like "You do not have permission to open the application".  (See this StackOverflow post.)  It's non-obvious, but if you look at the console for the system log, you might see a message saying "Provisioning Profile Validation: profile 'XXXXX' is not provisioned for this device (<private>)".  That's a good indication that you've used the wrong UDID.

Friday, February 19, 2021

Signing & Notarizing a MacOS Gamemaker Application

So you need to manually sign and notarize a MacOS application, and it isn’t working out of the box.  Here’s the steps that worked for me, in particular for a Gamemaker VM build of a project.  Obviously this could be automated via a shell script, if you so desire.

First, manually sign the application. Using --force and --deep make it replace and be recursive, both of which we want here.  Having --timestamp is required for notarization, and was not present in Gamemaker's default signing.  Using options=runtime will set it to use hardened runtime, which is also required for notarization.  Note that the certificate you sign with has to be a Developer ID Application and you MUST have the private key locally.  If you can't open the key listing and see someone's name underneath in the keychain, don’t expect it to work because that’s only a public key.

You’ll want to have an entitlements file.  This needs to contain at least the com.apple.security.automation.apple-events if you're doing a hardened runtime, and past experience has shown me that bluetooth and USB access are generally necessary for gamepad.  An example entitlements file is here, though those bottom few may not all be needed depending on your game and engine.

codesign --sign "Developer ID Application: COMPANY NAME, LLC" "Your Game.app" --force --deep --timestamp --options=runtime --entitlements game.entitlements

After this is done, zip the app.  I read in more than one place to use this command-line rather than the right-click menu’s “compress” feature, though I’m not sure that’s really true.  Still, easy enough.

/usr/bin/ditto -c -k --keepParent "Your Game.app" YourGameBuildMacSteam_Resigned.zip

Now that you’ve signed the build and made a new archive of that, you’ll need to submit it for notarization.  Note that asc-provider should match the organization of the Developer ID application in the first step, and I’ve obfuscated the one I used.  The password is for an app-specific password, which you probably have around but you’ll need to create one if not.  Finally, you can add the password to your keychain with an alias so it doesn't end up in the command-line directly, which is what I did here.  That’s important if you want to write a shell script for these steps and check it in.

xcrun altool --notarize-app --primary-bundle-id "com.company.yourgame" --username flast@company.com --password "@keychain:APP_PASSWORD" --asc-provider J93FFYZ67E --file YourGameMacSteam_Resigned.zip

This command will output a randomly generated ID, keep that around.  Now you wait.

If things go well, you’ll get an e-mail from Apple after a while saying notarization is a success.  If notarization succeeds, you'll need to staple the result to the app.  Note that this is the app, not the zip.  I assume it figures out what to do based on the signature.

xcrun stapler staple "Your Game.app"

At this point, you should be able to upload your application to Steam, or zip it (remember, your existing zip is now out of date) and distribute it.

If notarization failed, the e-mail from Apple will say as much.  You can use altool to ask for reasons of the failure, using that randomly generated ID that you hopefully kept around.

xcrun altool --notarization-info fdeb1abc-25ae-43f1-8bca-97b89078196c --username flast@company.com --password "@keychain:APP_PASSWORD”

Assuming the process is completed, this will give you a URL you can paste into a web browser.  Sometimes the listed reasons are clear and other times not. If the process isn’t yet complete, it’ll say so.

Wednesday, December 9, 2020

Unto the End!

Unto the End is a thrilling, high-difficulty action-adventure.  Guide a father in a harsh quest through snowy landscapes and frozen caverns, as he seeks a return to his family.  Highly skill-based combat make for intense gameplay as you move seamlessly from one environment to the next!

We helped bring Unto the End to Stadia, and you can check out the Steam version here!

Thursday, December 3, 2020

The Legend of Bum-Bo!

Chase down your beloved coin and take out the trash, in this roguelike puzzle adventure!  We helped TheLabel Games bring Legend of Bum-Bo to Android, where it's available as part of a Play Pass subscription!  Trek through the sewers, brave a wide variety of poops, and show that mysterious jerk that nobody can scare Bum-Bo!

Available on Google Play here!

Monday, October 26, 2020

Universal Windows Platform and Unity

Working on a UWP title for Unity, we've run into several obscure issues that may help some other people out.  First off, here are the full Xbox Live plugins (grab the linked .unitypackage):


There's a helpful link in there about setting up more detailed Unity features for UWP and Xbox Live.  The biggest thing there for us was the note about setting the "InternetClient" capability in the UWP publish settings inside Unity PlayerSettings.  Without this, trying to unlock achievements will give you a cryptic error message: "The application does not have the cloud notification capability"

Also useful is getting multi-user support, which will allow you to support the user picker on appropriate platforms.  Specifically, you have to edit the Package.appxmanifest file after building your UWP solution to add "<uap:SupportedUsers>multiple</uap:SupportedUsers>" to the Properties section.  It's briefly mentioned in the "Building and Testing UWP" section of this page.

Friday, October 16, 2020

The Collage Atlas!

A beautifully hand-drawn journey though surreal landscapes, the Collage Atlas is the creation of John Evelyn, and we helped bring it to Apple Arcade!  A must for any fan of meaningful adventure and storytelling!

If you're a subscriber to Apple Arcade, you can find it on the App Store here!