I've scripted this for work, but it does have to run on a mac (for me a late 2013 Macbook pro), which would make it difficult to do in the cloud.
There is a utility (written in Java) that you run through "xcrun" that can upload, check status, fetch and "staple" the result. It usually turns around within 15 minutes for me, but I haven't measured the exact time. (I'm just polling every five minutes.) Check the "log" file, because it can successfully notarize and then report in the log that your signatures are all screwed up.
Actually, that feels like a bigger issue: Does all of this have to run on a mac? That basically precludes build farms, since Apple doesn't make the xserve line anymore and doesn't play nice with virtualization. I guess you could build a farm of desktops...
You’re not kidding about the email. It’s email or manual polling, no webhooks. Strange. Well, I can suddenly imagine a lot of CI servers will be running SMTP. ;-)
> After uploading your app, the notarization process typically takes less than an hour. When the process completes, you receive an email indicating the outcome. Additionally, you can use altool with the notarization-history flag to inspect the status of all of your notarization requests
I am not a Mac developer, but this doc https://developer.apple.com/documentation/security/notarizin... claims you need 10.13 or above, which seems to run on 2009-2010 hardware. I know the latest version of Xcode 10 requires 10.14, but even that is about ~2012 hardware and newer. I think the upcoming 10.15 also has the same hardware requirements as 10.14.
Anyway, even if we say 10.14, I wouldn't call 2012 models fairly new.
