VST across Macs | CMake & AAX/AU/VST Exporting | Forum

Avatar

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
VST across Macs
Avatar
Member
Members
May 13, 2020 - 4:15 am
Member Since: February 21, 2020
Forum Posts: 56
sp_UserOfflineSmall Offline

Hey guys! 

I am finally using book 2 and feel like I have learnt so much! Today I going to use my personal plugin at the studio computer to give it a good run, but it doesn't show on my mac, only the mac I exported the VST3 on. I signed the file with my developer account as I have one for a iPhone app I am working on commercially. 

Has anyone run into this issue?

Avatar
Admin
May 13, 2020 - 2:34 pm
Member Since: January 29, 2017
Forum Posts: 693
sp_UserOfflineSmall Offline

When you compile the plugin after exporting, it will place the VST3 in the mac-specific library for "user plugins" which is:

~/Library/Audio/Plug-Ins/VST3/

On ASPiK VST3 builds for MacOS, a SymLink (shortcut) to the VST3 is automatically placed there, so it shows up instantly in your DAW. The actual plugin is in your:

/project/mac_build/VST3/Debug

or

/project/mac_build/VST3/Debug/Release

folder depending on your configuration. 

So, to install on a new computer you need to copy the /project/mac_build/VST3/... version into the user's ~/Library/Audio/Plug-Ins/VST3/ folder, or you need to install it to a known (safe) location, then make a SymLink in the /VST3 folder. 

Notice that there is a second VST3 destination folder:

/Library/Audio/Plug-Ins/VST3/

which is most likely where your commercially purchased plugins reside. When you sell the plugin, you need to create the installer for that part. 

I use the first one (~/Library/Audio/Plug-Ins/VST3/) because the other is a protected folder that requires a password or your fingerprint to access it, and the build would fail in XCode as this copy is the last step after the validator runs. In addition, the VST3 SDK sample projects are setup the same way and use the same CMake script as the ASPiK plugins.

This information (as well as the details for AU and AAX) is in the ASPiK documentation; for VST3 it is here:

http://aspikplugins.com/sdkdoc.....ugins.html

Will 

Avatar
Member
Members
May 14, 2020 - 10:52 pm
Member Since: February 21, 2020
Forum Posts: 56
sp_UserOfflineSmall Offline

I believe that the issue is actually on the mac OS side of things, as what you said above works true for the computer I compile it on, where if I take it to another mac it doesn't work. Using codesign reveals that it is an unnotarised Developer ID Signed vst3. So I have submitted it to be notarised as a trial to see if this is the issue.

One thing I have noticed, which maybe a known issue or bug or something. When I compile multiple times, or change settings to prepare for notarisation (the requirement for 10.15) the GUI inside Ableton dis-appears as though it has one no longer. Cleaning the build folder and recompiling failed, as did deleting the entire folder and running cmake inside the mac build again and starting fresh. A complete new export was required from RackAFX. So not sure on this matter, trying to investigate further. 

 

Prepare Your Software for Notarisation - https://developer.apple.com/documentation/xcode/notarizing_macos_software_before_distribution

Avatar
Admin
May 15, 2020 - 6:02 pm
Member Since: January 29, 2017
Forum Posts: 693
sp_UserOfflineSmall Offline

I have not had that issue with any GUI since ASPiK 1.6.3, which did have an issue and it had to do with the bundle name (ID) but that has been fixed for a couple of revisions. ASPiK 1.6.5 (and new RackAFX) also fixed an issue with Release versions but for AU only (having to do with cocoa gui).

Thanks for the apple link!

Avatar
Anglia
Member
Members
January 25, 2022 - 9:35 pm
Member Since: June 2, 2014
Forum Posts: 46
sp_UserOfflineSmall Offline

I'm ready to give up on this whole Apple thing

I bought a Developer ID Application subscription. Learnt how to build different architectures and deep sign the plugins. When I share them with a mate over Skype, he can load them on his Intel Mac (I'm building on an M1 MBP).

codesign --deep --strict --force --verify --verbose --options runtime --sign "$developer_id" --arch $arch $vst3_buildfile --timestamp

Now when I upload a zip file with all my plugins (VST3 or AU, doesn't make any difference) to GitHub, they can't be loaded coz the Mac (even my own) complains 

can’t be opened because Apple cannot check it for malicious software.

 

This software needs to be updated. Contact the developer for more information.

 

Safari downloaded this file today at 00:04 from objects.githubusercontent.com.

I'm trying to notarize them now, but can't make head nor tail of the meaning of the parameters or the feedback

xcrun altool --notarize-app --primary-bundle-id "developer.au.autoq.bundleID" --username "(my apple id)" --password "(secret)" --file ~/Documents/Doomsville/Releases/MacOS/AU/x86_64/AutoQ_AU.component.zip

Then I just get

xcrun altool --notarization-history 0 -u (my apple id)) -p (secret)

 

Notarization History - page 0

 

Date                      RequestUUID                          Status  Status Code Status Message  

------------------------- ------------------------------------ ------- ----------- --------------- 

2022-01-26 02:18:07 +0000 26f66d61-1784-471a-86c9-16f9468c3dfe invalid 2           Package Invalid 

2022-01-26 01:57:21 +0000 3a451285-1e8e-4fa4-b16d-ecf7708beba0 invalid 2           Package Invalid 

2022-01-26 01:20:05 +0000 732db63b-3835-4e51-af0c-943dcb8ed2f2 invalid 2           Package Invalid 

2022-01-26 00:58:38 +0000 a609d052-a2dd-4418-b536-c8c5cac4c2d3 invalid 2           Package Invalid 

2022-01-26 00:54:00 +0000 1c1d087c-9f93-4f41-9c31-1aaa6089c77d invalid 2           Package Invalid 

 

Next page value: 1643158440000

spctl -vvv --raw --assess --type exec AU/Release/AutoQ_AU.component

objc[58373]: Class SPExecutionPolicy is implemented in both /System/Library/PrivateFrameworks/SystemPolicy.framework/Versions/A/SystemPolicy and /usr/sbin/spctl. One of the two will be used. Which one is undefined.

objc[58373]: Class AppWrapper is implemented in both /System/Library/PrivateFrameworks/SystemPolicy.framework/Versions/A/SystemPolicy and /usr/sbin/spctl. One of the two will be used. Which one is undefined.

objc[58373]: Class AppWrapperPolicyResult is implemented in both /System/Library/PrivateFrameworks/SystemPolicy.framework/Versions/A/SystemPolicy and /usr/sbin/spctl. One of the two will be used. Which one is undefined.

objc[58373]: Class AppWrapperPolicy is implemented in both /System/Library/PrivateFrameworks/SystemPolicy.framework/Versions/A/SystemPolicy and /usr/sbin/spctl. One of the two will be used. Which one is undefined.

objc[58373]: Class SPLog is implemented in both /System/Library/PrivateFrameworks/SystemPolicy.framework/Versions/A/SystemPolicy and /usr/sbin/spctl. One of the two will be used. Which one is undefined.

objc[58373]: Class MIS is implemented in both /System/Library/PrivateFrameworks/SystemPolicy.framework/Versions/A/SystemPolicy and /usr/sbin/spctl. One of the two will be used. Which one is undefined.

objc[58373]: Class SPExecutionHistoryItem is implemented in both /System/Library/PrivateFrameworks/SystemPolicy.framework/Versions/A/SystemPolicy and /usr/sbin/spctl. One of the two will be used. Which one is undefined.

objc[58373]: Class SPExecutionPolicyItem is implemented in both /System/Library/PrivateFrameworks/SystemPolicy.framework/Versions/A/SystemPolicy and /usr/sbin/spctl. One of the two will be used. Which one is undefined.

objc[58373]: Class SPDeveloperPolicy is implemented in both /System/Library/PrivateFrameworks/SystemPolicy.framework/Versions/A/SystemPolicy and /usr/sbin/spctl. One of the two will be used. Which one is undefined.

objc[58373]: Class GKScanResult is implemented in both /System/Library/PrivateFrameworks/SystemPolicy.framework/Versions/A/SystemPolicy and /usr/sbin/spctl. One of the two will be used. Which one is undefined.

AU/Release/AutoQ_AU.component: rejected

 

 

assessment:authority

 

assessment:authority:flags

0

assessment:authority:row

13

assessment:authority:source

Unnotarized Developer ID

 

assessment:originator

Developer ID Application: Steve Dwyer (N535LFYH6S)

assessment:remote

 

assessment:verdict

 

 

origin=Developer ID Application: Steve Dwyer (N535LFYH6S)

I'm at the point where I'm gonna tell people to get with the program and buy a Windows machine.

Avatar
Anglia
Member
Members
January 26, 2022 - 5:11 pm
Member Since: June 2, 2014
Forum Posts: 46
sp_UserOfflineSmall Offline

I've given up on Notarization - I spent two days on it, read +/- 100 web pages, each either copying the other or with slightly different suggestions. Got my plugins signed, and have now found a workaround for when I've downloaded them from the web to test that: In System Preferences -> Security & Private -> General: Open Anyway. You only need to do it once, then you'll never get bothered again.

I only bought my Mac in November and my Apple Developer Subscription in January, so I have a whole year now to decide whether to discontinue support for Apple in the long run, or maybe I'll get lucky and find a way to notarize plugins, but I'm not going to lose any more sleep over it, I'm already suffering from serious fatigue.

Avatar
Anglia
Member
Members
January 26, 2022 - 7:32 pm
Member Since: June 2, 2014
Forum Posts: 46
sp_UserOfflineSmall Offline

I actually opened a support ticket with Apple Developer for this, as I think they should give developers commands that work. I sent the support staff member output from my auval and spctl. I'm not really hopeful of any groundbreaking progress, but I got two free support tickets with my subscription, so thought I may as well use it.

Avatar
Anglia
Member
Members
January 29, 2022 - 3:34 pm
Member Since: June 2, 2014
Forum Posts: 46
sp_UserOfflineSmall Offline

StevieD said
I actually opened a support ticket with Apple Developer for this, as I think they should give developers commands that work. I sent the support staff member output from my auval and spctl. I'm not really hopeful of any groundbreaking progress, but I got two free support tickets with my subscription, so thought I may as well use it.  

I only got a 1st-Line response from Apple, with links to pages I'd already visited. Seems I needed to open a Code-Level support ticket, which I thought I'd done. I don't think I shall bother right now.

I have noticed though, that when creating the archive, no "product" is copied into the archive, so the required options to 'distribute' it, an essential step to getting it notarized, aren't available 

Image Enlarger

Image Enlarger

I read online that this can be caused by too few, or too many products in the archive, and that this is related to the "Skip install" option on the various targets. I tried every possible permutation of this setting across all the targets, but I always get zero Products in the archive. I also tried a scripted archive & notarization, but the error I get back when running xcodebuild -exportArchive, is indicative of the same, the missing options. It complains that the method developer-is isn't a valid method (with an empty list of methods, {}).

Is there something I can change in the cmake files to get this set up right for the build? I'm pretty new to cmake, but I've bought a book and intended to at least the basics under my belt. I've already spent far too long on this, and do have a workaround https://github.com/DoomyDwyer/ASPiKProjects/blob/main/UserGuides/workaround_macos_notarization.md

Avatar
Anglia
Member
Members
January 30, 2022 - 8:18 pm
Member Since: June 2, 2014
Forum Posts: 46
sp_UserOfflineSmall Offline

I've done some tweaking of my project, but, despite now having a Product in the Products directory of the xcode archive file, XCode is still only seeing this as a "Generic XCode Archive". Here are the contents of my archive, including the .component. Does anyone have any ideas or experience with similar issues?

stevedwyer@Steves-MacBook-Pro Memento_AU 31-01-2022, 01.13.xcarchive % ls -laR

total 8

drwxr-xr-x  6 stevedwyer  staff  192 31 Jan 01:13 .

drwxr-xr-x  4 stevedwyer  staff  128 31 Jan 01:13 ..

-rw-r--r--  1 stevedwyer  staff  395 31 Jan 01:13 Info.plist

drwxr-xr-x@ 3 stevedwyer  staff   96 31 Jan 01:12 Products

drwxr-xr-x  3 stevedwyer  staff   96 31 Jan 01:13 SCMBlueprint

drwxr-xr-x  2 stevedwyer  staff   64 31 Jan 01:13 dSYMs

 

./Products:

total 0

drwxr-xr-x@ 3 stevedwyer  staff   96 31 Jan 01:12 .

drwxr-xr-x  6 stevedwyer  staff  192 31 Jan 01:13 ..

drwxr-xr-x  3 stevedwyer  staff   96 31 Jan 01:13 Memento_AU.component

 

./Products/Memento_AU.component:

total 0

drwxr-xr-x  3 stevedwyer  staff   96 31 Jan 01:13 .

drwxr-xr-x@ 3 stevedwyer  staff   96 31 Jan 01:12 ..

drwxr-xr-x  7 stevedwyer  staff  224 31 Jan 01:12 Contents

 

./Products/Memento_AU.component/Contents:

total 16

drwxr-xr-x  7 stevedwyer  staff   224 31 Jan 01:12 .

drwxr-xr-x  3 stevedwyer  staff    96 31 Jan 01:13 ..

-rw-r--r--  1 stevedwyer  staff  1832 31 Jan 01:12 Info.plist

drwxr-xr-x  3 stevedwyer  staff    96 31 Jan 01:13 MacOS

-rw-r--r--  1 stevedwyer  staff     8 31 Jan 01:12 PkgInfo

drwxr-xr-x  4 stevedwyer  staff   128 31 Jan 01:12 Resources

drwxr-xr-x  3 stevedwyer  staff    96 31 Jan 01:12 _CodeSignature

 

./Products/Memento_AU.component/Contents/MacOS:

total 7928

drwxr-xr-x  3 stevedwyer  staff       96 31 Jan 01:13 .

drwxr-xr-x  7 stevedwyer  staff      224 31 Jan 01:12 ..

-rwxr-xr-x  1 stevedwyer  staff  4059088 31 Jan 01:13 Memento_AU

 

./Products/Memento_AU.component/Contents/Resources:

total 920

drwxr-xr-x  4 stevedwyer  staff     128 31 Jan 01:12 .

drwxr-xr-x  7 stevedwyer  staff     224 31 Jan 01:12 ..

drwxr-xr-x  3 stevedwyer  staff      96 31 Jan 01:12 Memento_AU.bundle

-rw-r--r--  1 stevedwyer  staff  469591 31 Jan 01:12 PluginGUI.uidesc

 

./Products/Memento_AU.component/Contents/Resources/Memento_AU.bundle:

total 0

drwxr-xr-x  3 stevedwyer  staff   96 31 Jan 01:12 .

drwxr-xr-x  4 stevedwyer  staff  128 31 Jan 01:12 ..

drwxr-xr-x  6 stevedwyer  staff  192 31 Jan 01:12 Contents

 

./Products/Memento_AU.component/Contents/Resources/Memento_AU.bundle/Contents:

total 16

drwxr-xr-x  6 stevedwyer  staff   192 31 Jan 01:12 .

drwxr-xr-x  3 stevedwyer  staff    96 31 Jan 01:12 ..

-rw-r--r--  1 stevedwyer  staff  1159 31 Jan 01:12 Info.plist

drwxr-xr-x  3 stevedwyer  staff    96 31 Jan 01:12 MacOS

-rw-r--r--  1 stevedwyer  staff     8 31 Jan 01:12 PkgInfo

drwxr-xr-x  3 stevedwyer  staff    96 31 Jan 01:12 _CodeSignature

 

./Products/Memento_AU.component/Contents/Resources/Memento_AU.bundle/Contents/MacOS:

total 208

drwxr-xr-x  3 stevedwyer  staff      96 31 Jan 01:12 .

drwxr-xr-x  6 stevedwyer  staff     192 31 Jan 01:12 ..

-rwxr-xr-x  1 stevedwyer  staff  106256 31 Jan 01:12 Memento_AU

 

./Products/Memento_AU.component/Contents/Resources/Memento_AU.bundle/Contents/_CodeSignature:

total 8

drwxr-xr-x  3 stevedwyer  staff    96 31 Jan 01:12 .

drwxr-xr-x  6 stevedwyer  staff   192 31 Jan 01:12 ..

-rw-r--r--  1 stevedwyer  staff  2200 31 Jan 01:12 CodeResources

 

./Products/Memento_AU.component/Contents/_CodeSignature:

total 8

drwxr-xr-x  3 stevedwyer  staff    96 31 Jan 01:12 .

drwxr-xr-x  7 stevedwyer  staff   224 31 Jan 01:12 ..

-rw-r--r--  1 stevedwyer  staff  3616 31 Jan 01:12 CodeResources

 

./SCMBlueprint:

total 8

drwxr-xr-x  3 stevedwyer  staff    96 31 Jan 01:13 .

drwxr-xr-x  6 stevedwyer  staff   192 31 Jan 01:13 ..

-rw-r--r--  1 stevedwyer  staff  2269 31 Jan 01:13 Memento_UNIVERSAL.xcscmblueprint

 

./dSYMs:

total 0

drwxr-xr-x  2 stevedwyer  staff   64 31 Jan 01:13 .

drwxr-xr-x  6 stevedwyer  staff  192 31 Jan 01:13 ..

stevedwyer@Steves-MacBook-Pro Memento_AU 31-01-2022, 01.13.xcarchive % 

Avatar
Anglia
Member
Members
March 19, 2022 - 5:24 pm
Member Since: June 2, 2014
Forum Posts: 46
sp_UserOfflineSmall Offline

I did finally get this working, so I shall put the steps below, to help anyone else struggling with this.

I'm releasing a zip file to GitHub, not an Apple package, so archiving the product and using the Organizer to distribute it isn't appropriate for this type of distribution.

Also, it appears that Apple have changed the notarization process at some point. Websites such as KVR Audio mention executing the 

xcrun altool --notarize-app ...

command, but I could never get this working. A possibly newer? Apple page mentions using

xcrun notarytool submit ...

I've created a number of build scripts, batch files for building VST3s on Windows, and zsh scripts for building VST3 & AUs on MacOS (I'm on an M1 Silicon Mac running Big Sur) and I'm building for both Apple architectures. I'm also building multiple plugins and packaging those into 1 zip file. I shall however try to distill the steps executed in my script to the essential steps for building, signing & notarizing.

It's also quite plausible that steps are being executed which aren't strictly speaking necessary, all I can say is, that this works for me. One user downloaded my archive of arm64 Audio Units from my GitHub page, and could unpack the zip file into her ~/Library/Audio/Plug-Ins/Components directory and load them in GarageBand, without the OS raising any warnings, so I'm assuming that this notarization has worked.

These are the steps I take to build, sign & notarize my plugins. Firstly, building & signing. The essential commands are in bold:

...

# Build VST3 and AU plaugins, for the required configuration (Debug or Release) and the required platform (x86_64 or arm64)

xcodebuild -target ${project}_VST -configuration $configuration -arch $arch $extra_args
xcodebuild -target ${project}_AU_CocoaUI -configuration $configuration -arch $arch $extra_args
xcodebuild -target ${project}_AU -configuration $configuration -arch $arch $extra_args

vst3_buildfile=VST3/$configuration/$vst3file
au_buildfile=AU/$configuration/$au_file
au_bundlefile=AU/$configuration/${project}_AU.bundle

# Sign the AU bundle prior to copying it - only bother with Release builds
if [[ "$configuration" == "Release" ]] then
  developer_id=$(cat ../../developer_id.txt)
  echo "Signing $au_bundlefile as $developer_id"
  codesign --deep --force --verify --verbose --options runtime --sign "$developer_id" --arch $arch $au_bundlefile --timestamp

  # Validate signing
  codesign -d --deep -vvv $au_bundlefile
fi

# Copy bundle into component directory
echo Adding bundle file $au_bundlefile to Component $au_buildfile
cp -Rp $au_bundlefile $au_buildfile/Contents/Resources

# Only bother signing Release builds
if [[ "$configuration" == "Release" ]] then
  developer_id=$(cat ../../developer_id.txt)
  echo "Signing $vst3_buildfile as $developer_id"
  codesign --deep --force --verify --verbose --options runtime --sign "$developer_id" --arch $arch $vst3_buildfile --timestamp

  # Validate signing
  codesign -d --deep -vvv $vst3_buildfile

  echo "Signing $au_buildfile as $developer_id"
  codesign --deep --force --verify --verbose --options runtime --sign "$developer_id" --arch $arch $au_buildfile --timestamp

  # Validate signing
  codesign -d --deep -vvv $au_buildfile
fi

echo Copying $vst3_buildfile to $vst3_targetdir
sudo cp -Rp $vst3_buildfile $vst3_targetdir

# Delete symbolic link to VST3 created during build
vst3_linkdir=~/Library/Audio/Plug-Ins/VST3/
vst3_linkfile=${vst3_linkdir}$vst3file
echo "Deleting symbolic link $vst3_linkfile"
rm -R $vst3_linkfile

echo Copying $au_buildfile to $au_targetdir
sudo cp -Rp $au_buildfile $au_targetdir

echo "Waiting for 6 seconds for file copy to complete prior to AU validation..."
read -t 6

auval -v $plugintype $pluginsubtype $pluginmanufacturer

...

Zip up the VST3 or AU plugin, then submit the zip file for notarization:

archivefile=$1
keychain_profile=$(cat keychain-profile.txt)

echo Notarizing artefacts present in ${archivefile}...
xcrun notarytool submit $archivefile --keychain-profile "$keychain_profile" --wait

Then, according to my findings at least, the notarized zip file needs to be unzipped, the plugin "stapled", then, if you wish to distribute it as a zip file, zipped back up again. The for loop is present in my script because I have multiple plugins in the zip file which was submitted for notarization:

pushd $(dirname ${archivefile})

zipdirname=$(basename $archivefile)
zipdirname="${zipdirname%.*}"

unzip -q ${archivefile} -d $zipdirname

for file in "${zipdirname}"/*
do
  xcrun stapler staple $file
done

echo Rebuilding $archivefile with stapled and validated artefacts...
pushd $zipdirname
zip -rq $archivefile *
popd
rm -Rf $zipdirname

The zip file created from this process can be hosted on the Internet, and any user can download it, unpack it & load the plugins without any security prompts being raised.

It may seem a bit cumbersome having to unzip the notarized archive, staple each individual plugin, then zip them up again, and it's possible that this process could be done more efficiently, but I struggled to find other MacOS users who were willing to put in any time to help me to test this. The above process does however work for me, and so I consider it good enough, for now at least...

Sources:

https://www.kvraudio.com/forum/viewtopic.php?t=531663

https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/customizing_the_notarization_workflow

Forum Timezone: America/New_York

Most Users Ever Online: 152

Currently Online:
5 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

Chaes: 56

Skyler: 48

StevieD: 46

Derek: 46

Frodson: 45

Peter: 43

TheSmile: 43

Nickolai: 43

clau_ste: 39

jeanlecode: 37

Member Stats:

Guest Posters: 2

Members: 784

Moderators: 1

Admins: 6

Forum Stats:

Groups: 13

Forums: 42

Topics: 850

Posts: 3372

Moderators: W Pirkle: 693