Packager

The appman-packager is a command-line utility that is used by the developer to manage installation packages. It could also be used as a signing and verification tool on a app-store backend server. This tool is meant for usage on the developer's desktop machine or packaging server, but not on the target device.

At the moment the application-manager supports unsigned packages, packages that are signed by the developer only (development mode), and packages that are signed by a trusted app-store. The appman-packager can create all these variations with the following commands:

CommandArgumentsDescription
create-package<package>

<source directory>

Creates a new package named package from the application in source directory. The directory needs to at least contain an info.yaml as well as an icon.png file. The tool will do a sanity-check on the info.yaml file before actually creating the package. All normal files and directories in the source directory will be copied into package. The only meta-data that is copied from the filesystem is the filename, and the user's eXecutable-bit. The following options are supported:

--verbose: Dump the package's meta-data header and footer information to stdout.

--json: Output in JSON format instead of YAML.

--extra-metadata or -m: Add the given YAML snippet on the commandline to the packages's extra meta-data (see also ApplicationInstaller::taskRequestingInstallationAcknowledge).

--extra-metadata-file or -M: Add the given YAML file to the packages's extra meta-data (see also ApplicationInstaller::taskRequestingInstallationAcknowledge)

--extra-signed-metadata or -s: Add the given YAML snippet on the commandline to the packages's extraSigned meta-data (see also ApplicationInstaller::taskRequestingInstallationAcknowledge)

--extra-signed-metadata-file or -S: Add the given YAML file to the packages's extra meta-data (see also ApplicationInstaller::taskRequestingInstallationAcknowledge)

All of the extra-meta-data options are merged together, so all options can be used together and each option can also be given multiple times. The signed fields are added to the package's digest, so that they cannot be changed once the package has been signed. The normal fields can however be changed even after package signing: an example would be an appstore-server adding custom tags.

dev-sign-package<package>

<signed-package>

<certificate>

<password>

Takes the input package, adds a developer signature and writes the output to signed-package. You need to supply a certificate in P12 format together with a password matching the certificate. The following options are supported:

--verbose: Dump the package's meta-data header and footer information to stdout.

--json: Output in JSON format instead of YAML.

dev-verify-package<package>

<ca-certificates...>

Reads the input package and tries to verify the developer signature using the given ca-certificates. The following options are supported:

--verbose: Print details regarding the verification to stdout.

store-sign-package<package>

<signed-package>

<certificate>

<password>

[device-id]

Takes the input package, adds a store signature and writes the output to signed-package. You need to supply a certificate in P12 format together with a password matching the certificate. If you specify the optional device-id, the resulting package can only be installed on this specific device. The following options are supported:

--verbose: Dump the package's meta-data header and footer information to stdout.

--json: Output in JSON format instead of YAML.

store-verify-package<package>

<ca-certificates...>

<device-id>

Reads the input package and tries to verify the store signature using the given ca-certificates. The following options are supported:

--json: Output in JSON format instead of YAML.

The appman-packager naturally supports the standard Unix --help command-line option.

© 2018 Pelagicore AG. Documentation contributions included herein are the copyrights of their respective owners. The documentation provided herein is licensed under the terms of the GNU Free Documentation License version 1.3 as published by the Free Software Foundation. Qt and respective logos are trademarks of The Qt Company Ltd. in Finland and/or other countries worldwide. All other trademarks are property of their respective owners.