From f3c03c62ccc4b294afadda41b4571c3b392ba91c Mon Sep 17 00:00:00 2001
From: erikng <e@eriknicolasgomez.com>
Date: Mon, 23 May 2016 10:55:30 -0700
Subject: [PATCH] Add signing option

---
 Readme.md      | 10 ++++++++++
 first-boot-pkg | 12 ++++++++++++
 2 files changed, 22 insertions(+)

diff --git a/Readme.md b/Readme.md
index c0b4844..5d770c7 100644
--- a/Readme.md
+++ b/Readme.md
@@ -8,6 +8,8 @@
 - Will wait for the network to be available before installing (optional, can be disabled if desired)
 - Can specify amount of seconds to retry network (optional
 - Can specify whether your first boot package requires a reboot or not
+- Can specify to shutdown after installation
+- Can codesign package
 
 Run with ``--help`` for the full list of options.
 
@@ -76,6 +78,14 @@ If you would like to invoke either a reboot or shutdown, set one of the values t
 
 You can now specify a "LaunchDaemonIdentifier". This will allow you to override the default value of "com.grahamgilbert.first-boot-pkg"
 
+## Code Signing Packages
+
+To code sign a package, use the --sign. If you are using a plist, you will need to pass the argument when building.
+
+```bash
+ sudo ./first-boot-pkg --plist /Users/grahamgilbert/Desktop/first-boot-config.plist --sign "3rd Party Mac Developer Installer: Example Company (XXXXXX1XXX)"
+ ```
+
 ## Credits
 
 The original inspiration for this script came from Rich Trouton's [First Boot Package Install](https://github.com/rtrouton/First-Boot-Package-Install).
diff --git a/first-boot-pkg b/first-boot-pkg
index ed88625..7a98adc 100755
--- a/first-boot-pkg
+++ b/first-boot-pkg
@@ -21,6 +21,7 @@ default_noreboot = False
 default_noshutdown = True
 default_retry_count = 10
 default_sleep_count = 10
+default_sign = 'None'
 now = localtime()
 default_version = "%04d.%02d.%02d" % (now.tm_year, now.tm_mon, now.tm_mday)
 pkgbuild = "/usr/bin/pkgbuild"
@@ -87,6 +88,11 @@ def main():
         default=default_sleep_count,
         help=("Amount of seconds to sleep when looking for network. "
               "Defaults to %s. ")% default_sleep_count)
+
+    o.add_option("--sign",
+        default=default_sign,
+        help=("Sign the resulting package with the specified identity. "
+              "Defaults to %s. ")% default_sign)
         
     o.add_option("--plist",
         help=("Optional. Path to an XML plist file containing "
@@ -313,6 +319,12 @@ def main():
     "--package", output_pkg,
     dist_output
     ]
+
+	# Taken from make-profile-pkg
+    if opts.sign:
+        # Use slice assignment to insert an additional option before the final argument
+        cmd[-1:] = ["--sign", opts.sign, dist_output]
+
     subprocess.call(cmd)
     
     try: