Dont fully unpack and repack jar, update unsigned packages

.github/workflows/tauri-test.yml

@@ -226,45 +226,93 @@ jobs:
           echo "🔐 Signing JAR and all nested native libraries..."
           cd ./frontend/src-tauri/libs
           
+          # Get the main JAR
+          MAIN_JAR=$(ls stirling-pdf*.jar | head -n 1)
+          echo "📦 Processing main JAR: $MAIN_JAR"
+          
+          # Create a copy to work with
+          cp "$MAIN_JAR" "${MAIN_JAR}.backup"
+          
           # Create working directory
           mkdir -p jar_signing_temp
           cd jar_signing_temp
           
-          # Extract the main JAR
+          # Extract the main JAR to examine its structure
-          MAIN_JAR=$(ls ../stirling-pdf*.jar | head -n 1)
+          jar -xf "../$MAIN_JAR"
-          echo "📦 Extracting main JAR: $MAIN_JAR"
-          jar -xf "$MAIN_JAR"
           
-          # Find and sign all .dylib files in nested JARs
+          # Find and sign .dylib files in nested JARs (in BOOT-INF/lib/ for Spring Boot)
           echo "🔍 Finding and signing nested .dylib files..."
-          find . -name "*.jar" -type f | while read nested_jar; do
+          
-            echo "📦 Processing nested JAR: $nested_jar"
+          # Check if it's a Spring Boot JAR with BOOT-INF/lib structure
-            
+          if [ -d "BOOT-INF/lib" ]; then
-            # Create temp directory for this nested JAR
+            echo "📦 Found Spring Boot JAR structure"
-            nested_temp_dir=$(mktemp -d)
+            find BOOT-INF/lib -name "*.jar" -type f | while read nested_jar; do
-            cd "$nested_temp_dir"
+              echo "📦 Processing nested JAR: $nested_jar"
-            
+              
-            # Extract nested JAR
+              # Create temp directory for this nested JAR
-            jar -xf "$OLDPWD/$nested_jar"
+              nested_temp_dir=$(mktemp -d)
-            
+              cd "$nested_temp_dir"
-            # Find and sign all .dylib files
+              
-            find . -name "*.dylib" -type f | while read dylib_file; do
+              # Extract nested JAR
-              echo "🔐 Signing: $dylib_file"
+              jar -xf "$OLDPWD/$nested_jar"
-              codesign --force --verify --verbose --timestamp \
+              
-                --options runtime \
+              # Check if this JAR contains .dylib files
-                --sign "$CERT_ID" \
+              if find . -name "*.dylib" -type f | grep -q .; then
-                "$dylib_file"
+                echo "🔐 Found .dylib files in $nested_jar"
+                
+                # Sign all .dylib files
+                find . -name "*.dylib" -type f | while read dylib_file; do
+                  echo "🔐 Signing: $dylib_file"
+                  codesign --force --verify --verbose --timestamp \
+                    --options runtime \
+                    --sign "$CERT_ID" \
+                    "$dylib_file"
+                done
+                
+                # Repackage the nested JAR with preserved manifest
+                if [ -f "META-INF/MANIFEST.MF" ]; then
+                  jar -cfm "$OLDPWD/$nested_jar" META-INF/MANIFEST.MF *
+                else
+                  jar -cf "$OLDPWD/$nested_jar" *
+                fi
+                echo "✅ Repacked signed nested JAR: $nested_jar"
+              fi
+              
+              cd "$OLDPWD"
+              rm -rf "$nested_temp_dir"
             done
-            
+          else
-            # Repackage the nested JAR with preserved manifest
+            # Fallback for non-Spring Boot JARs
-            if [ -f "META-INF/MANIFEST.MF" ]; then
+            echo "📦 Processing regular JAR structure"
-              jar -cfm "$OLDPWD/$nested_jar" META-INF/MANIFEST.MF *
+            find . -name "*.jar" -type f | while read nested_jar; do
-            else
+              echo "📦 Processing nested JAR: $nested_jar"
-              jar -cf "$OLDPWD/$nested_jar" *
+              
-            fi
+              # Create temp directory for this nested JAR
-            cd "$OLDPWD"
+              nested_temp_dir=$(mktemp -d)
-            rm -rf "$nested_temp_dir"
+              cd "$nested_temp_dir"
-          done
+              
+              # Extract nested JAR
+              jar -xf "$OLDPWD/$nested_jar"
+              
+              # Find and sign all .dylib files
+              find . -name "*.dylib" -type f | while read dylib_file; do
+                echo "🔐 Signing: $dylib_file"
+                codesign --force --verify --verbose --timestamp \
+                  --options runtime \
+                  --sign "$CERT_ID" \
+                  "$dylib_file"
+              done
+              
+              # Repackage the nested JAR with preserved manifest
+              if [ -f "META-INF/MANIFEST.MF" ]; then
+                jar -cfm "$OLDPWD/$nested_jar" META-INF/MANIFEST.MF *
+              else
+                jar -cf "$OLDPWD/$nested_jar" *
+              fi
+              cd "$OLDPWD"
+              rm -rf "$nested_temp_dir"
+            done
+          fi
           
           # Sign any top-level .dylib files
           find . -name "*.dylib" -type f | while read dylib_file; do
@@ -275,9 +323,9 @@ jobs:
               "$dylib_file"
           done
           
-          # Repackage the main JAR with preserved manifest
+          # Repackage the main JAR preserving Spring Boot structure
-          echo "📦 Repackaging main JAR..."
+          echo "📦 Repackaging main JAR with preserved structure..."
-          jar -cfm "../$(basename "$MAIN_JAR")" META-INF/MANIFEST.MF *
+          jar -cfm "../$MAIN_JAR" META-INF/MANIFEST.MF *
           
           # Clean up
           cd ..