I don't debug on the Mac I have to admit (except for standard log file stuff), since I cross-compile from Windows. I hope to come up with some improvements to debug Linux binaries on Windows (using Windows Subsystem for Linux), and that's mostly sufficient for me.
Thanks a lot for the link! I'll update my bash script to add the checks there.
As for the IDE, I was recently working on my IDE codesigning package, which already does the binary moving. Too hesitant yet to add editors for Info.plist and something.entitlements yet. I agree that having this in one place would simplify stuff and individual research!
My biggest issue with creating the .pkg so far was a silly permissions problem. You've got to do a chmod 755 before calling productbuild, otherwise the installation would have irritating side effects with an inaccessible app. This is my current script:
#!/bin/bash
folder="/Users/ccrdude/Desktop/apps"
appBundle="$folder/bundle/My App.app"
entitlements="$folder/MyApp.entitlements"
pkg="$folder/setup/MyApp10.pkg"
pkgid=com.example.myapp
devid=CAFFEE
echo Testing entitlements...
plutil "$entitlements"
echo .
ls -lg "$folder/bundle"
echo Forgetting app...
sudo pkgutil --forget $pkgid
echo Preparing permissions...
sudo chmod -R 755 "$appBundle"
echo Removing attributes...
xattr -cr "$appBundle"
echo Remove .DS_Store...
find "$appBundle" -name '*.DS_Store' -type f -delete
echo .
echo Codesigning...
codesign -f -vvvv --deep --entitlements "$entitlements" -s $devid "$appBundle" --timestamp
echo .
echo Building installer...
productbuild --component "$appBundle" /Applications "$pkg"
echo .
echo Codesigning installer...
codesign -f -vvvv "$pkg" -s $devid --timestamp
echo .
ls -lG "$folder/bundle"
sudo chown -R :staff "$appBundle"
echo .
1. Removing attributes might only be necessary because I move my binaries over a SMB share from a Windows machine.
2. Timestamping is always a good idea with codesigning.
3. chmod 755 might be another side effect of my binaries shared over the network, but without, local app and installed app might be unaccessible without sudo (owner gets changed by productbuild).
4. the last chown is a remainder of the topic above, probably no longer necessary, still need to clean up the script