We submit for notarization using:
xcrun notarytool submit --apple-id ACCOUNT --team-id XXXXXX --password NNNNNN application.zip
I have occasionally had success uploading one of the applications, but I have never been successful uploading the bigger one.
What is the reason for this? The files are not very large. The small file is only 6.0GB and the big file is only 17.5GB.
Of the past 100 failures:
72: error: HTTPClientError.deadlineExceeded
28: error: The operation couldn’t be completed. (Network.NWError error 54 - Connection reset by peer))
On average it takes me around 50 attempts (2 days of uploading) to get past the S3 client configuration.
I have tried 5 different internet providers for these uploads. None of them work any better, even ones that have great latency and connections to AWS.
I only have a limited number of Mac OS X machines so I have tried on all of the ones I can afford, but none of them work better or worse than my new Mac Book Pro (2021)
I have tried every single option and combination of options from man notarytool
including disabling S3 acceleration, setting timeouts, trying to use wait. I have tried them all,
Can someone please help me figure this out? I'm getting desperate and this is making me look really ****** for pushing to have a Mac OS X port because Mac users are stuck waiting for the notarization service which lags the Mac updates by many days.
The error messages make it clear that notarytool
is using Soto S3. The developer has indicated in multiple threads that the error HTTPClientError.deadlineExceeded is fixed by increasing the client timeout. Is there a way I can modify notarytool to apply this patch?
https://github.com/soto-project/soto/discussions/622
Is it possible to write our own S3 upload tool that bypasses Soto S3 and uses something more reliable?
Again, the files I am uploading are not very big none of them are bigger than 25GB. I don't understand why it doesn't work.
Are you still seeing this problem? If so, there’s an experiment I’d like you to try. In the context in which you’re running notarytool
, do this:
% defaults write com.apple.gke.notary.tool nt-upload-connection-timeout <timeout>
where <timeout>
is something bigger than the default timeout of 100 seconds. Perhaps you could try 300 seconds?
IMPORTANT Make sure you’re using notarytool
from Xcode 16. This setting didn’t work correctly on some older releases.
If you add the --verbose
flag, you should see a log message like Setting S3 timeout to 300 seconds.
, which confirms that the setting ‘took’.
I’m curious whether this improves your success rate.
To get back to your original state, do this:
% defaults delete com.apple.gke.notary.tool nt-upload-connection-timeout
Oh, and just as an aside, the notary service has an API: Notary API. If notarytool
doesn’t work for you, that’s always an option. For example, a lot of big developers want to run their entire distribution workflow on a non-Apple platform, and thus use this API rather than notarytool
.
If you want to try this out, see Submitting software for notarization over the web.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"