Unable to pass notarization due to files in MyApp.app/Contents/Resources

I've built a working MacOS app from python, using Tkinter as GUI, and pyinstaller to build.

I've successfully signed it using codesign with a "Developer ID Application" certificate.

codesign -s "Developer ID Application: MY_CERIFICICATE_NAME"  -v --deep --timestamp --entitlements entitlements.plist -o runtime "dist/MyApp.app" --force

Where entitlements.plist is

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
    <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
    <true/>
    <key>com.apple.security.cs.disable-library-validation</key>
<true/>
  </dict>
</plist>

Checking with codesign -vvv --deep --strict dist/MyApp.app seems to indicate that it's happy

dist/MyApp.app: valid on disk
dist/MyApp.app: satisfies its Designated Requirement

However, when I zip it, and notarize, with

xcrun notarytool submit path/to/project/dist/AppName.zip --apple-id MY_APPLE_ID --password MY_APP_SPECIFIC_PASSWORD --team-id MY_TEAM_ID --wait

It fails with

Processing complete
  id: SOME_HASH_CODE
  status: Invalid

When I check why it failed with

xcrun notarytool log SOME_HASH_CODE --apple-id MY_APPLE_ID --team-id=MY_TEAM_ID 

I get that all the dylib files in MyApp.app/Contents/Resources were unsigned, e.g.

    {
      "severity": "error",
      "code": null,
      "path": "MyApp.zip/MyApp.app/Contents/Resources/libopenblas.0.dylib",
      "message": "The binary is not signed with a valid Developer ID certificate.",
      "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087721",
      "architecture": "arm64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "MyApp.zip/MyApp.app/Contents/Resources/libopenblas.0.dylib",
      "message": "The signature does not include a secure timestamp.",
      "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087733",
      "architecture": "arm64"
    }

Indeed when I check my code-sign with

codesign -vvv --deep --strict dist/EagleEyesScan.app

I see that none of the dylib files in MyApp.app/Contents/Resources are listed.

Main question is - What do I have to do to pass notartization?

Sub-question is Why are the dylib files in MyApp.app/Contents/Resources not being signed?