Windows: No longer rely on electron-builder for code-signing
This commit is contained in:
parent
461f389929
commit
1e19a4e5ee
2 changed files with 32 additions and 0 deletions
|
@ -385,6 +385,7 @@
|
||||||
"signingHashAlgorithms": [
|
"signingHashAlgorithms": [
|
||||||
"sha256"
|
"sha256"
|
||||||
],
|
],
|
||||||
|
"sign": "./ts/scripts/sign-windows.js",
|
||||||
"publisherName": "Signal Messenger, LLC",
|
"publisherName": "Signal Messenger, LLC",
|
||||||
"icon": "build/icons/win/icon.ico",
|
"icon": "build/icons/win/icon.ico",
|
||||||
"publish": [
|
"publish": [
|
||||||
|
|
31
ts/scripts/sign-windows.ts
Normal file
31
ts/scripts/sign-windows.ts
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
// Copyright 2019 Signal Messenger, LLC
|
||||||
|
// SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
|
import { execSync } from 'child_process';
|
||||||
|
|
||||||
|
import { realpath } from 'fs-extra';
|
||||||
|
|
||||||
|
import type { CustomWindowsSignTaskConfiguration } from 'electron-builder';
|
||||||
|
|
||||||
|
export async function sign(
|
||||||
|
configuration: CustomWindowsSignTaskConfiguration
|
||||||
|
): Promise<void> {
|
||||||
|
// In CI, we remove certificate information from package.json to disable signing
|
||||||
|
if (!configuration.options.certificateSha1) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
const scriptPath = process.env.SIGN_WINDOWS_SCRIPT;
|
||||||
|
if (!scriptPath) {
|
||||||
|
throw new Error(
|
||||||
|
'path to windows sign script must be provided in environment variable SIGN_WINDOWS_SCRIPT'
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
const target = realpath(configuration.path);
|
||||||
|
|
||||||
|
// The script will update the file in-place
|
||||||
|
execSync(`bash ${scriptPath} ${target}`, {
|
||||||
|
stdio: [null, process.stdout, process.stderr],
|
||||||
|
});
|
||||||
|
}
|
Loading…
Add table
Add a link
Reference in a new issue