github/atom
1
1
Fork 0
mirror of https://github.com/atom/atom.git synced 2026-04-06 03:02:13 -04:00
Code Issues Packages Projects Releases Wiki Activity

Bring in latest code signing changes from 1.19-releases by hand.

Browse Source
This commit is contained in:
Damien Guard
2017-07-20 09:33:44 -07:00
parent 372cef218c
commit 8130850e2a
2 changed files with 14 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
script/build
View File

@@ -54,6 +54,7 @@ process.on('unhandledRejection', function (e) {
process.exit(1)
})
const CONFIG = require('./config')
let binariesPromise = Promise.resolve()
if (!argv.existingBinaries) {
@@ -86,13 +87,17 @@ binariesPromise
}
case 'win32': {
if (argv.codeSign) {
codeSignOnWindows(path.join(packagedAppPath, 'Atom.exe'))
const executablesToSign = [ path.join(packagedAppPath, 'Atom.exe') ]
if (argv.createWindowsInstaller) {
executablesToSign.push(path.join(__dirname, 'node_modules', 'electron-winstaller', 'vendor', 'Update.exe'))
}
codeSignOnWindows(executablesToSign)
} else {
console.log('Skipping code-signing. Specify the --code-sign option to perform code-signing'.gray)
}
if (argv.createWindowsInstaller) {
return createWindowsInstaller(packagedAppPath)
.then(() => argv.codeSign && codeSignOnWindows(path.join(CONFIG.buildOutputPath, 'AtomSetup.exe')))
.then(() => argv.codeSign && codeSignOnWindows([ path.join(CONFIG.buildOutputPath, 'AtomSetup.exe') ]))
.then(() => packagedAppPath)
} else {
console.log('Skipping creating installer. Specify the --create-windows-installer option to create a Squirrel-based Windows installer.'.gray)

12
script/lib/code-sign-on-windows.js
View File

@@ -4,7 +4,7 @@ const os = require('os')
const path = require('path')
const {spawnSync} = require('child_process')
module.exports = function (fileToSignPath) {
module.exports = function (filesToSign) {
if (!process.env.ATOM_WIN_CODE_SIGNING_CERT_DOWNLOAD_URL && !process.env.ATOM_WIN_CODE_SIGNING_CERT_PATH) {
console.log('Skipping code signing because the ATOM_WIN_CODE_SIGNING_CERT_DOWNLOAD_URL environment variable is not defined'.gray)
return
@@ -16,15 +16,17 @@ module.exports = function (fileToSignPath) {
downloadFileFromGithub(process.env.ATOM_WIN_CODE_SIGNING_CERT_DOWNLOAD_URL, certPath)
}
try {
console.log(`Code-signing executable at ${fileToSignPath}`)
signFile(fileToSignPath)
for (const fileToSign of filesToSign) {
console.log(`Code-signing executable at ${fileToSign}`)
signFile(fileToSign)
}
} finally {
if (!process.env.ATOM_WIN_CODE_SIGNING_CERT_PATH) {
fs.removeSync(certPath)
}
}
function signFile (fileToSignPath) {
function signFile (fileToSign) {
const signCommand = path.resolve(__dirname, '..', 'node_modules', 'electron-winstaller', 'vendor', 'signtool.exe')
const args = [
'sign',
@@ -33,7 +35,7 @@ module.exports = function (fileToSignPath) {
'/fd sha256', // File digest algorithm
'/tr http://timestamp.digicert.com', // Time stamp server
'/td sha256', // Times stamp algorithm
`"${fileToSignPath}"`
`"${fileToSign}"`
]
const result = spawnSync(signCommand, args, {stdio: 'inherit', shell: true})
if (result.status !== 0) {