From 3be856b1f9aac171d64124f1e08f56b04dae4d85 Mon Sep 17 00:00:00 2001 From: mlangkabel Date: Mon, 14 Dec 2020 21:01:58 +0100 Subject: [PATCH] build: update windows build scripts to new code signing mechanism --- deployment/windows/wixSetup/build.sh | 2 +- script/deploy_windows.sh | 17 ++++++----------- 2 files changed, 7 insertions(+), 12 deletions(-) diff --git a/deployment/windows/wixSetup/build.sh b/deployment/windows/wixSetup/build.sh index bb1c622d6..6b64bfeb4 100644 --- a/deployment/windows/wixSetup/build.sh +++ b/deployment/windows/wixSetup/build.sh @@ -21,7 +21,7 @@ VERSION_STRING="${VERSION_STRING//_/.}" VERSION_STRING="${VERSION_STRING:2}" echo "installer version is $VERSION_STRING" -PRODUCT_GUID=$(cmd.exe /c "uuidgen") +PRODUCT_GUID=$("uuidgen") if [ -z "$PRODUCT_GUID" ]; then echo "Unable to generate GUID. Make sure to run this script from the Visual Studio command propmt. Aborting now." exit 1 diff --git a/script/deploy_windows.sh b/script/deploy_windows.sh index d4358cbbb..83b5d6788 100644 --- a/script/deploy_windows.sh +++ b/script/deploy_windows.sh @@ -59,13 +59,8 @@ DOTTED_VERSION_STRING="${VERSION_STRING//_/.}" if [ $RUN_CODE_SIGNING = true ]; then - echo -e "$INFO Code signing is enabled. provide the key file path >" - read CODE_SIGNING_KEY_FILE -fi - -if [ $RUN_CODE_SIGNING = true ]; then - echo -e "$INFO Code signing is enabled. Please enter your password >" - read CODE_SIGNING_PASSWORD + echo -e "$INFO Code signing is enabled. provide the key's sh1 thumbprint >" + read CODE_SIGNING_THUMBPRINT fi @@ -94,13 +89,13 @@ echo -e "$INFO Building the project" if [ $RUN_CODE_SIGNING = true ]; then echo -e "$INFO Signing the app" - signtool.exe sign //f $CODE_SIGNING_KEY_FILE //p $CODE_SIGNING_PASSWORD //t "http://timestamp.verisign.com/scripts/timstamp.dll" //d "Sourcetrail ${DOTTED_VERSION_STRING}" //du "https://www.sourcetrail.com/" //v build/Release/app/Sourcetrail.exe + signtool.exe sign //sha1 $CODE_SIGNING_THUMBPRINT //fd sha256 //t "http://timestamp.verisign.com/scripts/timstamp.dll" //d "Sourcetrail ${DOTTED_VERSION_STRING}" //du "https://www.sourcetrail.com/" //v build/Release/app/Sourcetrail.exe echo -e "$INFO Signing the indexer" - signtool.exe sign //f $CODE_SIGNING_KEY_FILE //p $CODE_SIGNING_PASSWORD //t "http://timestamp.verisign.com/scripts/timstamp.dll" //d "Sourcetrail Indexer ${DOTTED_VERSION_STRING}" //du "https://www.sourcetrail.com/" //v build/Release/app/sourcetrail_indexer.exe + signtool.exe sign //sha1 $CODE_SIGNING_THUMBPRINT //fd sha256 //t "http://timestamp.verisign.com/scripts/timstamp.dll" //d "Sourcetrail Indexer ${DOTTED_VERSION_STRING}" //du "https://www.sourcetrail.com/" //v build/Release/app/sourcetrail_indexer.exe echo -e "$INFO Signing the Python indexer" - signtool.exe sign //f $CODE_SIGNING_KEY_FILE //p $CODE_SIGNING_PASSWORD //t "http://timestamp.verisign.com/scripts/timstamp.dll" //d "Sourcetrail Python Indexer" //du "https://github.com/CoatiSoftware/SourcetrailPythonIndexer" //v bin/app/data/python/SourcetrailPythonIndexer.exe + signtool.exe sign //sha1 $CODE_SIGNING_THUMBPRINT //fd sha256 //t "http://timestamp.verisign.com/scripts/timstamp.dll" //d "Sourcetrail Python Indexer" //du "https://github.com/CoatiSoftware/SourcetrailPythonIndexer" //v bin/app/data/python/SourcetrailPythonIndexer.exe fi @@ -156,7 +151,7 @@ cd ../../.. if [ $RUN_CODE_SIGNING = true ]; then echo -e "$INFO Signing the 64 bit windows installer" - signtool.exe sign //f $CODE_SIGNING_KEY_FILE //p $CODE_SIGNING_PASSWORD //t "http://timestamp.verisign.com/scripts/timstamp.dll" //d "Sourcetrail ${DOTTED_VERSION_STRING} Installer" //du "https://www.sourcetrail.com/" //v deployment/windows/wixSetup/bin/sourcetrail.msi + signtool.exe sign //sha1 $CODE_SIGNING_THUMBPRINT //fd sha256 //t "http://timestamp.verisign.com/scripts/timstamp.dll" //d "Sourcetrail ${DOTTED_VERSION_STRING} Installer" //du "https://www.sourcetrail.com/" //v deployment/windows/wixSetup/bin/sourcetrail.msi fi