Skip to content

Commit

Permalink
Sign Windows executable (#295)
Browse files Browse the repository at this point in the history
  • Loading branch information
@Levminer
Levminer authored Apr 22, 2024
1 parent 00d2e31 commit 9ff65a0
Show file tree
Hide file tree
Showing 5 changed files with 32 additions and 2 deletions.
8 changes: 8 additions & 0 deletions .github/workflows/alpha-artifacts.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,9 @@ jobs:
runs-on: ${{ matrix.os }}
env:
TAURI_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }}
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
Expand All @@ -33,6 +36,11 @@ jobs:
with:
workspaces: "./core -> target"

- name: Install trusted-signing-cli
if: matrix.NAME == 'windows'
run: |
cargo install trusted-signing-cli@0.2.0
- name: "Apple silicon target"
if: matrix.NAME == 'mac'
run: |
Expand Down
12 changes: 10 additions & 2 deletions .github/workflows/release-artifacts.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,9 @@ jobs:
runs-on: ${{ matrix.os}}
env:
TAURI_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }}
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
Expand All @@ -36,6 +39,11 @@ jobs:
with:
workspaces: "./core -> target"

- name: Install trusted-signing-cli
if: matrix.NAME == 'windows'
run: |
cargo install trusted-signing-cli@0.2.0
- name: "Apple silicon target"
if: runner.os == 'macOS'
run: |
Expand All @@ -51,7 +59,7 @@ jobs:
- name: Install app dependencies and build it
if: runner.os == 'Linux' || runner.os == 'Windows'
run: npm ci && npm run build

- name: Install app dependencies and build it
if: runner.os == 'macOS'
run: npm ci && npm run build -- --target universal-apple-darwin
Expand Down Expand Up @@ -92,7 +100,7 @@ jobs:
# Sign the installer
- name: Sign files with Azure Code Signing
if: runner.os == 'Windows'
uses: azure/azure-code-signing-action@v0.2.15
uses: azure/trusted-signing-action@v0.3.15
with:
azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }}
azure-client-id: ${{ secrets.AZURE_CLIENT_ID }}
Expand Down
1 change: 1 addition & 0 deletions core/tauri.conf.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
"build": {
"beforeBuildCommand": "npm run build:bundle",
"beforeDevCommand": "npm run server",
"beforeBundleCommand": "npm run sign",
"devPath": "http://localhost:3000",
"distDir": "../dist"
},
Expand Down
1 change: 1 addition & 0 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
"setup": "node scripts/buildNumber.cjs alpha false && node scripts/build.js",
"rename": "node scripts/rename.js",
"check": "svelte-check && tsc --noEmit && eslint .",
"sign": "node scripts/sign.js",
"tauri": "tauri"
},
"workspaces": [
Expand Down
12 changes: 12 additions & 0 deletions scripts/sign.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
import { exec } from "child_process"
import { platform } from "os"

if (platform() === "win32") {
exec("trusted-signing-cli ./core/target/release/Authme.exe -e https://eus.codesigning.azure.net -a mnr -c Profile1", (error, stdout) => {
if (error) {
return console.error(`Error: ${error}`)
}

console.log(`Result: ${stdout}`)
})
}

0 comments on commit 9ff65a0

Please sign in to comment.