RK-20408 - ci-refactoring

.circleci/config.yml

@@ -9,35 +9,29 @@ jobs:
   publish:
     macos:
       xcode: "15.0.0"
+    resource_class: macos.x86.medium.gen2
     steps:
       - checkout
       - restore_cache:
           key: homebrew-cache-{{ arch }}-{{ .Environment.CACHE_VERSION }}-{{ checksum ".circleci/config.yml" }}
       - run:
-          name: Build and Publish
+          name: Install Wine
           command: |
             # wine is required to sign windows executables
             brew install --cask xquartz
             brew install --cask wine-stable
+      - run:
+          name: Install gcloud sdk
+          command: |
             # install gcloud sdk
             curl -fsSL https://dl.google.com/dl/cloudsdk/channels/rapid/google-cloud-sdk.zip --output /Users/distiller/google-cloud-sdk.zip
             unzip /Users/distiller/google-cloud-sdk.zip
-            bash google-cloud-sdk/install.sh --rc-path=/Users/distiller/.bashrc --usage-reporting=false --path-update=true --bash-completion=true --install-python=true --quiet
-            source ~/.bashrc
-            # Save gcloud credentials service account and authenticate
-            echo $GOOGLE_SERVICE_ACCOUNT_KEY_BASE64 | base64 --decode > gcloud_service_account.json
-            export GOOGLE_APPLICATION_CREDENTIALS=gcloud_service_account.json
-            gcloud auth activate-service-account --key-file=$GOOGLE_APPLICATION_CREDENTIALS
-            ### temp-fix - REVERT ONCE POSSIBLE ###
-            # manually fetch updated IdenTrustCommercialRootCA (temp fix)
-            # see https://www.identrust.com/support/downloads
-            #IdenTrust Commercial Root CA 1
-            curl -L https://www.identrust.com/node/1330 -o IdenTrustCommercialRootCA.p7b
-            #convert to pem
-            openssl pkcs7 -in IdenTrustCommercialRootCA.p7b -inform DER -print_certs -out cert.pem            
-            ###
+
+      - run:
+          name: Install Dependencies
+          command: |
             # download custom jsign to sign PE
-            curl --cacert cert.pem -fsSL https://get.rookout.com/jsign-rookout.jar --output jsign.jar
+            curl -fsSL https://get.rookout.com/jsign-rookout.jar --output jsign.jar
             # install electron main window dependencies
             yarn
             # build typescript code
@@ -46,10 +40,15 @@ jobs:
             export CI=false
             # install dependencies
             yarn --cwd=src/webapp && yarn run --cwd=src/webapp build
-            # save windows certificate locally (WIN_CERT) is base64 of our certificate
-            echo $WIN_EV_CERT_BASE64_22 | base64 --decode > rookout.crt
-            export WINDOWS_EV_CERTIFICATE_PATH=rookout.crt
-
+      - run: 
+          name: Build & Sign
+          command: |
+            # Save gcloud credentials service account and authenticate
+            bash google-cloud-sdk/install.sh --rc-path=/Users/distiller/.bashrc --usage-reporting=false --path-update=true --command-completion=true --install-python=true --quiet
+            source ~/.bashrc
+            echo $GOOGLE_SERVICE_ACCOUNT_KEY_BASE64 | base64 --decode > gcloud_service_account.json
+            export GOOGLE_APPLICATION_CREDENTIALS=gcloud_service_account.json
+            gcloud auth activate-service-account --key-file=$GOOGLE_APPLICATION_CREDENTIALS
             # Make sure mac signing and certs are defined and trusted
             mkdir certificates
             echo $NEW_CSC_LINK | base64 --decode > certificates/mac_cert.p12
@@ -58,9 +57,15 @@ jobs:
             security import certificates/mac_cert.p12 -P $NEW_CSC_KEY_PASSWORD
             export CSC_LINK=certificates/mac_cert.p12
             export CSC_KEY_PASSWORD=$NEW_CSC_KEY_PASSWORD
-
+            # Win signing
+            # save windows certificate locally (WIN_CERT) is base64 of our certificate
+            echo $WIN_EV_CERT_BASE64_22 | base64 --decode > rookout.crt
+            export WINDOWS_EV_CERTIFICATE_PATH=rookout.crt          
             # package code for every distribution (mac, win, linux) and publish as github release
             yarn run build-packages-all-distributions
+      - run:
+          name: Publish
+          command: |
             # publish in google storage bucket (additionally to electronbuild-publisher)
             bash upload_release_to_gs.sh
       - save_cache:
@@ -70,6 +75,7 @@ jobs:
   version_validation:
     macos:
       xcode: "15.0.0"
+    resource_class: macos.x86.medium.gen2
     steps:
       - checkout
       - run:

package.json

@@ -1,6 +1,6 @@
 {
   "name": "explorook",
-  "version": "1.16.0",
+  "version": "1.16.1",
   "description": "Rookout's site addon to support local files and folders",
   "main": "dist/index.js",
   "scripts": {