1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-12-18 15:47:57 +01:00
bitwarden-browser/apps/desktop/scripts/after-sign.js

103 lines
3.6 KiB
JavaScript
Raw Normal View History

2022-02-24 20:50:19 +01:00
/* eslint-disable @typescript-eslint/no-var-requires, no-console */
2021-12-20 15:47:17 +01:00
require("dotenv").config();
const path = require("path");
2022-02-24 20:50:19 +01:00
const { notarize } = require("@electron/notarize");
2021-12-20 15:47:17 +01:00
const { deepAssign } = require("builder-util");
2022-02-24 20:50:19 +01:00
const fse = require("fs-extra");
2019-09-27 18:03:12 +02:00
exports.default = run;
async function run(context) {
2021-12-20 15:47:17 +01:00
console.log("## After sign");
// console.log(context);
2019-09-27 18:03:12 +02:00
2021-12-20 15:47:17 +01:00
const appName = context.packager.appInfo.productFilename;
const appPath = `${context.appOutDir}/${appName}.app`;
const macBuild = context.electronPlatformName === "darwin";
[PM-9022] scaffold the extension and build pipeline (#9948) * feat: add macos xcode project * feat: add extension to mas build * feat: use `after-sign` to avoid issues Electron builder modifies the .plist in the extension which causes issues with the signing process. Copying and re-signing manually avoids this because it bypasses the electron builder for the extension * feat: always clean build and add better error handling * chore: add some logging to after-sign * feat: automatically cleanup xcode build to avoid duplicate extensions * docs: add information about managing extensions * feat: add missing safari extension logging * lint: allow macos filenames * chore: add macos to platform ownership * lint: add some additional allowed files * feat: don't build autofill extension for MAS * chore: ignore capital letters linting for all macos files * chore: replace gulpfile with regular node script * chore: add lint rules to script * lint: fix remaining lint issues in script * chore: tweak lint rule * feat: remove desktop target * fix: use new provisioning profile for dev extension * Update to unblock CI builds * chore: remove extension from masdev pack This way we don't include the extension in any build and can avoid the signing issues it brings * chore: add autofill as codeowner * chore: remove xcuserdata * chore: ignore xcuserdata --------- Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com> Co-authored-by: Michał Chęciński <mchecinski@bitwarden.com> Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-13 15:54:35 +01:00
const copySafariExtension = ["darwin", "mas"].includes(context.electronPlatformName);
const copyAutofillExtension = ["mas"].includes(context.electronPlatformName);
2019-09-27 18:03:12 +02:00
[PM-9022] scaffold the extension and build pipeline (#9948) * feat: add macos xcode project * feat: add extension to mas build * feat: use `after-sign` to avoid issues Electron builder modifies the .plist in the extension which causes issues with the signing process. Copying and re-signing manually avoids this because it bypasses the electron builder for the extension * feat: always clean build and add better error handling * chore: add some logging to after-sign * feat: automatically cleanup xcode build to avoid duplicate extensions * docs: add information about managing extensions * feat: add missing safari extension logging * lint: allow macos filenames * chore: add macos to platform ownership * lint: add some additional allowed files * feat: don't build autofill extension for MAS * chore: ignore capital letters linting for all macos files * chore: replace gulpfile with regular node script * chore: add lint rules to script * lint: fix remaining lint issues in script * chore: tweak lint rule * feat: remove desktop target * fix: use new provisioning profile for dev extension * Update to unblock CI builds * chore: remove extension from masdev pack This way we don't include the extension in any build and can avoid the signing issues it brings * chore: add autofill as codeowner * chore: remove xcuserdata * chore: ignore xcuserdata --------- Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com> Co-authored-by: Michał Chęciński <mchecinski@bitwarden.com> Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-13 15:54:35 +01:00
let shouldResign = false;
// cannot use extraFiles because it modifies the extensions .plist and makes it invalid
if (copyAutofillExtension) {
console.log("### Copying autofill extension");
const extensionPath = path.join(__dirname, "../macos/dist/autofill-extension.appex");
if (!fse.existsSync(extensionPath)) {
console.log("### Autofill extension not found - skipping");
} else {
if (!fse.existsSync(path.join(appPath, "Contents/PlugIns"))) {
fse.mkdirSync(path.join(appPath, "Contents/PlugIns"));
}
fse.copySync(extensionPath, path.join(appPath, "Contents/PlugIns/autofill-extension.appex"));
shouldResign = true;
}
}
if (copySafariExtension) {
console.log("### Copying safari extension");
2021-12-20 15:47:17 +01:00
// Copy Safari plugin to work-around https://github.com/electron-userland/electron-builder/issues/5552
const plugIn = path.join(__dirname, "../PlugIns");
[PM-9022] scaffold the extension and build pipeline (#9948) * feat: add macos xcode project * feat: add extension to mas build * feat: use `after-sign` to avoid issues Electron builder modifies the .plist in the extension which causes issues with the signing process. Copying and re-signing manually avoids this because it bypasses the electron builder for the extension * feat: always clean build and add better error handling * chore: add some logging to after-sign * feat: automatically cleanup xcode build to avoid duplicate extensions * docs: add information about managing extensions * feat: add missing safari extension logging * lint: allow macos filenames * chore: add macos to platform ownership * lint: add some additional allowed files * feat: don't build autofill extension for MAS * chore: ignore capital letters linting for all macos files * chore: replace gulpfile with regular node script * chore: add lint rules to script * lint: fix remaining lint issues in script * chore: tweak lint rule * feat: remove desktop target * fix: use new provisioning profile for dev extension * Update to unblock CI builds * chore: remove extension from masdev pack This way we don't include the extension in any build and can avoid the signing issues it brings * chore: add autofill as codeowner * chore: remove xcuserdata * chore: ignore xcuserdata --------- Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com> Co-authored-by: Michał Chęciński <mchecinski@bitwarden.com> Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-13 15:54:35 +01:00
if (!fse.existsSync(plugIn)) {
console.log("### Safari extension not found - skipping");
} else {
if (!fse.existsSync(path.join(appPath, "Contents/PlugIns"))) {
fse.mkdirSync(path.join(appPath, "Contents/PlugIns"));
}
2021-12-20 15:47:17 +01:00
fse.copySync(
path.join(plugIn, "safari.appex"),
path.join(appPath, "Contents/PlugIns/safari.appex"),
2021-12-20 15:47:17 +01:00
);
[PM-9022] scaffold the extension and build pipeline (#9948) * feat: add macos xcode project * feat: add extension to mas build * feat: use `after-sign` to avoid issues Electron builder modifies the .plist in the extension which causes issues with the signing process. Copying and re-signing manually avoids this because it bypasses the electron builder for the extension * feat: always clean build and add better error handling * chore: add some logging to after-sign * feat: automatically cleanup xcode build to avoid duplicate extensions * docs: add information about managing extensions * feat: add missing safari extension logging * lint: allow macos filenames * chore: add macos to platform ownership * lint: add some additional allowed files * feat: don't build autofill extension for MAS * chore: ignore capital letters linting for all macos files * chore: replace gulpfile with regular node script * chore: add lint rules to script * lint: fix remaining lint issues in script * chore: tweak lint rule * feat: remove desktop target * fix: use new provisioning profile for dev extension * Update to unblock CI builds * chore: remove extension from masdev pack This way we don't include the extension in any build and can avoid the signing issues it brings * chore: add autofill as codeowner * chore: remove xcuserdata * chore: ignore xcuserdata --------- Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com> Co-authored-by: Michał Chęciński <mchecinski@bitwarden.com> Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-13 15:54:35 +01:00
shouldResign = true;
}
}
[PM-9022] scaffold the extension and build pipeline (#9948) * feat: add macos xcode project * feat: add extension to mas build * feat: use `after-sign` to avoid issues Electron builder modifies the .plist in the extension which causes issues with the signing process. Copying and re-signing manually avoids this because it bypasses the electron builder for the extension * feat: always clean build and add better error handling * chore: add some logging to after-sign * feat: automatically cleanup xcode build to avoid duplicate extensions * docs: add information about managing extensions * feat: add missing safari extension logging * lint: allow macos filenames * chore: add macos to platform ownership * lint: add some additional allowed files * feat: don't build autofill extension for MAS * chore: ignore capital letters linting for all macos files * chore: replace gulpfile with regular node script * chore: add lint rules to script * lint: fix remaining lint issues in script * chore: tweak lint rule * feat: remove desktop target * fix: use new provisioning profile for dev extension * Update to unblock CI builds * chore: remove extension from masdev pack This way we don't include the extension in any build and can avoid the signing issues it brings * chore: add autofill as codeowner * chore: remove xcuserdata * chore: ignore xcuserdata --------- Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com> Co-authored-by: Michał Chęciński <mchecinski@bitwarden.com> Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-13 15:54:35 +01:00
if (shouldResign) {
// Resign to sign safari extension
if (context.electronPlatformName === "mas") {
const masBuildOptions = deepAssign(
{},
context.packager.platformSpecificBuildOptions,
context.packager.config.mas,
);
if (context.targets.some((e) => e.name === "mas-dev")) {
deepAssign(masBuildOptions, {
type: "development",
});
}
if (context.packager.packagerOptions.prepackaged == null) {
await context.packager.sign(appPath, context.appOutDir, masBuildOptions, context.arch);
2021-12-20 15:47:17 +01:00
}
[PM-9022] scaffold the extension and build pipeline (#9948) * feat: add macos xcode project * feat: add extension to mas build * feat: use `after-sign` to avoid issues Electron builder modifies the .plist in the extension which causes issues with the signing process. Copying and re-signing manually avoids this because it bypasses the electron builder for the extension * feat: always clean build and add better error handling * chore: add some logging to after-sign * feat: automatically cleanup xcode build to avoid duplicate extensions * docs: add information about managing extensions * feat: add missing safari extension logging * lint: allow macos filenames * chore: add macos to platform ownership * lint: add some additional allowed files * feat: don't build autofill extension for MAS * chore: ignore capital letters linting for all macos files * chore: replace gulpfile with regular node script * chore: add lint rules to script * lint: fix remaining lint issues in script * chore: tweak lint rule * feat: remove desktop target * fix: use new provisioning profile for dev extension * Update to unblock CI builds * chore: remove extension from masdev pack This way we don't include the extension in any build and can avoid the signing issues it brings * chore: add autofill as codeowner * chore: remove xcuserdata * chore: ignore xcuserdata --------- Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com> Co-authored-by: Michał Chęciński <mchecinski@bitwarden.com> Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-13 15:54:35 +01:00
} else {
await context.packager.signApp(context, true);
}
2021-12-20 15:47:17 +01:00
}
2021-09-28 16:51:53 +02:00
2021-12-20 15:47:17 +01:00
if (macBuild) {
console.log("### Notarizing " + appPath);
if (process.env.APP_STORE_CONNECT_TEAM_ISSUER) {
const appleApiIssuer = process.env.APP_STORE_CONNECT_TEAM_ISSUER;
const appleApiKey = process.env.APP_STORE_CONNECT_AUTH_KEY_PATH;
const appleApiKeyId = process.env.APP_STORE_CONNECT_AUTH_KEY;
return await notarize({
tool: "notarytool",
appPath: appPath,
appleApiIssuer: appleApiIssuer,
appleApiKey: appleApiKey,
appleApiKeyId: appleApiKeyId,
});
} else {
const appleId = process.env.APPLE_ID_USERNAME || process.env.APPLEID;
const appleIdPassword = process.env.APPLE_ID_PASSWORD || `@keychain:AC_PASSWORD`;
return await notarize({
tool: "notarytool",
appPath: appPath,
teamId: "LTZ2PFU5D6",
appleId: appleId,
appleIdPassword: appleIdPassword,
});
}
2021-12-20 15:47:17 +01:00
}
2019-09-27 18:03:12 +02:00
}