diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index fc29cf2670..67efb4c2f7 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -1,7 +1,14 @@ name: Build & Sign -on: - workflow_dispatch: +on: + push: + branches-ignore: + - 'l10n_master' + - 'gh-pages' + release: + types: + - published + jobs: windows: @@ -71,8 +78,7 @@ jobs: npm run build npm run pack:win env: - CSC_LINK: ${{ secrets.EB_SIGNING_CERT_IDENTIFIER_URL }} - CSC_KEY_PASSWORD: ${{ secrets.EB_SIGNING_CERT_KEY }} + ELECTRON_BUILDER_SIGN: 1 SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} @@ -84,43 +90,44 @@ jobs: run: dir ./dist - name: Upload signed portable exe artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}-signed.exe path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe - name: Upload signed installer exe artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}-signed.exe path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe - name: Upload signed appx ia32 artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx - name: Upload signed appx x64 artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx -#- name: Upload release assets -# if: github.event_name == 'release' -# run: | -# hub release edit ` -# -a ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg ` -# -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` -# -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` -# -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` -# $env:RELEASE_TAG_NAME -# shell: pwsh -# env: -# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} -# RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} + - name: Upload release assets + if: github.event_name == 'release' + run: | + hub release edit ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx ` + -a ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe ` + -a ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe ` + -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` + $env:RELEASE_TAG_NAME + shell: pwsh + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 78e85b11bc..e70a68832f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,16 +1,13 @@ name: Build -on: - workflow_dispatch: - -# on: -# push: -# branches-ignore: -# - 'l10n_master' -# - 'gh-pages' -# release: -# types: -# - published +on: + push: + branches-ignore: + - 'l10n_master' + - 'gh-pages' + release: + types: + - published jobs: @@ -121,7 +118,7 @@ jobs: windows: runs-on: windows-latest - + environment: test_ast steps: - name: Set up Node uses: actions/setup-node@v1 @@ -145,7 +142,7 @@ jobs: run: | node --version npm --version - choco --version + #choco --version - name: Checkout repo uses: actions/checkout@v2 @@ -163,6 +160,8 @@ jobs: - name: Build application shell: pwsh run: npm run dist:win:ci + env: + ELECTRON_BUILDER_SIGN: 0 - name: Rename appx files for store shell: pwsh @@ -173,28 +172,28 @@ jobs: -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx" - name: Upload portable exe artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe - name: Upload installer exe artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe - name: Upload store appx ia32 artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx - name: Upload store appx x64 artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx @@ -212,22 +211,21 @@ jobs: # name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg # path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - #- name: Upload release assets - # if: github.event_name == 'release' - # run: | - # hub release edit ` - # -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` - # -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` - # -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` - # $env:RELEASE_TAG_NAME - # shell: pwsh - # env: - # GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - # RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} + - name: Upload release assets + if: github.event_name == 'release' + run: | + hub release edit ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` + -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` + $env:RELEASE_TAG_NAME + shell: pwsh + env: + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} macos: runs-on: macos-latest - steps: - name: Set up Node uses: actions/setup-node@v1 diff --git a/appveyor.yml b/appveyor.yml.flagged-to-remove similarity index 100% rename from appveyor.yml rename to appveyor.yml.flagged-to-remove diff --git a/sign.js b/sign.js index e7a6df8909..14bee1835f 100644 --- a/sign.js +++ b/sign.js @@ -1,17 +1,19 @@ exports.default = async function(configuration) { - require("child_process").execSync( - `azuresigntool sign ` + - `-kvu ${process.env.SIGNING_VAULT_URL} ` + - `-kvi ${process.env.SIGNING_CLIENT_ID} ` + - `-kvt ${process.env.SIGNING_TENANT_ID} ` + - `-kvs ${process.env.SIGNING_CLIENT_SECRET} ` + - `-kvc ${process.env.SIGNING_CERT_NAME} ` + - `-fd ${configuration.hash} ` + - `-du ${configuration.site} ` + - `-tr http://timestamp.digicert.com ` + - `${configuration.path}`, - { - stdio: "inherit" - } - ); + if (process.env.ELECTRON_BUILDER_SIGN === 1) { + require("child_process").execSync( + `azuresigntool sign ` + + `-kvu ${process.env.SIGNING_VAULT_URL} ` + + `-kvi ${process.env.SIGNING_CLIENT_ID} ` + + `-kvt ${process.env.SIGNING_TENANT_ID} ` + + `-kvs ${process.env.SIGNING_CLIENT_SECRET} ` + + `-kvc ${process.env.SIGNING_CERT_NAME} ` + + `-fd ${configuration.hash} ` + + `-du ${configuration.site} ` + + `-tr http://timestamp.digicert.com ` + + `${configuration.path}`, + { + stdio: "inherit" + } + ); + } };