Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-24 12:06:15 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #7 from joseph-flinn/add-signing-gh

Browse Source 
Add signing gh (ignoring the macos build because I don't have those things)
This commit is contained in:
Joseph Flinn 2021-01-06 13:05:18 -08:00 committed by GitHub
commit 509ebe6e91
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 73 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
.github/workflows/build-and-sign.yml vendored
View File

@ -1,7 +1,14 @@
name: Build & Sign name: Build & Sign
on: on:
workflow_dispatch: push:
branches-ignore:
- 'l10n_master'
- 'gh-pages'
release:
types:
- published
jobs: jobs:
windows: windows:
@ -71,8 +78,7 @@ jobs:
npm run build npm run build
npm run pack:win npm run pack:win
env: env:
CSC_LINK: ${{ secrets.EB_SIGNING_CERT_IDENTIFIER_URL }} ELECTRON_BUILDER_SIGN: 1
CSC_KEY_PASSWORD: ${{ secrets.EB_SIGNING_CERT_KEY }}
SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }}
SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }}
SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }}
@ -84,43 +90,44 @@ jobs:
run: dir ./dist run: dir ./dist
- name: Upload signed portable exe artifact - name: Upload signed portable exe artifact
#if: github.ref == 'refs/heads/master' || github.event_name == 'release' if: github.ref == 'refs/heads/master' || github.event_name == 'release'
uses: actions/upload-artifact@v2 uses: actions/upload-artifact@v2
with: with:
name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}-signed.exe name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}-signed.exe
path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe
- name: Upload signed installer exe artifact - name: Upload signed installer exe artifact
#if: github.ref == 'refs/heads/master' || github.event_name == 'release' if: github.ref == 'refs/heads/master' || github.event_name == 'release'
uses: actions/upload-artifact@v2 uses: actions/upload-artifact@v2
with: with:
name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}-signed.exe name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}-signed.exe
path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe
- name: Upload signed appx ia32 artifact - name: Upload signed appx ia32 artifact
#if: github.ref == 'refs/heads/master' || github.event_name == 'release' if: github.ref == 'refs/heads/master' || github.event_name == 'release'
uses: actions/upload-artifact@v2 uses: actions/upload-artifact@v2
with: with:
name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx
path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx
- name: Upload signed appx x64 artifact - name: Upload signed appx x64 artifact
#if: github.ref == 'refs/heads/master' || github.event_name == 'release' if: github.ref == 'refs/heads/master' || github.event_name == 'release'
uses: actions/upload-artifact@v2 uses: actions/upload-artifact@v2
with: with:
name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx
path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx
#- name: Upload release assets - name: Upload release assets
# if: github.event_name == 'release' if: github.event_name == 'release'
# run: | run: |
# hub release edit ` hub release edit `
# -a ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg ` -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx `
# -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx `
# -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` -a ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe `
# -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` -a ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe `
# $env:RELEASE_TAG_NAME -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" `
# shell: pwsh $env:RELEASE_TAG_NAME
# env: shell: pwsh
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} env:
# RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
RELEASE_TAG_NAME: ${{ github.event.release.tag_name }}

56
.github/workflows/build.yml vendored
View File

@ -1,16 +1,13 @@
name: Build name: Build
on: on:
workflow_dispatch: push:
branches-ignore:
# on: - 'l10n_master'
# push: - 'gh-pages'
# branches-ignore: release:
# - 'l10n_master' types:
# - 'gh-pages' - published
# release:
# types:
# - published
jobs: jobs:
@ -121,7 +118,7 @@ jobs:
windows: windows:
runs-on: windows-latest runs-on: windows-latest
environment: test_ast
steps: steps:
- name: Set up Node - name: Set up Node
uses: actions/setup-node@v1 uses: actions/setup-node@v1
@ -145,7 +142,7 @@ jobs:
run: | run: |
node --version node --version
npm --version npm --version
choco --version #choco --version
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@v2 uses: actions/checkout@v2
@ -163,6 +160,8 @@ jobs:
- name: Build application - name: Build application
shell: pwsh shell: pwsh
run: npm run dist:win:ci run: npm run dist:win:ci
env:
ELECTRON_BUILDER_SIGN: 0
- name: Rename appx files for store - name: Rename appx files for store
shell: pwsh shell: pwsh
@ -173,28 +172,28 @@ jobs:
-Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx" -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx"
- name: Upload portable exe artifact - name: Upload portable exe artifact
#if: github.ref == 'refs/heads/master' || github.event_name == 'release' if: github.ref == 'refs/heads/master' || github.event_name == 'release'
uses: actions/upload-artifact@v2 uses: actions/upload-artifact@v2
with: with:
name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe
path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe
- name: Upload installer exe artifact - name: Upload installer exe artifact
#if: github.ref == 'refs/heads/master' || github.event_name == 'release' if: github.ref == 'refs/heads/master' || github.event_name == 'release'
uses: actions/upload-artifact@v2 uses: actions/upload-artifact@v2
with: with:
name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe
path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe
- name: Upload store appx ia32 artifact - name: Upload store appx ia32 artifact
#if: github.ref == 'refs/heads/master' || github.event_name == 'release' if: github.ref == 'refs/heads/master' || github.event_name == 'release'
uses: actions/upload-artifact@v2 uses: actions/upload-artifact@v2
with: with:
name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx
path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx
- name: Upload store appx x64 artifact - name: Upload store appx x64 artifact
#if: github.ref == 'refs/heads/master' || github.event_name == 'release' if: github.ref == 'refs/heads/master' || github.event_name == 'release'
uses: actions/upload-artifact@v2 uses: actions/upload-artifact@v2
with: with:
name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx
@ -212,22 +211,21 @@ jobs:
# name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg # name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg
# path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg # path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg
#- name: Upload release assets - name: Upload release assets
# if: github.event_name == 'release' if: github.event_name == 'release'
# run: | run: |
# hub release edit ` hub release edit `
# -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx `
# -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx `
# -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" `
# $env:RELEASE_TAG_NAME $env:RELEASE_TAG_NAME
# shell: pwsh shell: pwsh
# env: env:
# GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
# RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} RELEASE_TAG_NAME: ${{ github.event.release.tag_name }}
macos: macos:
runs-on: macos-latest runs-on: macos-latest
steps: steps:
- name: Set up Node - name: Set up Node
uses: actions/setup-node@v1 uses: actions/setup-node@v1

0
appveyor.yml → appveyor.yml.flagged-to-remove
View File

2
sign.js
View File

@ -1,4 +1,5 @@
exports.default = async function(configuration) { exports.default = async function(configuration) {
if (process.env.ELECTRON_BUILDER_SIGN === 1) {
require("child_process").execSync( require("child_process").execSync(
`azuresigntool sign ` + `azuresigntool sign ` +
`-kvu ${process.env.SIGNING_VAULT_URL} ` + `-kvu ${process.env.SIGNING_VAULT_URL} ` +
@ -14,4 +15,5 @@ exports.default = async function(configuration) {
stdio: "inherit" stdio: "inherit"
} }
); );
}
}; };