experimenting with no CSC_* env vars

2024-11-02 08:40:08 +01:00 · 2021-01-06 18:04:18 +00:00 · 2021-01-06 18:04:18 +00:00 · 65a13d997a
commit 65a13d997a
parent e1d2aa4b4a
1 changed files with 48 additions and 1 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -123,6 +123,11 @@ jobs:
    runs-on: windows-latest

    steps:
+      - name: Set up dotnet
+        uses: actions/setup-dotnet@v1
+        with:
+          dotnet-version: "3.1.x"
+
      - name: Set up Node
        uses: actions/setup-node@v1
        with:
@ -145,7 +150,31 @@ jobs:
        run: |
          node --version
          npm --version
-          choco --version
+          #choco --version
+          dotnet --version
+
+
+      - name: Install AST
+        shell: pwsh
+        run: |
+          cd $HOME
+
+          git clone https://github.com/vcsjones/AzureSignTool.git
+          cd AzureSignTool
+          $latest_head = $(git rev-parse HEAD)[0..9] -join ""
+          $latest_version = "0.0.0-g$latest_head"
+
+          Write-Host "--------"
+          Write-Host "git commit - $(git rev-parse HEAD)"
+          Write-Host "latest_head - $latest_head"
+          Write-Host "PACKAGE VERSION TO BUILD - $latest_version"
+          Write-Host "--------"
+
+          dotnet restore
+          dotnet pack --output ./nupkg
+          dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool
+
+          cd $HOME

      - name: Checkout repo
        uses: actions/checkout@v2
@ -163,6 +192,13 @@ jobs:
      - name: Build application
        shell: pwsh
        run: npm run dist:win:ci
+        env:
+          SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }}
+          SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }}
+          SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }}
+          SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }}
+          SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }}
+          SECRET_TEST: ${{ secrets.SECRET_TEST }}

      - name: Rename appx files for store
        shell: pwsh
@ -212,6 +248,17 @@ jobs:
      #     name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg
      #     path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg
      
+      - name: Repack & Sign
+        run: |
+          npm run pack:win
+        env:
+          SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }}
+          SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }}
+          SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }}
+          SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }}
+          SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }}
+          SECRET_TEST: ${{ secrets.SECRET_TEST }}
+
      #- name: Upload release assets
      #  if: github.event_name == 'release'
      #  run: |