diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml deleted file mode 100644 index bb7e13f169..0000000000 --- a/.az-pipelines/windows-build-sign.yml +++ /dev/null @@ -1,39 +0,0 @@ -# Node.js -# Build a general Node.js project with npm. -# Add steps that analyze code, save build artifacts, deploy, and more: -# https://docs.microsoft.com/azure/devops/pipelines/languages/javascript - -trigger: none - -pool: - vmImage: 'windows-latest' - -steps: -- task: NodeTool@0 - inputs: - versionSpec: '10.x' - displayName: 'Install Node.js' - -- script: npm install - displayName: 'npm install' - -- script: | - npm run build - npm npm run clean:dist - displayName: 'npm build' - -- script: npx electron-builder --win --x64 --ia32 -p never - displayName: 'electron-builder package' - -- script: ls -alht dist - displayName: show executables - -# - task: PublishPipelineArtifact@1 -# inputs: -# pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-ia32.appx' -# artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-ia32.appx -# -# - task: PublishPipelineArtifact@1 -# inputs: -# pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-x64.appx' -# artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-x64.appx diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml new file mode 100644 index 0000000000..6c0465cd16 --- /dev/null +++ b/.github/workflows/build-and-sign.yml @@ -0,0 +1,109 @@ +name: Build & Sign + +on: + workflow_dispatch: + +jobs: + windows: + runs-on: windows-latest + steps: + - name: Set up Node + uses: actions/setup-node@v1 + with: + node-version: '10.x' + + - name: Set Node options + run: echo "NODE_OPTIONS=--max_old_space_size=4096" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append + shell: pwsh + + - name: Setup dotnet + uses: actions/setup-dotnet@v1 + with: + dotnet-version: "3.x" + + - name: Print environment + run: | + node --version + npm --version + dotnet --version + + exit 1 + + - name: Checkout repo + uses: actions/checkout@v2 + + - name: Load package version + run: ./.github/scripts/load-version.ps1 + shell: pwsh + + - name: Install Node dependencies + run: npm install + + - name: Run linter + run: npm run lint + + - name: Build application + shell: pwsh + run: npm run dist:win:ci + + - name: Rename appx files for store + shell: pwsh + run: | + Copy-Item "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx" ` + -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx" + Copy-Item "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx" ` + -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx" + + - name: Upload portable exe artifact + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe + path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe + + - name: Upload installer exe artifact + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe + path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe + + - name: Upload store appx ia32 artifact + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx + + - name: Upload store appx x64 artifact + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx + + - name: Deploy to Chocolatey + if: github.event_name == 'release' + run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION + shell: pwsh + + - name: Upload Chocolatey nupkg artifact + if: github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + + - name: Upload release assets + if: github.event_name == 'release' + run: | + hub release edit ` + -a ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` + -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` + $env:RELEASE_TAG_NAME + shell: pwsh + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} diff --git a/package.json b/package.json index 6014cb126d..e1870315cb 100644 --- a/package.json +++ b/package.json @@ -120,6 +120,7 @@ "nsis-web", "appx" ], + "sign": "./sign.js", "extraResources": [ { "from": "node_modules/regedit/vbs", diff --git a/sign.js b/sign.js new file mode 100644 index 0000000000..0a61edf3b7 --- /dev/null +++ b/sign.js @@ -0,0 +1,12 @@ +exports.default = async function(configuration) { + //console.log(`config:\n${JSON.stringify(configuration, null, 4)}`) + console.log(`env test - secret test ${process.env.SECRET_TEST}`) + console.log(`env test - shouldn't work ${process.env.secretTest}`) + + require("child_process").execSync( + `azuresigntool sign -kvu ${process.env.SIGNING_VAULT_URL} -kvi ${process.env.SIGNING_CLIENT_ID} -kvt ${process.env.SIGNING_TENANT_ID} -kvs ${process.env.SIGNING_CLIENT_SECRET} -kvc ${process.env.SIGNING_CERT_NAME} -fd ${configuration.hash} -du ${configuration.site} -tr http://timestamp.digicert.com ${configuration.path}`, + { + stdio: "inherit" + } + ); +}; diff --git a/src/package.json b/src/package.json index 18450719f8..ce88bc06d9 100644 --- a/src/package.json +++ b/src/package.json @@ -2,7 +2,7 @@ "name": "bitwarden", "productName": "Bitwarden", "description": "A secure and free password manager for all of your devices.", - "version": "1.23.2-alpha", + "version": "1.23.3-alpha", "author": "Bitwarden Inc. (https://bitwarden.com)", "homepage": "https://bitwarden.com", "license": "GPL-3.0",