From 9a39f67efc09a01fb78c8357a4fb2608db049fb4 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 16:21:43 +0000 Subject: [PATCH] changing the gh action to "on push" to initialize it --- .az-pipelines/az-cli-tests.yml | 19 ---- .az-pipelines/sign-windows-artifacts.yml | 58 ----------- .az-pipelines/test-ast-install.yml | 21 ---- .az-pipelines/windows-build-sign.yml | 127 ----------------------- .github/workflows/build-and-sign.yml | 11 +- 5 files changed, 10 insertions(+), 226 deletions(-) delete mode 100644 .az-pipelines/az-cli-tests.yml delete mode 100644 .az-pipelines/sign-windows-artifacts.yml delete mode 100644 .az-pipelines/test-ast-install.yml delete mode 100644 .az-pipelines/windows-build-sign.yml diff --git a/.az-pipelines/az-cli-tests.yml b/.az-pipelines/az-cli-tests.yml deleted file mode 100644 index daf6af6e33..0000000000 --- a/.az-pipelines/az-cli-tests.yml +++ /dev/null @@ -1,19 +0,0 @@ -trigger: none - -pool: - vmImage: 'windows-latest' - -variables: -- group: sub-secrets - -steps: -- task: AzureCLI@2 - displayName: Azure CLI KV Test - inputs: - azureSubscription: '$(subscription-id)' - connectedServiceNameARM: keyvault-signing-SP - scriptType: ps - scriptLocation: inlineScript - inlineScript: | - az --verison - az keyvault certificate list --vault-name code-signing-test-vault diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml deleted file mode 100644 index 70d7abe42d..0000000000 --- a/.az-pipelines/sign-windows-artifacts.yml +++ /dev/null @@ -1,58 +0,0 @@ -trigger: none - -pool: - vmImage: 'windows-latest' - -variables: -- group: code-signing-test - -steps: - #- script: | - # set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true - # dotnet tool install --global AzureSignTool --version 2.0.17 - # displayName: 'install AzureSignTool' - -- script: | - git clone https://github.com/vcsjones/AzureSignTool.git - cd AzureSignTool - dotnet --version - dotnet pack --output ./nupkg - dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version 0.0.0-gce87e84a58 azuresigntool - displayName: 'Install AST' - -- script: | - azuresigntool sign --help - displayName: 'Debugging AST' - - #- script: exit 1 - # displayName: 'Early Exit' - -- task: DownloadGitHubRelease@0 - inputs: - connection: joseph-flinn - userRepository: joseph-flinn/desktop - displayName: 'git release artifacts' - -- bash: | - GIT_RELEASE_VERSION=$(curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | awk -F '"' '/tag_name/{print $4}' | awk '{print substr($1, 2); }') - echo "##vso[task.setvariable variable=git_release_version]$GIT_RELEASE_VERSION" - displayName: 'set git_release_version' - -- script: | - ls -alh $(System.ArtifactsDirectory) - echo GIT_RELEASE_VERSION=$(git_release_version) - displayName: 'show artifacts' - -- script: | - azuresigntool sign -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvt "$(SigningTenantId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -tr http://timestamp.digicert.com "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32-store.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64-store.appx" - displayName: 'Sign artifacts' - -- task: PublishPipelineArtifact@1 - inputs: - pathToPublish: '$(System.ArtifactsDirectory)/Bitwarden-$(git_release_version)-ia32-store.appx' - artifactName: 'Bitwarden-$(git_release_version)-ia32-store.appx' - -- task: PublishPipelineArtifact@1 - inputs: - pathToPublish: '$(System.ArtifactsDirectory)/Bitwarden-$(git_release_version)-x64-store.appx' - artifactName: 'Bitwarden-$(git_release_version)-x64-store.appx' diff --git a/.az-pipelines/test-ast-install.yml b/.az-pipelines/test-ast-install.yml deleted file mode 100644 index 3f0d33b169..0000000000 --- a/.az-pipelines/test-ast-install.yml +++ /dev/null @@ -1,21 +0,0 @@ -trigger: none - -pool: - vmImage: 'windows-latest' - -variables: -- group: code-signing-test - -steps: -- script: | - git clone https://github.com/vcsjones/AzureSignTool.git - cd AzureSignTool/src/AzureSignTool - dotnet tool restore - displayName: 'install AzureSignTool' - -- script: dotnet tool list - displayName: 'testing dotnet tool list' - -- script: AzureSignTool.exe sign --help - displayName: 'Debugging AST' - diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml deleted file mode 100644 index d64a6e12c4..0000000000 --- a/.az-pipelines/windows-build-sign.yml +++ /dev/null @@ -1,127 +0,0 @@ -# Node.js -# Build a general Node.js project with npm. -# Add steps that analyze code, save build artifacts, deploy, and more: -# https://docs.microsoft.com/azure/devops/pipelines/languages/javascript - -trigger: none - -pool: - vmImage: 'windows-latest' - -variables: -- group: code-signing-test - -steps: -- pwsh: | - Write-Host "------------------------" - Write-Host "secret test - $env:CSC_KEY_PASSWORD" - Write-Host "SIGNING_CERT_NAME - $env:SIGNING_CERT_NAME" - Write-Host "---" - Write Host "This shouldn't work - $(ebSigningCertKey)" - Write-Host "------------------------" - displayName: 'Var & Secret Testing' - env: - CSC_LINK: $(ebSigningCertIdentifierURL) - CSC_KEY_PASSWORD: $(ebSigningCertKey) - SIGNING_VAULT_URL: $(SigningVaultURL) - SIGNING_CLIENT_ID: $(SigningClientId) - SIGNING_TENTANT_ID: $(SigningTenantId) - SIGNING_CLIENT_SECRET: $(SigningClientSecret) - SIGNING_CERT_NAME: $(SigningCertName) - -- script: exit 1 - displayName: Stop Pipeline - -- task: NodeTool@0 - inputs: - versionSpec: '10.x' - displayName: 'Install Node.js' - - #- script: | - # set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true - # dotnet tool install --global AzureSignTool --version 2.0.17 - # displayName: 'install AzureSignTool' - -- task: UseDotNet@2 - displayName: 'Use .NET Core SDK 3.x' - inputs: - packageType: sdk - version: 3.x - installationPath: $(Agent.ToolsDirectory)/dotnet - -- pwsh: | - git clone https://github.com/vcsjones/AzureSignTool.git - cd AzureSignTool - $latest_head = $(git rev-parse HEAD)[0..9] -join "" - $latest_version = "0.0.0-g$latest_head" - Write-Host "--------" - Write-Host "git commit - $(git rev-parse HEAD)" - Write-Host "latest_head - $latest_head" - Write-Host "PACKAGE VERSION TO BUILD - $latest_version" - Write-Host "--------" - - dotnet --version - dotnet restore - dotnet pack --output ./nupkg - dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool - displayName: 'Install AST' - - -- task: PowerShell@2 - inputs: - targetType: 'inline' - script: | - $packageVersion = (Get-Content -Raw -Path $(System.DefaultWorkingDirectory)\src\package.json | ConvertFrom-Json).version; - echo "##vso[task.setvariable variable=PACKAGE_VERSION]${packageVersion}" - displayName: 'Setting packageVersion' - -- script: | - echo "package version: $(PACKAGE_VERSION)" - displayName: Package Version testing - -- script: npm install - displayName: 'npm install' - -- script: | - npm run build - npm npm run clean:dist - displayName: 'npm build' - -# This task is not working... -- pwsh: | - Write-Host "------------------------" - Write-Host "az pipeline secret test - $env:SECRET_TEST" - Write-Host "az pipeline var test - $env:SIGNING_CERT_NAME" - Write-Host "------------------------" - npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\" - displayName: 'electron-builder build & sign' - env: - CSC_LINK: $(ebSigningCertIdentifierURL) - CSC_KEY_PASSWORD: $(ebSigningCertKey) - SIGNING_VAULT_URL: $(SigningVaultURL) - SIGNING_CLIENT_ID: $(SigningClientId) - SIGNING_TENTANT_ID: $(SigningTenantId) - SIGNING_CLIENT_SECRET: $(SigningClientSecret) - SIGNING_CERT_NAME: $(SigningCertName) - SECRET_TEST: $(secretTest) - -- script: ls -alht dist - displayName: show executables - -- script: ls -alht dist/nsis-web - displayName: show nsis-web executables - -- task: PublishPipelineArtifact@1 - inputs: - pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-Portable-$(PACKAGE_VERSION).exe' - artifactName: Bitwarden-Portable-$(PACKAGE_VERSION).exe - -# - task: PublishPipelineArtifact@1 -# inputs: -# pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-ia32.appx' -# artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-ia32.appx -# -# - task: PublishPipelineArtifact@1 -# inputs: -# pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-x64.appx' -# artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-x64.appx diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index f673d55e80..3c5d245864 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -1,6 +1,15 @@ name: Build & Sign -on: [workflow_dispatch] +on: + push: + branches-ignore: + - 'l10n_master' + - 'gh-pages' + release: + types: + - published + +#[workflow_dispatch] jobs: windows: