1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-06 09:20:43 +01:00
bitwarden-browser/sign.js
Joseph Flinn c99a543030
Pinning ast version (#1080)
* Pinning version of AST instead of using latest

* adding the pinned version of the commit

* adding an array join

* pinning version of dotnet

* trying the AST pin of the version we started using

* disabling jobs and adding test step to window job

* adding dotnet 2.1.x to see if that fixes the issue

* removing the test code and testing the addition of .net 2.1.x

* repinning to last successful sign

* trying the newest version of AST

* disabling the non-windows jobs again

* disabling the windows build job and added a test job

* removing stray comma

* changing the multiline delimiter

* pivoting away from our EV cert and testing with a test one

* switching back to the EV cert and adding a verbose flag

* disabling some steps that are breaking

* swithing back to the test cert

* testing new format for the ast command

* removing the node portions of the test since they are not needed

* trying AST without the tenat-id

* rolling back to original commit

* switching to custom AST for better troubleshooting

* removing the ast commit logic and forcing latest

* fixing up the pwsh sign command

* fixing the AST verison

* making sure that the secrets are not blank

* trying the EV cert for signing

* Using pinned commit from AST instead of custom code

* fixing env

* building the actually pinned commit instead of whatever the other thing was...

* testing the windows job

* removing the dotnet 2.1.x dependency since the older AST version shouldn't need it

* reenabling the test ast job since something is failing

* moving the git switch command

* testing new gh-action

* fixing the gh-action path

* updating the hash of the new action

* enabling the build jobs again

* updating the hash for the new Install AST action

* fixing linter issues
2021-09-16 10:15:05 -07:00

24 lines
749 B
JavaScript

exports.default = async function(configuration) {
if (
parseInt(process.env.ELECTRON_BUILDER_SIGN) === 1 &&
configuration.path.slice(-4) == ".exe"
) {
console.log(`[*] Signing file: ${configuration.path}`)
require("child_process").execSync(
`azuresigntool sign -v ` +
`-kvu ${process.env.SIGNING_VAULT_URL} ` +
`-kvi ${process.env.SIGNING_CLIENT_ID} ` +
`-kvt ${process.env.SIGNING_TENANT_ID} ` +
`-kvs ${process.env.SIGNING_CLIENT_SECRET} ` +
`-kvc ${process.env.SIGNING_CERT_NAME} ` +
`-fd ${configuration.hash} ` +
`-du ${configuration.site} ` +
`-tr http://timestamp.digicert.com ` +
`${configuration.path}`,
{
stdio: "inherit"
}
);
}
};