bitwarden-desktop/sign.js

/* eslint-disable @typescript-eslint/no-var-requires, no-console */

exports.default = async function (configuration) {
  if (parseInt(process.env.ELECTRON_BUILDER_SIGN) === 1 && configuration.path.slice(-4) == ".exe") {
    console.log(`[*] Signing file: ${configuration.path}`);
    require("child_process").execSync(
      `azuresigntool sign -v ` +
        `-kvu ${process.env.SIGNING_VAULT_URL} ` +
        `-kvi ${process.env.SIGNING_CLIENT_ID} ` +
        `-kvt ${process.env.SIGNING_TENANT_ID} ` +
        `-kvs ${process.env.SIGNING_CLIENT_SECRET} ` +
        `-kvc ${process.env.SIGNING_CERT_NAME} ` +
        `-fd ${configuration.hash} ` +
        `-du ${configuration.site} ` +
        `-tr http://timestamp.digicert.com ` +
        `${configuration.path}`,
      {
        stdio: "inherit",
      }
    );
  }
};
Add eslint (#1369) 2022-02-24 20:50:19 +01:00			`/* eslint-disable @typescript-eslint/no-var-requires, no-console */`

testing electron-builder integration with az kv 2020-12-30 22:19:12 +01:00			`exports.default = async function (configuration) {`
excluding the unpacked appx executables 2021-01-15 18:19:34 +01:00			`if (parseInt(process.env.ELECTRON_BUILDER_SIGN) === 1 && configuration.path.slice(-4) == ".exe") {`
adding signing logging 2021-01-15 18:42:44 +01:00			console.log(`[*] Signing file: ${configuration.path}`);
adding a signing flag for electron builder 2021-01-06 19:58:44 +01:00			`require("child_process").execSync(`
Pinning ast version (#1080) * Pinning version of AST instead of using latest * adding the pinned version of the commit * adding an array join * pinning version of dotnet * trying the AST pin of the version we started using * disabling jobs and adding test step to window job * adding dotnet 2.1.x to see if that fixes the issue * removing the test code and testing the addition of .net 2.1.x * repinning to last successful sign * trying the newest version of AST * disabling the non-windows jobs again * disabling the windows build job and added a test job * removing stray comma * changing the multiline delimiter * pivoting away from our EV cert and testing with a test one * switching back to the EV cert and adding a verbose flag * disabling some steps that are breaking * swithing back to the test cert * testing new format for the ast command * removing the node portions of the test since they are not needed * trying AST without the tenat-id * rolling back to original commit * switching to custom AST for better troubleshooting * removing the ast commit logic and forcing latest * fixing up the pwsh sign command * fixing the AST verison * making sure that the secrets are not blank * trying the EV cert for signing * Using pinned commit from AST instead of custom code * fixing env * building the actually pinned commit instead of whatever the other thing was... * testing the windows job * removing the dotnet 2.1.x dependency since the older AST version shouldn't need it * reenabling the test ast job since something is failing * moving the git switch command * testing new gh-action * fixing the gh-action path * updating the hash of the new action * enabling the build jobs again * updating the hash for the new Install AST action * fixing linter issues 2021-09-16 19:15:05 +02:00			`azuresigntool sign -v ` +
adding a signing flag for electron builder 2021-01-06 19:58:44 +01:00			`-kvu ${process.env.SIGNING_VAULT_URL} ` +
			`-kvi ${process.env.SIGNING_CLIENT_ID} ` +
			`-kvt ${process.env.SIGNING_TENANT_ID} ` +
			`-kvs ${process.env.SIGNING_CLIENT_SECRET} ` +
			`-kvc ${process.env.SIGNING_CERT_NAME} ` +
			`-fd ${configuration.hash} ` +
			`-du ${configuration.site} ` +
			`-tr http://timestamp.digicert.com ` +
			`${configuration.path}`,
			`{`
			`stdio: "inherit",`
			`}`
			`);`
			`}`
testing electron-builder integration with az kv 2020-12-30 22:19:12 +01:00			`};`