1
0
mirror of https://github.com/bitwarden/desktop.git synced 2024-11-28 12:35:40 +01:00

changing the gh action to "on push" to initialize it

This commit is contained in:
Joseph Flinn 2021-01-05 16:21:43 +00:00
parent 020629fd3c
commit 9a39f67efc
5 changed files with 10 additions and 226 deletions

View File

@ -1,19 +0,0 @@
trigger: none
pool:
vmImage: 'windows-latest'
variables:
- group: sub-secrets
steps:
- task: AzureCLI@2
displayName: Azure CLI KV Test
inputs:
azureSubscription: '$(subscription-id)'
connectedServiceNameARM: keyvault-signing-SP
scriptType: ps
scriptLocation: inlineScript
inlineScript: |
az --verison
az keyvault certificate list --vault-name code-signing-test-vault

View File

@ -1,58 +0,0 @@
trigger: none
pool:
vmImage: 'windows-latest'
variables:
- group: code-signing-test
steps:
#- script: |
# set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true
# dotnet tool install --global AzureSignTool --version 2.0.17
# displayName: 'install AzureSignTool'
- script: |
git clone https://github.com/vcsjones/AzureSignTool.git
cd AzureSignTool
dotnet --version
dotnet pack --output ./nupkg
dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version 0.0.0-gce87e84a58 azuresigntool
displayName: 'Install AST'
- script: |
azuresigntool sign --help
displayName: 'Debugging AST'
#- script: exit 1
# displayName: 'Early Exit'
- task: DownloadGitHubRelease@0
inputs:
connection: joseph-flinn
userRepository: joseph-flinn/desktop
displayName: 'git release artifacts'
- bash: |
GIT_RELEASE_VERSION=$(curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | awk -F '"' '/tag_name/{print $4}' | awk '{print substr($1, 2); }')
echo "##vso[task.setvariable variable=git_release_version]$GIT_RELEASE_VERSION"
displayName: 'set git_release_version'
- script: |
ls -alh $(System.ArtifactsDirectory)
echo GIT_RELEASE_VERSION=$(git_release_version)
displayName: 'show artifacts'
- script: |
azuresigntool sign -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvt "$(SigningTenantId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -tr http://timestamp.digicert.com "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32-store.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64-store.appx"
displayName: 'Sign artifacts'
- task: PublishPipelineArtifact@1
inputs:
pathToPublish: '$(System.ArtifactsDirectory)/Bitwarden-$(git_release_version)-ia32-store.appx'
artifactName: 'Bitwarden-$(git_release_version)-ia32-store.appx'
- task: PublishPipelineArtifact@1
inputs:
pathToPublish: '$(System.ArtifactsDirectory)/Bitwarden-$(git_release_version)-x64-store.appx'
artifactName: 'Bitwarden-$(git_release_version)-x64-store.appx'

View File

@ -1,21 +0,0 @@
trigger: none
pool:
vmImage: 'windows-latest'
variables:
- group: code-signing-test
steps:
- script: |
git clone https://github.com/vcsjones/AzureSignTool.git
cd AzureSignTool/src/AzureSignTool
dotnet tool restore
displayName: 'install AzureSignTool'
- script: dotnet tool list
displayName: 'testing dotnet tool list'
- script: AzureSignTool.exe sign --help
displayName: 'Debugging AST'

View File

@ -1,127 +0,0 @@
# Node.js
# Build a general Node.js project with npm.
# Add steps that analyze code, save build artifacts, deploy, and more:
# https://docs.microsoft.com/azure/devops/pipelines/languages/javascript
trigger: none
pool:
vmImage: 'windows-latest'
variables:
- group: code-signing-test
steps:
- pwsh: |
Write-Host "------------------------"
Write-Host "secret test - $env:CSC_KEY_PASSWORD"
Write-Host "SIGNING_CERT_NAME - $env:SIGNING_CERT_NAME"
Write-Host "---"
Write Host "This shouldn't work - $(ebSigningCertKey)"
Write-Host "------------------------"
displayName: 'Var & Secret Testing'
env:
CSC_LINK: $(ebSigningCertIdentifierURL)
CSC_KEY_PASSWORD: $(ebSigningCertKey)
SIGNING_VAULT_URL: $(SigningVaultURL)
SIGNING_CLIENT_ID: $(SigningClientId)
SIGNING_TENTANT_ID: $(SigningTenantId)
SIGNING_CLIENT_SECRET: $(SigningClientSecret)
SIGNING_CERT_NAME: $(SigningCertName)
- script: exit 1
displayName: Stop Pipeline
- task: NodeTool@0
inputs:
versionSpec: '10.x'
displayName: 'Install Node.js'
#- script: |
# set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true
# dotnet tool install --global AzureSignTool --version 2.0.17
# displayName: 'install AzureSignTool'
- task: UseDotNet@2
displayName: 'Use .NET Core SDK 3.x'
inputs:
packageType: sdk
version: 3.x
installationPath: $(Agent.ToolsDirectory)/dotnet
- pwsh: |
git clone https://github.com/vcsjones/AzureSignTool.git
cd AzureSignTool
$latest_head = $(git rev-parse HEAD)[0..9] -join ""
$latest_version = "0.0.0-g$latest_head"
Write-Host "--------"
Write-Host "git commit - $(git rev-parse HEAD)"
Write-Host "latest_head - $latest_head"
Write-Host "PACKAGE VERSION TO BUILD - $latest_version"
Write-Host "--------"
dotnet --version
dotnet restore
dotnet pack --output ./nupkg
dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool
displayName: 'Install AST'
- task: PowerShell@2
inputs:
targetType: 'inline'
script: |
$packageVersion = (Get-Content -Raw -Path $(System.DefaultWorkingDirectory)\src\package.json | ConvertFrom-Json).version;
echo "##vso[task.setvariable variable=PACKAGE_VERSION]${packageVersion}"
displayName: 'Setting packageVersion'
- script: |
echo "package version: $(PACKAGE_VERSION)"
displayName: Package Version testing
- script: npm install
displayName: 'npm install'
- script: |
npm run build
npm npm run clean:dist
displayName: 'npm build'
# This task is not working...
- pwsh: |
Write-Host "------------------------"
Write-Host "az pipeline secret test - $env:SECRET_TEST"
Write-Host "az pipeline var test - $env:SIGNING_CERT_NAME"
Write-Host "------------------------"
npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\"
displayName: 'electron-builder build & sign'
env:
CSC_LINK: $(ebSigningCertIdentifierURL)
CSC_KEY_PASSWORD: $(ebSigningCertKey)
SIGNING_VAULT_URL: $(SigningVaultURL)
SIGNING_CLIENT_ID: $(SigningClientId)
SIGNING_TENTANT_ID: $(SigningTenantId)
SIGNING_CLIENT_SECRET: $(SigningClientSecret)
SIGNING_CERT_NAME: $(SigningCertName)
SECRET_TEST: $(secretTest)
- script: ls -alht dist
displayName: show executables
- script: ls -alht dist/nsis-web
displayName: show nsis-web executables
- task: PublishPipelineArtifact@1
inputs:
pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-Portable-$(PACKAGE_VERSION).exe'
artifactName: Bitwarden-Portable-$(PACKAGE_VERSION).exe
# - task: PublishPipelineArtifact@1
# inputs:
# pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-ia32.appx'
# artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-ia32.appx
#
# - task: PublishPipelineArtifact@1
# inputs:
# pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-x64.appx'
# artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-x64.appx

View File

@ -1,6 +1,15 @@
name: Build & Sign
on: [workflow_dispatch]
on:
push:
branches-ignore:
- 'l10n_master'
- 'gh-pages'
release:
types:
- published
#[workflow_dispatch]
jobs:
windows: