From f3316da6dc21b575b71c4f9bd1628fb36f1ef942 Mon Sep 17 00:00:00 2001
From: unknown
Date: Mon, 8 Apr 2024 22:40:59 +0200
Subject: [PATCH] Work on #321
---
.github/workflows/build.yml | 2 +-
signWin.js | 26 ++++++++++++++++----------
2 files changed, 17 insertions(+), 11 deletions(-)
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index fade659..a2cbe2c 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -82,7 +82,7 @@ jobs:
debugElectron: false
env:
# new MacOS notarize secrets (2024)
- DEBUG: electron-builder
+ DEBUG: electron-builder # To debug electron-builder
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
diff --git a/signWin.js b/signWin.js
index efd02a4..fee4caa 100644
--- a/signWin.js
+++ b/signWin.js
@@ -2,24 +2,30 @@ const {
execSync
} = require('node:child_process')
-console.info(`signing with SignWin`)
-
exports.default = async configuration => {
if (!process.env.SM_API_KEY) {
- console.info(`Skip signing because SM_API_KEY and not configured`)
+ console.error("Signing using OpenBuilds CONTROL's custom signWin.js script: failed: SM_API_KEY ENV VAR NOT FOUND");
+ return
+ }
+
+ if (!process.env.SM_CODE_SIGNING_CERT_SHA1_HASH) {
+ console.error("Signing using OpenBuilds CONTROL's custom signWin.js script: failed: FINGERPRINT ENV VAR NOT FOUND");
return
}
if (!configuration.path) {
- throw new Error(`Path of application is not found`)
+ throw new Error(`Signing using OpenBuilds CONTROL's custom signWin.js script: failed: TARGET PATH NOT FOUND`)
+ return
}
- //signtool.exe sign /sha1 ${{ secrets.SM_CODE_SIGNING_CERT_SHA1_HASH }} /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 "D:\a\OpenBuilds-CONTROL\OpenBuilds-CONTROL\dist\*.exe"
- //signtool.exe verify /v /pa "D:\a\OpenBuilds-CONTROL\OpenBuilds-CONTROL\dist\*.exe"
+ try {
+ execSync(`smctl sign --fingerprint="${process.env.SM_CODE_SIGNING_CERT_SHA1_HASH}" --input "${String(configuration.path)}"`, {
+ stdio: 'inherit',
+ })
+ console.log("Signing using OpenBuilds CONTROL's custom signWin.js script: successful");
+ } catch (error) {
+ console.error("Signing using OpenBuilds CONTROL's custom signWin.js script: failed:", error);
+ }
- execSync(`smctl sign --fingerprint="${process.env.SM_CODE_SIGNING_CERT_SHA1_HASH}" --input "${String(configuration.path)}"`, {
- stdio: 'inherit',
- })
- console.info(`signed with SignWin`)
}
\ No newline at end of file