From fef659af41b54e90173d395191a2b7987d607446 Mon Sep 17 00:00:00 2001
From: Piero Toffanin <pt@masseranolabs.com>
Date: Wed, 22 Dec 2021 22:01:15 -0500
Subject: [PATCH] Download signtool

---
 .github/workflows/publish-windows.yml |  2 +-
 configure.py                          | 17 ++++++++++-------
 2 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/publish-windows.yml b/.github/workflows/publish-windows.yml
index d7f0525a..1ec029d0 100644
--- a/.github/workflows/publish-windows.yml
+++ b/.github/workflows/publish-windows.yml
@@ -38,7 +38,7 @@ jobs:
       env: 
         CODE_SIGN_CERT_PATH: ${{ steps.code_sign.outputs.filePath }}
       run: |
-        python configure.py dist --signtool-path $((Get-Command signtool).Source) --code-sign-cert-path $env:CODE_SIGN_CERT_PATH
+        python configure.py dist --code-sign-cert-path $env:CODE_SIGN_CERT_PATH
     - name: Upload Setup File
       uses: actions/upload-artifact@v2
       with:
diff --git a/configure.py b/configure.py
index 9ce91f19..55afb8ba 100644
--- a/configure.py
+++ b/configure.py
@@ -34,11 +34,6 @@ parser.add_argument('--code-sign-cert-path',
                     default='',
                     required=False,
                     help='Path to pfx code signing certificate')
-parser.add_argument('--signtool-path',
-                    type=str,
-                    default='',
-                    required=False,
-                    help='Path to signtool.exe')
 
 args = parser.parse_args()
 
@@ -171,6 +166,14 @@ def dist():
         with zipfile.ZipFile(pythonzip_path) as z:
             z.extractall("python38")
 
+    # Download signtool
+    signtool_path = os.path.join("SuperBuild", "download", "signtool.exe")
+    signtool_url = "https://github.com/OpenDroneMap/windows-deps/releases/download/2.5.0/signtool.exe"
+    if not os.path.exists(signtool_path):
+        print("Downloading %s" % signtool_url)
+        with urllib.request.urlopen(signtool_url) as response, open(signtool_path, 'wb') as out_file:
+            shutil.copyfileobj(response, out_file)
+
     # Download innosetup
     if not os.path.isdir("innosetup"):
         innosetupzip_path = os.path.join("SuperBuild", "download", "innosetup.zip")
@@ -188,8 +191,8 @@ def dist():
 
     # Run
     cs_flags = ""
-    if args.code_sign_cert_path and args.signtool_path:
-        cs_flags = '"/Ssigntool=%s sign /f %s /fd SHA1 /t http://timestamp.sectigo.com $f"' % (args.signtool_path, args.code_sign_cert_path)
+    if args.code_sign_cert_path:
+        cs_flags = '"/Ssigntool=%s sign /f %s /fd SHA1 /t http://timestamp.sectigo.com $f"' % (signtool_path, args.code_sign_cert_path)
     run("innosetup\\iscc /Qp " + cs_flags  + " \"innosetup.iss\"")
 
     print("Done! Setup created in dist/")