From 5668dc204b83ae0c1edf79a4998f41292007d230 Mon Sep 17 00:00:00 2001 From: Mary Date: Tue, 22 Nov 2022 13:54:56 -0500 Subject: [PATCH] fix: windowsCodeSign - don't use osslsigncode in a vm! (#7275) --- .changeset/spotty-vans-pay.md | 5 +++++ .../src/codeSign/windowsCodeSign.ts | 17 +++++++++-------- 2 files changed, 14 insertions(+), 8 deletions(-) create mode 100644 .changeset/spotty-vans-pay.md diff --git a/.changeset/spotty-vans-pay.md b/.changeset/spotty-vans-pay.md new file mode 100644 index 00000000000..308db2ef79d --- /dev/null +++ b/.changeset/spotty-vans-pay.md @@ -0,0 +1,5 @@ +--- +"app-builder-lib": patch +--- + +Fixes a bug where signtool might not be used in a windows VM diff --git a/packages/app-builder-lib/src/codeSign/windowsCodeSign.ts b/packages/app-builder-lib/src/codeSign/windowsCodeSign.ts index 43d2cae671e..37b450cd2f6 100644 --- a/packages/app-builder-lib/src/codeSign/windowsCodeSign.ts +++ b/packages/app-builder-lib/src/codeSign/windowsCodeSign.ts @@ -145,19 +145,20 @@ export async function getCertificateFromStoreInfo(options: WindowsConfiguration, export async function doSign(configuration: CustomWindowsSignTaskConfiguration, packager: WinPackager) { // https://github.com/electron-userland/electron-builder/pull/1944 const timeout = parseInt(process.env.SIGNTOOL_TIMEOUT as any, 10) || 10 * 60 * 1000 - // unify logic of signtool path location - const toolInfo = await getToolPath() - const tool = toolInfo.path // decide runtime argument by cases let args: Array let env = process.env let vm: VmManager - if (configuration.path.endsWith(".appx") || !("file" in configuration.cscInfo!) /* certificateSubjectName and other such options */) { + const vmRequired = configuration.path.endsWith(".appx") || !("file" in configuration.cscInfo!) /* certificateSubjectName and other such options */ + const isWin = process.platform === "win32" || vmRequired + const toolInfo = await getToolPath(isWin) + const tool = toolInfo.path + if (vmRequired) { vm = await packager.vm.value - args = computeSignToolArgs(configuration, true, vm) + args = computeSignToolArgs(configuration, isWin, vm) } else { vm = new VmManager() - args = configuration.computeSignToolArgs(process.platform === "win32") + args = configuration.computeSignToolArgs(isWin) if (toolInfo.env != null) { env = toolInfo.env } @@ -292,7 +293,7 @@ function getWinSignTool(vendorPath: string): string { } } -async function getToolPath(): Promise { +async function getToolPath(isWin = process.platform === "win32"): Promise { if (isUseSystemSigncode()) { return { path: "osslsigncode" } } @@ -303,7 +304,7 @@ async function getToolPath(): Promise { } const vendorPath = await getSignVendorPath() - if (process.platform === "win32") { + if (isWin) { // use modern signtool on Windows Server 2012 R2 to be able to sign AppX return { path: getWinSignTool(vendorPath) } } else if (process.platform === "darwin") {