Skip to content

Commit

Permalink
Fix codesign windows (#964)
Browse files Browse the repository at this point in the history
Co-authored-by: Hien To <[email protected]>
  • Loading branch information
hiento09 and hiento09 authored Aug 2, 2024
1 parent c2d7fbd commit d5b8a55
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 24 deletions.
32 changes: 10 additions & 22 deletions .github/workflows/cortex-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -348,18 +348,12 @@ jobs:
cp cortex cortexso/usr/local/bin/cortex
dpkg-deb --build cortexso
- uses: nick-fields/retry@v3
with:
continue_on_error: true
retry_wait_seconds: 10
timeout_minutes: 10
max_attempts: 3
shell: cmd
command: |
cd cortex-js
set PATH=%PATH%;%USERPROFILE%\.dotnet\tools
make codesign-binary CODE_SIGN=true CORTEX_VERSION="0.${{ needs.create-draft-release.outputs.version }}" AZURE_KEY_VAULT_URI="${{ secrets.AZURE_KEY_VAULT_URI }}" AZURE_CLIENT_ID="${{ secrets.AZURE_CLIENT_ID }}" AZURE_TENANT_ID="${{ secrets.AZURE_TENANT_ID }}" AZURE_CLIENT_SECRET="${{ secrets.AZURE_CLIENT_SECRET }}" AZURE_CERT_NAME="${{ secrets.AZURE_CERT_NAME }}"
- run: |
cd cortex-js
set PATH=%PATH%;%USERPROFILE%\.dotnet\tools
make codesign-binary CODE_SIGN=true CORTEX_VERSION="0.${{ needs.create-draft-release.outputs.version }}" AZURE_KEY_VAULT_URI="${{ secrets.AZURE_KEY_VAULT_URI }}" AZURE_CLIENT_ID="${{ secrets.AZURE_CLIENT_ID }}" AZURE_TENANT_ID="${{ secrets.AZURE_TENANT_ID }}" AZURE_CLIENT_SECRET="${{ secrets.AZURE_CLIENT_SECRET }}" AZURE_CERT_NAME="${{ secrets.AZURE_CERT_NAME }}"
name: Code Signing Windows
shell: cmd
if: runner.os == 'Windows'
- name: Update version in installer.iss using sed
Expand All @@ -377,18 +371,12 @@ jobs:
path: cortex-js/installer.iss
options: /O+

- uses: nick-fields/retry@v3
with:
continue_on_error: true
retry_wait_seconds: 10
timeout_minutes: 10
max_attempts: 3
shell: cmd
command: |
cd cortex-js
set PATH=%PATH%;%USERPROFILE%\.dotnet\tools
make codesign-installer CODE_SIGN=true CORTEX_VERSION="0.${{ needs.create-draft-release.outputs.version }}" AZURE_KEY_VAULT_URI="${{ secrets.AZURE_KEY_VAULT_URI }}" AZURE_CLIENT_ID="${{ secrets.AZURE_CLIENT_ID }}" AZURE_TENANT_ID="${{ secrets.AZURE_TENANT_ID }}" AZURE_CLIENT_SECRET="${{ secrets.AZURE_CLIENT_SECRET }}" AZURE_CERT_NAME="${{ secrets.AZURE_CERT_NAME }}"
- run: |
cd cortex-js
set PATH=%PATH%;%USERPROFILE%\.dotnet\tools
make codesign-installer CODE_SIGN=true CORTEX_VERSION="0.${{ needs.create-draft-release.outputs.version }}" AZURE_KEY_VAULT_URI="${{ secrets.AZURE_KEY_VAULT_URI }}" AZURE_CLIENT_ID="${{ secrets.AZURE_CLIENT_ID }}" AZURE_TENANT_ID="${{ secrets.AZURE_TENANT_ID }}" AZURE_CLIENT_SECRET="${{ secrets.AZURE_CLIENT_SECRET }}" AZURE_CERT_NAME="${{ secrets.AZURE_CERT_NAME }}"
name: Code Signing Windows
shell: cmd
if: runner.os == 'Windows'
- name: Post-Bundle
Expand Down
4 changes: 2 additions & 2 deletions cortex-js/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ endif

ifeq ($(OS),Windows_NT)
@powershell -Command "dotnet tool install --global AzureSignTool;"
@powershell -Command 'azuresigntool.exe sign -kvu "$(AZURE_KEY_VAULT_URI)" -kvi "$(AZURE_CLIENT_ID)" -kvt "$(AZURE_TENANT_ID)" -kvs "$(AZURE_CLIENT_SECRET)" -kvc "$(AZURE_CERT_NAME)" -tr http://timestamp.globalsign.com/tsa/r6advanced1 -v ".\cortex-js\cortex.exe";'
@powershell -Command 'azuresigntool.exe sign -kvu "$(AZURE_KEY_VAULT_URI)" -kvi "$(AZURE_CLIENT_ID)" -kvt "$(AZURE_TENANT_ID)" -kvs "$(AZURE_CLIENT_SECRET)" -kvc "$(AZURE_CERT_NAME)" -tr http://timestamp.globalsign.com/tsa/r6advanced1 -v ".\cortex.exe";'
else ifeq ($(shell uname -s),Linux)
@echo "Skipping Code Sign for linux"
@exit 0
Expand All @@ -40,7 +40,7 @@ endif

ifeq ($(OS),Windows_NT)
@powershell -Command "dotnet tool install --global AzureSignTool;"
@powershell -Command 'azuresigntool.exe sign -kvu "$(AZURE_KEY_VAULT_URI)" -kvi "$(AZURE_CLIENT_ID)" -kvt "$(AZURE_TENANT_ID)" -kvs "$(AZURE_CLIENT_SECRET)" -kvc "$(AZURE_CERT_NAME)" -tr http://timestamp.globalsign.com/tsa/r6advanced1 -v ".\cortex-js\setup.exe";'
@powershell -Command 'azuresigntool.exe sign -kvu "$(AZURE_KEY_VAULT_URI)" -kvi "$(AZURE_CLIENT_ID)" -kvt "$(AZURE_TENANT_ID)" -kvs "$(AZURE_CLIENT_SECRET)" -kvc "$(AZURE_CERT_NAME)" -tr http://timestamp.globalsign.com/tsa/r6advanced1 -v ".\setup.exe";'
else ifeq ($(shell uname -s),Linux)
@echo "Skipping Code Sign for linux"
@exit 0
Expand Down

0 comments on commit d5b8a55

Please sign in to comment.