Skip to content

Commit

Permalink
Move Windows build scripts under script/
Browse files Browse the repository at this point in the history
  • Loading branch information
@mislav
mislav committed Jan 7, 2020
1 parent 732b3dd commit 7edde93
Show file tree
Hide file tree
Showing 4 changed files with 14 additions and 5 deletions.
8 changes: 5 additions & 3 deletions .github/workflows/releases.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,14 +49,16 @@ jobs:
with:
exe: ${{ steps.download_exe.outputs.exe }}
- name: Obtain signing cert
id: obtain_cert
env:
DESKTOP_CERT_TOKEN: ${{ secrets.DESKTOP_CERT_TOKEN }}
run: .\setup-windows-certificate.ps1
shell: powershell
run: .\script\setup-windows-certificate.ps1
- name: Sign MSI
env:
GITHUB_CERT_PASSWORD: ${{ secrets.GITHUB_CERT_PASSWORD }}
run: .\sign.ps1 -Certificate "windows-certificate.pfx" -Executable "${{ steps.buildmsi.outputs.msi }}"
run: |
.\script\sign.ps1 -Certificate "${{ steps.obtain_cert.outputs.cert-file }}" `
-Executable "${{ steps.buildmsi.outputs.msi }}"
- name: Upload MSI
uses: ./.github/actions/upload-msi
env:
Expand Down
5 changes: 4 additions & 1 deletion setup-windows-certificate.ps1 → script/setup-windows-certificate.ps1
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,12 @@
$scriptPath = split-path -parent $MyInvocation.MyCommand.Definition
$certFile = "$scriptPath\windows-certificate.pfx"

$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Authorization", "token $env:DESKTOP_CERT_TOKEN")
$headers.Add("Accept", 'application/vnd.github.v3.raw')

Invoke-WebRequest 'https://api.github.com/repos/desktop/desktop-secrets/contents/windows-certificate.pfx' `
-Headers $headers `
-OutFile "$scriptPath\windows-certificate.pfx"
-OutFile "$certFile"

Write-Output "::set-output name=cert-file::$certFile"
6 changes: 5 additions & 1 deletion sign.ps1 → script/sign.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,4 +10,8 @@ $thumbprint = "fb713a60a7fa79dfc03cb301ca05d4e8c1bdd431"
$passwd = $env:GITHUB_CERT_PASSWORD
$ProgramName = "GitHub CLI"

& .\signtool.exe sign /d $ProgramName /f $Certificate /p $passwd /sha1 $thumbprint /fd sha256 /tr http://timestamp.digicert.com /td sha256 /v $Executable
$scriptPath = split-path -parent $MyInvocation.MyCommand.Definition

& $scriptPath\signtool.exe sign /d $ProgramName /f $Certificate /p $passwd `
/sha1 $thumbprint /fd sha256 /tr http://timestamp.digicert.com /td sha256 /v `
$Executable
0 signtool.exe → script/signtool.exe
View file
File renamed without changes.

0 comments on commit 7edde93

Please sign in to comment.