changing the gh action to "on push" to initialize it
This commit is contained in:
parent
020629fd3c
commit
9a39f67efc
|
@ -1,19 +0,0 @@
|
||||||
trigger: none
|
|
||||||
|
|
||||||
pool:
|
|
||||||
vmImage: 'windows-latest'
|
|
||||||
|
|
||||||
variables:
|
|
||||||
- group: sub-secrets
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- task: AzureCLI@2
|
|
||||||
displayName: Azure CLI KV Test
|
|
||||||
inputs:
|
|
||||||
azureSubscription: '$(subscription-id)'
|
|
||||||
connectedServiceNameARM: keyvault-signing-SP
|
|
||||||
scriptType: ps
|
|
||||||
scriptLocation: inlineScript
|
|
||||||
inlineScript: |
|
|
||||||
az --verison
|
|
||||||
az keyvault certificate list --vault-name code-signing-test-vault
|
|
|
@ -1,58 +0,0 @@
|
||||||
trigger: none
|
|
||||||
|
|
||||||
pool:
|
|
||||||
vmImage: 'windows-latest'
|
|
||||||
|
|
||||||
variables:
|
|
||||||
- group: code-signing-test
|
|
||||||
|
|
||||||
steps:
|
|
||||||
#- script: |
|
|
||||||
# set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true
|
|
||||||
# dotnet tool install --global AzureSignTool --version 2.0.17
|
|
||||||
# displayName: 'install AzureSignTool'
|
|
||||||
|
|
||||||
- script: |
|
|
||||||
git clone https://github.com/vcsjones/AzureSignTool.git
|
|
||||||
cd AzureSignTool
|
|
||||||
dotnet --version
|
|
||||||
dotnet pack --output ./nupkg
|
|
||||||
dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version 0.0.0-gce87e84a58 azuresigntool
|
|
||||||
displayName: 'Install AST'
|
|
||||||
|
|
||||||
- script: |
|
|
||||||
azuresigntool sign --help
|
|
||||||
displayName: 'Debugging AST'
|
|
||||||
|
|
||||||
#- script: exit 1
|
|
||||||
# displayName: 'Early Exit'
|
|
||||||
|
|
||||||
- task: DownloadGitHubRelease@0
|
|
||||||
inputs:
|
|
||||||
connection: joseph-flinn
|
|
||||||
userRepository: joseph-flinn/desktop
|
|
||||||
displayName: 'git release artifacts'
|
|
||||||
|
|
||||||
- bash: |
|
|
||||||
GIT_RELEASE_VERSION=$(curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | awk -F '"' '/tag_name/{print $4}' | awk '{print substr($1, 2); }')
|
|
||||||
echo "##vso[task.setvariable variable=git_release_version]$GIT_RELEASE_VERSION"
|
|
||||||
displayName: 'set git_release_version'
|
|
||||||
|
|
||||||
- script: |
|
|
||||||
ls -alh $(System.ArtifactsDirectory)
|
|
||||||
echo GIT_RELEASE_VERSION=$(git_release_version)
|
|
||||||
displayName: 'show artifacts'
|
|
||||||
|
|
||||||
- script: |
|
|
||||||
azuresigntool sign -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvt "$(SigningTenantId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -tr http://timestamp.digicert.com "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32-store.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64-store.appx"
|
|
||||||
displayName: 'Sign artifacts'
|
|
||||||
|
|
||||||
- task: PublishPipelineArtifact@1
|
|
||||||
inputs:
|
|
||||||
pathToPublish: '$(System.ArtifactsDirectory)/Bitwarden-$(git_release_version)-ia32-store.appx'
|
|
||||||
artifactName: 'Bitwarden-$(git_release_version)-ia32-store.appx'
|
|
||||||
|
|
||||||
- task: PublishPipelineArtifact@1
|
|
||||||
inputs:
|
|
||||||
pathToPublish: '$(System.ArtifactsDirectory)/Bitwarden-$(git_release_version)-x64-store.appx'
|
|
||||||
artifactName: 'Bitwarden-$(git_release_version)-x64-store.appx'
|
|
|
@ -1,21 +0,0 @@
|
||||||
trigger: none
|
|
||||||
|
|
||||||
pool:
|
|
||||||
vmImage: 'windows-latest'
|
|
||||||
|
|
||||||
variables:
|
|
||||||
- group: code-signing-test
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- script: |
|
|
||||||
git clone https://github.com/vcsjones/AzureSignTool.git
|
|
||||||
cd AzureSignTool/src/AzureSignTool
|
|
||||||
dotnet tool restore
|
|
||||||
displayName: 'install AzureSignTool'
|
|
||||||
|
|
||||||
- script: dotnet tool list
|
|
||||||
displayName: 'testing dotnet tool list'
|
|
||||||
|
|
||||||
- script: AzureSignTool.exe sign --help
|
|
||||||
displayName: 'Debugging AST'
|
|
||||||
|
|
|
@ -1,127 +0,0 @@
|
||||||
# Node.js
|
|
||||||
# Build a general Node.js project with npm.
|
|
||||||
# Add steps that analyze code, save build artifacts, deploy, and more:
|
|
||||||
# https://docs.microsoft.com/azure/devops/pipelines/languages/javascript
|
|
||||||
|
|
||||||
trigger: none
|
|
||||||
|
|
||||||
pool:
|
|
||||||
vmImage: 'windows-latest'
|
|
||||||
|
|
||||||
variables:
|
|
||||||
- group: code-signing-test
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- pwsh: |
|
|
||||||
Write-Host "------------------------"
|
|
||||||
Write-Host "secret test - $env:CSC_KEY_PASSWORD"
|
|
||||||
Write-Host "SIGNING_CERT_NAME - $env:SIGNING_CERT_NAME"
|
|
||||||
Write-Host "---"
|
|
||||||
Write Host "This shouldn't work - $(ebSigningCertKey)"
|
|
||||||
Write-Host "------------------------"
|
|
||||||
displayName: 'Var & Secret Testing'
|
|
||||||
env:
|
|
||||||
CSC_LINK: $(ebSigningCertIdentifierURL)
|
|
||||||
CSC_KEY_PASSWORD: $(ebSigningCertKey)
|
|
||||||
SIGNING_VAULT_URL: $(SigningVaultURL)
|
|
||||||
SIGNING_CLIENT_ID: $(SigningClientId)
|
|
||||||
SIGNING_TENTANT_ID: $(SigningTenantId)
|
|
||||||
SIGNING_CLIENT_SECRET: $(SigningClientSecret)
|
|
||||||
SIGNING_CERT_NAME: $(SigningCertName)
|
|
||||||
|
|
||||||
- script: exit 1
|
|
||||||
displayName: Stop Pipeline
|
|
||||||
|
|
||||||
- task: NodeTool@0
|
|
||||||
inputs:
|
|
||||||
versionSpec: '10.x'
|
|
||||||
displayName: 'Install Node.js'
|
|
||||||
|
|
||||||
#- script: |
|
|
||||||
# set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true
|
|
||||||
# dotnet tool install --global AzureSignTool --version 2.0.17
|
|
||||||
# displayName: 'install AzureSignTool'
|
|
||||||
|
|
||||||
- task: UseDotNet@2
|
|
||||||
displayName: 'Use .NET Core SDK 3.x'
|
|
||||||
inputs:
|
|
||||||
packageType: sdk
|
|
||||||
version: 3.x
|
|
||||||
installationPath: $(Agent.ToolsDirectory)/dotnet
|
|
||||||
|
|
||||||
- pwsh: |
|
|
||||||
git clone https://github.com/vcsjones/AzureSignTool.git
|
|
||||||
cd AzureSignTool
|
|
||||||
$latest_head = $(git rev-parse HEAD)[0..9] -join ""
|
|
||||||
$latest_version = "0.0.0-g$latest_head"
|
|
||||||
Write-Host "--------"
|
|
||||||
Write-Host "git commit - $(git rev-parse HEAD)"
|
|
||||||
Write-Host "latest_head - $latest_head"
|
|
||||||
Write-Host "PACKAGE VERSION TO BUILD - $latest_version"
|
|
||||||
Write-Host "--------"
|
|
||||||
|
|
||||||
dotnet --version
|
|
||||||
dotnet restore
|
|
||||||
dotnet pack --output ./nupkg
|
|
||||||
dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool
|
|
||||||
displayName: 'Install AST'
|
|
||||||
|
|
||||||
|
|
||||||
- task: PowerShell@2
|
|
||||||
inputs:
|
|
||||||
targetType: 'inline'
|
|
||||||
script: |
|
|
||||||
$packageVersion = (Get-Content -Raw -Path $(System.DefaultWorkingDirectory)\src\package.json | ConvertFrom-Json).version;
|
|
||||||
echo "##vso[task.setvariable variable=PACKAGE_VERSION]${packageVersion}"
|
|
||||||
displayName: 'Setting packageVersion'
|
|
||||||
|
|
||||||
- script: |
|
|
||||||
echo "package version: $(PACKAGE_VERSION)"
|
|
||||||
displayName: Package Version testing
|
|
||||||
|
|
||||||
- script: npm install
|
|
||||||
displayName: 'npm install'
|
|
||||||
|
|
||||||
- script: |
|
|
||||||
npm run build
|
|
||||||
npm npm run clean:dist
|
|
||||||
displayName: 'npm build'
|
|
||||||
|
|
||||||
# This task is not working...
|
|
||||||
- pwsh: |
|
|
||||||
Write-Host "------------------------"
|
|
||||||
Write-Host "az pipeline secret test - $env:SECRET_TEST"
|
|
||||||
Write-Host "az pipeline var test - $env:SIGNING_CERT_NAME"
|
|
||||||
Write-Host "------------------------"
|
|
||||||
npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\"
|
|
||||||
displayName: 'electron-builder build & sign'
|
|
||||||
env:
|
|
||||||
CSC_LINK: $(ebSigningCertIdentifierURL)
|
|
||||||
CSC_KEY_PASSWORD: $(ebSigningCertKey)
|
|
||||||
SIGNING_VAULT_URL: $(SigningVaultURL)
|
|
||||||
SIGNING_CLIENT_ID: $(SigningClientId)
|
|
||||||
SIGNING_TENTANT_ID: $(SigningTenantId)
|
|
||||||
SIGNING_CLIENT_SECRET: $(SigningClientSecret)
|
|
||||||
SIGNING_CERT_NAME: $(SigningCertName)
|
|
||||||
SECRET_TEST: $(secretTest)
|
|
||||||
|
|
||||||
- script: ls -alht dist
|
|
||||||
displayName: show executables
|
|
||||||
|
|
||||||
- script: ls -alht dist/nsis-web
|
|
||||||
displayName: show nsis-web executables
|
|
||||||
|
|
||||||
- task: PublishPipelineArtifact@1
|
|
||||||
inputs:
|
|
||||||
pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-Portable-$(PACKAGE_VERSION).exe'
|
|
||||||
artifactName: Bitwarden-Portable-$(PACKAGE_VERSION).exe
|
|
||||||
|
|
||||||
# - task: PublishPipelineArtifact@1
|
|
||||||
# inputs:
|
|
||||||
# pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-ia32.appx'
|
|
||||||
# artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-ia32.appx
|
|
||||||
#
|
|
||||||
# - task: PublishPipelineArtifact@1
|
|
||||||
# inputs:
|
|
||||||
# pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-x64.appx'
|
|
||||||
# artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-x64.appx
|
|
|
@ -1,6 +1,15 @@
|
||||||
name: Build & Sign
|
name: Build & Sign
|
||||||
|
|
||||||
on: [workflow_dispatch]
|
on:
|
||||||
|
push:
|
||||||
|
branches-ignore:
|
||||||
|
- 'l10n_master'
|
||||||
|
- 'gh-pages'
|
||||||
|
release:
|
||||||
|
types:
|
||||||
|
- published
|
||||||
|
|
||||||
|
#[workflow_dispatch]
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
windows:
|
windows:
|
||||||
|
|
Loading…
Reference in New Issue