mirror of
https://github.com/Chia-Network/chia-blockchain.git
synced 2024-09-11 18:58:59 +03:00
Build_windows skips code sign verification when secrets not available (#290)
* Test windows codesign workaround * Enable actions on repo * pass env variable in build-windows.yml
This commit is contained in:
parent
10e4bf71af
commit
cc47e7ce43
1
.github/workflows/build-windows.yml
vendored
1
.github/workflows/build-windows.yml
vendored
@ -43,6 +43,7 @@ jobs:
|
||||
- name: Build Windows installer with build_scripts\build_windows.ps1
|
||||
env:
|
||||
WIN_CODE_SIGN_PASS: ${{ secrets.WIN_CODE_SIGN_PASS }}
|
||||
HAS_SECRET: steps.check_secrets.outputs.HAS_SECRET
|
||||
run: |
|
||||
$env:path="C:\Program` Files` (x86)\Microsoft` Visual` Studio\2019\Enterprise\SDK\ScopeCppSDK\vc15\VC\bin\;$env:path"
|
||||
$env:path="C:\Program` Files` (x86)\Windows` Kits\10\App` Certification` Kit;$env:path"
|
||||
|
@ -11,7 +11,7 @@ for setuptools_scm/PEP 440 reasons.
|
||||
### Added
|
||||
|
||||
### Changed
|
||||
- Minor changes have been made across the repositories to better support compiling on OpenBSD. HT @n1000
|
||||
- Minor changes have been made across the repositories to better support compiling on OpenBSD. HT @n1000.
|
||||
- A push to a branch will cancel all ci runs still running for that branch.
|
||||
- Ci's check to see if they have secret access and attempt to fail cleanly so that ci runs complete from PRs or forked repositories.
|
||||
|
||||
|
@ -94,11 +94,15 @@ Write-Output "node winstaller.js"
|
||||
node winstaller.js
|
||||
Write-Output " ---"
|
||||
|
||||
Write-Output " ---"
|
||||
Write-Output "Add timestamp and verify signature"
|
||||
Write-Output " ---"
|
||||
signtool.exe timestamp /v /t http://timestamp.comodoca.com/ .\release-builds\windows-installer\ChiaSetup-$packageVersion.exe
|
||||
signtool.exe verify /v /pa .\release-builds\windows-installer\ChiaSetup-$packageVersion.exe
|
||||
If ($env:HAS_SECRETS) {
|
||||
Write-Output " ---"
|
||||
Write-Output "Add timestamp and verify signature"
|
||||
Write-Output " ---"
|
||||
signtool.exe timestamp /v /t http://timestamp.comodoca.com/ .\release-builds\windows-installer\ChiaSetup-$packageVersion.exe
|
||||
signtool.exe verify /v /pa .\release-builds\windows-installer\ChiaSetup-$packageVersion.exe
|
||||
} Else {
|
||||
Write-Output "Skipping timestamp and verify signatures - no authorization to install certificates"
|
||||
}
|
||||
|
||||
Write-Output " ---"
|
||||
Write-Output "Windows Installer complete"
|
||||
|
Loading…
Reference in New Issue
Block a user