pulsar-edit/pulsar
1
1
Fork 0
mirror of https://github.com/pulsar-edit/pulsar.git synced 2024-12-27 08:32:30 +03:00
Code Issues Packages Projects Releases Wiki Activity

Perform code-signing on CircleCI

Browse Source
This commit is contained in:
Nathan Sobo 2016-08-01 15:06:18 -06:00
parent e93145d057
commit a9664f63f8
4 changed files with 32 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
build/build.js
View File

@ -6,6 +6,7 @@
require('coffee-script/register')
const cleanOutputDirectory = require('./lib/clean-output-directory')
const codeSign = require('./lib/code-sign')
const copyAssets = require('./lib/copy-assets')
const dumpSymbols = require('./lib/dump-symbols')
const generateMetadata = require('./lib/generate-metadata')
@ -28,4 +29,6 @@ generateModuleCache()
prebuildLessCache()
generateMetadata()
writeFingerprint()
dumpSymbols().then(packageApplication)
dumpSymbols()
.then(packageApplication)
.then(codeSign)

23
build/lib/code-sign.js Normal file
View File

@ -0,0 +1,23 @@
const argv = require('yargs').argv
const childProcess = require('child_process')
module.exports = function (packagedAppPath) {
if (!argv.codeSign) {
console.log('Skipping code-signing. Specify --code-sign option to perform code-signing...')
return
}
console.log(`Unlocking keychain ${process.env.MAC_CODE_SIGNING_KEYCHAIN}`)
childProcess.spawnSync('security', [
'unlock-keychain',
'-p', process.env.MAC_CODE_SIGNING_KEYCHAIN_PASSWORD,
process.env.MAC_CODE_SIGNING_KEYCHAIN
], {stdio: 'inherit'})
console.log(`Code-signing application at ${packagedAppPath}`)
childProcess.spawnSync('codesign', [
'--deep', '--force', '--verbose',
'--keychain', process.env.MAC_CODE_SIGNING_KEYCHAIN,
'--sign', 'Developer ID Application: GitHub', packagedAppPath
], {stdio: 'inherit'})
}

3
build/package.json
View File

@ -14,6 +14,7 @@
"mkdirp": "0.5.1",
"normalize-package-data": "2.3.5",
"npm": "3.10.5",
"pegjs": "0.9.0"
"pegjs": "0.9.0",
"yargs": "^4.8.1"
}
}

6
circle.yml
View File

@ -10,8 +10,8 @@ machine:
post:
- |- # this weird literal syntax allows a : on the next line
curl --header 'Accept: application/vnd.github.v3.raw' --output /tmp/mac.p12 $MAC_CODE_SIGNING_CERT_DOWNLOAD_URL
- security unlock-keychain -p circle circle.keychain
- security import /tmp/mac.p12 -P $MAC_CODE_SIGNING_CERT_PASSWORD -k circle.keychain -T /usr/bin/codesign
- security unlock-keychain -p $MAC_CODE_SIGNING_KEYCHAIN_PASSWORD $MAC_CODE_SIGNING_KEYCHAIN
- security import /tmp/mac.p12 -P $MAC_CODE_SIGNING_CERT_PASSWORD -k $MAC_CODE_SIGNING_KEYCHAIN -T /usr/bin/codesign
- security find-identity -p codesigning
general:
@ -28,7 +28,7 @@ dependencies:
override:
- script/bootstrap
- build/build.js
- build/build.js --code-sign
post:
- cd out/Atom-darwin-x64 && zip -r ../atom-mac.zip ./Atom.app && cd -