mirror of
https://github.com/Foundry376/Mailspring.git
synced 2025-01-04 07:10:06 +08:00
61 lines
2.1 KiB
CoffeeScript
61 lines
2.1 KiB
CoffeeScript
path = require 'path'
|
|
fs = require 'fs-plus'
|
|
|
|
# Edgehill introduces the KEYCHAIN_ACCESS environment variable. This is
|
|
# injected via Jenkins. It is of the form:
|
|
#
|
|
# /full/keychain/path/login.keychain:password
|
|
#
|
|
# The KEYCHAIN_ACCESS variable is saved in a Jenkins Credential and
|
|
# injected via the Credentials Binding Plugin.
|
|
#
|
|
module.exports = (grunt) ->
|
|
{spawn} = require('./task-helpers')(grunt)
|
|
|
|
grunt.registerTask 'codesign', 'Codesign the app', ->
|
|
done = @async()
|
|
|
|
if process.platform is 'darwin' and (process.env.XCODE_KEYCHAIN or process.env.KEYCHAIN_ACCESS)
|
|
unlockKeychain (error) ->
|
|
if error?
|
|
done(error)
|
|
else
|
|
signApp(done)
|
|
else
|
|
signApp(done)
|
|
|
|
unlockKeychain = (callback) ->
|
|
cmd = 'security'
|
|
{XCODE_KEYCHAIN_PASSWORD, XCODE_KEYCHAIN, KEYCHAIN_ACCESS} = process.env
|
|
|
|
if KEYCHAIN_ACCESS?
|
|
[XCODE_KEYCHAIN, XCODE_KEYCHAIN_PASSWORD] = KEYCHAIN_ACCESS.split(":")
|
|
|
|
args = ['unlock-keychain', '-p', XCODE_KEYCHAIN_PASSWORD, XCODE_KEYCHAIN]
|
|
spawn {cmd, args}, (error) -> callback(error)
|
|
|
|
signApp = (callback) ->
|
|
switch process.platform
|
|
when 'darwin'
|
|
cmd = 'codesign'
|
|
args = ['--deep', '--force', '--verbose', '--sign', 'Developer ID Application: InboxApp, Inc.', grunt.config.get('atom.shellAppDir')]
|
|
spawn {cmd, args}, (error) -> callback(error)
|
|
when 'win32'
|
|
# TODO: Don't do anything now, because we need a certificate pfx file
|
|
# issued from a certificate authority, and we don't have one.
|
|
return callback()
|
|
spawn {cmd: 'taskkill', args: ['/F', '/IM', 'atom.exe']}, ->
|
|
cmd = process.env.JANKY_SIGNTOOL ? 'signtool'
|
|
args = ['sign', path.join(grunt.config.get('atom.shellAppDir'), 'atom.exe')]
|
|
|
|
spawn {cmd, args}, (error) ->
|
|
return callback(error) if error?
|
|
|
|
setupExePath = path.resolve(grunt.config.get('atom.buildDir'), 'installer', 'AtomSetup.exe')
|
|
if fs.isFileSync(setupExePath)
|
|
args = ['sign', setupExePath]
|
|
spawn {cmd, args}, (error) -> callback(error)
|
|
else
|
|
callback()
|
|
else
|
|
callback()
|