diff options
| author | David Lönnhager <david.l@mullvad.net> | 2020-01-16 17:38:31 +0100 |
|---|---|---|
| committer | David Lönnhager <david.l@mullvad.net> | 2020-01-22 13:43:49 +0100 |
| commit | 784fba2393a9db79ea21bed86e67317fe076e360 (patch) | |
| tree | 54f3f8bee55d47ac6334f3d8b4285b50dc58150d /ci | |
| parent | 48f748452a8a78e789d284f6e7830681c3c6e1b3 (diff) | |
| download | mullvadvpn-784fba2393a9db79ea21bed86e67317fe076e360.tar.xz mullvadvpn-784fba2393a9db79ea21bed86e67317fe076e360.zip | |
Sign select binaries for release builds
Diffstat (limited to 'ci')
| -rwxr-xr-x | ci/buildserver-build.sh | 26 |
1 files changed, 1 insertions, 25 deletions
diff --git a/ci/buildserver-build.sh b/ci/buildserver-build.sh index 726a3f387e..b6b2ad18a0 100755 --- a/ci/buildserver-build.sh +++ b/ci/buildserver-build.sh @@ -10,9 +10,6 @@ # ## Windows # # * Add signtool.exe to your PATH: C:\Program Files (x86)\Windows Kits\10\bin\10.0.16299.0\x64 -# * Put the comodo.pfx certificate in the same folder as this script -# * Create sign.bat in the same folder as this script, with the content: -# signtool sign /tr http://timestamp.digicert.com /td sha256 /fd sha256 /d "Mullvad VPN" /du https://github.com/mullvad/mullvadvpn-app#readme /f comodo.pfx /p <PASSWORD TO comodo.pfx> "%1" set -eu shopt -s nullglob @@ -26,20 +23,13 @@ UPLOAD_DIR="/home/upload/upload" BRANCHES_TO_BUILD=("origin/master") case "$(uname -s)" in - Darwin*) + Darwin*|MINGW*|MSYS_NT*) if [[ -z ${CSC_KEY_PASSWORD-} ]]; then read -sp "CSC_KEY_PASSWORD = " CSC_KEY_PASSWORD echo "" export CSC_KEY_PASSWORD fi ;; - MINGW*|MSYS_NT*) - if [[ -z ${CERT_PASSPHRASE-} ]]; then - read -sp "CERT_PASSPHRASE = " CERT_PASSPHRASE - echo "" - export CERT_PASSPHRASE - fi - ;; esac # Uploads whatever matches the first argument to the Linux build server @@ -52,19 +42,6 @@ bye EOF } -# Sign the Windows app. We try multiple times because it can randomly fail to -# contact the timestamp server. -# signtool must be called via a bat file, I cant make it work any other way :( -sign_win() { - echo "Signing Windows Mullvad VPN installer" - echo 'signtool sign /tr http://timestamp.digicert.com /td sha256 /fd sha256 /d "Mullvad VPN" /du https://github.com/mullvad/mullvadvpn-app#readme /f "%1" /p "%2" "%3"' > "$SCRIPT_DIR/sign.bat" - for _ in {0..3}; do - sleep 1 - $SCRIPT_DIR/sign.bat $SCRIPT_DIR/comodo.pfx "$CERT_PASSPHRASE" dist/MullvadVPN-*.exe && return 0 - done - return 1 -} - upload() { for f in MullvadVPN-*.{deb,rpm,exe,pkg,apk}; do sha256sum "$f" > "$f.sha256" @@ -130,7 +107,6 @@ build_ref() { ./build.sh || return 0 case "$(uname -s)" in MINGW*|MSYS_NT*) - sign_win || return 0 echo "Packaging all PDB files..." find ./windows/ \ ./target/release/mullvad-daemon.pdb \ |