Browse Source

Remove Electron packaging scripts

These tasks are handled by riot-desktop now.
pull/13688/head
J. Ryan Stinnett 2 years ago
parent
commit
40f40251f1
  1. 170
      scripts/electron-package.sh
  2. 30
      scripts/electron_afterSign.js
  3. 77
      scripts/electron_winSign.js

170
scripts/electron-package.sh

@ -1,170 +0,0 @@
#!/bin/bash
usage() {
echo "Usage: $0 -v <version> -d <config directory> [-n]"
echo
echo "version: commit-ish to check out and build"
echo "config directory: a path to a directory containing"
echo "config.json, a json config file to ship with the build"
echo "and env.sh, a file to source environment variables"
echo "from."
echo "-n: build with no config file."
echo
echo "The update_base_url value from config.json is used to set up auto-update."
echo
echo "Environment variables:"
echo " OSSLSIGNCODE_SIGNARGS: Arguments to pass to osslsigncode when signing"
echo " NOTARIZE_APPLE_ID: Apple ID to use for notarisation. The password for"
echo " this account must be set in NOTARIZE_CREDS in the keychain."
}
confdir=
version=
skipcfg=0
while getopts "d:v:n" opt; do
case $opt in
d)
confdir=$OPTARG
;;
v)
version=$OPTARG
;;
n)
skipcfg=1
;;
\?)
echo "Invalid option: -$OPTARG" >&2
usage
exit
;;
esac
done
if [ -z "$version" ]; then
echo "No version supplied"
usage
exit
fi
conffile="$confdir/config.json"
if [ -z "$conffile" ] && [ "$skipcfg" = 0 ]; then
echo "No config file given. Use -c to supply a config file or"
echo "-n to build with no config file (and no auto update)."
exit
fi
if [ -n "$conffile" ]; then
update_base_url=`jq -r .update_base_url $conffile`
if [ -z "$update_base_url" ]; then
echo "No update URL supplied. Use update_base_url: null if you really"
echo "want a build with no auto-update."
usage
exit
fi
# Make sure the base URL ends in a slash if it doesn't already
update_base_url=`echo $update_base_url | sed -e 's#\([^\/]\)$#\1\/#'`
fi
if [ ! -f package.json ]; then
echo "No package.json found. This script must be run from"
echo "the riot-web directory."
exit
fi
[ -f "$confdir/env.sh" ] && . "$confdir/env.sh"
if [ -z "$NOTARIZE_APPLE_ID" ]; then
echo "NOTARIZE_APPLE_ID is not set"
exit
fi
osslsigncode -h 2> /dev/null
if [ $? -ne 255 ]; then # osslsigncode exits with 255 after printing usage...
echo "osslsigncode not found"
exit
fi
# Test that altool can get its credentials for notarising the mac app
xcrun altool -u "$NOTARIZE_APPLE_ID" -p '@keychain:NOTARIZE_CREDS' --list-apps || exit
# Get the token password: we'll need it later, but get it now so we fail early if it's not there
token_password=`security find-generic-password -s riot_signing_token -w`
if [ $? -ne 0 ]; then
echo "riot_signing_token not found in keychain"
exit
fi
set -e
echo "Building $version using Update base URL $update_base_url"
projdir=`pwd`
builddir=`mktemp -d 2>/dev/null || mktemp -d -t 'buildtmp'`
pushd "$builddir"
git clone "$projdir" .
git checkout "$version"
# Figure out what version we're building
vername=`jq -r .version package.json`
if [ -n "$conffile" ]; then
popd
cp "$conffile" "$builddir/"
pushd "$builddir"
fi
# We use Git branch / commit dependencies for some packages, and Yarn seems
# to have a hard time getting that right. See also
# https://github.com/yarnpkg/yarn/issues/4734. As a workaround, we clean the
# global cache here to ensure we get the right thing.
yarn cache clean
yarn install
yarn build:electron
popd
distdir="$builddir/electron_app/dist"
pubdir="$projdir/electron_app/pub"
rm -r "$pubdir" || true
mkdir -p "$pubdir"
rm -r "$projdir/electron_app/dist" || true
mkdir -p "$projdir/electron_app/dist"
# Install packages: what the user downloads the first time,
# (DMGs for mac, exe installer for windows)
mkdir -p "$pubdir/install/macos"
cp $distdir/*.dmg "$pubdir/install/macos/"
mkdir -p "$pubdir/install/win32/ia32/"
cp $distdir/squirrel-windows-ia32/*.exe "$pubdir/install/win32/ia32/"
mkdir -p "$pubdir/install/win32/x64/"
cp $distdir/squirrel-windows/*.exe "$pubdir/install/win32/x64/"
# Packages for auto-update
mkdir -p "$pubdir/update/macos"
cp $distdir/*-mac.zip "$pubdir/update/macos/"
echo "$vername" > "$pubdir/update/macos/latest"
mkdir -p "$pubdir/update/win32/ia32/"
cp $distdir/squirrel-windows-ia32/*.nupkg "$pubdir/update/win32/ia32/"
cp $distdir/squirrel-windows-ia32/RELEASES "$pubdir/update/win32/ia32/"
mkdir -p "$pubdir/update/win32/x64/"
cp $distdir/squirrel-windows/*.nupkg "$pubdir/update/win32/x64/"
cp $distdir/squirrel-windows/RELEASES "$pubdir/update/win32/x64/"
# Move the deb to the main project dir's dist folder
# (just the 64 bit one - the 32 bit one still gets built because
# it's one arch argument for all platforms and we still want 32 bit
# windows, but 32 bit linux is unsupported as of electron 4 and no
# longer appears to work).
cp $distdir/*_amd64.deb "$projdir/electron_app/dist/"
rm -rf "$builddir"
echo "$pubdir can now be hosted on your web server."
echo "deb archives are in electron_app/dist/ - these should be added into your debian repository"

30
scripts/electron_afterSign.js

@ -1,30 +0,0 @@
const { notarize } = require('electron-notarize');
exports.default = async function(context) {
const { electronPlatformName, appOutDir } = context;
if (electronPlatformName === 'darwin') {
const appName = context.packager.appInfo.productFilename;
// We get the password from keychain. The keychain stores
// user IDs too, but apparently altool can't get the user ID
// from the keychain, so we need to get it from the environment.
const userId = process.env.NOTARIZE_APPLE_ID;
if (userId === undefined) {
console.warn(
"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\n" +
"! Skipping macOS notarisation. !\n" +
"! User ID not found, set NOTARIZE_APPLE_ID. !\n" +
"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!",
);
return;
}
console.log("Notarising macOS app. This may be some time.");
return await notarize({
appBundleId: 'im.riot.app',
appPath: `${appOutDir}/${appName}.app`,
appleId: userId,
appleIdPassword: '@keychain:NOTARIZE_CREDS',
});
}
};

77
scripts/electron_winSign.js

@ -1,77 +0,0 @@
const { exec, execFile } = require('child_process');
const fs = require('fs');
const path = require('path');
const shellescape = require('shell-escape');
exports.default = async function(options) {
const inPath = options.path;
const appOutDir = path.dirname(inPath);
// get the token passphrase from the keychain
let tokenPassphrase;
try {
tokenPassphrase = await new Promise((resolve, reject) => {
execFile(
'security',
['find-generic-password', '-s', 'riot_signing_token', '-w'],
{},
(err, stdout) => {
if (err) {
reject(err);
} else {
resolve(stdout.trim());
}
},
);
});
} catch (err) {
console.warn(
"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\n" +
"! Skipping Windows signing. !\n" +
"! Signing token not found in keychain. !\n" +
"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!",
);
return;
}
return new Promise((resolve, reject) => {
let cmdLine = 'osslsigncode sign ';
if (process.env.OSSLSIGNCODE_SIGNARGS) {
cmdLine += process.env.OSSLSIGNCODE_SIGNARGS + ' ';
}
const tmpFile = path.join(
appOutDir,
'tmp_' + Math.random().toString(36).substring(2, 15) + '.exe',
);
const args = [
'-h', options.hash,
'-pass', tokenPassphrase,
'-in', inPath,
'-out', tmpFile,
];
if (options.isNest) args.push('-nest');
cmdLine += shellescape(args);
let signStdout;
const signproc = exec(cmdLine, {}, (error, stdout) => {
signStdout = stdout;
});
signproc.on('exit', (code) => {
if (code !== 0) {
console.log("Running", cmdLine);
console.log(signStdout);
console.error("osslsigncode failed with code " + code);
reject("osslsigncode failed with code " + code);
return;
}
fs.rename(tmpFile, inPath, (err) => {
if (err) {
console.error("Error renaming file", err);
reject(err);
} else {
resolve();
}
});
});
});
};
Loading…
Cancel
Save