mirror of https://github.com/keeweb/keeweb.git
Merge branch 'develop'
This commit is contained in:
commit
0b31150a43
|
@ -0,0 +1,11 @@
|
|||
FROM snapcore/snapcraft:stable
|
||||
|
||||
COPY entrypoint.sh /entrypoint.sh
|
||||
|
||||
RUN apt-get update
|
||||
RUN apt-get install -y build-essential git-core unzip curl pkg-config rpm
|
||||
RUN curl -sL https://deb.nodesource.com/setup_13.x | sudo -E bash -
|
||||
RUN apt-get install -y nodejs
|
||||
RUN npm i -g grunt-cli
|
||||
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
|
@ -0,0 +1,5 @@
|
|||
name: 'Linux Build'
|
||||
description: 'Build KeeWeb on Linux in Docker'
|
||||
runs:
|
||||
using: 'docker'
|
||||
image: 'Dockerfile'
|
|
@ -0,0 +1,8 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
cd /github/workspace
|
||||
npm ci
|
||||
cd desktop
|
||||
npm ci
|
||||
cd /github/workspace
|
||||
grunt desktop-linux
|
|
@ -1,7 +1,7 @@
|
|||
name: Deploy
|
||||
on:
|
||||
push:
|
||||
branches: [ gh-pages ]
|
||||
branches: [ 'gh-pages' ]
|
||||
jobs:
|
||||
publish:
|
||||
runs-on: ubuntu-latest
|
||||
|
|
66
Gruntfile.js
66
Gruntfile.js
|
@ -29,22 +29,7 @@ module.exports = function(grunt) {
|
|||
const zipCommentPlaceholder =
|
||||
zipCommentPlaceholderPart + '.'.repeat(512 - zipCommentPlaceholderPart.length);
|
||||
const electronVersion = pkg.dependencies.electron.replace(/^\D/, '');
|
||||
|
||||
const skipCodeSigning = grunt.option('no-sign');
|
||||
let codeSignConfig;
|
||||
|
||||
if (!skipCodeSigning) {
|
||||
try {
|
||||
codeSignConfig = require('../keys/codesign');
|
||||
} catch (err) {
|
||||
throw new Error(
|
||||
'Unable to load code signing config from ../keys/codesign.\n' +
|
||||
'This is needed for production builds targeting macOS.\n' +
|
||||
'For development builds, run with the `--no-sign` arg to skip code signing,\n' +
|
||||
'e.g. `npm start -- --no-sign`'
|
||||
);
|
||||
}
|
||||
}
|
||||
const getCodeSingConfig = () => require('./keys/codesign.json');
|
||||
|
||||
const webpackOptions = {
|
||||
date,
|
||||
|
@ -134,7 +119,7 @@ module.exports = function(grunt) {
|
|||
nonull: true
|
||||
},
|
||||
'desktop-update': {
|
||||
cwd: 'tmp/desktop/KeeWeb-darwin-x64/KeeWeb.app/Contents/Resources/',
|
||||
cwd: 'tmp/desktop/keeweb-linux-x64/resources/',
|
||||
src: 'app.asar',
|
||||
dest: 'tmp/desktop/update/',
|
||||
expand: true,
|
||||
|
@ -166,12 +151,12 @@ module.exports = function(grunt) {
|
|||
nonull: true
|
||||
},
|
||||
'electron-builder-dist-linux-rpm': {
|
||||
src: `tmp/desktop/electron-builder/keeweb-${pkg.version}.x86_64.rpm`,
|
||||
src: `tmp/desktop/electron-builder/KeeWeb-${pkg.version}.x86_64.rpm`,
|
||||
dest: `dist/desktop/KeeWeb-${pkg.version}.linux.x86_64.rpm`,
|
||||
nonull: true
|
||||
},
|
||||
'electron-builder-dist-linux-snap': {
|
||||
src: `tmp/desktop/electron-builder/keeweb_${pkg.version}_amd64.snap`,
|
||||
src: `tmp/desktop/electron-builder/KeeWeb_${pkg.version}_amd64.snap`,
|
||||
dest: `dist/desktop/KeeWeb-${pkg.version}.linux.snap`,
|
||||
nonull: true
|
||||
},
|
||||
|
@ -316,22 +301,24 @@ module.exports = function(grunt) {
|
|||
appBundleId: 'net.antelle.keeweb',
|
||||
appCategoryType: 'public.app-category.productivity',
|
||||
extendInfo: 'package/osx/extend.plist',
|
||||
...(codeSignConfig
|
||||
? {
|
||||
osxSign: {
|
||||
identity: codeSignConfig.identities.app,
|
||||
hardenedRuntime: true,
|
||||
entitlements: 'package/osx/entitlements.mac.plist',
|
||||
'entitlements-inherit': 'package/osx/entitlements.mac.plist',
|
||||
'gatekeeper-assess': false
|
||||
},
|
||||
osxNotarize: {
|
||||
appleId: codeSignConfig.appleId,
|
||||
appleIdPassword: '@keychain:AC_PASSWORD',
|
||||
ascProvider: codeSignConfig.teamId
|
||||
}
|
||||
}
|
||||
: {}),
|
||||
osxSign: {
|
||||
get identity() {
|
||||
return getCodeSingConfig().identities.app;
|
||||
},
|
||||
hardenedRuntime: true,
|
||||
entitlements: 'package/osx/entitlements.mac.plist',
|
||||
'entitlements-inherit': 'package/osx/entitlements.mac.plist',
|
||||
'gatekeeper-assess': false
|
||||
},
|
||||
osxNotarize: {
|
||||
get appleId() {
|
||||
return getCodeSingConfig().appleId;
|
||||
},
|
||||
appleIdPassword: '@keychain:AC_PASSWORD',
|
||||
get ascProvider() {
|
||||
return getCodeSingConfig().teamId;
|
||||
}
|
||||
},
|
||||
afterCopy: [
|
||||
(buildPath, electronVersion, platform, arch, callback) => {
|
||||
if (path.basename(buildPath) !== 'app') {
|
||||
|
@ -389,6 +376,7 @@ module.exports = function(grunt) {
|
|||
'electron-builder': {
|
||||
linux: {
|
||||
options: {
|
||||
publish: 'never',
|
||||
targets: 'linux',
|
||||
prepackaged: 'tmp/desktop/keeweb-linux-x64',
|
||||
config: {
|
||||
|
@ -590,9 +578,13 @@ module.exports = function(grunt) {
|
|||
},
|
||||
'sign-exe': {
|
||||
options: {
|
||||
// algo: 'SHA256',
|
||||
url: pkg.homepage,
|
||||
...codeSignConfig.windows
|
||||
get vm() {
|
||||
return getCodeSingConfig().windowsVM;
|
||||
},
|
||||
get certHash() {
|
||||
return getCodeSingConfig().microsoftCertHash;
|
||||
}
|
||||
},
|
||||
'win32-build-x64': {
|
||||
options: {
|
||||
|
|
|
@ -43,14 +43,14 @@ module.exports = function(grunt) {
|
|||
const cmd = 'VBoxManage';
|
||||
const args = [
|
||||
'guestcontrol',
|
||||
opt.vmName,
|
||||
opt.vm.name,
|
||||
'--username',
|
||||
opt.vmUser,
|
||||
opt.vm.user,
|
||||
'--password',
|
||||
opt.vmPass,
|
||||
opt.vm.pass,
|
||||
'run',
|
||||
opt.vmExec,
|
||||
`sign /t ${timeServer} /d "${name}" /du ${opt.url} ${opt.vmShare}${fileNameWithoutFolder}`
|
||||
opt.vm.exec,
|
||||
`sign /t ${timeServer} /d "${name}" /du ${opt.url} ${opt.vm.share}${fileNameWithoutFolder}`
|
||||
];
|
||||
// the algo is not working: "/fd ${opt.algo}"
|
||||
let res = spawnSync(cmd, args);
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
const fs = require('fs');
|
||||
const signer = require('pkcs11-smartcard-sign');
|
||||
const keytar = require('keytar');
|
||||
const crypto = require('crypto');
|
||||
|
||||
const verifyKey = fs.readFileSync('app/resources/public-key.pem');
|
||||
const signerOptions = JSON.parse(fs.readFileSync('keys/keeweb-sign.json', 'utf8'));
|
||||
|
@ -9,17 +9,45 @@ function getPin() {
|
|||
if (getPin.pin) {
|
||||
return Promise.resolve(getPin.pin);
|
||||
}
|
||||
return keytar.getPassword('keeweb.pin', 'keeweb').then(pass => {
|
||||
if (pass) {
|
||||
getPin.pin = pass;
|
||||
return pass;
|
||||
} else {
|
||||
throw 'Cannot find PIN';
|
||||
}
|
||||
});
|
||||
return require('keytar')
|
||||
.getPassword('keeweb.pin', 'keeweb')
|
||||
.then(pass => {
|
||||
if (pass) {
|
||||
getPin.pin = pass;
|
||||
return pass;
|
||||
} else {
|
||||
throw 'Cannot find PIN';
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
function getPrivateKey(path) {
|
||||
if (!getPrivateKey[path]) {
|
||||
getPrivateKey[path] = fs.readFileSync(path);
|
||||
}
|
||||
return getPrivateKey[path];
|
||||
}
|
||||
|
||||
module.exports = function sign(grunt, data) {
|
||||
if (signerOptions.privateKey) {
|
||||
return Promise.resolve().then(() => {
|
||||
const algo = signerOptions.algo || 'sha256';
|
||||
|
||||
const sign = crypto.createSign(algo);
|
||||
sign.update(data);
|
||||
const signature = sign.sign(getPrivateKey(signerOptions.privateKey));
|
||||
|
||||
const verify = crypto.createVerify(algo);
|
||||
verify.write(data);
|
||||
verify.end();
|
||||
|
||||
if (verify.verify(verifyKey, signature)) {
|
||||
return signature;
|
||||
} else {
|
||||
throw 'Validation error';
|
||||
}
|
||||
});
|
||||
}
|
||||
return getPin()
|
||||
.then(pin => signer.sign({ data, verifyKey, pin, ...signerOptions }))
|
||||
.catch(err => {
|
||||
|
|
|
@ -22,6 +22,36 @@ module.exports = function(grunt) {
|
|||
'build-desktop'
|
||||
]);
|
||||
|
||||
// prettier-ignore
|
||||
grunt.registerTask('desktop-linux', 'Build desktop apps on linux', [
|
||||
'gitinfo',
|
||||
'clean:desktop',
|
||||
'build-desktop-app-content',
|
||||
'build-desktop-executables-linux',
|
||||
'build-desktop-update',
|
||||
'build-desktop-archives-linux',
|
||||
'build-desktop-dist-linux'
|
||||
]);
|
||||
|
||||
// prettier-ignore
|
||||
grunt.registerTask('desktop-darwin', 'Build desktop apps on macos', [
|
||||
'gitinfo',
|
||||
'clean:desktop',
|
||||
'build-desktop-app-content',
|
||||
'build-desktop-executables-darwin',
|
||||
'build-desktop-dist-darwin'
|
||||
]);
|
||||
|
||||
// prettier-ignore
|
||||
grunt.registerTask('desktop-win32', 'Build desktop apps on windows', [
|
||||
'gitinfo',
|
||||
'clean:desktop',
|
||||
'build-desktop-app-content',
|
||||
'build-desktop-executables-win32',
|
||||
'build-desktop-archives-win32',
|
||||
'build-desktop-dist-win32'
|
||||
]);
|
||||
|
||||
// prettier-ignore
|
||||
grunt.registerTask('cordova', 'Build cordova app', [
|
||||
'default',
|
||||
|
|
|
@ -34,19 +34,37 @@ module.exports = function(grunt) {
|
|||
'validate-desktop-update'
|
||||
]);
|
||||
|
||||
grunt.registerTask('build-desktop-executables', [
|
||||
'electron',
|
||||
'sign-exe:win32-build-x64',
|
||||
'sign-exe:win32-build-ia32',
|
||||
'copy:desktop-windows-helper-ia32',
|
||||
'copy:desktop-windows-helper-x64',
|
||||
grunt.registerTask('build-desktop-executables-linux', [
|
||||
'electron:linux',
|
||||
'chmod:linux-desktop-x64'
|
||||
]);
|
||||
|
||||
grunt.registerTask('build-desktop-archives', [
|
||||
grunt.registerTask('build-desktop-executables-darwin', ['electron:darwin']);
|
||||
|
||||
grunt.registerTask('build-desktop-executables-win32', [
|
||||
'electron:win32',
|
||||
'sign-exe:win32-build-x64',
|
||||
'sign-exe:win32-build-ia32',
|
||||
'copy:desktop-windows-helper-ia32',
|
||||
'copy:desktop-windows-helper-x64'
|
||||
]);
|
||||
|
||||
grunt.registerTask('build-desktop-executables', [
|
||||
'build-desktop-executables-linux',
|
||||
'build-desktop-executables-darwin',
|
||||
'build-desktop-executables-win32'
|
||||
]);
|
||||
|
||||
grunt.registerTask('build-desktop-archives-linux', ['compress:linux-x64']);
|
||||
|
||||
grunt.registerTask('build-desktop-archives-win32', [
|
||||
'compress:win32-x64',
|
||||
'compress:win32-ia32',
|
||||
'compress:linux-x64'
|
||||
'compress:win32-ia32'
|
||||
]);
|
||||
|
||||
grunt.registerTask('build-desktop-archives', [
|
||||
'build-desktop-archives-linux',
|
||||
'build-desktop-archives-win32'
|
||||
]);
|
||||
|
||||
grunt.registerTask('build-desktop-dist-darwin', ['appdmg']);
|
||||
|
|
|
@ -95,11 +95,11 @@
|
|||
},
|
||||
"scripts": {
|
||||
"start": "grunt",
|
||||
"test": "grunt test --no-sign",
|
||||
"test": "grunt test",
|
||||
"postinstall": "cd desktop && npm install",
|
||||
"build-beta": "grunt --beta && cp dist/index.html ../keeweb-beta/index.html && cd ../keeweb-beta && git add index.html && git commit -a -m 'beta' && git push origin master",
|
||||
"electron": "cross-env ELECTRON_DISABLE_SECURITY_WARNINGS=1 electron desktop --htmlpath=http://localhost:8085",
|
||||
"dev": "grunt dev --no-sign",
|
||||
"dev": "grunt dev",
|
||||
"babel-helpers": "babel-external-helpers -l 'slicedToArray,toConsumableArray,defineProperty,typeof' -t global > app/lib/babel-helpers.js"
|
||||
},
|
||||
"author": {
|
||||
|
|
Loading…
Reference in New Issue