diff --git a/config/CN/.env.development b/config/CN/.env.development index 4dee48920dc..e96204d07fb 100644 --- a/config/CN/.env.development +++ b/config/CN/.env.development @@ -25,6 +25,7 @@ APPLE_API_KEY= WINDOWS_CODE_SIGNING_CA_PATH= WINDOWS_CODE_SIGNING_CA_PASSWORD= +WINDOWS_CODE_SIGNING_SERVER= ARTIFACTS_ALIBABA_CLOUD_OSS_BUCKET= ARTIFACTS_ALIBABA_CLOUD_OSS_REGION= diff --git a/config/CN/.env.production b/config/CN/.env.production index 29365132cb9..1ba83b16444 100644 --- a/config/CN/.env.production +++ b/config/CN/.env.production @@ -25,6 +25,7 @@ APPLE_API_KEY= WINDOWS_CODE_SIGNING_CA_PATH= WINDOWS_CODE_SIGNING_CA_PASSWORD= +WINDOWS_CODE_SIGNING_SERVER= ARTIFACTS_ALIBABA_CLOUD_OSS_BUCKET= ARTIFACTS_ALIBABA_CLOUD_OSS_REGION= diff --git a/desktop/main-app/scripts/pack/index.js b/desktop/main-app/scripts/pack/index.js index 7928bc1c173..e02bb1ba150 100644 --- a/desktop/main-app/scripts/pack/index.js +++ b/desktop/main-app/scripts/pack/index.js @@ -64,7 +64,13 @@ const buildElectron = async () => { } if (buildType === "win") { - if ( + if (process.env.WINDOWS_CODE_SIGNING_SERVER) { + config.win = { + ...config.win, + sign: "./scripts/pack/sign.js", + signDlls: true, + }; + } else if ( process.env.WINDOWS_CODE_SIGNING_CA_PATH && process.env.WINDOWS_CODE_SIGNING_CA_PASSWORD ) { diff --git a/desktop/main-app/scripts/pack/sign.js b/desktop/main-app/scripts/pack/sign.js new file mode 100644 index 00000000000..1259fa1cc01 --- /dev/null +++ b/desktop/main-app/scripts/pack/sign.js @@ -0,0 +1,55 @@ +const fs = require("fs"); +const crypto = require("crypto"); +const { basename } = require("path"); + +const API = process.env.WINDOWS_CODE_SIGNING_SERVER; +if (!API) { + throw new Error('please set process.env.SIGN_SERVER before signing'); +} + +/** @type {import('app-builder-lib').CustomWindowsSign} */ +module.exports = async function sign({ path, hash, isNest }) { + let resp; + + const fileHash = await computeHash(path); + resp = await fetch(`${API}/exists`, { method: "POST", body: fileHash }); + if (!resp.ok) { + throw new Error(await resp.text()); + } + + const exist = await resp.json(); + const body = new FormData(); + if (exist) { + body.append("file", fileHash); + } else { + body.append("file", await fileAsBlob(path), basename(path)); + } + body.append("hash", hash); + body.append("isNest", isNest ? "1" : ""); + + resp = await fetch(`${API}/sign`, { method: "POST", body }); + + if (!resp.ok) { + throw new Error(await resp.text()); + } + + const arrayBuffer = await resp.arrayBuffer(); + const buffer = Buffer.from(arrayBuffer); + await fs.promises.writeFile(path, buffer); +}; + +async function fileAsBlob(path) { + const buffer = await fs.promises.readFile(path); + return new Blob([buffer]); +} + +function computeHash(path) { + return new Promise(resolve => { + const hash = crypto.createHash("md5"); + const input = fs.createReadStream(path); + input.on("readable", () => { + const data = input.read(); + data ? hash.update(data) : resolve(hash.digest("hex")); + }); + }); +} diff --git a/desktop/main-app/src/utils/ipc-actions.ts b/desktop/main-app/src/utils/ipc-actions.ts index a452b1f4202..a88de77ff64 100644 --- a/desktop/main-app/src/utils/ipc-actions.ts +++ b/desktop/main-app/src/utils/ipc-actions.ts @@ -47,7 +47,11 @@ const windowActionAsync = (customWindow: CustomWindow): ipc.WindowActionAsync => } window.setSize(args.width, args.height); - window.setTrafficLightPosition(args.trafficLightPosition || { x: 5, y: 12 }); + + // There's no such method on Windows. + if (window.setTrafficLightPosition) { + window.setTrafficLightPosition(args.trafficLightPosition || { x: 5, y: 12 }); + } if (args.autoCenter) { window.center();