GitHub-Proxy/Cura
1
0
Fork 0
mirror of https://git.mirrors.martin98.com/https://github.com/Ultimaker/Cura synced 2025-10-04 05:16:33 +08:00
Code Issues Packages Projects Releases Wiki Activity

Pass secret along in order to be able to sign the uninstaller.

Browse Source 
The uninstaller is generated during the packaging, so we can't really sign it in the workflow like we do with the others (without a cumbersome workaround). Fortunately, there is a built-in command that sort-of handles this -- but we do need to make an argument to pass the secret along we use for the signing.

part of CURA-12129
This commit is contained in:
Remco Burema 2024-10-01 11:51:01 +02:00
parent 5bb56a32b7
commit a5a1e88b18
2 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
packaging/NSIS/Ultimaker-Cura.nsi.jinja
View File

@ -1,4 +1,4 @@
# Copyright (c) 2022 UltiMaker B.V.
# Copyright (c) 2024 UltiMaker
# Cura's build system is released under the terms of the AGPLv3 or higher.
!define APP_NAME "{{ app_name }}"
@ -15,6 +15,7 @@
!define REG_ROOT "HKLM"
!define REG_APP_PATH "Software\Microsoft\Windows\CurrentVersion\App Paths\${APP_NAME}-${VERSION}"
!define UNINSTALL_PATH "Software\Microsoft\Windows\CurrentVersion\Uninstall\${APP_NAME}-${VERSION}"
!define SIGN_SECRET "{{ sign_secret }}"
!define REG_START_MENU "Start Menu Folder"
@ -214,3 +215,7 @@ DeleteRegKey ${REG_ROOT} "${REG_APP_PATH}"
DeleteRegKey ${REG_ROOT} "${UNINSTALL_PATH}"
SectionEnd
!ifdef SIGN_SECRET
!uninstfinalize 'signtool sign /v /fd sha256 /tr http://timestamp.sectigo.com /td sha256 /f C:\actions-runner\code_sign.cer /csp "eToken Base Cryptographic Provider" /kc ${SIGN_SECRET} "%1"' = 0
; %1 is replaced by the uninstaller exe to be signed.
!endif

8
packaging/NSIS/create_windows_installer.py
View File

@ -14,7 +14,7 @@ from pathlib import Path
from jinja2 import Template
def generate_nsi(source_path: str, dist_path: str, filename: str):
def generate_nsi(source_path: str, dist_path: str, filename: str, sign_secret: str):
dist_loc = Path(os.getcwd(), dist_path)
source_loc = Path(os.getcwd(), source_path)
instdir = Path("$INSTDIR")
@ -57,7 +57,8 @@ def generate_nsi(source_path: str, dist_path: str, filename: str):
cura_icon = str(source_loc.joinpath("packaging", "icons", "Cura.ico")),
mapped_out_paths = mapped_out_paths,
rmdir_paths = rmdir_paths,
destination = filename
destination = filename,
sign_secret = sign_secret,
)
with open(dist_loc.joinpath("UltiMaker-Cura.nsi"), "w") as f:
@ -77,6 +78,7 @@ if __name__ == "__main__":
parser.add_argument("source_path", type=str, help="Path to Conan install Cura folder.")
parser.add_argument("dist_path", type=str, help="Path to Pyinstaller dist folder")
parser.add_argument("filename", type = str, help = "Filename of the exe (e.g. 'UltiMaker-Cura-5.1.0-beta-Windows-X64.exe')")
parser.add_argument("sign_secret", type = str, help = "Supply secret for signing (the uninstaller, as the rest is already signed before).")
args = parser.parse_args()
generate_nsi(args.source_path, args.dist_path, args.filename)
generate_nsi(args.source_path, args.dist_path, args.filename, args.sign_secret)
build(args.dist_path)