procyberian/gimp
2
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/gimp.git synced 2025-07-03 17:33:25 +00:00
Code Issues 1 Projects 1 Releases Packages Wiki Activity Actions

build/windows: Organize expired certificate detection code on MSIX script

Browse source 
This commit make things more linear.
This commit is contained in:
Bruno Lopes 2025-05-27 12:40:47 -03:00
parent 6ca8945d49
commit 2c0e7fdb76
No known key found for this signature in database
1 changed files with 26 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

53
build/windows/store/3_dist-gimp-winsdk.ps1
View file

@ -343,12 +343,6 @@ if (((Test-Path $a64_bundle) -and (Test-Path $x64_bundle)) -and (Get-ChildItem *
Write-Output "$([char]27)[0Ksection_end:$(Get-Date -UFormat %s -Millisecond 0):msix_making$([char]13)$([char]27)[0K" Write-Output "$([char]27)[0Ksection_end:$(Get-Date -UFormat %s -Millisecond 0):msix_making$([char]13)$([char]27)[0K"
} }
Remove-Item .gitignore
if (Test-Path .gitignore.bak -Type Leaf)
{
Rename-Item .gitignore.bak .gitignore
}
# 6.A. CERTIFY .MSIX OR .MSIXBUNDLE WITH WACK (OPTIONAL) # 6.A. CERTIFY .MSIX OR .MSIXBUNDLE WITH WACK (OPTIONAL)
# (Partner Center does the same thing before publishing) # (Partner Center does the same thing before publishing)
@ -416,41 +410,46 @@ if (-not $GIMP_RELEASE -or $GIMP_IS_RC_GIT)
## We need to manually check failures in pre-7.4 PS ## We need to manually check failures in pre-7.4 PS
$pseudo_gimp = "pseudo-gimp_$(Get-Date -UFormat %s -Millisecond 0)" $pseudo_gimp = "pseudo-gimp_$(Get-Date -UFormat %s -Millisecond 0)"
New-SelfSignedCertificate -Type Custom -Subject "$(([xml](Get-Content build\windows\store\AppxManifest.xml)).Package.Identity.Publisher)" -KeyUsage DigitalSignature -FriendlyName "$pseudo_gimp" -CertStoreLocation "Cert:\CurrentUser\My" -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.3", "2.5.29.19={text}") | Out-Null New-SelfSignedCertificate -Type Custom -Subject "$(([xml](Get-Content build\windows\store\AppxManifest.xml)).Package.Identity.Publisher)" -KeyUsage DigitalSignature -FriendlyName "$pseudo_gimp" -CertStoreLocation "Cert:\CurrentUser\My" -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.3", "2.5.29.19={text}") | Out-Null
Export-PfxCertificate -Cert "Cert:\CurrentUser\My\$(Get-ChildItem Cert:\CurrentUser\My | Where-Object FriendlyName -EQ "$pseudo_gimp" | Select-Object -ExpandProperty Thumbprint)" -FilePath "build/windows/store/${pseudo_gimp}.pfx" -Password (ConvertTo-SecureString -String eek -Force -AsPlainText) | Out-Null Export-PfxCertificate -Cert "Cert:\CurrentUser\My\$(Get-ChildItem Cert:\CurrentUser\My | Where-Object FriendlyName -EQ "$pseudo_gimp" | Select-Object -ExpandProperty Thumbprint)" -FilePath "${pseudo_gimp}.pfx" -Password (ConvertTo-SecureString -String eek -Force -AsPlainText) | Out-Null
Remove-Item "Cert:\CurrentUser\My\$(Get-ChildItem Cert:\CurrentUser\My | Where-Object FriendlyName -EQ "$pseudo_gimp" | Select-Object -ExpandProperty Thumbprint)" Remove-Item "Cert:\CurrentUser\My\$(Get-ChildItem Cert:\CurrentUser\My | Where-Object FriendlyName -EQ "$pseudo_gimp" | Select-Object -ExpandProperty Thumbprint)"
if ($GITLAB_CI) Write-Host "(ERROR): Self-signing certificate expired. Please commit the generated '${pseudo_gimp}.pfx' on 'build\windows\store\'." -ForegroundColor red
{ $sha256_pfx = (Get-FileHash "${pseudo_gimp}.pfx" -Algorithm SHA256 | Select-Object -ExpandProperty Hash).ToLower()
$OUTPUT_DIR = 'build\windows\store\_Output\' Write-Output "(INFO): ${pseudo_gimp}.pfx SHA-256: $sha256_pfx"
$OUTPUT_DIR_PARTIAL = '_Output\'
New-Item $OUTPUT_DIR -ItemType Directory -Force | Out-Null
Move-Item build\windows\store\$pseudo_gimp.pfx $OUTPUT_DIR
}
Write-Host "(ERROR): Self-signing certificate expired. Please commit the generated '${OUTPUT_DIR}${pseudo_gimp}.pfx' on 'build\windows\store\'." -ForegroundColor red
$sha256 = (Get-FileHash build\windows\store\${OUTPUT_DIR_PARTIAL}${pseudo_gimp}.pfx -Algorithm SHA256 | Select-Object -ExpandProperty Hash).ToLower()
Write-Output "(INFO): ${pseudo_gimp}.pfx SHA-256: $sha256"
exit 1
} }
Copy-Item build\windows\store\pseudo-gimp*.pfx pseudo-gimp.pfx -Recurse else
{
Copy-Item build\windows\store\pseudo-gimp*.pfx pseudo-gimp.pfx -Recurse
## Generate checksums ## Generate checksums
$sha256 = (Get-FileHash $MSIX_ARTIFACT -Algorithm SHA256 | Select-Object -ExpandProperty Hash).ToLower() $sha256 = (Get-FileHash $MSIX_ARTIFACT -Algorithm SHA256 | Select-Object -ExpandProperty Hash).ToLower()
Write-Output "(INFO): $MSIX_ARTIFACT SHA-256: $sha256" Write-Output "(INFO): $MSIX_ARTIFACT SHA-256: $sha256"
$sha512 = (Get-FileHash $MSIX_ARTIFACT -Algorithm SHA512 | Select-Object -ExpandProperty Hash).ToLower() $sha512 = (Get-FileHash $MSIX_ARTIFACT -Algorithm SHA512 | Select-Object -ExpandProperty Hash).ToLower()
Write-Output "(INFO): $MSIX_ARTIFACT SHA-512: $sha512" Write-Output "(INFO): $MSIX_ARTIFACT SHA-512: $sha512"
Write-Output "$([char]27)[0Ksection_end:$(Get-Date -UFormat %s -Millisecond 0):msix_trust${msix_arch}$([char]13)$([char]27)[0K" Write-Output "$([char]27)[0Ksection_end:$(Get-Date -UFormat %s -Millisecond 0):msix_trust${msix_arch}$([char]13)$([char]27)[0K"
}
} }
Remove-Item .gitignore
if (Test-Path .gitignore.bak -Type Leaf)
{
Rename-Item .gitignore.bak .gitignore
}
if ($GITLAB_CI) if ($GITLAB_CI)
{ {
# GitLab doesn't support wildcards when using "expose_as" so let's move to a dir # GitLab doesn't support wildcards when using "expose_as" so let's move to a dir
$OUTPUT_DIR = "$PWD\build\windows\store\_Output" $OUTPUT_DIR = "$PWD\build\windows\store\_Output"
New-Item $OUTPUT_DIR -ItemType Directory -Force | Out-Null New-Item $OUTPUT_DIR -ItemType Directory -Force | Out-Null
Move-Item $MSIX_ARTIFACT $OUTPUT_DIR -Force
if (-not $GIMP_RELEASE -or $GIMP_IS_RC_GIT) if (-not $GIMP_RELEASE -or $GIMP_IS_RC_GIT)
{ {
Copy-Item pseudo-gimp.pfx $OUTPUT_DIR Move-Item pseudo-gimp*.pfx $OUTPUT_DIR
} }
if ($sha256_pfx)
{
exit 1
}
Move-Item $MSIX_ARTIFACT $OUTPUT_DIR -Force
} }