STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9225 commits 87 branches 0 tags 160 MiB
Commit graph

69 commits

Author SHA1 Message Date
Azeem Sajid
342e3cd70c More cleanup 2025-03-14 12:17:24 +05:00
Azeem Sajid
f3e4976da3 ./script/sign cleanup 2025-03-14 11:51:09 +05:00
Andy Feller
279d53af98 Remove v prefix when pkgmacos is called 
Existing Mac OS release artifacts use the tag name / version in the file name but drop the `v` prefix.  This does the same for the Mac OS installer.
 2024-05-24 15:09:40 -04:00
paulober
f66367d342
Integrate argument array to remove duplicate code 
Signed-off-by: paulober <44974737+paulober@users.noreply.github.com>
 2024-05-24 19:20:39 +02:00
paulober
85f424bb08
Fix directory already exists 
Signed-off-by: paulober <44974737+paulober@users.noreply.github.com>
 2024-05-24 15:19:54 +02:00
paulober
9454d5e71c
Change minimum build script macOS version 
Signed-off-by: paulober <44974737+paulober@users.noreply.github.com>
 2024-05-22 01:47:48 +02:00
paulober
3830c3356c
Cleanup pkgmacos build script 
Signed-off-by: paulober <44974737+paulober@users.noreply.github.com>
 2024-05-22 01:43:16 +02:00
paulober
6e58a2a216
Fix indentation 
Signed-off-by: paulober <44974737+paulober@users.noreply.github.com>
 2024-05-21 22:57:01 +02:00
Paul
80830d769e
Fix indentation 
Co-authored-by: Andy Feller <andyfeller@github.com>
 2024-05-21 19:46:51 +02:00
Paul
f9d6b1d99b
Fix indentation 
Co-authored-by: Andy Feller <andyfeller@github.com>
 2024-05-21 19:43:31 +02:00
Paul
eb23e0723e
Indentation fix 
Co-authored-by: Andy Feller <andyfeller@github.com>
 2024-05-21 19:39:25 +02:00
Paul
630ab13461
Merge branch 'trunk' into feature-macos-pkg-installer 2024-05-20 17:05:23 +02:00
Frederic Pillon
55d251ac51 Fix some typos raised by codespell 
With .codespellignore containing:
aline
commitish
messag
noes
nwo
parth
prfiles
runn
timere
ue
welp

Signed-off-by: Frederic Pillon <frederic.pillon@st.com>
 2024-01-17 15:34:49 +01:00
Andy Feller
98f7ec0b63 Ensure Windows sign script fails based on signtool 
This is a change based on PR discussion about ensuring the sign script fails if signtool errors, passing the last exit code from the called command as the result of the script.

For more information, see https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_automatic_variables?view=powershell-7.4#lastexitcode
 2023-12-15 11:39:38 -05:00
Andy Feller
5ecdf166fb Update deployment workflow for final HSM solution 
This applies the changes from the separate Windows HSM signing prototype development to the official deployment workflow including:

1. Use of Azure Code Signing client
2. Sourcing signtool.exe from runner
3. Moving from batch to PowerShell for Windows signing script
4. Using the same signing process for .exe and .msi
 2023-12-14 13:15:38 -05:00
Andy Feller
441beb9de3 Fix signtool invocation 2023-12-14 11:42:34 -05:00
Andy Feller
ed573a1eb8 Fix sign script fail conditions 
There is a bug in the sign.ps1 script as the opposite comparison operators were used.
 2023-12-14 11:29:37 -05:00
Andy Feller
6a96de14bf Fix HSM Windows signing 2023-12-14 11:02:28 -05:00
Andy Feller
3790262123 Fix issue sourcing signtool for Windows signing 
Workflow is currently breaking because there are multiple versions of signtool
installed on runners.  We face a challenge where we either hardcode this to a
specific version on the runner or always choose the latest version; this change
does the latter.
 2023-12-14 09:50:29 -05:00
Andy Feller
d3d4a681f2 Add missing PowerShell file from previous commit 2023-12-13 10:21:02 -05:00
Andy Feller
a2ec7ab43f Fix release script to invoke HSM goreleaser config 2023-12-12 10:48:38 -05:00
Andy Feller
35f99ee426 Final fixes 2023-12-12 10:09:47 -05:00
Andy Feller
1fff21a63e Fixes based on actual secret names and signtool insights 2023-12-12 09:48:16 -05:00
Andy Feller
4f8d2f71e4 Moving options to metadata 2023-12-08 17:33:52 -05:00
Andy Feller
5e8e645a7f Update HSM test using Desktop approach 
This update leverages GitHub Desktop approach of downloading Azure Code Signing DLL and wiring it up as part of the existing signing process used by Windows builds.
 2023-12-08 17:27:22 -05:00
Andy Feller
dea2cd5fe1 Create HSM testing workflow 
This commit is an initial prototype based on the deployment workflow, using the
Azure Code Signing service to sign Windows .exe and .msi files.

These changes have been isolated as much as possible to not affect existing
deployment workflows while also working around design issues with how GitHub
CLI workflow works with GoReleaser and now with ACS support.  The biggest smell
was over whether to break from using GoReleaser or have GoReleaser control as
much about the release process as it has been versus opening / signing /
archiving the resulting GoReleaser artifacts; needless to say, the latter was
chosen for expedience as well as leaning into officially supported solutions.
 2023-12-05 15:24:50 -05:00
paulober
775476d30b
Fix typo in macOS pkg installer build script 2023-09-04 13:45:40 +02:00
paulober
f1c3534c41
Add macOS pkg installer to deployment 2023-07-07 12:00:59 +02:00
Mislav Marohnić
aa2adab7fa
Fix label assets 2023-05-10 12:38:06 +02:00
Mislav Marohnić
8b987e2deb
New deployment workflow 
Add ability to trigger deployments without having to push a git tag
 2023-05-09 20:23:54 +02:00
Sam Coe
28c6c8a546
Remove pubkey as it is no longer necessary (#6208) 2022-09-06 14:31:24 +00:00
Sam Coe
9599952d5c
Update distributions gpg key (#6207) 2022-09-06 18:15:02 +04:00
Sam Coe
2b0b4b8f00
Update rpm script (#6206) 2022-09-06 17:57:58 +04:00
Håvard Anda Estensen
58cb773e09
Replace ioutil with io and os (#5498) 2022-04-26 13:07:44 +02:00
Mislav Marohnić
3e0db567e8
Rotate our Windows signing certificates (#5196) 
- The certificate pfx file is now read from WINDOWS_CERT_PFX
- The password to decode the pfx is in WINDOWS_CERT_PASSWORD
- Quit reading from desktop-secrets repo
- Switch osslsigncode to take in pfx instead of individual certs
- 🔥 obsolete setup scripts
 2022-02-15 17:23:39 +01:00
Nate Smith
8c862bbb3a
Merge pull request #2160 from mbpreble/sign-windows-executables 
Sign Windows .exes in a post-build hook
 2022-01-18 09:13:33 -06:00
nate smith
2ade4e5608 add newlines to end of file 2022-01-14 16:46:56 -06:00
nate smith
e6b4fe632b skip signing if env vars not in place 2022-01-14 16:32:56 -06:00
nate smith
a23bdcd84d clean up leftover debugging, add -e 2022-01-14 16:24:04 -06:00
Mislav Marohnić
9f46def1a8 Add nolint-insert script to auto-comment lint violations 
Step 1: mark a function as deprecated
Step 2: run `script/nolint-insert`
Step 3: all callers of that function now have a `//nolint` directive
 2022-01-14 19:54:09 +01:00
nate smith
f30b7dbf72 Work around parallel race condition problems 2022-01-13 13:38:09 -06:00
Matthew Preble
45adc4ad76 Migrate to osslsigncode. 2022-01-13 13:37:57 -06:00
nate smith
e56c78a364 Sign Windows .exes in a post-build hook 2022-01-13 13:37:57 -06:00
Mislav Marohnić
1464a8a0f3 Generate release notes using the new API 
https://docs.github.com/en/rest/reference/repos#generate-release-notes-content-for-a-release
 2021-10-14 20:22:38 +02:00
Mislav Marohnić
11fbb60ae7 Rename the module to "github.com/cli/cli/v2" 2021-08-25 12:41:30 +02:00
Mislav Marohnić
4e219a9c8f Improve changelog script so it includes squashed merges 2021-08-24 14:29:29 +02:00
Mislav Marohnić
bd01566251 Allow script\build as shorthand for go run script\build.go on Windows 2021-06-15 17:33:33 +02:00
Mislav Marohnić
32f9a462a8 Speed up build script by avoiding recursing into 3rd-party directories 2021-06-15 17:32:43 +02:00
Mislav Marohnić
cda406f495 Better error handling in build script on Windows 
`script/build.go` could encounter an "Access is denied" error when the
project contains a symlink that could not be followed. This ignores such
errors with a warning and allows the build to resume.
 2021-06-15 17:31:01 +02:00
vilmibm
2d704ba591 bonus: support sid 2021-05-19 16:51:58 -05:00