From 6ebbe16070206ca02c8f958738ed25b4d4607f2c Mon Sep 17 00:00:00 2001 From: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com> Date: Fri, 11 Dec 2020 15:42:43 -0800 Subject: [PATCH 001/228] Set up CI with Azure Pipelines testing ci with azure pipelines [skip ci] --- azure-pipelines.yml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 azure-pipelines.yml diff --git a/azure-pipelines.yml b/azure-pipelines.yml new file mode 100644 index 00000000000..77558369d31 --- /dev/null +++ b/azure-pipelines.yml @@ -0,0 +1,24 @@ +# Node.js +# Build a general Node.js project with npm. +# Add steps that analyze code, save build artifacts, deploy, and more: +# https://docs.microsoft.com/azure/devops/pipelines/languages/javascript + +trigger: +- main + +pool: + vmImage: 'windows-latest' + +steps: +- task: NodeTool@0 + inputs: + versionSpec: '10.x' + displayName: 'Install Node.js' + +- script: npm install + displayName: 'npm install' + +- script: | + npm run build + npm npm run clean:dist + electron-builder --win --x64 --ia32 -p never From 4fea0cdb0f03c94d87972fe17144f67739ca5fbc Mon Sep 17 00:00:00 2001 From: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com> Date: Fri, 11 Dec 2020 15:46:37 -0800 Subject: [PATCH 002/228] Update azure-pipelines.yml for Azure Pipelines --- azure-pipelines.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 77558369d31..55d710ef8ea 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -21,4 +21,7 @@ steps: - script: | npm run build npm npm run clean:dist - electron-builder --win --x64 --ia32 -p never + displayName: 'npm build' + +- script: electron-builder --win --x64 --ia32 -p never + displayName: 'electron-builder package' From 792c6a3139112298de7e65b02b8be25a105915d0 Mon Sep 17 00:00:00 2001 From: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com> Date: Fri, 11 Dec 2020 16:12:08 -0800 Subject: [PATCH 003/228] Update azure-pipelines.yml for Azure Pipelines --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 55d710ef8ea..dc3097f6ab8 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -23,5 +23,5 @@ steps: npm npm run clean:dist displayName: 'npm build' -- script: electron-builder --win --x64 --ia32 -p never +- script: npm-run node_modules/.bin/electron-builder --win --x64 --ia32 -p never displayName: 'electron-builder package' From 5924e108cfdc439910616735c97ca5530ad401ae Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 15:38:45 +0000 Subject: [PATCH 004/228] trying different syntax to see if that fixes the npm run problem --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index dc3097f6ab8..6538861f04c 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -23,5 +23,5 @@ steps: npm npm run clean:dist displayName: 'npm build' -- script: npm-run node_modules/.bin/electron-builder --win --x64 --ia32 -p never +- script: npm run node_modules/.bin/electron-builder --win --x64 --ia32 -p never displayName: 'electron-builder package' From 7deda0a1172888675253eb16a57b5df1487ba421 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 15:57:45 +0000 Subject: [PATCH 005/228] debugging npm scripts in azure pipeline --- azure-pipelines.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 6538861f04c..ebb4631870c 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -18,6 +18,9 @@ steps: - script: npm install displayName: 'npm install' +- script: ls -alht node_modules/.bin/ + displayName: show node scripts + - script: | npm run build npm npm run clean:dist From 9bad72db67979a74b820f2aa41662ff3e725af91 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 17:41:26 +0000 Subject: [PATCH 006/228] changing electron-builder to npx --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index ebb4631870c..f1842d68447 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -26,5 +26,5 @@ steps: npm npm run clean:dist displayName: 'npm build' -- script: npm run node_modules/.bin/electron-builder --win --x64 --ia32 -p never +- script: npx electron-builder --win --x64 --ia32 -p never displayName: 'electron-builder package' From ae80649466075983977356a504d171d0d07cfc99 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 18:47:21 +0000 Subject: [PATCH 007/228] grabbing executable names --- azure-pipelines.yml | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index f1842d68447..f9bf2e50207 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -18,9 +18,6 @@ steps: - script: npm install displayName: 'npm install' -- script: ls -alht node_modules/.bin/ - displayName: show node scripts - - script: | npm run build npm npm run clean:dist @@ -28,3 +25,12 @@ steps: - script: npx electron-builder --win --x64 --ia32 -p never displayName: 'electron-builder package' + +- script: ls -alht dist + displayName: show executables + + #- task: PublishBuildArtifacts@1 + # inputs: + # pathToPublish: '$(Build.ArtifactStagingDirectory)/' + # artifactName: TestDesktop + From 926d221e6ab133460a9f36fff8fdc96d9d1fcc77 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 19:04:39 +0000 Subject: [PATCH 008/228] testing artifact publishing --- azure-pipelines.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index f9bf2e50207..35f0835d87f 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -29,8 +29,12 @@ steps: - script: ls -alht dist displayName: show executables - #- task: PublishBuildArtifacts@1 - # inputs: - # pathToPublish: '$(Build.ArtifactStagingDirectory)/' - # artifactName: TestDesktop +- task: PublishBuildArtifacts@1 + inputs: + pathToPublish: '$(Build.ArtifactStagingDirectory)/dist/Bitwarden-1.23.1-ia32.appx' + artifactName: Bitwarden-1.23.1-ia32.appx +- task: PublishBuildArtifacts@1 + inputs: + pathToPublish: '$(Build.ArtifactStagingDirectory)/dist/Bitwarden-1.23.1-x64.appx' + artifactName: Bitwarden-1.23.1-x64.appx From 99e2b83d62bd1e6149395945ab9d02da616e6ad9 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 19:25:24 +0000 Subject: [PATCH 009/228] adding git commit option --- azure-pipelines.yml | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 35f0835d87f..1f8ebb0cb04 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -9,11 +9,16 @@ trigger: pool: vmImage: 'windows-latest' +variables: +- group: qa-envs + steps: - task: NodeTool@0 inputs: versionSpec: '10.x' displayName: 'Install Node.js' + +- checkout: $(GIT_COMMIT_TO_BUILD) - script: npm install displayName: 'npm install' @@ -31,10 +36,10 @@ steps: - task: PublishBuildArtifacts@1 inputs: - pathToPublish: '$(Build.ArtifactStagingDirectory)/dist/Bitwarden-1.23.1-ia32.appx' - artifactName: Bitwarden-1.23.1-ia32.appx + pathToPublish: 'dist/Bitwarden-1.23.1-ia32.appx' + artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-ia32.appx - task: PublishBuildArtifacts@1 inputs: - pathToPublish: '$(Build.ArtifactStagingDirectory)/dist/Bitwarden-1.23.1-x64.appx' - artifactName: Bitwarden-1.23.1-x64.appx + pathToPublish: 'dist/Bitwarden-1.23.1-x64.appx' + artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-x64.appx From 493ba4e488089485e6dd5b858fa154b4844babce Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 19:27:23 +0000 Subject: [PATCH 010/228] checking out specific commit (for historical builds) --- azure-pipelines.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 1f8ebb0cb04..5275076781b 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -18,7 +18,8 @@ steps: versionSpec: '10.x' displayName: 'Install Node.js' -- checkout: $(GIT_COMMIT_TO_BUILD) +- script: git checkout $(GIT_COMMIT_TO_BUILD) + displayName: setup commit to build - script: npm install displayName: 'npm install' From 7fbce68530cbeac20704d635c911b14a2fd592f2 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 19:53:39 +0000 Subject: [PATCH 011/228] changing over to manual run of the pipeline and moving from PublishBuildArtifact to PublishPipelineArtifact --- azure-pipelines.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 5275076781b..a69d2c98410 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -4,7 +4,7 @@ # https://docs.microsoft.com/azure/devops/pipelines/languages/javascript trigger: -- main +- none pool: vmImage: 'windows-latest' @@ -35,12 +35,12 @@ steps: - script: ls -alht dist displayName: show executables -- task: PublishBuildArtifacts@1 +- task: PublishPipelineArtifacts@1 inputs: pathToPublish: 'dist/Bitwarden-1.23.1-ia32.appx' artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-ia32.appx -- task: PublishBuildArtifacts@1 +- task: PublishPipelineArtifacts@1 inputs: pathToPublish: 'dist/Bitwarden-1.23.1-x64.appx' artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-x64.appx From ba2e3f5a111acaee80e5c4b7ce17e63fb417c41b Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 19:56:29 +0000 Subject: [PATCH 012/228] fixing AZ pipeline task typo --- azure-pipelines.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index a69d2c98410..45d9e1cc555 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -35,12 +35,12 @@ steps: - script: ls -alht dist displayName: show executables -- task: PublishPipelineArtifacts@1 +- task: PublishPipelineArtifact@1 inputs: pathToPublish: 'dist/Bitwarden-1.23.1-ia32.appx' artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-ia32.appx -- task: PublishPipelineArtifacts@1 +- task: PublishPipelineArtifact@1 inputs: pathToPublish: 'dist/Bitwarden-1.23.1-x64.appx' artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-x64.appx From 1251ddaf5fca7ea83b67b0762bdc98194b50c721 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 20:15:37 +0000 Subject: [PATCH 013/228] changing pathToPublish to absolute path --- azure-pipelines.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 45d9e1cc555..2ae935be518 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -37,10 +37,10 @@ steps: - task: PublishPipelineArtifact@1 inputs: - pathToPublish: 'dist/Bitwarden-1.23.1-ia32.appx' + pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-ia32.appx' artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-ia32.appx - task: PublishPipelineArtifact@1 inputs: - pathToPublish: 'dist/Bitwarden-1.23.1-x64.appx' + pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-x64.appx' artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-x64.appx From 65e72b41a321902f412035e79a0ccadb26c4538d Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 21:24:18 +0000 Subject: [PATCH 014/228] bumping version and updating azure pipeline --- azure-pipelines.yml | 27 ++++++++++----------------- src/package.json | 2 +- 2 files changed, 11 insertions(+), 18 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 2ae935be518..bb7e13f169e 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -3,24 +3,17 @@ # Add steps that analyze code, save build artifacts, deploy, and more: # https://docs.microsoft.com/azure/devops/pipelines/languages/javascript -trigger: -- none +trigger: none pool: vmImage: 'windows-latest' -variables: -- group: qa-envs - steps: - task: NodeTool@0 inputs: versionSpec: '10.x' displayName: 'Install Node.js' -- script: git checkout $(GIT_COMMIT_TO_BUILD) - displayName: setup commit to build - - script: npm install displayName: 'npm install' @@ -35,12 +28,12 @@ steps: - script: ls -alht dist displayName: show executables -- task: PublishPipelineArtifact@1 - inputs: - pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-ia32.appx' - artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-ia32.appx - -- task: PublishPipelineArtifact@1 - inputs: - pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-x64.appx' - artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-x64.appx +# - task: PublishPipelineArtifact@1 +# inputs: +# pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-ia32.appx' +# artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-ia32.appx +# +# - task: PublishPipelineArtifact@1 +# inputs: +# pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-x64.appx' +# artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-x64.appx diff --git a/src/package.json b/src/package.json index 781a491dc03..a80d985ab81 100644 --- a/src/package.json +++ b/src/package.json @@ -2,7 +2,7 @@ "name": "bitwarden", "productName": "Bitwarden", "description": "A secure and free password manager for all of your devices.", - "version": "1.23.1", + "version": "1.23.1a", "author": "Bitwarden Inc. (https://bitwarden.com)", "homepage": "https://bitwarden.com", "license": "GPL-3.0", From f78df842b6ba8d7139c45be289c3f23c7a865f94 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 21:27:37 +0000 Subject: [PATCH 015/228] moved the AZ pipelines into their own directory for cleanliness --- azure-pipelines.yml => .az-pipelines/windows-build-sign.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename azure-pipelines.yml => .az-pipelines/windows-build-sign.yml (100%) diff --git a/azure-pipelines.yml b/.az-pipelines/windows-build-sign.yml similarity index 100% rename from azure-pipelines.yml rename to .az-pipelines/windows-build-sign.yml From cdf16541e1ae399836fe486d050dbfbf0a3398a9 Mon Sep 17 00:00:00 2001 From: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com> Date: Mon, 14 Dec 2020 13:41:00 -0800 Subject: [PATCH 016/228] Set up CI with Azure Pipelines [skip ci] --- azure-pipelines.yml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 azure-pipelines.yml diff --git a/azure-pipelines.yml b/azure-pipelines.yml new file mode 100644 index 00000000000..2a6e47f5efe --- /dev/null +++ b/azure-pipelines.yml @@ -0,0 +1,21 @@ +# Node.js +# Build a general Node.js project with npm. +# Add steps that analyze code, save build artifacts, deploy, and more: +# https://docs.microsoft.com/azure/devops/pipelines/languages/javascript + +trigger: +- main + +pool: + vmImage: 'ubuntu-latest' + +steps: +- task: NodeTool@0 + inputs: + versionSpec: '10.x' + displayName: 'Install Node.js' + +- script: | + npm install + npm run build + displayName: 'npm install and build' From 761a93a4bd8dec992f4978e75f2de6b393fdf066 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 21:51:53 +0000 Subject: [PATCH 017/228] moving default pipeline script --- .az-pipelines/sign-windows-artifacts.yml | 15 +++++++++++++++ azure-pipelines.yml | 21 --------------------- 2 files changed, 15 insertions(+), 21 deletions(-) create mode 100644 .az-pipelines/sign-windows-artifacts.yml delete mode 100644 azure-pipelines.yml diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml new file mode 100644 index 00000000000..8b616edae49 --- /dev/null +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -0,0 +1,15 @@ +trigger: none + +pool: + vmImage: 'windows-latest' + +steps: +- task: DownloadGitHubRelease@0 + inputs: + + displayName: 'Git Release Artifacts' + +- script: | + npm install + npm run build + displayName: 'npm install and build' diff --git a/azure-pipelines.yml b/azure-pipelines.yml deleted file mode 100644 index 2a6e47f5efe..00000000000 --- a/azure-pipelines.yml +++ /dev/null @@ -1,21 +0,0 @@ -# Node.js -# Build a general Node.js project with npm. -# Add steps that analyze code, save build artifacts, deploy, and more: -# https://docs.microsoft.com/azure/devops/pipelines/languages/javascript - -trigger: -- main - -pool: - vmImage: 'ubuntu-latest' - -steps: -- task: NodeTool@0 - inputs: - versionSpec: '10.x' - displayName: 'Install Node.js' - -- script: | - npm install - npm run build - displayName: 'npm install and build' From 857c9515daa1b8a6e844153f233921db5e7232b1 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 21:55:14 +0000 Subject: [PATCH 018/228] version bump --- src/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/package.json b/src/package.json index a80d985ab81..18450719f81 100644 --- a/src/package.json +++ b/src/package.json @@ -2,7 +2,7 @@ "name": "bitwarden", "productName": "Bitwarden", "description": "A secure and free password manager for all of your devices.", - "version": "1.23.1a", + "version": "1.23.2-alpha", "author": "Bitwarden Inc. (https://bitwarden.com)", "homepage": "https://bitwarden.com", "license": "GPL-3.0", From c641d2641d5c794a9ea0946845f1aafe53cad4ce Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 22:20:39 +0000 Subject: [PATCH 019/228] working on signing pipeline --- .az-pipelines/sign-windows-artifacts.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 8b616edae49..92b606a9aa6 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -6,6 +6,8 @@ pool: steps: - task: DownloadGitHubRelease@0 inputs: + connection: joseph-flinn + userRepository: joseph-flinn/desktop displayName: 'Git Release Artifacts' From d68c62ab9123e86bfaa3ca58b3ffe66badd9122b Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 22:23:14 +0000 Subject: [PATCH 020/228] removing deploy jobs (should be moved into its own workflow) --- .github/workflows/build.yml | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index bdc91cb20bd..d89ef0a6010 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -109,12 +109,12 @@ jobs: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage - - name: Deploy to Snap Store - if: github.event_name == 'release' - run: | - ./scripts/snap-update.ps1 -version $env:PACKAGE_VERSION - snapcraft logout - shell: pwsh + #- name: Deploy to Snap Store + # if: github.event_name == 'release' + # run: | + # ./scripts/snap-update.ps1 -version $env:PACKAGE_VERSION + # snapcraft logout + # shell: pwsh windows: runs-on: windows-latest @@ -197,10 +197,10 @@ jobs: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx - - name: Deploy to Chocolatey - if: github.event_name == 'release' - run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION - shell: pwsh + # - name: Deploy to Chocolatey + # if: github.event_name == 'release' + # run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION + # shell: pwsh - name: Upload Chocolatey nupkg artifact if: github.event_name == 'release' @@ -350,12 +350,12 @@ jobs: name: Bitwarden-${{ env.PACKAGE_VERSION }}.pkg path: ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg - - name: Deploy to App Store - if: github.event_name == 'release' - run: npm run upload:mas - env: - APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} - APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} + # - name: Deploy to App Store + # if: github.event_name == 'release' + # run: npm run upload:mas + # env: + # APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} + # APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} - name: Upload release assets if: github.event_name == 'release' From 026392d4a1545f20d354ed3a4dacba9a672476dc Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 22:38:56 +0000 Subject: [PATCH 021/228] working on blocking out signing pipeline --- .az-pipelines/sign-windows-artifacts.yml | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 92b606a9aa6..be81b9ae918 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -8,10 +8,15 @@ steps: inputs: connection: joseph-flinn userRepository: joseph-flinn/desktop + displayName: 'git release artifacts' - displayName: 'Git Release Artifacts' +- script: ls -alh + displayName: 'show artifacts' - script: | - npm install - npm run build - displayName: 'npm install and build' + echo 'Signing artifacts' + displayName: 'sign artifacts' + +- script: | + echo 'Publishing artifacts' + displayName: 'publish artifacts' From 2a6add76db7c5da3ad0f68bae6a9db0424f8f756 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 22:53:33 +0000 Subject: [PATCH 022/228] updating GH_TOKEN secret name because GITHUB_TOKEN wasn't valid --- .github/workflows/build.yml | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d89ef0a6010..46bd8cb57d8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -43,13 +43,13 @@ jobs: sudo apt-get update sudo apt-get -y install pkg-config libxss-dev libsecret-1-dev rpm - - name: Set up snap - if: github.event_name == 'release' - run: | - sudo snap install snapcraft --classic - echo "$SNAP_TOKEN" | snapcraft login --with - - env: - SNAP_TOKEN: ${{ secrets.SNAP_TOKEN }} + # - name: Set up snap + # if: github.event_name == 'release' + # run: | + # sudo snap install snapcraft --classic + # echo "$SNAP_TOKEN" | snapcraft login --with - + # env: + # SNAP_TOKEN: ${{ secrets.SNAP_TOKEN }} - name: Print environment run: | @@ -129,14 +129,14 @@ jobs: run: echo "NODE_OPTIONS=--max_old_space_size=4096" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append shell: pwsh - - name: Set up environment - if: github.event_name == 'release' - shell: pwsh - run: | - choco install checksum --no-progress - choco apikey --key $env:CHOCO_API_KEY --source https://push.chocolatey.org/ - env: - CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} + # - name: Set up environment + # if: github.event_name == 'release' + # shell: pwsh + # run: | + # choco install checksum --no-progress + # choco apikey --key $env:CHOCO_API_KEY --source https://push.chocolatey.org/ + # env: + # CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} - name: Print environment run: | @@ -220,7 +220,7 @@ jobs: $env:RELEASE_TAG_NAME shell: pwsh env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} macos: @@ -366,5 +366,5 @@ jobs: $env:RELEASE_TAG_NAME shell: pwsh env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} From 41f263d378cfaceb2955ee91a87e4d57daa92a43 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 14 Dec 2020 23:58:49 +0000 Subject: [PATCH 023/228] commenting out the chocolatey package --- .github/workflows/build.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 46bd8cb57d8..421f3158b6e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -202,18 +202,18 @@ jobs: # run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION # shell: pwsh - - name: Upload Chocolatey nupkg artifact - if: github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + # - name: Upload Chocolatey nupkg artifact + # if: github.event_name == 'release' + # uses: actions/upload-artifact@v2 + # with: + # name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + # path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - name: Upload release assets if: github.event_name == 'release' run: | hub release edit ` - -a ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg ` + #-a ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg ` -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` From 030eab729093c1a6d92df9544e4d531bb45a8ea8 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 15 Dec 2020 00:59:16 +0000 Subject: [PATCH 024/228] removing a line in a pwsh multiline script --- .github/workflows/build.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 421f3158b6e..8d8d61aa246 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -213,7 +213,6 @@ jobs: if: github.event_name == 'release' run: | hub release edit ` - #-a ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg ` -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` From 462b49daa39c69fa93032a17cfc9c80120ec7617 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 15 Dec 2020 15:39:08 +0000 Subject: [PATCH 025/228] changing the ls command to the artifacts directory --- .az-pipelines/sign-windows-artifacts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index be81b9ae918..c4bcbddeeae 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -10,7 +10,7 @@ steps: userRepository: joseph-flinn/desktop displayName: 'git release artifacts' -- script: ls -alh +- script: ls -alh $(System.ArtifactsDirectory) displayName: 'show artifacts' - script: | From 378454ce03a88b929a82e1079cb3327dd0970476 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 19:14:06 +0000 Subject: [PATCH 026/228] testing the GIT_RELEASE_VERSION var --- .az-pipelines/sign-windows-artifacts.yml | 35 ++++++++++++++++++------ 1 file changed, 27 insertions(+), 8 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index c4bcbddeeae..bf70dc14eb8 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -3,20 +3,39 @@ trigger: none pool: vmImage: 'windows-latest' +variables: +- name: GIT_RELEASE_VERSION + value: curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' + steps: +- task: DotNetCoreCLI@2 + inputs: + command: 'custom' + arguments: 'install --global azuresigntool' + displayName: 'install AzureSignTool' + - task: DownloadGitHubRelease@0 inputs: connection: joseph-flinn userRepository: joseph-flinn/desktop displayName: 'git release artifacts' -- script: ls -alh $(System.ArtifactsDirectory) +- script: | + ls -alh $(System.ArtifactsDirectory) + echo GIT_RELEASE_VERSION=$GIT_RELEASE_VERSION displayName: 'show artifacts' -- script: | - echo 'Signing artifacts' - displayName: 'sign artifacts' - -- script: | - echo 'Publishing artifacts' - displayName: 'publish artifacts' +#- task: CmdLine@2 +# displayName: 'Sign *.appx artifacts' +# inputs: +# script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\\*" +# +#- task: PublishPipelinArtifact@1 +# inputs: +# pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(GIT_RELEASE_VERSION)-ia32.appx' +# artifactName: 'Bitwarden-$(GIT_RELEASE_VERSION)-ia32.appx' +# +#- task: PublishPipelinArtifact@1 +# inputs: +# pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(GIT_RELEASE_VERSION)-x64.appx' +# artifactName: 'Bitwarden-$(GIT_RELEASE_VERSION)-x64.appx' From 16bad9ed986b41f9eb450a5df618a86702f55243 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 19:30:46 +0000 Subject: [PATCH 027/228] testing expression for variable value --- .az-pipelines/sign-windows-artifacts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index bf70dc14eb8..f374319d25a 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -5,7 +5,7 @@ pool: variables: - name: GIT_RELEASE_VERSION - value: curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' + value: $[ curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' ] steps: - task: DotNetCoreCLI@2 From b52f107810ecaaac302c19d3a2aafb0b5cd43014 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 19:33:14 +0000 Subject: [PATCH 028/228] trying different variable block format --- .az-pipelines/sign-windows-artifacts.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index f374319d25a..33f6ef7b623 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -4,8 +4,7 @@ pool: vmImage: 'windows-latest' variables: -- name: GIT_RELEASE_VERSION - value: $[ curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' ] + gitReleaseVersion: $[ curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' ] steps: - task: DotNetCoreCLI@2 From 9ead2f2bb819b15011e15151c6910133b5d4be6a Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 19:50:31 +0000 Subject: [PATCH 029/228] switching back to manually setting the git_release_version with bash --- .az-pipelines/sign-windows-artifacts.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 33f6ef7b623..64a4e40b145 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -3,9 +3,6 @@ trigger: none pool: vmImage: 'windows-latest' -variables: - gitReleaseVersion: $[ curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' ] - steps: - task: DotNetCoreCLI@2 inputs: @@ -19,6 +16,10 @@ steps: userRepository: joseph-flinn/desktop displayName: 'git release artifacts' +- bash: | + GIT_RELEASE_VERSION=$(curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")') + echo "##vso[task.setvariable variable=git_release_version]$GIT_RELEASE_VERSION" + - script: | ls -alh $(System.ArtifactsDirectory) echo GIT_RELEASE_VERSION=$GIT_RELEASE_VERSION From 3099238762074b4e1b0e381267951bbf39226f85 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 20:04:08 +0000 Subject: [PATCH 030/228] fixing the AzureSignTool install task --- .az-pipelines/sign-windows-artifacts.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 64a4e40b145..40e9c0b647c 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -7,6 +7,7 @@ steps: - task: DotNetCoreCLI@2 inputs: command: 'custom' + custom: 'tool' arguments: 'install --global azuresigntool' displayName: 'install AzureSignTool' @@ -19,6 +20,7 @@ steps: - bash: | GIT_RELEASE_VERSION=$(curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")') echo "##vso[task.setvariable variable=git_release_version]$GIT_RELEASE_VERSION" + displayName: 'set git_release_version' - script: | ls -alh $(System.ArtifactsDirectory) From 94b924b21caf7bd8d5196db4e9476212d4d11324 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 20:10:20 +0000 Subject: [PATCH 031/228] changing the echo var --- .az-pipelines/sign-windows-artifacts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 40e9c0b647c..60928b09c77 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -24,7 +24,7 @@ steps: - script: | ls -alh $(System.ArtifactsDirectory) - echo GIT_RELEASE_VERSION=$GIT_RELEASE_VERSION + echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' #- task: CmdLine@2 From f294e43262b9312872778a64f9cc2ca95fe3c874 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 20:18:54 +0000 Subject: [PATCH 032/228] changing 'show artifacts' task to bash shell --- .az-pipelines/sign-windows-artifacts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 60928b09c77..33d9bab34c8 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -22,7 +22,7 @@ steps: echo "##vso[task.setvariable variable=git_release_version]$GIT_RELEASE_VERSION" displayName: 'set git_release_version' -- script: | +- bash: | ls -alh $(System.ArtifactsDirectory) echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' From 047db49e256adb78c25c35163a373789414824d3 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 20:24:48 +0000 Subject: [PATCH 033/228] debugging grep --- .az-pipelines/sign-windows-artifacts.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 33d9bab34c8..54ff49cbff4 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -18,11 +18,11 @@ steps: displayName: 'git release artifacts' - bash: | - GIT_RELEASE_VERSION=$(curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")') + GIT_RELEASE_VERSION=$(curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")') echo "##vso[task.setvariable variable=git_release_version]$GIT_RELEASE_VERSION" displayName: 'set git_release_version' -- bash: | +- script: | ls -alh $(System.ArtifactsDirectory) echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' From e0cc09f656776842ddaf275d73459c254356ffa7 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 21:48:02 +0000 Subject: [PATCH 034/228] switching from grep to awk --- .az-pipelines/sign-windows-artifacts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 54ff49cbff4..cbf3734002f 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -18,7 +18,7 @@ steps: displayName: 'git release artifacts' - bash: | - GIT_RELEASE_VERSION=$(curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")') + GIT_RELEASE_VERSION=$(curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | awk -F '"' '/tag_name/{print $4}') echo "##vso[task.setvariable variable=git_release_version]$GIT_RELEASE_VERSION" displayName: 'set git_release_version' From 53f15dc78864e38e9e12a1459c47526a8c02d3d5 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 21:54:56 +0000 Subject: [PATCH 035/228] adding another awk script to clean up version output --- .az-pipelines/sign-windows-artifacts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index cbf3734002f..53cce6bc41a 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -18,7 +18,7 @@ steps: displayName: 'git release artifacts' - bash: | - GIT_RELEASE_VERSION=$(curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | awk -F '"' '/tag_name/{print $4}') + GIT_RELEASE_VERSION=$(curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | awk -F '"' '/tag_name/{print $4}' | awk '{print substr($1, 2); }') echo "##vso[task.setvariable variable=git_release_version]$GIT_RELEASE_VERSION" displayName: 'set git_release_version' From 18e55133ba07ff25d07a67748decb9cf1eb05435 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 22:03:54 +0000 Subject: [PATCH 036/228] adding in the signing test --- .az-pipelines/sign-windows-artifacts.yml | 30 +++++++++++++----------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 53cce6bc41a..b9ec77529d3 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -27,17 +27,19 @@ steps: echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' -#- task: CmdLine@2 -# displayName: 'Sign *.appx artifacts' -# inputs: -# script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\\*" -# -#- task: PublishPipelinArtifact@1 -# inputs: -# pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(GIT_RELEASE_VERSION)-ia32.appx' -# artifactName: 'Bitwarden-$(GIT_RELEASE_VERSION)-ia32.appx' -# -#- task: PublishPipelinArtifact@1 -# inputs: -# pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(GIT_RELEASE_VERSION)-x64.appx' -# artifactName: 'Bitwarden-$(GIT_RELEASE_VERSION)-x64.appx' +- task: CmdLine@2 + displayName: 'Sign *.appx artifacts' + inputs: + script: | + AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\\Bitwarden-$(git_release_version)-ia32.appx" + AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\\Bitwarden-$(git_release_version)-x64.appx" + +- task: PublishPipelinArtifact@1 + inputs: + pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-ia32.appx' + artifactName: 'Bitwarden-$(git_release_version)-ia32.appx' + +- task: PublishPipelinArtifact@1 + inputs: + pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-x64.appx' + artifactName: 'Bitwarden-$(git_release_version)-x64.appx' From c8fa0aae8bd0ea1ac7aeaeae18128bd9d1e20dc4 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 22:05:15 +0000 Subject: [PATCH 037/228] fixing publish typo --- .az-pipelines/sign-windows-artifacts.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index b9ec77529d3..92357343247 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -34,12 +34,12 @@ steps: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\\Bitwarden-$(git_release_version)-ia32.appx" AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\\Bitwarden-$(git_release_version)-x64.appx" -- task: PublishPipelinArtifact@1 +- task: PublishPipelineArtifact@1 inputs: pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-ia32.appx' artifactName: 'Bitwarden-$(git_release_version)-ia32.appx' -- task: PublishPipelinArtifact@1 +- task: PublishPipelineArtifact@1 inputs: pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-x64.appx' artifactName: 'Bitwarden-$(git_release_version)-x64.appx' From dd4347fb2af19b0224eae7abcd3f86bbf02ca20c Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 22:13:04 +0000 Subject: [PATCH 038/228] splitting up the files --- .az-pipelines/sign-windows-artifacts.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 92357343247..3feb05e1ec4 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -28,11 +28,14 @@ steps: displayName: 'show artifacts' - task: CmdLine@2 - displayName: 'Sign *.appx artifacts' + displayName: 'Sign ...-ia32.appx artifacts' inputs: - script: | - AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\\Bitwarden-$(git_release_version)-ia32.appx" - AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\\Bitwarden-$(git_release_version)-x64.appx" + script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\\Bitwarden-$(git_release_version)-ia32.appx" + +- task: CmdLine@2 + displayName: 'Sign ...-x64.appx artifacts' + inputs: + script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\\Bitwarden-$(git_release_version)-x64.appx" - task: PublishPipelineArtifact@1 inputs: From f46b0319b8e2c7187d633dcef86ae6717285c8a0 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 22:19:11 +0000 Subject: [PATCH 039/228] removing extra backslash --- .az-pipelines/sign-windows-artifacts.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 3feb05e1ec4..ed3d891e40b 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -30,12 +30,12 @@ steps: - task: CmdLine@2 displayName: 'Sign ...-ia32.appx artifacts' inputs: - script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\\Bitwarden-$(git_release_version)-ia32.appx" + script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" - task: CmdLine@2 displayName: 'Sign ...-x64.appx artifacts' inputs: - script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\\Bitwarden-$(git_release_version)-x64.appx" + script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" - task: PublishPipelineArtifact@1 inputs: From 42314451acc0ae6cc50c01772fdf42f5702d66ad Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 22:32:24 +0000 Subject: [PATCH 040/228] reformatting the azure signing --- .az-pipelines/sign-windows-artifacts.yml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index ed3d891e40b..23671fff720 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -30,12 +30,14 @@ steps: - task: CmdLine@2 displayName: 'Sign ...-ia32.appx artifacts' inputs: - script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" - -- task: CmdLine@2 - displayName: 'Sign ...-x64.appx artifacts' - inputs: - script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" + script: AzureSignTool sign -du "$(SigningURL)" \ + -kvu "$(SigningVaultURL)" \ + -kvi "$(SigningClientId)" \ + -kvs "$(SigningClientSecret)" \ + -kvc "$(SigningCertName)" \ + -v \ + -ifl "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" \ + "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" - task: PublishPipelineArtifact@1 inputs: From 6a228ee571959339673faf59527540887d2806c6 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 22:39:04 +0000 Subject: [PATCH 041/228] undoing that formatting --- .az-pipelines/sign-windows-artifacts.yml | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 23671fff720..edd84873def 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -30,15 +30,13 @@ steps: - task: CmdLine@2 displayName: 'Sign ...-ia32.appx artifacts' inputs: - script: AzureSignTool sign -du "$(SigningURL)" \ - -kvu "$(SigningVaultURL)" \ - -kvi "$(SigningClientId)" \ - -kvs "$(SigningClientSecret)" \ - -kvc "$(SigningCertName)" \ - -v \ - -ifl "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" \ - "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" + script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v -ifl "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" + +- task: CmdLine@2 + displayName: 'Sign ...-x64.appx artifacts' + inputs: + script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v - task: PublishPipelineArtifact@1 inputs: pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-ia32.appx' From b551b839d0b4450faf84e3e728392f970bc1e5a0 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 22:46:31 +0000 Subject: [PATCH 042/228] debugging AST --- .az-pipelines/sign-windows-artifacts.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index edd84873def..1a4f4ef4d7c 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -28,7 +28,12 @@ steps: displayName: 'show artifacts' - task: CmdLine@2 - displayName: 'Sign ...-ia32.appx artifacts' + displayName: 'Debugging AST' + inputs: + script: AzureSignTool --help + +- task: CmdLine@2 + displayName: 'Sign artifacts' inputs: script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v -ifl "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" From 5ae39d8fc3c55558d5c1f1d31bd814102f0750d5 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 23:00:51 +0000 Subject: [PATCH 043/228] moving away from cmd task to the script shortcut --- .az-pipelines/sign-windows-artifacts.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 1a4f4ef4d7c..b5036841ff2 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -27,10 +27,8 @@ steps: echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' -- task: CmdLine@2 +- script: AzureSignTool --help displayName: 'Debugging AST' - inputs: - script: AzureSignTool --help - task: CmdLine@2 displayName: 'Sign artifacts' From f349317cbdd23d34909aba187c392aeb8ad83cb5 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 23:06:41 +0000 Subject: [PATCH 044/228] debugging AST --- .az-pipelines/sign-windows-artifacts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index b5036841ff2..05e7694a811 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -27,7 +27,7 @@ steps: echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' -- script: AzureSignTool --help +- script: azuresigntool sign --help displayName: 'Debugging AST' - task: CmdLine@2 From f0897eb371f4991e7a8f7ac22c6829280cb50b4f Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 23:10:35 +0000 Subject: [PATCH 045/228] lowercasing the ACT... --- .az-pipelines/sign-windows-artifacts.yml | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 05e7694a811..df470a9713c 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -11,6 +11,9 @@ steps: arguments: 'install --global azuresigntool' displayName: 'install AzureSignTool' +- script: azuresigntool sign --help + displayName: 'Debugging AST' + - task: DownloadGitHubRelease@0 inputs: connection: joseph-flinn @@ -27,19 +30,9 @@ steps: echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' -- script: azuresigntool sign --help - displayName: 'Debugging AST' - -- task: CmdLine@2 +- script: azuresigntool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v -ifl "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" displayName: 'Sign artifacts' - inputs: - script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v -ifl "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" - -- task: CmdLine@2 - displayName: 'Sign ...-x64.appx artifacts' - inputs: - script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v - task: PublishPipelineArtifact@1 inputs: pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-ia32.appx' From d05562f3591380c473b72be185556dd35637b88b Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 16 Dec 2020 23:16:30 +0000 Subject: [PATCH 046/228] adding in the var group --- .az-pipelines/sign-windows-artifacts.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index df470a9713c..8598101955b 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -3,6 +3,9 @@ trigger: none pool: vmImage: 'windows-latest' +variables: +- group: code-signing-test + steps: - task: DotNetCoreCLI@2 inputs: From 2fce9e6696059440ee70dac0e1217e1b4ab89a08 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 17 Dec 2020 15:44:09 +0000 Subject: [PATCH 047/228] trying to use the key with electron builder --- .az-pipelines/windows-build-sign.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index bb7e13f169e..0b05e64fb5f 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -8,6 +8,9 @@ trigger: none pool: vmImage: 'windows-latest' +variables: +- group: code-signing-test + steps: - task: NodeTool@0 inputs: @@ -22,8 +25,11 @@ steps: npm npm run clean:dist displayName: 'npm build' -- script: npx electron-builder --win --x64 --ia32 -p never +- script: npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName="Bitwarden Inc" displayName: 'electron-builder package' + env: + CSC_LINK: $(ebSigningCertIdentifierURL) + CSC_KEY_PASSWORD: $(ebSigningCertKey) - script: ls -alht dist displayName: show executables From 42be4d44a1e2f857f8031d706bab9b338ecce248 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 17 Dec 2020 16:05:35 +0000 Subject: [PATCH 048/228] debugging act --- .az-pipelines/sign-windows-artifacts.yml | 7 +++++-- .az-pipelines/windows-build-sign.yml | 1 + 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 8598101955b..79701b4c1cc 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -33,8 +33,11 @@ steps: echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' -- script: azuresigntool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v -ifl "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" - displayName: 'Sign artifacts' + #- script: azuresigntool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v -ifl "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" + # displayName: 'Sign artifacts' + +- script: azuresigntool sign -kvu "https://code-signing-test-vault.vault.azure.net" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "test-code-signing-pfx" -v -ifl "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" + displayName: 'Signing test' - task: PublishPipelineArtifact@1 inputs: diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 0b05e64fb5f..d07c75b9139 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -25,6 +25,7 @@ steps: npm npm run clean:dist displayName: 'npm build' +# This task is not working... - script: npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName="Bitwarden Inc" displayName: 'electron-builder package' env: From 893eef9d0fec2d2704c488deff48bffa23af3b38 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 17 Dec 2020 16:14:26 +0000 Subject: [PATCH 049/228] trying to fix the space in script --- .az-pipelines/windows-build-sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index d07c75b9139..00b7411c9f8 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -26,7 +26,7 @@ steps: displayName: 'npm build' # This task is not working... -- script: npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName="Bitwarden Inc" +- script: npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden\ Inc\" displayName: 'electron-builder package' env: CSC_LINK: $(ebSigningCertIdentifierURL) From d5c99a1f7d335edf47cfc484b49e00e647123c3f Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 17 Dec 2020 16:15:21 +0000 Subject: [PATCH 050/228] removing the test --- .az-pipelines/sign-windows-artifacts.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 79701b4c1cc..8598101955b 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -33,11 +33,8 @@ steps: echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' - #- script: azuresigntool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v -ifl "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" - # displayName: 'Sign artifacts' - -- script: azuresigntool sign -kvu "https://code-signing-test-vault.vault.azure.net" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "test-code-signing-pfx" -v -ifl "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" - displayName: 'Signing test' +- script: azuresigntool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v -ifl "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" + displayName: 'Sign artifacts' - task: PublishPipelineArtifact@1 inputs: From 8319ddbb49f5d9e4095025c94aabbcd2c4d8580f Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 17 Dec 2020 16:26:12 +0000 Subject: [PATCH 051/228] removing esacpe from space --- .az-pipelines/windows-build-sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 00b7411c9f8..88588feddb7 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -26,7 +26,7 @@ steps: displayName: 'npm build' # This task is not working... -- script: npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden\ Inc\" +- script: npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\" displayName: 'electron-builder package' env: CSC_LINK: $(ebSigningCertIdentifierURL) From 9224f7365d242922168466d5c7bb5198b6fcc7ad Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 21 Dec 2020 18:51:19 +0000 Subject: [PATCH 052/228] testing azure cli task connection --- .az-pipelines/az-cli-tests.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 .az-pipelines/az-cli-tests.yml diff --git a/.az-pipelines/az-cli-tests.yml b/.az-pipelines/az-cli-tests.yml new file mode 100644 index 00000000000..0bc957138fa --- /dev/null +++ b/.az-pipelines/az-cli-tests.yml @@ -0,0 +1,18 @@ +trigger: none + +pool: + vmImage: 'windows-latest' + +variables: +- group: sub-secrets + +steps: +- task: AzureCLI@2 + displayName: Azure CLI KV Test + inputs: + azureSubscription: '$(subscription-id)' + scriptType: ps + scriptLocation: inlineScript + inlineScript: | + az --verison + az account show From 5aee4d8294c08b46374424b0dc222e7b23d2a1a5 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 28 Dec 2020 19:25:32 +0000 Subject: [PATCH 053/228] updating to AzureCLI version params --- .az-pipelines/az-cli-tests.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.az-pipelines/az-cli-tests.yml b/.az-pipelines/az-cli-tests.yml index 0bc957138fa..9c1b8b56aaa 100644 --- a/.az-pipelines/az-cli-tests.yml +++ b/.az-pipelines/az-cli-tests.yml @@ -11,6 +11,7 @@ steps: displayName: Azure CLI KV Test inputs: azureSubscription: '$(subscription-id)' + connectedServiceNameARM: keyvault-signing-SP scriptType: ps scriptLocation: inlineScript inlineScript: | From 1d68f9c6d44b783bb2444ceb301338d93b30a239 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 28 Dec 2020 19:40:14 +0000 Subject: [PATCH 054/228] testing kv connection --- .az-pipelines/az-cli-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/az-cli-tests.yml b/.az-pipelines/az-cli-tests.yml index 9c1b8b56aaa..daf6af6e33a 100644 --- a/.az-pipelines/az-cli-tests.yml +++ b/.az-pipelines/az-cli-tests.yml @@ -16,4 +16,4 @@ steps: scriptLocation: inlineScript inlineScript: | az --verison - az account show + az keyvault certificate list --vault-name code-signing-test-vault From 5c5ba2e234c269bfe5ea7095d4942406f2bcec75 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 28 Dec 2020 19:55:42 +0000 Subject: [PATCH 055/228] adding missing tenant id --- .az-pipelines/sign-windows-artifacts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 8598101955b..4fb9ddce8fa 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -33,7 +33,7 @@ steps: echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' -- script: azuresigntool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v -ifl "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" +- script: azuresigntool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvt "$(SigningTenantId)" -kvc "$(SigningCertName)" -v -ifl "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" displayName: 'Sign artifacts' - task: PublishPipelineArtifact@1 From e020e985a46aafe46e3952326fdcd1f72c4e91e5 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 28 Dec 2020 20:19:02 +0000 Subject: [PATCH 056/228] trying \ line continuations --- .az-pipelines/sign-windows-artifacts.yml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 4fb9ddce8fa..4873ed04deb 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -33,7 +33,17 @@ steps: echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' -- script: azuresigntool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvt "$(SigningTenantId)" -kvc "$(SigningCertName)" -v -ifl "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" +- script: | + azuresigntool sign \ + -kvu "$(SigningVaultURL)" \ + -kvi "$(SigningClientId)" \ + -kvs "$(SigningClientSecret)" \ + -kvt "$(SigningTenantId)" \ + -kvc "$(SigningCertName)" \ + -v \ + -ifl \ + "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" \ + "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" displayName: 'Sign artifacts' - task: PublishPipelineArtifact@1 From ec3ed240d7d6565aba3487b551e6154ed949ac98 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 28 Dec 2020 20:35:56 +0000 Subject: [PATCH 057/228] trying ^ line continuations --- .az-pipelines/sign-windows-artifacts.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 4873ed04deb..3e50cbf9d8a 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -34,15 +34,15 @@ steps: displayName: 'show artifacts' - script: | - azuresigntool sign \ - -kvu "$(SigningVaultURL)" \ - -kvi "$(SigningClientId)" \ - -kvs "$(SigningClientSecret)" \ - -kvt "$(SigningTenantId)" \ - -kvc "$(SigningCertName)" \ - -v \ - -ifl \ - "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" \ + azuresigntool sign ^ + -kvu "$(SigningVaultURL)" ^ + -kvi "$(SigningClientId)" ^ + -kvs "$(SigningClientSecret)" ^ + -kvt "$(SigningTenantId)" ^ + -kvc "$(SigningCertName)" ^ + -v ^ + -ifl ^ + "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" ^ "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" displayName: 'Sign artifacts' From a17bbf2143835b005f4eee3bd47f5b9ac77762f6 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 28 Dec 2020 20:46:53 +0000 Subject: [PATCH 058/228] removing the unused ifl --- .az-pipelines/sign-windows-artifacts.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 3e50cbf9d8a..fb01f939952 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -41,7 +41,6 @@ steps: -kvt "$(SigningTenantId)" ^ -kvc "$(SigningCertName)" ^ -v ^ - -ifl ^ "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" ^ "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" displayName: 'Sign artifacts' From 4d5fab869eb29c8297b23beed07bbc576b988699 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 28 Dec 2020 20:59:35 +0000 Subject: [PATCH 059/228] splitting the two files --- .az-pipelines/sign-windows-artifacts.yml | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index fb01f939952..77e8c29815e 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -35,14 +35,21 @@ steps: - script: | azuresigntool sign ^ - -kvu "$(SigningVaultURL)" ^ - -kvi "$(SigningClientId)" ^ - -kvs "$(SigningClientSecret)" ^ - -kvt "$(SigningTenantId)" ^ - -kvc "$(SigningCertName)" ^ - -v ^ - "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" ^ - "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" + -kvu "$(SigningVaultURL)" ^ + -kvi "$(SigningClientId)" ^ + -kvs "$(SigningClientSecret)" ^ + -kvt "$(SigningTenantId)" ^ + -kvc "$(SigningCertName)" ^ + -v ^ + "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" + azuresigntool sign ^ + -kvu "$(SigningVaultURL)" ^ + -kvi "$(SigningClientId)" ^ + -kvs "$(SigningClientSecret)" ^ + -kvt "$(SigningTenantId)" ^ + -kvc "$(SigningCertName)" ^ + -v ^ + "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" displayName: 'Sign artifacts' - task: PublishPipelineArtifact@1 From b11455b611ed68ba0cd86075bfdedf9843ca60ba Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 28 Dec 2020 21:23:44 +0000 Subject: [PATCH 060/228] changing flags --- .az-pipelines/sign-windows-artifacts.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 77e8c29815e..c6371fa2607 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -35,20 +35,20 @@ steps: - script: | azuresigntool sign ^ - -kvu "$(SigningVaultURL)" ^ - -kvi "$(SigningClientId)" ^ - -kvs "$(SigningClientSecret)" ^ - -kvt "$(SigningTenantId)" ^ - -kvc "$(SigningCertName)" ^ - -v ^ + /kvu "$(SigningVaultURL)" ^ + /kvi "$(SigningClientId)" ^ + /kvs "$(SigningClientSecret)" ^ + /kvt "$(SigningTenantId)" ^ + /kvc "$(SigningCertName)" ^ + /v ^ "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" azuresigntool sign ^ - -kvu "$(SigningVaultURL)" ^ - -kvi "$(SigningClientId)" ^ - -kvs "$(SigningClientSecret)" ^ - -kvt "$(SigningTenantId)" ^ - -kvc "$(SigningCertName)" ^ - -v ^ + /kvu "$(SigningVaultURL)" ^ + /kvi "$(SigningClientId)" ^ + /kvs "$(SigningClientSecret)" ^ + /kvt "$(SigningTenantId)" ^ + /kvc "$(SigningCertName)" ^ + /v ^ "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" displayName: 'Sign artifacts' From 9b2b860cdf18a204395e3bb6ee8a6da753dabbf0 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 28 Dec 2020 21:40:17 +0000 Subject: [PATCH 061/228] trying to see what the supported params are --- .az-pipelines/sign-windows-artifacts.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index c6371fa2607..119b39a0779 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -33,6 +33,8 @@ steps: echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' +- scrpt: azuresigntool + - script: | azuresigntool sign ^ /kvu "$(SigningVaultURL)" ^ From ec252719d326a545bacf780ec43a6467d6345efa Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 28 Dec 2020 22:12:42 +0000 Subject: [PATCH 062/228] fixing a typo --- .az-pipelines/sign-windows-artifacts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 119b39a0779..fc3b166d840 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -33,7 +33,7 @@ steps: echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' -- scrpt: azuresigntool +- script: azuresigntool - script: | azuresigntool sign ^ From 7209b544a792f07e49f9b6ef9e367f795c3a09e6 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 28 Dec 2020 22:18:27 +0000 Subject: [PATCH 063/228] adding the 'sign' to the param output --- .az-pipelines/sign-windows-artifacts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index fc3b166d840..efca1effcfa 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -33,7 +33,7 @@ steps: echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' -- script: azuresigntool +- script: azuresigntool sign - script: | azuresigntool sign ^ From 4585c98efad887bfb0fb85e5e3cbf1b30ef9bbe5 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 28 Dec 2020 22:22:21 +0000 Subject: [PATCH 064/228] fixing debug command --- .az-pipelines/sign-windows-artifacts.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index efca1effcfa..1fb0ae0440a 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -33,7 +33,8 @@ steps: echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' -- script: azuresigntool sign +- script: azuresigntool sign --help + displayName: 'debug azuresigntool' - script: | azuresigntool sign ^ From 1be12e357ec73cb8b6ba6264e994490ff0830cfd Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 28 Dec 2020 22:25:20 +0000 Subject: [PATCH 065/228] needs dashes --- .az-pipelines/sign-windows-artifacts.yml | 29 ++++++++++++------------ 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 1fb0ae0440a..3956387441c 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -38,21 +38,22 @@ steps: - script: | azuresigntool sign ^ - /kvu "$(SigningVaultURL)" ^ - /kvi "$(SigningClientId)" ^ - /kvs "$(SigningClientSecret)" ^ - /kvt "$(SigningTenantId)" ^ - /kvc "$(SigningCertName)" ^ - /v ^ - "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" + -kvu "$(SigningVaultURL)" ^ + -kvi "$(SigningClientId)" ^ + -kvs "$(SigningClientSecret)" ^ + -kvt "$(SigningTenantId)" ^ + -kvc "$(SigningCertName)" ^ + -v ^ + "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" + azuresigntool sign ^ - /kvu "$(SigningVaultURL)" ^ - /kvi "$(SigningClientId)" ^ - /kvs "$(SigningClientSecret)" ^ - /kvt "$(SigningTenantId)" ^ - /kvc "$(SigningCertName)" ^ - /v ^ - "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" + -kvu "$(SigningVaultURL)" ^ + -kvi "$(SigningClientId)" ^ + -kvs "$(SigningClientSecret)" ^ + -kvt "$(SigningTenantId)" ^ + -kvc "$(SigningCertName)" ^ + -v ^ + "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" displayName: 'Sign artifacts' - task: PublishPipelineArtifact@1 From 707cd9f14865df564b057c63a7df1e4390df6170 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 28 Dec 2020 22:39:35 +0000 Subject: [PATCH 066/228] trying to sign both at the same time --- .az-pipelines/sign-windows-artifacts.yml | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 3956387441c..c35659602b9 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -44,17 +44,9 @@ steps: -kvt "$(SigningTenantId)" ^ -kvc "$(SigningCertName)" ^ -v ^ - "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" - - azuresigntool sign ^ - -kvu "$(SigningVaultURL)" ^ - -kvi "$(SigningClientId)" ^ - -kvs "$(SigningClientSecret)" ^ - -kvt "$(SigningTenantId)" ^ - -kvc "$(SigningCertName)" ^ - -v ^ + "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" ^ "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" - displayName: 'Sign artifacts' + displayName: 'Sign artifacts ' - task: PublishPipelineArtifact@1 inputs: From 7d297e85bbf1696a4a03317d1cef17d6f3f64465 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 28 Dec 2020 22:45:10 +0000 Subject: [PATCH 067/228] separating the signing tasks --- .az-pipelines/sign-windows-artifacts.yml | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index c35659602b9..39cb80e7515 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -44,9 +44,19 @@ steps: -kvt "$(SigningTenantId)" ^ -kvc "$(SigningCertName)" ^ -v ^ - "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" ^ + "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" + displayName: 'Sign artifacts 32-bit' + +- script: | + azuresigntool sign ^ + -kvu "$(SigningVaultURL)" ^ + -kvi "$(SigningClientId)" ^ + -kvs "$(SigningClientSecret)" ^ + -kvt "$(SigningTenantId)" ^ + -kvc "$(SigningCertName)" ^ + -v ^ "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" - displayName: 'Sign artifacts ' + displayName: 'Sign artifacts 64-bit' - task: PublishPipelineArtifact@1 inputs: From 165d497b1fe33ec93ec23c97983272720ee0ad76 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 29 Dec 2020 16:02:37 +0000 Subject: [PATCH 068/228] trying exactly what they have --- .az-pipelines/sign-windows-artifacts.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 39cb80e7515..70d0cc28eb0 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -33,8 +33,10 @@ steps: echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' -- script: azuresigntool sign --help - displayName: 'debug azuresigntool' +- task: CmdLine@2 + displayName: 'Sign artifact test' + inputs: + script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" - script: | azuresigntool sign ^ From dbce594727e185d5fc0664de43c38096f9f3907b Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 29 Dec 2020 16:21:26 +0000 Subject: [PATCH 069/228] trying the stackoverflow tutorial --- .az-pipelines/sign-windows-artifacts.yml | 31 ++++++++++++++---------- 1 file changed, 18 insertions(+), 13 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 70d0cc28eb0..448890d1ce3 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -7,14 +7,18 @@ variables: - group: code-signing-test steps: -- task: DotNetCoreCLI@2 - inputs: - command: 'custom' - custom: 'tool' - arguments: 'install --global azuresigntool' - displayName: 'install AzureSignTool' + #- task: DotNetCoreCLI@2 + # inputs: + # command: 'custom' + # custom: 'tool' + # arguments: 'install --global azuresigntool' + # displayName: 'install AzureSignTool' -- script: azuresigntool sign --help +- script: | + set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true + dotnet tool install --global AzureSignTool --version 2.0.17 + +- script: AzureSignTool.exe sign --help displayName: 'Debugging AST' - task: DownloadGitHubRelease@0 @@ -33,18 +37,14 @@ steps: echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' -- task: CmdLine@2 - displayName: 'Sign artifact test' - inputs: - script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" - - script: | - azuresigntool sign ^ + AzureSignTool.exe sign ^ -kvu "$(SigningVaultURL)" ^ -kvi "$(SigningClientId)" ^ -kvs "$(SigningClientSecret)" ^ -kvt "$(SigningTenantId)" ^ -kvc "$(SigningCertName)" ^ + -tr http://timestamp.digicert.com ^ -v ^ "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" displayName: 'Sign artifacts 32-bit' @@ -60,6 +60,11 @@ steps: "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" displayName: 'Sign artifacts 64-bit' +- task: CmdLine@2 + displayName: 'Sign artifact test' + inputs: + script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" + - task: PublishPipelineArtifact@1 inputs: pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-ia32.appx' From 820491bbf853a155fcb55e2e8c73741386773582 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 29 Dec 2020 17:09:45 +0000 Subject: [PATCH 070/228] trying long form of params --- .az-pipelines/sign-windows-artifacts.yml | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 448890d1ce3..446f9979306 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -17,6 +17,7 @@ steps: - script: | set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true dotnet tool install --global AzureSignTool --version 2.0.17 + displayName: 'install AzureSignTool' - script: AzureSignTool.exe sign --help displayName: 'Debugging AST' @@ -39,12 +40,12 @@ steps: - script: | AzureSignTool.exe sign ^ - -kvu "$(SigningVaultURL)" ^ - -kvi "$(SigningClientId)" ^ - -kvs "$(SigningClientSecret)" ^ - -kvt "$(SigningTenantId)" ^ - -kvc "$(SigningCertName)" ^ - -tr http://timestamp.digicert.com ^ + --azure-key-vault-url "$(SigningVaultURL)" ^ + --azure-key-vault-client-id "$(SigningClientId)" ^ + --azure-key-vault-client-secret "$(SigningClientSecret)" ^ + --azure-key-vault-tenant-id "$(SigningTenantId)" ^ + --azure-key-vault-certificate "$(SigningCertName)" ^ + --timestamp-rfc3161 http://timestamp.digicert.com ^ -v ^ "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" displayName: 'Sign artifacts 32-bit' From 2e1dace25fbb5dc8c5585aecf8be73de1f5af970 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 29 Dec 2020 17:15:30 +0000 Subject: [PATCH 071/228] changing 32-bit signing to single line --- .az-pipelines/sign-windows-artifacts.yml | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 446f9979306..c9e7b38f41d 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -38,16 +38,7 @@ steps: echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' -- script: | - AzureSignTool.exe sign ^ - --azure-key-vault-url "$(SigningVaultURL)" ^ - --azure-key-vault-client-id "$(SigningClientId)" ^ - --azure-key-vault-client-secret "$(SigningClientSecret)" ^ - --azure-key-vault-tenant-id "$(SigningTenantId)" ^ - --azure-key-vault-certificate "$(SigningCertName)" ^ - --timestamp-rfc3161 http://timestamp.digicert.com ^ - -v ^ - "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" +- script: AzureSignTool.exe sign --azure-key-vault-url "$(SigningVaultURL)" --azure-key-vault-client-id "$(SigningClientId)" --azure-key-vault-client-secret "$(SigningClientSecret)" --azure-key-vault-tenant-id "$(SigningTenantId)" --azure-key-vault-certificate "$(SigningCertName)" --timestamp-rfc3161 http://timestamp.digicert.com -v "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" displayName: 'Sign artifacts 32-bit' - script: | From 02bab2d4931f6d57b3064f6e448a6fcc41945708 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 29 Dec 2020 17:35:05 +0000 Subject: [PATCH 072/228] debugging file --- .az-pipelines/sign-windows-artifacts.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index c9e7b38f41d..936042c7d71 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -38,7 +38,9 @@ steps: echo GIT_RELEASE_VERSION=$(git_release_version) displayName: 'show artifacts' -- script: AzureSignTool.exe sign --azure-key-vault-url "$(SigningVaultURL)" --azure-key-vault-client-id "$(SigningClientId)" --azure-key-vault-client-secret "$(SigningClientSecret)" --azure-key-vault-tenant-id "$(SigningTenantId)" --azure-key-vault-certificate "$(SigningCertName)" --timestamp-rfc3161 http://timestamp.digicert.com -v "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" +- script: | + echo "File to sign: $(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" + AzureSignTool.exe sign --azure-key-vault-url "$(SigningVaultURL)" --azure-key-vault-client-id "$(SigningClientId)" --azure-key-vault-client-secret "$(SigningClientSecret)" --azure-key-vault-tenant-id "$(SigningTenantId)" --azure-key-vault-certificate "$(SigningCertName)" --timestamp-rfc3161 http://timestamp.digicert.com -v "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" displayName: 'Sign artifacts 32-bit' - script: | From 89c4ff913dec49610ce9efe527fd2297894bf95e Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 29 Dec 2020 18:09:33 +0000 Subject: [PATCH 073/228] removing tenant to see if I get a different error --- .az-pipelines/sign-windows-artifacts.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 936042c7d71..601192c1893 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -39,8 +39,8 @@ steps: displayName: 'show artifacts' - script: | - echo "File to sign: $(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" - AzureSignTool.exe sign --azure-key-vault-url "$(SigningVaultURL)" --azure-key-vault-client-id "$(SigningClientId)" --azure-key-vault-client-secret "$(SigningClientSecret)" --azure-key-vault-tenant-id "$(SigningTenantId)" --azure-key-vault-certificate "$(SigningCertName)" --timestamp-rfc3161 http://timestamp.digicert.com -v "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" + echo "File to sign: $(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" + azuresigntool sign -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -tr http://timestamp.digicert.com "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" displayName: 'Sign artifacts 32-bit' - script: | From 2ca363c1396bd71192fe5d0440b6c28ef3d6f53a Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 29 Dec 2020 18:25:46 +0000 Subject: [PATCH 074/228] testing manual install of latest AST --- .az-pipelines/test-ast-install.yml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 .az-pipelines/test-ast-install.yml diff --git a/.az-pipelines/test-ast-install.yml b/.az-pipelines/test-ast-install.yml new file mode 100644 index 00000000000..61a3cb0d9b2 --- /dev/null +++ b/.az-pipelines/test-ast-install.yml @@ -0,0 +1,23 @@ +trigger: none + +pool: + vmImage: 'windows-latest' + +variables: +- group: code-signing-test + +steps: +- script: | + git clone https://github.com/vcsjones/AzureSignTool.git + dotnet tool restore + + #set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true + #dotnet tool install --global AzureSignTool --version 2.0.17 + displayName: 'install AzureSignTool' + +- script: dotnet tool list + displayName: 'testing dotnet tool list' + +- script: AzureSignTool.exe sign --help + displayName: 'Debugging AST' + From 417f3121530e18eb31f2bdb91bf2d36fe0a5f11b Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 29 Dec 2020 18:28:39 +0000 Subject: [PATCH 075/228] fixing install --- .az-pipelines/test-ast-install.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.az-pipelines/test-ast-install.yml b/.az-pipelines/test-ast-install.yml index 61a3cb0d9b2..5311d9ffe96 100644 --- a/.az-pipelines/test-ast-install.yml +++ b/.az-pipelines/test-ast-install.yml @@ -9,10 +9,8 @@ variables: steps: - script: | git clone https://github.com/vcsjones/AzureSignTool.git + cd AzureSignTool dotnet tool restore - - #set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true - #dotnet tool install --global AzureSignTool --version 2.0.17 displayName: 'install AzureSignTool' - script: dotnet tool list From 7bf2f3656599c0b67e637d72a23981c8e1011a4f Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 29 Dec 2020 18:41:41 +0000 Subject: [PATCH 076/228] changing location of manifest search. Testing 2.0.17 with correct file name --- .az-pipelines/sign-windows-artifacts.yml | 12 +++--------- .az-pipelines/test-ast-install.yml | 2 +- 2 files changed, 4 insertions(+), 10 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 601192c1893..737d5e0b2b3 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -39,8 +39,7 @@ steps: displayName: 'show artifacts' - script: | - echo "File to sign: $(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" - azuresigntool sign -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -tr http://timestamp.digicert.com "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" + azuresigntool sign -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -tr http://timestamp.digicert.com "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32-store.appx" displayName: 'Sign artifacts 32-bit' - script: | @@ -48,17 +47,12 @@ steps: -kvu "$(SigningVaultURL)" ^ -kvi "$(SigningClientId)" ^ -kvs "$(SigningClientSecret)" ^ - -kvt "$(SigningTenantId)" ^ -kvc "$(SigningCertName)" ^ + -tr http://timestamp.digicert.com -v ^ - "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx" + "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64-store.appx" displayName: 'Sign artifacts 64-bit' -- task: CmdLine@2 - displayName: 'Sign artifact test' - inputs: - script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx" - - task: PublishPipelineArtifact@1 inputs: pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-ia32.appx' diff --git a/.az-pipelines/test-ast-install.yml b/.az-pipelines/test-ast-install.yml index 5311d9ffe96..3f0d33b169c 100644 --- a/.az-pipelines/test-ast-install.yml +++ b/.az-pipelines/test-ast-install.yml @@ -9,7 +9,7 @@ variables: steps: - script: | git clone https://github.com/vcsjones/AzureSignTool.git - cd AzureSignTool + cd AzureSignTool/src/AzureSignTool dotnet tool restore displayName: 'install AzureSignTool' From fffba26e21acae39c2a57e408f1e812b7b5fb15a Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 29 Dec 2020 20:04:15 +0000 Subject: [PATCH 077/228] slimming down to single signing task --- .az-pipelines/sign-windows-artifacts.yml | 23 ++++++----------------- 1 file changed, 6 insertions(+), 17 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 737d5e0b2b3..b7dcfc82f3a 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -39,26 +39,15 @@ steps: displayName: 'show artifacts' - script: | - azuresigntool sign -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -tr http://timestamp.digicert.com "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32-store.appx" - displayName: 'Sign artifacts 32-bit' - -- script: | - azuresigntool sign ^ - -kvu "$(SigningVaultURL)" ^ - -kvi "$(SigningClientId)" ^ - -kvs "$(SigningClientSecret)" ^ - -kvc "$(SigningCertName)" ^ - -tr http://timestamp.digicert.com - -v ^ - "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64-store.appx" - displayName: 'Sign artifacts 64-bit' + azuresigntool sign -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -tr http://timestamp.digicert.com "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32-store.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64-store.appx" + displayName: 'Sign artifacts' - task: PublishPipelineArtifact@1 inputs: - pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-ia32.appx' - artifactName: 'Bitwarden-$(git_release_version)-ia32.appx' + pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-ia32-store.appx' + artifactName: 'Bitwarden-$(git_release_version)-ia32-store.appx' - task: PublishPipelineArtifact@1 inputs: - pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-x64.appx' - artifactName: 'Bitwarden-$(git_release_version)-x64.appx' + pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-x64-store.appx' + artifactName: 'Bitwarden-$(git_release_version)-x64-store.appx' From b7201066661d7cb71f53849d3ca442b1f150fbbb Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 29 Dec 2020 22:48:35 +0000 Subject: [PATCH 078/228] fixing publishing path --- .az-pipelines/sign-windows-artifacts.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index b7dcfc82f3a..f73916bf5ad 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -44,10 +44,10 @@ steps: - task: PublishPipelineArtifact@1 inputs: - pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-ia32-store.appx' + pathToPublish: '$(System.ArtifactsDirectory)/Bitwarden-$(git_release_version)-ia32-store.appx' artifactName: 'Bitwarden-$(git_release_version)-ia32-store.appx' - task: PublishPipelineArtifact@1 inputs: - pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-x64-store.appx' + pathToPublish: '$(System.ArtifactsDirectory)/Bitwarden-$(git_release_version)-x64-store.appx' artifactName: 'Bitwarden-$(git_release_version)-x64-store.appx' From 623b325074c6cdb18b5b1628b9216a48b2e036ed Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 21:19:12 +0000 Subject: [PATCH 079/228] testing electron-builder integration with az kv --- .az-pipelines/windows-build-sign.yml | 2 +- package.json | 3 ++- sign.js | 11 +++++++++++ 3 files changed, 14 insertions(+), 2 deletions(-) create mode 100644 sign.js diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 88588feddb7..d33a52ff534 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -27,7 +27,7 @@ steps: # This task is not working... - script: npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\" - displayName: 'electron-builder package' + displayName: 'electron-builder build & sign' env: CSC_LINK: $(ebSigningCertIdentifierURL) CSC_KEY_PASSWORD: $(ebSigningCertKey) diff --git a/package.json b/package.json index 6014cb126d5..af25f88feee 100644 --- a/package.json +++ b/package.json @@ -185,7 +185,8 @@ "allowToChangeInstallationDirectory": true, "artifactName": "${productName}-Installer-${version}.${ext}", "uninstallDisplayName": "${productName}", - "deleteAppDataOnUninstall": true + "deleteAppDataOnUninstall": true, + "sign": "./sign.js" }, "portable": { "artifactName": "${productName}-Portable-${version}.${ext}" diff --git a/sign.js b/sign.js new file mode 100644 index 00000000000..1a96ae4e02d --- /dev/null +++ b/sign.js @@ -0,0 +1,11 @@ +exports.default = async function(configuration) { + + require("child_process").execSync( + `echo + "${configuration}" + `, + { + stdio: "inherit" + } + ); +}; From 6ec84bdb6c31af1bc62b209c6e46925d0350943c Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 21:31:38 +0000 Subject: [PATCH 080/228] moving the signing config to the correct config area --- package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index af25f88feee..e1870315cb4 100644 --- a/package.json +++ b/package.json @@ -120,6 +120,7 @@ "nsis-web", "appx" ], + "sign": "./sign.js", "extraResources": [ { "from": "node_modules/regedit/vbs", @@ -185,8 +186,7 @@ "allowToChangeInstallationDirectory": true, "artifactName": "${productName}-Installer-${version}.${ext}", "uninstallDisplayName": "${productName}", - "deleteAppDataOnUninstall": true, - "sign": "./sign.js" + "deleteAppDataOnUninstall": true }, "portable": { "artifactName": "${productName}-Portable-${version}.${ext}" From 0eb3fdd533b917d3305c95ffadbcd984557d86f2 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 21:51:05 +0000 Subject: [PATCH 081/228] trying the kv straight up --- .az-pipelines/windows-build-sign.yml | 3 +++ package.json | 1 - src/package.json | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index d33a52ff534..86e4701f856 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -35,6 +35,9 @@ steps: - script: ls -alht dist displayName: show executables +- script: ls -alht dist/nsis-web + displayName: show nsis-web executables + # - task: PublishPipelineArtifact@1 # inputs: # pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-ia32.appx' diff --git a/package.json b/package.json index e1870315cb4..6014cb126d5 100644 --- a/package.json +++ b/package.json @@ -120,7 +120,6 @@ "nsis-web", "appx" ], - "sign": "./sign.js", "extraResources": [ { "from": "node_modules/regedit/vbs", diff --git a/src/package.json b/src/package.json index a80d985ab81..ce88bc06d95 100644 --- a/src/package.json +++ b/src/package.json @@ -2,7 +2,7 @@ "name": "bitwarden", "productName": "Bitwarden", "description": "A secure and free password manager for all of your devices.", - "version": "1.23.1a", + "version": "1.23.3-alpha", "author": "Bitwarden Inc. (https://bitwarden.com)", "homepage": "https://bitwarden.com", "license": "GPL-3.0", From 11b31fb97d9e084af87db777f759c6191e10131c Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 21:54:03 +0000 Subject: [PATCH 082/228] adding the exe publishing --- .az-pipelines/windows-build-sign.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 86e4701f856..7e468f58f27 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -38,6 +38,11 @@ steps: - script: ls -alht dist/nsis-web displayName: show nsis-web executables +- task: PublishPipelineArtifact@1 + inputs: + pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-Portable-$(GIT_COMMIT_TO_BUILD).exe' + artifactName: Bitwarden-Portable-$(GIT_COMMIT_TO_BUILD).exe + # - task: PublishPipelineArtifact@1 # inputs: # pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-ia32.appx' From db5c04e7de79512b2fb7c36a2d806d3eaae27160 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 22:06:48 +0000 Subject: [PATCH 083/228] debugging configuration object to see what I've got to work with --- package.json | 1 + sign.js | 5 ++--- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package.json b/package.json index 6014cb126d5..e1870315cb4 100644 --- a/package.json +++ b/package.json @@ -120,6 +120,7 @@ "nsis-web", "appx" ], + "sign": "./sign.js", "extraResources": [ { "from": "node_modules/regedit/vbs", diff --git a/sign.js b/sign.js index 1a96ae4e02d..4458ecbc5cf 100644 --- a/sign.js +++ b/sign.js @@ -1,9 +1,8 @@ exports.default = async function(configuration) { + console.log(`config:\n${JSON.stringify(configuration)}`) require("child_process").execSync( - `echo - "${configuration}" - `, + `echo 'Heyo!'`, { stdio: "inherit" } From ce31913e9143dd57523acb850f3fc66f095d6b36 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 22:40:39 +0000 Subject: [PATCH 084/228] fixing packageVersion --- .az-pipelines/windows-build-sign.yml | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 7e468f58f27..52d2fd8779b 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -17,6 +17,16 @@ steps: versionSpec: '10.x' displayName: 'Install Node.js' +- script: | + $packageVersion = (Get-Content -Raw -Path $(System.DefaultWorkingDirectory)\src\package.json | ConvertFrom-Json).version; + echo "##vso[task.setvariable variable=PACKAGE_VERSION]$packageVersion" + displayName: 'Setting packageVersion' + +- script: | + echo "package version: ${{ packageVersion }}" + echo "package version: $(packageVersion)" + exit 1 + - script: npm install displayName: 'npm install' @@ -40,8 +50,8 @@ steps: - task: PublishPipelineArtifact@1 inputs: - pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-Portable-$(GIT_COMMIT_TO_BUILD).exe' - artifactName: Bitwarden-Portable-$(GIT_COMMIT_TO_BUILD).exe + pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-Portable-${{ PACKAGE_VERSION }}.exe' + artifactName: Bitwarden-Portable-$(PACKAGE_VERSION).exe # - task: PublishPipelineArtifact@1 # inputs: From da9a5414bb3d7ffd4004d6f1e12b2e5293886e7c Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 22:42:55 +0000 Subject: [PATCH 085/228] fixing syntax --- .az-pipelines/windows-build-sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 52d2fd8779b..c5e3acb4ce7 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -23,7 +23,7 @@ steps: displayName: 'Setting packageVersion' - script: | - echo "package version: ${{ packageVersion }}" + echo "package version: ${ packageVersion }" echo "package version: $(packageVersion)" exit 1 From 93d6b610b4e777e6e4be45e8175ff0563a07aa2a Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 22:44:16 +0000 Subject: [PATCH 086/228] fixing var --- .az-pipelines/windows-build-sign.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index c5e3acb4ce7..30ef1768271 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -50,8 +50,8 @@ steps: - task: PublishPipelineArtifact@1 inputs: - pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-Portable-${{ PACKAGE_VERSION }}.exe' - artifactName: Bitwarden-Portable-$(PACKAGE_VERSION).exe + pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-Portable-${ packageVersion }.exe' + artifactName: Bitwarden-Portable-$(packageVersion).exe # - task: PublishPipelineArtifact@1 # inputs: From fae96d7ad86a7e19b6782f5d32e62664d4899e41 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 22:46:17 +0000 Subject: [PATCH 087/228] fixing the get packageVersion --- .az-pipelines/windows-build-sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 30ef1768271..410bd1f3cc9 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -19,7 +19,7 @@ steps: - script: | $packageVersion = (Get-Content -Raw -Path $(System.DefaultWorkingDirectory)\src\package.json | ConvertFrom-Json).version; - echo "##vso[task.setvariable variable=PACKAGE_VERSION]$packageVersion" + echo "##vso[task.setvariable variable=PACKAGE_VERSION]$(packageVersion)" displayName: 'Setting packageVersion' - script: | From bc21106448b4b3d3803920cc30b58224d4b1133c Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 22:50:15 +0000 Subject: [PATCH 088/228] trying something else --- .az-pipelines/windows-build-sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 410bd1f3cc9..f9ee609949b 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -19,7 +19,7 @@ steps: - script: | $packageVersion = (Get-Content -Raw -Path $(System.DefaultWorkingDirectory)\src\package.json | ConvertFrom-Json).version; - echo "##vso[task.setvariable variable=PACKAGE_VERSION]$(packageVersion)" + echo "##vso[task.setvariable variable=PACKAGE_VERSION]${packageVersion}" displayName: 'Setting packageVersion' - script: | From 3f39d1ccb3f6e93ab90f75a4ac0e3bf56e791bd9 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 22:54:55 +0000 Subject: [PATCH 089/228] trying another thing --- .az-pipelines/windows-build-sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index f9ee609949b..1176687711d 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -18,7 +18,7 @@ steps: displayName: 'Install Node.js' - script: | - $packageVersion = (Get-Content -Raw -Path $(System.DefaultWorkingDirectory)\src\package.json | ConvertFrom-Json).version; + packageVersion=(Get-Content -Raw -Path $(System.DefaultWorkingDirectory)\src\package.json | ConvertFrom-Json).version; echo "##vso[task.setvariable variable=PACKAGE_VERSION]${packageVersion}" displayName: 'Setting packageVersion' From 58ed7f5f6a4bf13fbd4758fb4630209e79580b58 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 22:58:58 +0000 Subject: [PATCH 090/228] switching over to powershell --- .az-pipelines/windows-build-sign.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 1176687711d..7b1e9d364ee 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -17,9 +17,12 @@ steps: versionSpec: '10.x' displayName: 'Install Node.js' -- script: | - packageVersion=(Get-Content -Raw -Path $(System.DefaultWorkingDirectory)\src\package.json | ConvertFrom-Json).version; - echo "##vso[task.setvariable variable=PACKAGE_VERSION]${packageVersion}" +- task: PoswerShell@v2 + inputs: + targetType: 'inline' + script: | + $packageVersion = (Get-Content -Raw -Path $(System.DefaultWorkingDirectory)\src\package.json | ConvertFrom-Json).version; + echo "##vso[task.setvariable variable=PACKAGE_VERSION]${packageVersion}" displayName: 'Setting packageVersion' - script: | From af41a59a60a1178f028dba17aa52ca59acb50c7d Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 23:00:07 +0000 Subject: [PATCH 091/228] fixing another syntax error --- .az-pipelines/windows-build-sign.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 7b1e9d364ee..68aae7421d8 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -20,9 +20,9 @@ steps: - task: PoswerShell@v2 inputs: targetType: 'inline' - script: | - $packageVersion = (Get-Content -Raw -Path $(System.DefaultWorkingDirectory)\src\package.json | ConvertFrom-Json).version; - echo "##vso[task.setvariable variable=PACKAGE_VERSION]${packageVersion}" + script: | + $packageVersion = (Get-Content -Raw -Path $(System.DefaultWorkingDirectory)\src\package.json | ConvertFrom-Json).version; + echo "##vso[task.setvariable variable=PACKAGE_VERSION]${packageVersion}" displayName: 'Setting packageVersion' - script: | From b6a298579c3aa5b4d5b6573099a2ceb05cf5d5c3 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 23:02:38 +0000 Subject: [PATCH 092/228] fixing task name --- .az-pipelines/windows-build-sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 68aae7421d8..c51564dff41 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -17,7 +17,7 @@ steps: versionSpec: '10.x' displayName: 'Install Node.js' -- task: PoswerShell@v2 +- task: PoswerShell@2 inputs: targetType: 'inline' script: | From 627c3eaec5818ea4eb3682477c9abe5c95a64416 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 23:05:45 +0000 Subject: [PATCH 093/228] fixing typo --- .az-pipelines/windows-build-sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index c51564dff41..df00a3558b4 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -17,7 +17,7 @@ steps: versionSpec: '10.x' displayName: 'Install Node.js' -- task: PoswerShell@2 +- task: PowerShell@2 inputs: targetType: 'inline' script: | From 6a0154cad04e4fd8d1480bc4a4eaeb59cd456dcf Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 23:09:07 +0000 Subject: [PATCH 094/228] changing var syntax --- .az-pipelines/windows-build-sign.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index df00a3558b4..3d547a01354 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -26,9 +26,10 @@ steps: displayName: 'Setting packageVersion' - script: | - echo "package version: ${ packageVersion }" - echo "package version: $(packageVersion)" + echo "package version: ${ PACKAGEVERSION }" + echo "package version: $(PACKAGEVESRION)" exit 1 + displayName: Package Version testing - script: npm install displayName: 'npm install' From f486077cf6653949ee42c803e75ad0776a35b182 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 23:10:44 +0000 Subject: [PATCH 095/228] fixing syntax --- .az-pipelines/windows-build-sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 3d547a01354..3a24e82e335 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -27,7 +27,7 @@ steps: - script: | echo "package version: ${ PACKAGEVERSION }" - echo "package version: $(PACKAGEVESRION)" + echo "package version: $(PACKAGEVERSION)" exit 1 displayName: Package Version testing From 668914286a9ec9ac3af3b432f49382bb0d707239 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 23:17:55 +0000 Subject: [PATCH 096/228] trying another var extraction --- .az-pipelines/windows-build-sign.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 3a24e82e335..5e508dd2891 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -26,8 +26,9 @@ steps: displayName: 'Setting packageVersion' - script: | - echo "package version: ${ PACKAGEVERSION }" - echo "package version: $(PACKAGEVERSION)" + echo "package version: $packageVersion" + echo "package version: $(packageVersion)" + echo "package version: ${packageVersion}" exit 1 displayName: Package Version testing From b01d9f99933bb9fa9786e607fee23de270bb3a9e Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 23:22:12 +0000 Subject: [PATCH 097/228] using the var that I actually set.... --- .az-pipelines/windows-build-sign.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 5e508dd2891..e1817e23461 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -26,9 +26,9 @@ steps: displayName: 'Setting packageVersion' - script: | - echo "package version: $packageVersion" - echo "package version: $(packageVersion)" - echo "package version: ${packageVersion}" + echo "package version: $PACKAGE_VERSION" + echo "package version: ${{ PACKAGE_VERSION }}" + echo "package version: ${ PACKAGE_VERSION }" exit 1 displayName: Package Version testing @@ -55,7 +55,7 @@ steps: - task: PublishPipelineArtifact@1 inputs: - pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-Portable-${ packageVersion }.exe' + pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-Portable-${ PACKAGE_VERSION }.exe' artifactName: Bitwarden-Portable-$(packageVersion).exe # - task: PublishPipelineArtifact@1 From 84ea397391dae306690b0c412c11babfb7ff5f26 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 23:24:09 +0000 Subject: [PATCH 098/228] following other az pipeline as pattern --- .az-pipelines/windows-build-sign.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index e1817e23461..6ddc566acc6 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -26,9 +26,7 @@ steps: displayName: 'Setting packageVersion' - script: | - echo "package version: $PACKAGE_VERSION" - echo "package version: ${{ PACKAGE_VERSION }}" - echo "package version: ${ PACKAGE_VERSION }" + echo "package version: $(PACKAGE_VERSION)" exit 1 displayName: Package Version testing From 672be07f405a574ec617004b5eb70449b26a7ef1 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 23:27:30 +0000 Subject: [PATCH 099/228] removing breakpoint --- .az-pipelines/windows-build-sign.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 6ddc566acc6..79c4ead8dc8 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -53,8 +53,8 @@ steps: - task: PublishPipelineArtifact@1 inputs: - pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-Portable-${ PACKAGE_VERSION }.exe' - artifactName: Bitwarden-Portable-$(packageVersion).exe + pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-Portable-$(PACKAGE_VERSION).exe' + artifactName: Bitwarden-Portable-$(PACKAGE_VERSION).exe # - task: PublishPipelineArtifact@1 # inputs: From a21127e187b36e20e6f38870c60e29a04d42568a Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 30 Dec 2020 23:30:04 +0000 Subject: [PATCH 100/228] actually removing the breakpoint --- .az-pipelines/windows-build-sign.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 79c4ead8dc8..a3582113379 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -27,7 +27,6 @@ steps: - script: | echo "package version: $(PACKAGE_VERSION)" - exit 1 displayName: Package Version testing - script: npm install From 1465d3e4cc74ee4c75e02a6d27a8d2f18bf39843 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 00:01:55 +0000 Subject: [PATCH 101/228] adding AST to the build pipeline --- .az-pipelines/windows-build-sign.yml | 5 +++++ sign.js | 4 ++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index a3582113379..9694dd363ef 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -17,6 +17,11 @@ steps: versionSpec: '10.x' displayName: 'Install Node.js' +- script: | + set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true + dotnet tool install --global AzureSignTool --version 2.0.17 + displayName: 'install AzureSignTool' + - task: PowerShell@2 inputs: targetType: 'inline' diff --git a/sign.js b/sign.js index 4458ecbc5cf..ff70bf0f71c 100644 --- a/sign.js +++ b/sign.js @@ -1,8 +1,8 @@ exports.default = async function(configuration) { - console.log(`config:\n${JSON.stringify(configuration)}`) + console.log(`config:\n${JSON.stringify(configuration, null, 4)}`) require("child_process").execSync( - `echo 'Heyo!'`, + `azuresigntool sign --help`, { stdio: "inherit" } From 94a363c4ca385ec5a29990cc788c3c0905e80231 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 00:19:28 +0000 Subject: [PATCH 102/228] updating the sign file with a multiline command --- sign.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sign.js b/sign.js index ff70bf0f71c..f03c37e2feb 100644 --- a/sign.js +++ b/sign.js @@ -2,7 +2,9 @@ exports.default = async function(configuration) { console.log(`config:\n${JSON.stringify(configuration, null, 4)}`) require("child_process").execSync( - `azuresigntool sign --help`, + `azuresigntool sign \ + --help + `, { stdio: "inherit" } From 725ce08e863027122a4480cea9b176cb474ac914 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 15:49:28 +0000 Subject: [PATCH 103/228] updating the custom sign script --- sign.js | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/sign.js b/sign.js index f03c37e2feb..410c159253a 100644 --- a/sign.js +++ b/sign.js @@ -3,8 +3,12 @@ exports.default = async function(configuration) { require("child_process").execSync( `azuresigntool sign \ - --help - `, + -kvu "${process.env.SigningVaultURL}" \ + -kvi "${process.env.SigningClientId}" \ + -kvs "${process.env.SigningClientSecret}" \ + -kvc "${process.env.SigningCertName}" \ + -tr http://timestamp.digicert.com \ + ${configuration.path}`, { stdio: "inherit" } From d4f6c07fc079b6595b68c4954d7a6a9f49c311e1 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 16:28:44 +0000 Subject: [PATCH 104/228] testing the env vars access --- sign.js | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/sign.js b/sign.js index 410c159253a..e43ba814c77 100644 --- a/sign.js +++ b/sign.js @@ -1,12 +1,15 @@ exports.default = async function(configuration) { - console.log(`config:\n${JSON.stringify(configuration, null, 4)}`) + //console.log(`config:\n${JSON.stringify(configuration, null, 4)}`) + console.log(`env test - vault URL: ${process.env.SigningVaultURL}`) require("child_process").execSync( `azuresigntool sign \ - -kvu "${process.env.SigningVaultURL}" \ - -kvi "${process.env.SigningClientId}" \ - -kvs "${process.env.SigningClientSecret}" \ - -kvc "${process.env.SigningCertName}" \ + -kvu ${process.env.SigningVaultURL} \ + -kvi ${process.env.SigningClientId} \ + -kvs ${process.env.SigningClientSecret} \ + -kvc ${process.env.SigningCertName} \ + -fd ${configuration.hash} + -du ${configuration.site} -tr http://timestamp.digicert.com \ ${configuration.path}`, { From 9581af66a1a3a69313cd3f82a8a3595277577c0b Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 17:07:14 +0000 Subject: [PATCH 105/228] testing secret in process.env --- .az-pipelines/windows-build-sign.yml | 2 +- sign.js | 12 ++---------- 2 files changed, 3 insertions(+), 11 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 9694dd363ef..f899ed20360 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -9,7 +9,7 @@ pool: vmImage: 'windows-latest' variables: -- group: code-signing-test +- group: build-sign-test steps: - task: NodeTool@0 diff --git a/sign.js b/sign.js index e43ba814c77..9c27c8a4219 100644 --- a/sign.js +++ b/sign.js @@ -1,17 +1,9 @@ exports.default = async function(configuration) { //console.log(`config:\n${JSON.stringify(configuration, null, 4)}`) - console.log(`env test - vault URL: ${process.env.SigningVaultURL}`) + console.log(`env test - secret test ${process.env.secretTest}`) require("child_process").execSync( - `azuresigntool sign \ - -kvu ${process.env.SigningVaultURL} \ - -kvi ${process.env.SigningClientId} \ - -kvs ${process.env.SigningClientSecret} \ - -kvc ${process.env.SigningCertName} \ - -fd ${configuration.hash} - -du ${configuration.site} - -tr http://timestamp.digicert.com \ - ${configuration.path}`, + `azuresigntool sign -kvu ${process.env.SigningVaultURL} -kvi ${process.env.SigningClientId} -kvs ${process.env.SigningClientSecret} -kvc ${process.env.SigningCertName} -fd ${configuration.hash}-du ${configuration.site} -tr http://timestamp.digicert.com ${configuration.path}`, { stdio: "inherit" } From f41014f0f2f8633e518ab3013f7f4da819ee851f Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 17:33:33 +0000 Subject: [PATCH 106/228] trying pipeline env to pass vars --- .az-pipelines/windows-build-sign.yml | 7 +++++++ sign.js | 4 ++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index f899ed20360..a476280f10e 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -48,6 +48,13 @@ steps: env: CSC_LINK: $(ebSigningCertIdentifierURL) CSC_KEY_PASSWORD: $(ebSigningCertKey) + SIGNING_VAULT_URL: $(SigningVaultURL) + SIGNING_CLIENT_ID: $(SigningClientId) + SIGNING_CLIENT_SECRET: $(SigningClientSecret) + SIGNING_CERT_NAME: $(SigningCertName) + SECRET_TEST: $(secretTest) + + `azuresigntool sign -kvu ${process.env.SIGNING_VAULT_URL} -kvi ${process.env.SIGNING_CLIENT_ID} -kvs ${process.env.SIGNING_CLIENT_SECRET} -kvc ${process.env.SIGNING_CERT_NAME} -fd ${configuration.hash} -du ${configuration.site} -tr http://timestamp.digicert.com ${configuration.path}`, - script: ls -alht dist displayName: show executables diff --git a/sign.js b/sign.js index 9c27c8a4219..45aef487f60 100644 --- a/sign.js +++ b/sign.js @@ -1,9 +1,9 @@ exports.default = async function(configuration) { //console.log(`config:\n${JSON.stringify(configuration, null, 4)}`) - console.log(`env test - secret test ${process.env.secretTest}`) + console.log(`env test - secret test ${process.env.SECRET_TEST}`) require("child_process").execSync( - `azuresigntool sign -kvu ${process.env.SigningVaultURL} -kvi ${process.env.SigningClientId} -kvs ${process.env.SigningClientSecret} -kvc ${process.env.SigningCertName} -fd ${configuration.hash}-du ${configuration.site} -tr http://timestamp.digicert.com ${configuration.path}`, + `azuresigntool sign -kvu ${process.env.SIGNING_VAULT_URL} -kvi ${process.env.SIGNING_CLIENT_ID} -kvs ${process.env.SIGNING_CLIENT_SECRET} -kvc ${process.env.SIGNING_CERT_NAME} -fd ${configuration.hash} -du ${configuration.site} -tr http://timestamp.digicert.com ${configuration.path}`, { stdio: "inherit" } From 4b9e6ff89478095f1dc706fe9939e5d528f55688 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 17:39:38 +0000 Subject: [PATCH 107/228] removing reference code --- .az-pipelines/windows-build-sign.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index a476280f10e..ee21e54a149 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -54,8 +54,6 @@ steps: SIGNING_CERT_NAME: $(SigningCertName) SECRET_TEST: $(secretTest) - `azuresigntool sign -kvu ${process.env.SIGNING_VAULT_URL} -kvi ${process.env.SIGNING_CLIENT_ID} -kvs ${process.env.SIGNING_CLIENT_SECRET} -kvc ${process.env.SIGNING_CERT_NAME} -fd ${configuration.hash} -du ${configuration.site} -tr http://timestamp.digicert.com ${configuration.path}`, - - script: ls -alht dist displayName: show executables From 1f0e5d711ea65b02ff2e8b262610dd11246e39ad Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 18:12:15 +0000 Subject: [PATCH 108/228] testing manual install --- .az-pipelines/sign-windows-artifacts.yml | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index f73916bf5ad..7493250d703 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -7,21 +7,22 @@ variables: - group: code-signing-test steps: - #- task: DotNetCoreCLI@2 - # inputs: - # command: 'custom' - # custom: 'tool' - # arguments: 'install --global azuresigntool' + #- script: | + # set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true + # dotnet tool install --global AzureSignTool --version 2.0.17 # displayName: 'install AzureSignTool' - + - script: | - set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true - dotnet tool install --global AzureSignTool --version 2.0.17 - displayName: 'install AzureSignTool' + git clone https://github.com/vcsjones/AzureSignTool.git + dotnet build + displayName: 'Install AST' -- script: AzureSignTool.exe sign --help +- script: azuresigntool sign --help displayName: 'Debugging AST' +- script: exit 1 + displayName: Premature Exit + - task: DownloadGitHubRelease@0 inputs: connection: joseph-flinn From 0978956c30428fdb3b4093366434202b302f2dfb Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 18:17:27 +0000 Subject: [PATCH 109/228] moving into the project directory --- .az-pipelines/sign-windows-artifacts.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 7493250d703..d1c10eef207 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -14,6 +14,8 @@ steps: - script: | git clone https://github.com/vcsjones/AzureSignTool.git + cd AzureSignTool + dotnet --version dotnet build displayName: 'Install AST' From a08783eb9bb0a040b690ee9cbb9641d2fb0ea382 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 18:44:18 +0000 Subject: [PATCH 110/228] going insane....and trying dotnet run --- .az-pipelines/sign-windows-artifacts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index d1c10eef207..4405e17723b 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -19,7 +19,7 @@ steps: dotnet build displayName: 'Install AST' -- script: azuresigntool sign --help +- script: dotnet run -- sign --help displayName: 'Debugging AST' - script: exit 1 From 2ae72a66bc0e42b5d1fb6129db946ceaa55d8b15 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 18:48:47 +0000 Subject: [PATCH 111/228] trying to cd into AST before running AST --- .az-pipelines/sign-windows-artifacts.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 4405e17723b..807ad4e54f6 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -19,7 +19,9 @@ steps: dotnet build displayName: 'Install AST' -- script: dotnet run -- sign --help +- script: | + cd AzureSignTool + dotnet run -- sign --help displayName: 'Debugging AST' - script: exit 1 From 4a3f1ee5e646f7e223e999e6e7dab9bd0e1227b9 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 18:52:52 +0000 Subject: [PATCH 112/228] specifying the project? --- .az-pipelines/sign-windows-artifacts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 807ad4e54f6..c78eab131f6 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -21,7 +21,7 @@ steps: - script: | cd AzureSignTool - dotnet run -- sign --help + dotnet run --project azuresigntool -- sign --help displayName: 'Debugging AST' - script: exit 1 From 2d2c1d632e7225bdd4fb60b7f13363a1b8337ce6 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 19:10:58 +0000 Subject: [PATCH 113/228] experimenting after getting it the project to run on Linux container --- .az-pipelines/sign-windows-artifacts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index c78eab131f6..a115986b5ff 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -21,7 +21,7 @@ steps: - script: | cd AzureSignTool - dotnet run --project azuresigntool -- sign --help + dotnet run --project src/AzureSignTool -- sign --help displayName: 'Debugging AST' - script: exit 1 From 23e2e0842577cd6ba72c4e0ae72e9e17bc8734b5 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 19:48:23 +0000 Subject: [PATCH 114/228] testing manaul install of AST --- .az-pipelines/sign-windows-artifacts.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index a115986b5ff..a583edb5663 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -16,16 +16,16 @@ steps: git clone https://github.com/vcsjones/AzureSignTool.git cd AzureSignTool dotnet --version - dotnet build + dotnet pack --output ./nupkg + dotnet tool install --global --add-source ./nupkg azuresigntool displayName: 'Install AST' - script: | - cd AzureSignTool - dotnet run --project src/AzureSignTool -- sign --help + azuresigntool -- sign --help displayName: 'Debugging AST' - script: exit 1 - displayName: Premature Exit + displayName: 'Early Exit' - task: DownloadGitHubRelease@0 inputs: @@ -44,7 +44,7 @@ steps: displayName: 'show artifacts' - script: | - azuresigntool sign -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -tr http://timestamp.digicert.com "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32-store.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64-store.appx" + azuresigntool sign -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvt "$(SigningTenantId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -tr http://timestamp.digicert.com "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32-store.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64-store.appx" displayName: 'Sign artifacts' - task: PublishPipelineArtifact@1 From d52713ea4dfc3c023274540e067f54c340d3b076 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 19:52:50 +0000 Subject: [PATCH 115/228] removing leftovers. trying to get a clean run --- .az-pipelines/sign-windows-artifacts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index a583edb5663..1908dd752f7 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -21,7 +21,7 @@ steps: displayName: 'Install AST' - script: | - azuresigntool -- sign --help + azuresigntool sign --help displayName: 'Debugging AST' - script: exit 1 From 2817f78b98f3b46c2e5d74920c9e23d3a287468e Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 19:53:15 +0000 Subject: [PATCH 116/228] changing debug command to get all params to make sure it is the new version --- .az-pipelines/sign-windows-artifacts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 1908dd752f7..4463178b312 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -21,7 +21,7 @@ steps: displayName: 'Install AST' - script: | - azuresigntool sign --help + azuresigntool --help displayName: 'Debugging AST' - script: exit 1 From 9873ad48ed66d87a2bf5b1666a0a5686b0da2980 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 20:00:29 +0000 Subject: [PATCH 117/228] trying to get a clean run --- .az-pipelines/sign-windows-artifacts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 4463178b312..1908dd752f7 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -21,7 +21,7 @@ steps: displayName: 'Install AST' - script: | - azuresigntool --help + azuresigntool sign --help displayName: 'Debugging AST' - script: exit 1 From 455c287e20be965cc2455ee20e62a2d9586411b3 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 20:37:37 +0000 Subject: [PATCH 118/228] trying to specifiy verison 3 --- .az-pipelines/sign-windows-artifacts.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 1908dd752f7..10360d4c3e1 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -16,8 +16,9 @@ steps: git clone https://github.com/vcsjones/AzureSignTool.git cd AzureSignTool dotnet --version - dotnet pack --output ./nupkg - dotnet tool install --global --add-source ./nupkg azuresigntool + dotnet build -p:Version=3.0.0 + #dotnet pack --output ./nupkg + dotnet tool install --global --add-source ./nupkg --version 3.0.0 azuresigntool displayName: 'Install AST' - script: | From 3172c7b87d04b76d5eef858961d350367b102331 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 21:24:06 +0000 Subject: [PATCH 119/228] switching from 3.0.0 to the 0.0.0-hash version (where does this come from? idk) --- .az-pipelines/sign-windows-artifacts.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 10360d4c3e1..a1030a9c178 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -16,9 +16,8 @@ steps: git clone https://github.com/vcsjones/AzureSignTool.git cd AzureSignTool dotnet --version - dotnet build -p:Version=3.0.0 - #dotnet pack --output ./nupkg - dotnet tool install --global --add-source ./nupkg --version 3.0.0 azuresigntool + dotnet pack --output ./nupkg + dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version 0.0.0-gce87e84a58 azuresigntool displayName: 'Install AST' - script: | From b6d706a62b675c3c81100db7f02da6cefb740842 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 21:50:33 +0000 Subject: [PATCH 120/228] trying it... --- .az-pipelines/sign-windows-artifacts.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index a1030a9c178..70d7abe42dc 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -24,8 +24,8 @@ steps: azuresigntool sign --help displayName: 'Debugging AST' -- script: exit 1 - displayName: 'Early Exit' + #- script: exit 1 + # displayName: 'Early Exit' - task: DownloadGitHubRelease@0 inputs: From 711cea8c4b5cfc241537ab2e9cc088afb1925bad Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 31 Dec 2020 22:09:00 +0000 Subject: [PATCH 121/228] Install and use latest AST (this will probably break when it is updated because Google won't tell me how to make a clean build of a .NET project) --- .az-pipelines/windows-build-sign.yml | 15 ++++++++++++--- sign.js | 2 +- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index ee21e54a149..6303b11dbc8 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -17,10 +17,18 @@ steps: versionSpec: '10.x' displayName: 'Install Node.js' + #- script: | + # set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true + # dotnet tool install --global AzureSignTool --version 2.0.17 + # displayName: 'install AzureSignTool' + - script: | - set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true - dotnet tool install --global AzureSignTool --version 2.0.17 - displayName: 'install AzureSignTool' + git clone https://github.com/vcsjones/AzureSignTool.git + cd AzureSignTool + dotnet --version + dotnet pack --output ./nupkg + dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version 0.0.0-gce87e84a58 azuresigntool + displayName: 'Install AST' - task: PowerShell@2 inputs: @@ -50,6 +58,7 @@ steps: CSC_KEY_PASSWORD: $(ebSigningCertKey) SIGNING_VAULT_URL: $(SigningVaultURL) SIGNING_CLIENT_ID: $(SigningClientId) + SIGNING_TENTANT_ID: $(SigningTenantId) SIGNING_CLIENT_SECRET: $(SigningClientSecret) SIGNING_CERT_NAME: $(SigningCertName) SECRET_TEST: $(secretTest) diff --git a/sign.js b/sign.js index 45aef487f60..17664c13962 100644 --- a/sign.js +++ b/sign.js @@ -3,7 +3,7 @@ exports.default = async function(configuration) { console.log(`env test - secret test ${process.env.SECRET_TEST}`) require("child_process").execSync( - `azuresigntool sign -kvu ${process.env.SIGNING_VAULT_URL} -kvi ${process.env.SIGNING_CLIENT_ID} -kvs ${process.env.SIGNING_CLIENT_SECRET} -kvc ${process.env.SIGNING_CERT_NAME} -fd ${configuration.hash} -du ${configuration.site} -tr http://timestamp.digicert.com ${configuration.path}`, + `azuresigntool sign -kvu ${process.env.SIGNING_VAULT_URL} -kvi ${process.env.SIGNING_CLIENT_ID} -kvt ${process.env.SIGNING_TENANT_ID} -kvs ${process.env.SIGNING_CLIENT_SECRET} -kvc ${process.env.SIGNING_CERT_NAME} -fd ${configuration.hash} -du ${configuration.site} -tr http://timestamp.digicert.com ${configuration.path}`, { stdio: "inherit" } From d998ec9146a5930504e2869906a5ba696d028af4 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 4 Jan 2021 20:10:48 +0000 Subject: [PATCH 122/228] Trying to install AST with `publish` --- .az-pipelines/windows-build-sign.yml | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 6303b11dbc8..9f737224a13 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -26,9 +26,18 @@ steps: git clone https://github.com/vcsjones/AzureSignTool.git cd AzureSignTool dotnet --version - dotnet pack --output ./nupkg - dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version 0.0.0-gce87e84a58 azuresigntool + dotnet restore + dotnet publish src/AzureSignTool/AzureSignTool.csproj -o ./dist + cp ./dist/AzureSignTool %USERPROFILE%\.dotnet\tools displayName: 'Install AST' +#dotnet pack --output ./nupkg +#dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version 0.0.0-gce87e84a58 azuresigntool + +- script: | + AzureSignTool sign --help + exit 1 + displayName: 'Debug AST installation' + - task: PowerShell@2 inputs: From 3550c2cb1efc12b04fccb10fbac769de390a4809 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 4 Jan 2021 20:27:07 +0000 Subject: [PATCH 123/228] trying to specify version in pack --- .az-pipelines/windows-build-sign.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 9f737224a13..597efc5cc36 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -27,10 +27,10 @@ steps: cd AzureSignTool dotnet --version dotnet restore - dotnet publish src/AzureSignTool/AzureSignTool.csproj -o ./dist - cp ./dist/AzureSignTool %USERPROFILE%\.dotnet\tools + dotnet pack --output ./nupkg -p:Version=3.0.0-alpha + dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version 3.0.0-alpha azuresigntool displayName: 'Install AST' -#dotnet pack --output ./nupkg + #dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version 0.0.0-gce87e84a58 azuresigntool - script: | From 68d302bfe301f51b65d843c07f34ae51e720df78 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 4 Jan 2021 20:43:36 +0000 Subject: [PATCH 124/228] trying to downgrad the .NET sdk --- .az-pipelines/windows-build-sign.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 597efc5cc36..168571e22cf 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -21,6 +21,12 @@ steps: # set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true # dotnet tool install --global AzureSignTool --version 2.0.17 # displayName: 'install AzureSignTool' +- task: UseDotNet@2 + displayName: 'Use .NET Core SDK 3.x' + inputs: + packageType: sdk + version: 3.x + installationPath: $(Agent.ToolsDirectory)/dotnet - script: | git clone https://github.com/vcsjones/AzureSignTool.git From 89e55da798876794c168de02ded18d7ad5278184 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 4 Jan 2021 20:52:13 +0000 Subject: [PATCH 125/228] testing publishing and moving to agent tools directory --- .az-pipelines/windows-build-sign.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 168571e22cf..16bc9f9017e 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -21,6 +21,7 @@ steps: # set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true # dotnet tool install --global AzureSignTool --version 2.0.17 # displayName: 'install AzureSignTool' + - task: UseDotNet@2 displayName: 'Use .NET Core SDK 3.x' inputs: @@ -33,14 +34,16 @@ steps: cd AzureSignTool dotnet --version dotnet restore - dotnet pack --output ./nupkg -p:Version=3.0.0-alpha - dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version 3.0.0-alpha azuresigntool + dotnet publish src/AzureSignTool.csproj -o ./dist + cp ./dist/AzureSignTool $(Agent.ToolsDirectory)/azuresigntool displayName: 'Install AST' #dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version 0.0.0-gce87e84a58 azuresigntool +#dotnet pack --output ./nupkg -p:Version=3.0.0-alpha +#dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version 3.0.0-alpha azuresigntool - script: | - AzureSignTool sign --help + azuresigntool sign --help exit 1 displayName: 'Debug AST installation' From 4fa8342a003969fe5b62c3ed69635da76cb4ba00 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 4 Jan 2021 21:44:35 +0000 Subject: [PATCH 126/228] trying to compile the version to be built --- .az-pipelines/windows-build-sign.yml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 16bc9f9017e..01025d278d7 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -31,16 +31,18 @@ steps: - script: | git clone https://github.com/vcsjones/AzureSignTool.git + $latest_head = $(git rev-parse HEAD)[0...9] -join "" + $latest_version = "0.0.0-g$latest_head" + Write-Host "--------" + Write-Host "PACKAGE VERSION TO BUILD - $latest_version" + Write-Host "--------" cd AzureSignTool dotnet --version dotnet restore - dotnet publish src/AzureSignTool.csproj -o ./dist - cp ./dist/AzureSignTool $(Agent.ToolsDirectory)/azuresigntool + dotnet pack --output ./nupkg + dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version 0.0.0-gce87e84a58 azuresigntool displayName: 'Install AST' -#dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version 0.0.0-gce87e84a58 azuresigntool -#dotnet pack --output ./nupkg -p:Version=3.0.0-alpha -#dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version 3.0.0-alpha azuresigntool - script: | azuresigntool sign --help From 539e9069361036ce2cf3adda32093c97f4b4c0f8 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 4 Jan 2021 22:24:12 +0000 Subject: [PATCH 127/228] switching to powershell --- .az-pipelines/windows-build-sign.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 01025d278d7..20f4ded84fc 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -40,8 +40,9 @@ steps: dotnet --version dotnet restore dotnet pack --output ./nupkg - dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version 0.0.0-gce87e84a58 azuresigntool + dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool displayName: 'Install AST' + shell: pwsh - script: | From 033cee57b87ad3a07c5750c909185bbb8bdaa8e4 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 4 Jan 2021 22:32:06 +0000 Subject: [PATCH 128/228] fixing pwsh task --- .az-pipelines/windows-build-sign.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 20f4ded84fc..ebebd075b7c 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -29,7 +29,7 @@ steps: version: 3.x installationPath: $(Agent.ToolsDirectory)/dotnet -- script: | +- pwsh: | git clone https://github.com/vcsjones/AzureSignTool.git $latest_head = $(git rev-parse HEAD)[0...9] -join "" $latest_version = "0.0.0-g$latest_head" @@ -42,7 +42,6 @@ steps: dotnet pack --output ./nupkg dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool displayName: 'Install AST' - shell: pwsh - script: | From f1e52b022bd5a00db108d68ab8ecc85a2f1671d9 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 4 Jan 2021 22:42:27 +0000 Subject: [PATCH 129/228] debugging commit id --- .az-pipelines/windows-build-sign.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index ebebd075b7c..220e4cb1010 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -34,6 +34,8 @@ steps: $latest_head = $(git rev-parse HEAD)[0...9] -join "" $latest_version = "0.0.0-g$latest_head" Write-Host "--------" + Write-Host "git commit - $(git rev-parse HEAD)" + Write-Host "latest_head - $latest_head" Write-Host "PACKAGE VERSION TO BUILD - $latest_version" Write-Host "--------" cd AzureSignTool From 5f53f0a988e8af112d352a2b5871f28792fa954b Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 4 Jan 2021 22:55:11 +0000 Subject: [PATCH 130/228] fixing typo in pwsh --- .az-pipelines/windows-build-sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 220e4cb1010..78f27c6938d 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -31,7 +31,7 @@ steps: - pwsh: | git clone https://github.com/vcsjones/AzureSignTool.git - $latest_head = $(git rev-parse HEAD)[0...9] -join "" + $latest_head = $(git rev-parse HEAD)[0..9] -join "" $latest_version = "0.0.0-g$latest_head" Write-Host "--------" Write-Host "git commit - $(git rev-parse HEAD)" From fa49fb05855f21bbba533723747f5d0d015b1c56 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 4 Jan 2021 23:04:55 +0000 Subject: [PATCH 131/228] moving the git version data gathering of AST --- .az-pipelines/windows-build-sign.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 78f27c6938d..c3a43f83ee5 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -31,6 +31,7 @@ steps: - pwsh: | git clone https://github.com/vcsjones/AzureSignTool.git + cd AzureSignTool $latest_head = $(git rev-parse HEAD)[0..9] -join "" $latest_version = "0.0.0-g$latest_head" Write-Host "--------" @@ -38,7 +39,7 @@ steps: Write-Host "latest_head - $latest_head" Write-Host "PACKAGE VERSION TO BUILD - $latest_version" Write-Host "--------" - cd AzureSignTool + dotnet --version dotnet restore dotnet pack --output ./nupkg From 6a1783b2df324df65caf9ed5e3ff32c2b3d0b870 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Mon, 4 Jan 2021 23:15:41 +0000 Subject: [PATCH 132/228] removing the debugging code --- .az-pipelines/windows-build-sign.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index c3a43f83ee5..a56b8fe7f15 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -47,12 +47,6 @@ steps: displayName: 'Install AST' -- script: | - azuresigntool sign --help - exit 1 - displayName: 'Debug AST installation' - - - task: PowerShell@2 inputs: targetType: 'inline' From b0878fd6604cc7bff4f9987924dc5889ecacd33f Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 13:29:01 +0000 Subject: [PATCH 133/228] testing secrets in pipeline and in script --- .az-pipelines/windows-build-sign.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index a56b8fe7f15..846c32aca83 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -68,7 +68,11 @@ steps: displayName: 'npm build' # This task is not working... -- script: npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\" +- pwsh: | + Write-Host "------------------------" + Write-Host "az pipeline secret test - $SECRET_TEST" + Write-Host "------------------------" + npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\" displayName: 'electron-builder build & sign' env: CSC_LINK: $(ebSigningCertIdentifierURL) From 0efb6770096875c96b8d111798e21d1193ff5576 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 13:45:32 +0000 Subject: [PATCH 134/228] debugging env vars and secrets --- .az-pipelines/windows-build-sign.yml | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 846c32aca83..3b4ff57e6ab 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -12,6 +12,25 @@ variables: - group: build-sign-test steps: +- pwsh: | + Write-Host "------------------------" + Write-Host "secret test - $env:SECRET_TEST" + Write-Host "SIGNING_CERT_NAME - $env:SIGNING_CERT_NAME" + Write-Host "------------------------" + displayName: 'Var & Secret Testing' + env: + CSC_LINK: $(ebSigningCertIdentifierURL) + CSC_KEY_PASSWORD: $(ebSigningCertKey) + SIGNING_VAULT_URL: $(SigningVaultURL) + SIGNING_CLIENT_ID: $(SigningClientId) + SIGNING_TENTANT_ID: $(SigningTenantId) + SIGNING_CLIENT_SECRET: $(SigningClientSecret) + SIGNING_CERT_NAME: $(SigningCertName) + SECRET_TEST: $(secretTest) + +- script: exit 1 + displayName: Stop Pipeline + - task: NodeTool@0 inputs: versionSpec: '10.x' @@ -70,7 +89,8 @@ steps: # This task is not working... - pwsh: | Write-Host "------------------------" - Write-Host "az pipeline secret test - $SECRET_TEST" + Write-Host "az pipeline secret test - $env:SECRET_TEST" + Write-Host "az pipeline var test - $env:SIGNING_CERT_NAME" Write-Host "------------------------" npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\" displayName: 'electron-builder build & sign' From 64e8099fb32cef51673c1a041fee965cb5b81f6d Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 14:03:59 +0000 Subject: [PATCH 135/228] testing new var in variable group --- .az-pipelines/windows-build-sign.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 3b4ff57e6ab..f3ec5ac65c1 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -15,6 +15,7 @@ steps: - pwsh: | Write-Host "------------------------" Write-Host "secret test - $env:SECRET_TEST" + Write-Host "new var test - $env:NEW_VAR_TEST" Write-Host "SIGNING_CERT_NAME - $env:SIGNING_CERT_NAME" Write-Host "------------------------" displayName: 'Var & Secret Testing' @@ -26,6 +27,7 @@ steps: SIGNING_TENTANT_ID: $(SigningTenantId) SIGNING_CLIENT_SECRET: $(SigningClientSecret) SIGNING_CERT_NAME: $(SigningCertName) + NEW_VAR_TEST: $(newVarTest) SECRET_TEST: $(secretTest) - script: exit 1 From de4966b3e42a44815192c09b7165c9a8c607b928 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 14:22:01 +0000 Subject: [PATCH 136/228] trying things that shouldn't work because the things that should work aren't --- .az-pipelines/sign-windows-artifacts.yml | 1 + .az-pipelines/windows-build-sign.yml | 2 ++ sign.js | 1 + 3 files changed, 4 insertions(+) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 70d7abe42dc..479bd340123 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -45,6 +45,7 @@ steps: - script: | azuresigntool sign -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvt "$(SigningTenantId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -tr http://timestamp.digicert.com "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32-store.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64-store.appx" + echo $(SigningClientSecret) displayName: 'Sign artifacts' - task: PublishPipelineArtifact@1 diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index f3ec5ac65c1..077b1fb0e4e 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -17,6 +17,8 @@ steps: Write-Host "secret test - $env:SECRET_TEST" Write-Host "new var test - $env:NEW_VAR_TEST" Write-Host "SIGNING_CERT_NAME - $env:SIGNING_CERT_NAME" + Write-Host "---" + Write Host "This shouldn't work - $(secretTest)" Write-Host "------------------------" displayName: 'Var & Secret Testing' env: diff --git a/sign.js b/sign.js index 17664c13962..0a61edf3b78 100644 --- a/sign.js +++ b/sign.js @@ -1,6 +1,7 @@ exports.default = async function(configuration) { //console.log(`config:\n${JSON.stringify(configuration, null, 4)}`) console.log(`env test - secret test ${process.env.SECRET_TEST}`) + console.log(`env test - shouldn't work ${process.env.secretTest}`) require("child_process").execSync( `azuresigntool sign -kvu ${process.env.SIGNING_VAULT_URL} -kvi ${process.env.SIGNING_CLIENT_ID} -kvt ${process.env.SIGNING_TENANT_ID} -kvs ${process.env.SIGNING_CLIENT_SECRET} -kvc ${process.env.SIGNING_CERT_NAME} -fd ${configuration.hash} -du ${configuration.site} -tr http://timestamp.digicert.com ${configuration.path}`, From a1d950e33e1f55f45bb7542a0dd762006272955c Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 14:43:01 +0000 Subject: [PATCH 137/228] idk what's wrong... --- .az-pipelines/sign-windows-artifacts.yml | 1 - .az-pipelines/windows-build-sign.yml | 9 +++------ 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml index 479bd340123..70d7abe42dc 100644 --- a/.az-pipelines/sign-windows-artifacts.yml +++ b/.az-pipelines/sign-windows-artifacts.yml @@ -45,7 +45,6 @@ steps: - script: | azuresigntool sign -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvt "$(SigningTenantId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -tr http://timestamp.digicert.com "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32-store.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64-store.appx" - echo $(SigningClientSecret) displayName: 'Sign artifacts' - task: PublishPipelineArtifact@1 diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml index 077b1fb0e4e..d64a6e12c44 100644 --- a/.az-pipelines/windows-build-sign.yml +++ b/.az-pipelines/windows-build-sign.yml @@ -9,16 +9,15 @@ pool: vmImage: 'windows-latest' variables: -- group: build-sign-test +- group: code-signing-test steps: - pwsh: | Write-Host "------------------------" - Write-Host "secret test - $env:SECRET_TEST" - Write-Host "new var test - $env:NEW_VAR_TEST" + Write-Host "secret test - $env:CSC_KEY_PASSWORD" Write-Host "SIGNING_CERT_NAME - $env:SIGNING_CERT_NAME" Write-Host "---" - Write Host "This shouldn't work - $(secretTest)" + Write Host "This shouldn't work - $(ebSigningCertKey)" Write-Host "------------------------" displayName: 'Var & Secret Testing' env: @@ -29,8 +28,6 @@ steps: SIGNING_TENTANT_ID: $(SigningTenantId) SIGNING_CLIENT_SECRET: $(SigningClientSecret) SIGNING_CERT_NAME: $(SigningCertName) - NEW_VAR_TEST: $(newVarTest) - SECRET_TEST: $(secretTest) - script: exit 1 displayName: Stop Pipeline From 7f217a261fdcc57733a6a9685485cbe45e6312d1 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 16:13:08 +0000 Subject: [PATCH 138/228] trying to switch over to GH Actions because AZ Pipelines seems to have a problem with the secrets in environments... --- .github/workflows/build-and-sign.yml | 254 +++++++++++++++++++++++++++ 1 file changed, 254 insertions(+) create mode 100644 .github/workflows/build-and-sign.yml diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml new file mode 100644 index 00000000000..fe2d76b6ff0 --- /dev/null +++ b/.github/workflows/build-and-sign.yml @@ -0,0 +1,254 @@ +name: Build & Sign + +on: [workflow_dispatch] + +jobs: + windows: + runs-on: windows-latest + steps: + - name: Set up Node + uses: actions/setup-node@v1 + with: + node-version: '10.x' + + - name: Set Node options + run: echo "NODE_OPTIONS=--max_old_space_size=4096" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append + shell: pwsh + + - name: Setup dotnet + uses: actions/setup-dotnet@v2 + with: + dotnet-version: "3.x" + + - name: Print environment + run: | + node --version + npm --version + dotnet --version + + exit 1 + + - name: Checkout repo + uses: actions/checkout@v2 + + - name: Load package version + run: ./.github/scripts/load-version.ps1 + shell: pwsh + + - name: Install Node dependencies + run: npm install + + - name: Run linter + run: npm run lint + + - name: Build application + shell: pwsh + run: npm run dist:win:ci + + - name: Rename appx files for store + shell: pwsh + run: | + Copy-Item "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx" ` + -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx" + Copy-Item "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx" ` + -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx" + + - name: Upload portable exe artifact + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe + path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe + + - name: Upload installer exe artifact + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe + path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe + + - name: Upload store appx ia32 artifact + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx + + - name: Upload store appx x64 artifact + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx + + - name: Deploy to Chocolatey + if: github.event_name == 'release' + run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION + shell: pwsh + + - name: Upload Chocolatey nupkg artifact + if: github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + + - name: Upload release assets + if: github.event_name == 'release' + run: | + hub release edit ` + -a ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` + -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` + $env:RELEASE_TAG_NAME + shell: pwsh + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} + + macos: + runs-on: macos-latest + + steps: + - name: Set up Node + uses: actions/setup-node@v1 + with: + node-version: '10.x' + + - name: Set Node options + run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV + + - name: Print environment + run: | + node --version + npm --version + Write-Output "GitHub ref: $env:GITHUB_REF" + Write-Output "GitHub event: $env:GITHUB_EVENT" + shell: pwsh + env: + GITHUB_REF: ${{ github.ref }} + GITHUB_EVENT: ${{ github.event_name }} + + - name: Checkout repo + uses: actions/checkout@v2 + + - name: Decrypt secrets + run: ./.github/scripts/macos/decrypt-secrets.ps1 + shell: pwsh + env: + DECRYPT_FILE_PASSWORD: ${{ secrets.DECRYPT_FILE_PASSWORD }} + + - name: Set up keychain + run: ./.github/scripts/macos/setup-keychain.ps1 + shell: pwsh + env: + KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} + DESKTOP_KEY_PASSWORD: ${{ secrets.DESKTOP_KEY_PASSWORD }} + DEVID_CERT_PASSWORD: ${{ secrets.DEVID_CERT_PASSWORD }} + APPSTORE_CERT_PASSWORD: ${{ secrets.APPSTORE_CERT_PASSWORD }} + MACDEV_CERT_PASSWORD: ${{ secrets.MACDEV_CERT_PASSWORD }} + APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} + + - name: Set up provisioning profiles + run: ./.github/scripts/macos/setup-profiles.ps1 + shell: pwsh + + - name: Increment version + run: ./.github/scripts/macos/increment-version.ps1 + shell: pwsh + + - name: Load package version + run: ./.github/scripts/load-version.ps1 + shell: pwsh + + - name: Install Node dependencies + run: npm install + + - name: Run linter + run: npm run lint + + - name: Create Safari directory + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + shell: pwsh + run: New-Item ./dist-safari -ItemType Directory -ea 0 + + - name: Checkout browser extension + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/checkout@v2 + with: + repository: 'bitwarden/browser' + path: 'dist-safari/browser' + + - name: Build Safari extension + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + shell: pwsh + run: ./scripts/safari-build.ps1 -skipcheckout -skipoutcopy + + - name: Load Safari extension for .dmg + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + shell: pwsh + run: ./scripts/safari-build.ps1 -copyonly + + - name: Build application (dev) + if: github.ref != 'refs/heads/master' && github.event_name != 'release' + run: npm run build + + - name: Build application (dist) + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + run: npm run dist:mac + env: + APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} + APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} + + - name: Upload .zip artifact + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-mac.zip + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-mac.zip + + - name: Upload .dmg artifact + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}.dmg + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}.dmg + + - name: Load Safari extension for App Store + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + shell: pwsh + run: ./scripts/safari-build.ps1 -mas -copyonly + + - name: Build application for App Store + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + run: npm run dist:mac:mas + env: + APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} + APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} + + - name: Upload .pkg artifact + if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}.pkg + path: ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg + + - name: Deploy to App Store + if: github.event_name == 'release' + run: npm run upload:mas + env: + APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} + APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} + + - name: Upload release assets + if: github.event_name == 'release' + run: | + hub release edit ` + -a ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg ` + -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` + $env:RELEASE_TAG_NAME + shell: pwsh + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} From 020629fd3c202185187070f9d6916f918c3fbf7a Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 16:16:03 +0000 Subject: [PATCH 139/228] removing the macos job from the test --- .github/workflows/build-and-sign.yml | 146 --------------------------- 1 file changed, 146 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index fe2d76b6ff0..f673d55e801 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -106,149 +106,3 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} - - macos: - runs-on: macos-latest - - steps: - - name: Set up Node - uses: actions/setup-node@v1 - with: - node-version: '10.x' - - - name: Set Node options - run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV - - - name: Print environment - run: | - node --version - npm --version - Write-Output "GitHub ref: $env:GITHUB_REF" - Write-Output "GitHub event: $env:GITHUB_EVENT" - shell: pwsh - env: - GITHUB_REF: ${{ github.ref }} - GITHUB_EVENT: ${{ github.event_name }} - - - name: Checkout repo - uses: actions/checkout@v2 - - - name: Decrypt secrets - run: ./.github/scripts/macos/decrypt-secrets.ps1 - shell: pwsh - env: - DECRYPT_FILE_PASSWORD: ${{ secrets.DECRYPT_FILE_PASSWORD }} - - - name: Set up keychain - run: ./.github/scripts/macos/setup-keychain.ps1 - shell: pwsh - env: - KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} - DESKTOP_KEY_PASSWORD: ${{ secrets.DESKTOP_KEY_PASSWORD }} - DEVID_CERT_PASSWORD: ${{ secrets.DEVID_CERT_PASSWORD }} - APPSTORE_CERT_PASSWORD: ${{ secrets.APPSTORE_CERT_PASSWORD }} - MACDEV_CERT_PASSWORD: ${{ secrets.MACDEV_CERT_PASSWORD }} - APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} - - - name: Set up provisioning profiles - run: ./.github/scripts/macos/setup-profiles.ps1 - shell: pwsh - - - name: Increment version - run: ./.github/scripts/macos/increment-version.ps1 - shell: pwsh - - - name: Load package version - run: ./.github/scripts/load-version.ps1 - shell: pwsh - - - name: Install Node dependencies - run: npm install - - - name: Run linter - run: npm run lint - - - name: Create Safari directory - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - shell: pwsh - run: New-Item ./dist-safari -ItemType Directory -ea 0 - - - name: Checkout browser extension - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - uses: actions/checkout@v2 - with: - repository: 'bitwarden/browser' - path: 'dist-safari/browser' - - - name: Build Safari extension - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - shell: pwsh - run: ./scripts/safari-build.ps1 -skipcheckout -skipoutcopy - - - name: Load Safari extension for .dmg - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - shell: pwsh - run: ./scripts/safari-build.ps1 -copyonly - - - name: Build application (dev) - if: github.ref != 'refs/heads/master' && github.event_name != 'release' - run: npm run build - - - name: Build application (dist) - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - run: npm run dist:mac - env: - APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} - APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} - - - name: Upload .zip artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}-mac.zip - path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-mac.zip - - - name: Upload .dmg artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}.dmg - path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}.dmg - - - name: Load Safari extension for App Store - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - shell: pwsh - run: ./scripts/safari-build.ps1 -mas -copyonly - - - name: Build application for App Store - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - run: npm run dist:mac:mas - env: - APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} - APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} - - - name: Upload .pkg artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}.pkg - path: ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg - - - name: Deploy to App Store - if: github.event_name == 'release' - run: npm run upload:mas - env: - APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} - APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} - - - name: Upload release assets - if: github.event_name == 'release' - run: | - hub release edit ` - -a ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg ` - -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` - $env:RELEASE_TAG_NAME - shell: pwsh - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} From 9a39f67efc09a01fb78c8357a4fb2608db049fb4 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 16:21:43 +0000 Subject: [PATCH 140/228] changing the gh action to "on push" to initialize it --- .az-pipelines/az-cli-tests.yml | 19 ---- .az-pipelines/sign-windows-artifacts.yml | 58 ----------- .az-pipelines/test-ast-install.yml | 21 ---- .az-pipelines/windows-build-sign.yml | 127 ----------------------- .github/workflows/build-and-sign.yml | 11 +- 5 files changed, 10 insertions(+), 226 deletions(-) delete mode 100644 .az-pipelines/az-cli-tests.yml delete mode 100644 .az-pipelines/sign-windows-artifacts.yml delete mode 100644 .az-pipelines/test-ast-install.yml delete mode 100644 .az-pipelines/windows-build-sign.yml diff --git a/.az-pipelines/az-cli-tests.yml b/.az-pipelines/az-cli-tests.yml deleted file mode 100644 index daf6af6e33a..00000000000 --- a/.az-pipelines/az-cli-tests.yml +++ /dev/null @@ -1,19 +0,0 @@ -trigger: none - -pool: - vmImage: 'windows-latest' - -variables: -- group: sub-secrets - -steps: -- task: AzureCLI@2 - displayName: Azure CLI KV Test - inputs: - azureSubscription: '$(subscription-id)' - connectedServiceNameARM: keyvault-signing-SP - scriptType: ps - scriptLocation: inlineScript - inlineScript: | - az --verison - az keyvault certificate list --vault-name code-signing-test-vault diff --git a/.az-pipelines/sign-windows-artifacts.yml b/.az-pipelines/sign-windows-artifacts.yml deleted file mode 100644 index 70d7abe42dc..00000000000 --- a/.az-pipelines/sign-windows-artifacts.yml +++ /dev/null @@ -1,58 +0,0 @@ -trigger: none - -pool: - vmImage: 'windows-latest' - -variables: -- group: code-signing-test - -steps: - #- script: | - # set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true - # dotnet tool install --global AzureSignTool --version 2.0.17 - # displayName: 'install AzureSignTool' - -- script: | - git clone https://github.com/vcsjones/AzureSignTool.git - cd AzureSignTool - dotnet --version - dotnet pack --output ./nupkg - dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version 0.0.0-gce87e84a58 azuresigntool - displayName: 'Install AST' - -- script: | - azuresigntool sign --help - displayName: 'Debugging AST' - - #- script: exit 1 - # displayName: 'Early Exit' - -- task: DownloadGitHubRelease@0 - inputs: - connection: joseph-flinn - userRepository: joseph-flinn/desktop - displayName: 'git release artifacts' - -- bash: | - GIT_RELEASE_VERSION=$(curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | awk -F '"' '/tag_name/{print $4}' | awk '{print substr($1, 2); }') - echo "##vso[task.setvariable variable=git_release_version]$GIT_RELEASE_VERSION" - displayName: 'set git_release_version' - -- script: | - ls -alh $(System.ArtifactsDirectory) - echo GIT_RELEASE_VERSION=$(git_release_version) - displayName: 'show artifacts' - -- script: | - azuresigntool sign -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvt "$(SigningTenantId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -tr http://timestamp.digicert.com "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32-store.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64-store.appx" - displayName: 'Sign artifacts' - -- task: PublishPipelineArtifact@1 - inputs: - pathToPublish: '$(System.ArtifactsDirectory)/Bitwarden-$(git_release_version)-ia32-store.appx' - artifactName: 'Bitwarden-$(git_release_version)-ia32-store.appx' - -- task: PublishPipelineArtifact@1 - inputs: - pathToPublish: '$(System.ArtifactsDirectory)/Bitwarden-$(git_release_version)-x64-store.appx' - artifactName: 'Bitwarden-$(git_release_version)-x64-store.appx' diff --git a/.az-pipelines/test-ast-install.yml b/.az-pipelines/test-ast-install.yml deleted file mode 100644 index 3f0d33b169c..00000000000 --- a/.az-pipelines/test-ast-install.yml +++ /dev/null @@ -1,21 +0,0 @@ -trigger: none - -pool: - vmImage: 'windows-latest' - -variables: -- group: code-signing-test - -steps: -- script: | - git clone https://github.com/vcsjones/AzureSignTool.git - cd AzureSignTool/src/AzureSignTool - dotnet tool restore - displayName: 'install AzureSignTool' - -- script: dotnet tool list - displayName: 'testing dotnet tool list' - -- script: AzureSignTool.exe sign --help - displayName: 'Debugging AST' - diff --git a/.az-pipelines/windows-build-sign.yml b/.az-pipelines/windows-build-sign.yml deleted file mode 100644 index d64a6e12c44..00000000000 --- a/.az-pipelines/windows-build-sign.yml +++ /dev/null @@ -1,127 +0,0 @@ -# Node.js -# Build a general Node.js project with npm. -# Add steps that analyze code, save build artifacts, deploy, and more: -# https://docs.microsoft.com/azure/devops/pipelines/languages/javascript - -trigger: none - -pool: - vmImage: 'windows-latest' - -variables: -- group: code-signing-test - -steps: -- pwsh: | - Write-Host "------------------------" - Write-Host "secret test - $env:CSC_KEY_PASSWORD" - Write-Host "SIGNING_CERT_NAME - $env:SIGNING_CERT_NAME" - Write-Host "---" - Write Host "This shouldn't work - $(ebSigningCertKey)" - Write-Host "------------------------" - displayName: 'Var & Secret Testing' - env: - CSC_LINK: $(ebSigningCertIdentifierURL) - CSC_KEY_PASSWORD: $(ebSigningCertKey) - SIGNING_VAULT_URL: $(SigningVaultURL) - SIGNING_CLIENT_ID: $(SigningClientId) - SIGNING_TENTANT_ID: $(SigningTenantId) - SIGNING_CLIENT_SECRET: $(SigningClientSecret) - SIGNING_CERT_NAME: $(SigningCertName) - -- script: exit 1 - displayName: Stop Pipeline - -- task: NodeTool@0 - inputs: - versionSpec: '10.x' - displayName: 'Install Node.js' - - #- script: | - # set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true - # dotnet tool install --global AzureSignTool --version 2.0.17 - # displayName: 'install AzureSignTool' - -- task: UseDotNet@2 - displayName: 'Use .NET Core SDK 3.x' - inputs: - packageType: sdk - version: 3.x - installationPath: $(Agent.ToolsDirectory)/dotnet - -- pwsh: | - git clone https://github.com/vcsjones/AzureSignTool.git - cd AzureSignTool - $latest_head = $(git rev-parse HEAD)[0..9] -join "" - $latest_version = "0.0.0-g$latest_head" - Write-Host "--------" - Write-Host "git commit - $(git rev-parse HEAD)" - Write-Host "latest_head - $latest_head" - Write-Host "PACKAGE VERSION TO BUILD - $latest_version" - Write-Host "--------" - - dotnet --version - dotnet restore - dotnet pack --output ./nupkg - dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool - displayName: 'Install AST' - - -- task: PowerShell@2 - inputs: - targetType: 'inline' - script: | - $packageVersion = (Get-Content -Raw -Path $(System.DefaultWorkingDirectory)\src\package.json | ConvertFrom-Json).version; - echo "##vso[task.setvariable variable=PACKAGE_VERSION]${packageVersion}" - displayName: 'Setting packageVersion' - -- script: | - echo "package version: $(PACKAGE_VERSION)" - displayName: Package Version testing - -- script: npm install - displayName: 'npm install' - -- script: | - npm run build - npm npm run clean:dist - displayName: 'npm build' - -# This task is not working... -- pwsh: | - Write-Host "------------------------" - Write-Host "az pipeline secret test - $env:SECRET_TEST" - Write-Host "az pipeline var test - $env:SIGNING_CERT_NAME" - Write-Host "------------------------" - npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\" - displayName: 'electron-builder build & sign' - env: - CSC_LINK: $(ebSigningCertIdentifierURL) - CSC_KEY_PASSWORD: $(ebSigningCertKey) - SIGNING_VAULT_URL: $(SigningVaultURL) - SIGNING_CLIENT_ID: $(SigningClientId) - SIGNING_TENTANT_ID: $(SigningTenantId) - SIGNING_CLIENT_SECRET: $(SigningClientSecret) - SIGNING_CERT_NAME: $(SigningCertName) - SECRET_TEST: $(secretTest) - -- script: ls -alht dist - displayName: show executables - -- script: ls -alht dist/nsis-web - displayName: show nsis-web executables - -- task: PublishPipelineArtifact@1 - inputs: - pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-Portable-$(PACKAGE_VERSION).exe' - artifactName: Bitwarden-Portable-$(PACKAGE_VERSION).exe - -# - task: PublishPipelineArtifact@1 -# inputs: -# pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-ia32.appx' -# artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-ia32.appx -# -# - task: PublishPipelineArtifact@1 -# inputs: -# pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-1.23.1-x64.appx' -# artifactName: Bitwarden-$(GIT_COMMIT_TO_BUILD)-x64.appx diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index f673d55e801..3c5d2458644 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -1,6 +1,15 @@ name: Build & Sign -on: [workflow_dispatch] +on: + push: + branches-ignore: + - 'l10n_master' + - 'gh-pages' + release: + types: + - published + +#[workflow_dispatch] jobs: windows: From 5f63020eb3cc793cb621f073f93d57d9f099311e Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 16:23:56 +0000 Subject: [PATCH 141/228] changing the trigger to manual --- .github/workflows/build-and-sign.yml | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index 3c5d2458644..f673d55e801 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -1,15 +1,6 @@ name: Build & Sign -on: - push: - branches-ignore: - - 'l10n_master' - - 'gh-pages' - release: - types: - - published - -#[workflow_dispatch] +on: [workflow_dispatch] jobs: windows: From f47660fcc3055e4a727270d0d5d6f145b933f2f2 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 16:26:12 +0000 Subject: [PATCH 142/228] fixing dotnet action version --- .github/workflows/build-and-sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index f673d55e801..aa91baab85e 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -16,7 +16,7 @@ jobs: shell: pwsh - name: Setup dotnet - uses: actions/setup-dotnet@v2 + uses: actions/setup-dotnet@v1 with: dotnet-version: "3.x" From 6de9d3912f89da4950c91b57eec3ce4bb63334af Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 16:28:24 +0000 Subject: [PATCH 143/228] trying different syntax --- .github/workflows/build-and-sign.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index aa91baab85e..6c0465cd16d 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -1,6 +1,7 @@ name: Build & Sign -on: [workflow_dispatch] +on: + workflow_dispatch: jobs: windows: From 8fd56c87c2b2939724e655f387fa143a2bf47db0 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 17:23:12 +0000 Subject: [PATCH 144/228] moving dotnet set up --- .github/workflows/build-and-sign.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index 6c0465cd16d..8fbece4d1b3 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -7,6 +7,11 @@ jobs: windows: runs-on: windows-latest steps: + - name: Set up dotnet + uses: actions/setup-dotnet@v1 + with: + dotnet-version: "3.x" + - name: Set up Node uses: actions/setup-node@v1 with: @@ -16,11 +21,6 @@ jobs: run: echo "NODE_OPTIONS=--max_old_space_size=4096" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append shell: pwsh - - name: Setup dotnet - uses: actions/setup-dotnet@v1 - with: - dotnet-version: "3.x" - - name: Print environment run: | node --version From 74ba229b2171a87e5b08d5980465d17014fdb1ce Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 17:40:02 +0000 Subject: [PATCH 145/228] switching to version 3.1.x instead of 3.x --- .github/workflows/build-and-sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index 8fbece4d1b3..d35eea235b4 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -10,7 +10,7 @@ jobs: - name: Set up dotnet uses: actions/setup-dotnet@v1 with: - dotnet-version: "3.x" + dotnet-version: "3.1.x" - name: Set up Node uses: actions/setup-node@v1 From 43348c542c09e8a6df471887dcdbb8213fdb834e Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 18:03:23 +0000 Subject: [PATCH 146/228] trying installing AST --- .github/workflows/build-and-sign.yml | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index d35eea235b4..c151d13a947 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -27,13 +27,32 @@ jobs: npm --version dotnet --version - exit 1 + - name: Install AST + shell: pwsh + run: | + cd $HOME + + git clone https://github.com/vcsjones/AzureSignTool.git + cd AzureSignTool + $latest_head = $(git rev-parse HEAD)[0..9] -join "" + $latest_version = "0.0.0-g$latest_head" + + Write-Host "--------" + Write-Host "git commit - $(git rev-parse HEAD)" + Write-Host "latest_head - $latest_head" + Write-Host "PACKAGE VERSION TO BUILD - $latest_version" + Write-Host "--------" + + cd $HOME - name: Checkout repo uses: actions/checkout@v2 - name: Load package version - run: ./.github/scripts/load-version.ps1 + run: | + ./.github/scripts/load-version.ps1 + + exit 1 shell: pwsh - name: Install Node dependencies From 7712f3e8c355d192b707232e00ae3c1950127c80 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 18:07:53 +0000 Subject: [PATCH 147/228] fixing some whitespace errors --- .github/workflows/build-and-sign.yml | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index c151d13a947..0fb892b1bc0 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -32,16 +32,16 @@ jobs: run: | cd $HOME - git clone https://github.com/vcsjones/AzureSignTool.git - cd AzureSignTool - $latest_head = $(git rev-parse HEAD)[0..9] -join "" - $latest_version = "0.0.0-g$latest_head" + git clone https://github.com/vcsjones/AzureSignTool.git + cd AzureSignTool + $latest_head = $(git rev-parse HEAD)[0..9] -join "" + $latest_version = "0.0.0-g$latest_head" - Write-Host "--------" - Write-Host "git commit - $(git rev-parse HEAD)" - Write-Host "latest_head - $latest_head" - Write-Host "PACKAGE VERSION TO BUILD - $latest_version" - Write-Host "--------" + Write-Host "--------" + Write-Host "git commit - $(git rev-parse HEAD)" + Write-Host "latest_head - $latest_head" + Write-Host "PACKAGE VERSION TO BUILD - $latest_version" + Write-Host "--------" cd $HOME @@ -51,8 +51,7 @@ jobs: - name: Load package version run: | ./.github/scripts/load-version.ps1 - - exit 1 + exit 1 shell: pwsh - name: Install Node dependencies From 65c5dc1f3b59b53e4251898a680a972d616d6ab1 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 18:13:48 +0000 Subject: [PATCH 148/228] actually installing AST --- .github/workflows/build-and-sign.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index 0fb892b1bc0..d2238399dcd 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -43,8 +43,15 @@ jobs: Write-Host "PACKAGE VERSION TO BUILD - $latest_version" Write-Host "--------" + dotnet restore + dotnet pact --output ./nupkg + dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool + cd $HOME + - name: Test AST + run: azuresigntool sign --help + - name: Checkout repo uses: actions/checkout@v2 From c6ed8fe1d3d5f6919fb22a0c30b6a9601756a1e4 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 18:17:58 +0000 Subject: [PATCH 149/228] fixing typo --- .github/workflows/build-and-sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index d2238399dcd..5fd8a2a1b2b 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -44,7 +44,7 @@ jobs: Write-Host "--------" dotnet restore - dotnet pact --output ./nupkg + dotnet pack --output ./nupkg dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool cd $HOME From 59efc3e09130dbfea8fb13dcc2881065061912e4 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 18:53:40 +0000 Subject: [PATCH 150/228] testing signing with AZ key vault --- .github/workflows/build-and-sign.yml | 106 +++++++++++---------------- 1 file changed, 42 insertions(+), 64 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index 5fd8a2a1b2b..c32ef417541 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -6,6 +6,7 @@ on: jobs: windows: runs-on: windows-latest + environment: test steps: - name: Set up dotnet uses: actions/setup-dotnet@v1 @@ -56,9 +57,7 @@ jobs: uses: actions/checkout@v2 - name: Load package version - run: | - ./.github/scripts/load-version.ps1 - exit 1 + run: ./.github/scripts/load-version.ps1 shell: pwsh - name: Install Node dependencies @@ -68,67 +67,46 @@ jobs: run: npm run lint - name: Build application - shell: pwsh - run: npm run dist:win:ci - - - name: Rename appx files for store - shell: pwsh run: | - Copy-Item "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx" ` - -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx" - Copy-Item "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx" ` - -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx" + npm run build + npm run clean:dist - - name: Upload portable exe artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe - path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe - - - name: Upload installer exe artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe - path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe - - - name: Upload store appx ia32 artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx - path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx - - - name: Upload store appx x64 artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx - path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx - - - name: Deploy to Chocolatey - if: github.event_name == 'release' - run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION - shell: pwsh - - - name: Upload Chocolatey nupkg artifact - if: github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - - - name: Upload release assets - if: github.event_name == 'release' - run: | - hub release edit ` - -a ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg ` - -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` - -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` - -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` - $env:RELEASE_TAG_NAME - shell: pwsh + - name: Build & Sign + run: electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\" env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} + CSC_LINK: ${{ secrets.EB_SIGNING_CERT_IDENTIFIER_URL }} + CSC_KEY_PASSWORD: ${{ secrets.EB_SIGNING_CERT_KEY }} + SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} + SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} + SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} + SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} + SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} + SECRET_TEST: ${{ secrets.SECRET_TEST }} + +#- name: Upload portable exe artifact +# if: github.ref == 'refs/heads/master' || github.event_name == 'release' +# uses: actions/upload-artifact@v2 +# with: +# name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe +# path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe + +#- name: Upload installer exe artifact +# if: github.ref == 'refs/heads/master' || github.event_name == 'release' +# uses: actions/upload-artifact@v2 +# with: +# name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe +# path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe + +#- name: Upload release assets +# if: github.event_name == 'release' +# run: | +# hub release edit ` +# -a ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg ` +# -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` +# -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` +# -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` +# $env:RELEASE_TAG_NAME +# shell: pwsh +# env: +# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +# RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} From cf738a2667ef365488ce7d969ce5f5321f10f2ea Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 19:04:25 +0000 Subject: [PATCH 151/228] adding the npx prefix to the electron-builder program --- .github/workflows/build-and-sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index c32ef417541..b09d918fada 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -72,7 +72,7 @@ jobs: npm run clean:dist - name: Build & Sign - run: electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\" + run: npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\" env: CSC_LINK: ${{ secrets.EB_SIGNING_CERT_IDENTIFIER_URL }} CSC_KEY_PASSWORD: ${{ secrets.EB_SIGNING_CERT_KEY }} From bcc972e60b8bb1498aaebfa32a70154d967742aa Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 19:18:56 +0000 Subject: [PATCH 152/228] trying to switch to powershell for the electron-builder task --- .github/workflows/build-and-sign.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index b09d918fada..91fca6222ba 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -72,6 +72,7 @@ jobs: npm run clean:dist - name: Build & Sign + shell: pwsh run: npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\" env: CSC_LINK: ${{ secrets.EB_SIGNING_CERT_IDENTIFIER_URL }} From 0cd63fa40076c56bec614a75aa66f441b84bc67b Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 19:28:00 +0000 Subject: [PATCH 153/228] removing the escape characters --- .github/workflows/build-and-sign.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index 91fca6222ba..c59e5af9dbc 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -72,8 +72,7 @@ jobs: npm run clean:dist - name: Build & Sign - shell: pwsh - run: npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\" + run: npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName="Bitwarden Inc" env: CSC_LINK: ${{ secrets.EB_SIGNING_CERT_IDENTIFIER_URL }} CSC_KEY_PASSWORD: ${{ secrets.EB_SIGNING_CERT_KEY }} From 38f357c1653ea1b383ab862eb87f8bff6c505826 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 20:50:29 +0000 Subject: [PATCH 154/228] trying two single quotes and changing it back to pwsh --- .github/workflows/build-and-sign.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index c59e5af9dbc..7d0854fea88 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -72,7 +72,8 @@ jobs: npm run clean:dist - name: Build & Sign - run: npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName="Bitwarden Inc" + shell: pwsh + run: npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=''Bitwarden Inc'' env: CSC_LINK: ${{ secrets.EB_SIGNING_CERT_IDENTIFIER_URL }} CSC_KEY_PASSWORD: ${{ secrets.EB_SIGNING_CERT_KEY }} From fc0e8052b06e7d3c565af20a788e51586ccffb52 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 21:03:07 +0000 Subject: [PATCH 155/228] trying to escape the quotes with back ticks --- .github/workflows/build-and-sign.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index 7d0854fea88..9a1543e1eec 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -73,7 +73,10 @@ jobs: - name: Build & Sign shell: pwsh - run: npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=''Bitwarden Inc'' + run: | + $certName = "Bitwarden Inc" + npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=`"Bitwarden Inc`" + Write-Host "certName=$certName" env: CSC_LINK: ${{ secrets.EB_SIGNING_CERT_IDENTIFIER_URL }} CSC_KEY_PASSWORD: ${{ secrets.EB_SIGNING_CERT_KEY }} From fd89704c1d21b1dc1ca0cdfa3d2336f9cad7d1a9 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 21:17:33 +0000 Subject: [PATCH 156/228] testing more escapes --- .github/workflows/build-and-sign.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index 9a1543e1eec..ac5f1def21d 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -75,8 +75,8 @@ jobs: shell: pwsh run: | $certName = "Bitwarden Inc" - npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=`"Bitwarden Inc`" - Write-Host "certName=$certName" + npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\" + Write-Host "certName=\"$certName\"" env: CSC_LINK: ${{ secrets.EB_SIGNING_CERT_IDENTIFIER_URL }} CSC_KEY_PASSWORD: ${{ secrets.EB_SIGNING_CERT_KEY }} From e31c8c0e79cd8ad40fad4f31814507aa121e29e8 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 21:28:27 +0000 Subject: [PATCH 157/228] trying something else --- .github/workflows/build-and-sign.yml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index ac5f1def21d..b4589f70e2e 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -50,9 +50,6 @@ jobs: cd $HOME - - name: Test AST - run: azuresigntool sign --help - - name: Checkout repo uses: actions/checkout@v2 @@ -74,9 +71,9 @@ jobs: - name: Build & Sign shell: pwsh run: | - $certName = "Bitwarden Inc" - npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\" - Write-Host "certName=\"$certName\"" + $certName = "`u{22}Bitwarden Inc`u{22}" + npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=""""Bitwarden Inc"""" + Write-Host "certName=$certName" env: CSC_LINK: ${{ secrets.EB_SIGNING_CERT_IDENTIFIER_URL }} CSC_KEY_PASSWORD: ${{ secrets.EB_SIGNING_CERT_KEY }} From a1a5405722a45b1058b28ec720e36b1c2caa93e2 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 21:38:20 +0000 Subject: [PATCH 158/228] one last thing before switching over to npm --- .github/workflows/build-and-sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index b4589f70e2e..f2c98a9e1a5 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -72,7 +72,7 @@ jobs: shell: pwsh run: | $certName = "`u{22}Bitwarden Inc`u{22}" - npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=""""Bitwarden Inc"""" + npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName="`u{22}Bitwarden Inc`u{22}" Write-Host "certName=$certName" env: CSC_LINK: ${{ secrets.EB_SIGNING_CERT_IDENTIFIER_URL }} From 078862e41bcb773102272ec6257c5f9cc7e83bb3 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 21:53:46 +0000 Subject: [PATCH 159/228] switching over to an npm script --- .github/workflows/build-and-sign.yml | 10 +++------- package.json | 2 +- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index f2c98a9e1a5..4f07d6ca259 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -64,16 +64,12 @@ jobs: run: npm run lint - name: Build application - run: | - npm run build - npm run clean:dist + run: npm run build - name: Build & Sign - shell: pwsh run: | - $certName = "`u{22}Bitwarden Inc`u{22}" - npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName="`u{22}Bitwarden Inc`u{22}" - Write-Host "certName=$certName" + npm run build + npm run pack:win env: CSC_LINK: ${{ secrets.EB_SIGNING_CERT_IDENTIFIER_URL }} CSC_KEY_PASSWORD: ${{ secrets.EB_SIGNING_CERT_KEY }} diff --git a/package.json b/package.json index e1870315cb4..6853efa81d7 100644 --- a/package.json +++ b/package.json @@ -40,7 +40,7 @@ "pack:mac": "npm run clean:dist && electron-builder --mac -p never", "pack:mac:mas": "npm run clean:dist && electron-builder --mac mas -p never", "pack:mac:masdev": "npm run clean:dist && electron-builder --mac mas-dev -p never", - "pack:win": "npm run clean:dist && electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"8bit Solutions LLC\"", + "pack:win": "npm run clean:dist && electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\"", "pack:win:ci": "npm run clean:dist && electron-builder --win --x64 --ia32 -p never", "dist:dir": "npm run build && npm run pack:dir", "dist:lin": "npm run build && npm run pack:lin", From 902040ec64449dbdb53fe0b746bd14c05918f6f5 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 22:18:26 +0000 Subject: [PATCH 160/228] making custom signing command easier to read --- sign.js | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/sign.js b/sign.js index 0a61edf3b78..e7a6df8909f 100644 --- a/sign.js +++ b/sign.js @@ -1,10 +1,15 @@ exports.default = async function(configuration) { - //console.log(`config:\n${JSON.stringify(configuration, null, 4)}`) - console.log(`env test - secret test ${process.env.SECRET_TEST}`) - console.log(`env test - shouldn't work ${process.env.secretTest}`) - require("child_process").execSync( - `azuresigntool sign -kvu ${process.env.SIGNING_VAULT_URL} -kvi ${process.env.SIGNING_CLIENT_ID} -kvt ${process.env.SIGNING_TENANT_ID} -kvs ${process.env.SIGNING_CLIENT_SECRET} -kvc ${process.env.SIGNING_CERT_NAME} -fd ${configuration.hash} -du ${configuration.site} -tr http://timestamp.digicert.com ${configuration.path}`, + `azuresigntool sign ` + + `-kvu ${process.env.SIGNING_VAULT_URL} ` + + `-kvi ${process.env.SIGNING_CLIENT_ID} ` + + `-kvt ${process.env.SIGNING_TENANT_ID} ` + + `-kvs ${process.env.SIGNING_CLIENT_SECRET} ` + + `-kvc ${process.env.SIGNING_CERT_NAME} ` + + `-fd ${configuration.hash} ` + + `-du ${configuration.site} ` + + `-tr http://timestamp.digicert.com ` + + `${configuration.path}`, { stdio: "inherit" } From 7df3ded62a673594ab628473396dc3bdc45cc5ac Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 5 Jan 2021 23:10:12 +0000 Subject: [PATCH 161/228] switching to a cert that should match --- .github/workflows/build-and-sign.yml | 5 ++++- package.json | 4 ++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index 4f07d6ca259..a903f273c4a 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -6,7 +6,7 @@ on: jobs: windows: runs-on: windows-latest - environment: test + environment: test_ast steps: - name: Set up dotnet uses: actions/setup-dotnet@v1 @@ -80,6 +80,9 @@ jobs: SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} SECRET_TEST: ${{ secrets.SECRET_TEST }} + - name: List Dist + run: dir ./dist + #- name: Upload portable exe artifact # if: github.ref == 'refs/heads/master' || github.event_name == 'release' # uses: actions/upload-artifact@v2 diff --git a/package.json b/package.json index 6853efa81d7..4a1b2ce33c1 100644 --- a/package.json +++ b/package.json @@ -40,7 +40,7 @@ "pack:mac": "npm run clean:dist && electron-builder --mac -p never", "pack:mac:mas": "npm run clean:dist && electron-builder --mac mas -p never", "pack:mac:masdev": "npm run clean:dist && electron-builder --mac mas-dev -p never", - "pack:win": "npm run clean:dist && electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\"", + "pack:win": "npm run clean:dist && electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"8bit Solutions LLC\"", "pack:win:ci": "npm run clean:dist && electron-builder --win --x64 --ia32 -p never", "dist:dir": "npm run build && npm run pack:dir", "dist:lin": "npm run build && npm run pack:lin", @@ -197,7 +197,7 @@ "applicationId": "bitwardendesktop", "identityName": "8bitSolutionsLLC.bitwardendesktop", "publisher": "CN=14D52771-DE3C-4886-B8BF-825BA7690418", - "publisherDisplayName": "8bit Solutions LLC", + "publisherDisplayName": "Bitwarden Inc", "languages": [ "en-US" ] From ba7007c307b357ebcdef3b28d6fd6fbc6584bbe1 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 6 Jan 2021 16:58:28 +0000 Subject: [PATCH 162/228] getting the correct artifacts uploaded to github --- .github/workflows/build-and-sign.yml | 38 +++++++++++++++++++--------- 1 file changed, 26 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index a903f273c4a..c97c29e344b 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -83,19 +83,33 @@ jobs: - name: List Dist run: dir ./dist -#- name: Upload portable exe artifact -# if: github.ref == 'refs/heads/master' || github.event_name == 'release' -# uses: actions/upload-artifact@v2 -# with: -# name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe -# path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe + - name: Upload signed portable exe artifact + #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}-signed.exe + path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe -#- name: Upload installer exe artifact -# if: github.ref == 'refs/heads/master' || github.event_name == 'release' -# uses: actions/upload-artifact@v2 -# with: -# name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe -# path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe + - name: Upload signed installer exe artifact + #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}-signed.exe + path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe + + - name: Upload signed appx ia32 artifact + #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-signed.appx + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx + + - name: Upload signed appx x64 artifact + #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-signed.appx + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx #- name: Upload release assets # if: github.event_name == 'release' From e1d2aa4b4a1ec93a0005d50fa3c31268b7e674b8 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 6 Jan 2021 17:25:33 +0000 Subject: [PATCH 163/228] changing the trigger for the Build --- .github/workflows/build-and-sign.yml | 4 +-- .github/workflows/build.yml | 51 +++++++++++++++------------- 2 files changed, 29 insertions(+), 26 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index c97c29e344b..fc29cf26705 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -101,14 +101,14 @@ jobs: #if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-signed.appx + name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx - name: Upload signed appx x64 artifact #if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-signed.appx + name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx #- name: Upload release assets diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8d8d61aa246..78e85b11bc8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,13 +1,16 @@ name: Build -on: - push: - branches-ignore: - - 'l10n_master' - - 'gh-pages' - release: - types: - - published +on: + workflow_dispatch: + +# on: +# push: +# branches-ignore: +# - 'l10n_master' +# - 'gh-pages' +# release: +# types: +# - published jobs: @@ -170,28 +173,28 @@ jobs: -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx" - name: Upload portable exe artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + #if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe - name: Upload installer exe artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + #if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe - name: Upload store appx ia32 artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + #if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx - name: Upload store appx x64 artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + #if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx @@ -209,18 +212,18 @@ jobs: # name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg # path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - - name: Upload release assets - if: github.event_name == 'release' - run: | - hub release edit ` - -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` - -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` - -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` - $env:RELEASE_TAG_NAME - shell: pwsh - env: - GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} + #- name: Upload release assets + # if: github.event_name == 'release' + # run: | + # hub release edit ` + # -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` + # -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` + # -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` + # $env:RELEASE_TAG_NAME + # shell: pwsh + # env: + # GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + # RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} macos: runs-on: macos-latest From 65a13d997ab8e99d0db63679190b78c0711441e5 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 6 Jan 2021 18:04:18 +0000 Subject: [PATCH 164/228] experimenting with no CSC_* env vars --- .github/workflows/build.yml | 49 ++++++++++++++++++++++++++++++++++++- 1 file changed, 48 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 78e85b11bc8..f832cff64f7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -123,6 +123,11 @@ jobs: runs-on: windows-latest steps: + - name: Set up dotnet + uses: actions/setup-dotnet@v1 + with: + dotnet-version: "3.1.x" + - name: Set up Node uses: actions/setup-node@v1 with: @@ -145,7 +150,31 @@ jobs: run: | node --version npm --version - choco --version + #choco --version + dotnet --version + + + - name: Install AST + shell: pwsh + run: | + cd $HOME + + git clone https://github.com/vcsjones/AzureSignTool.git + cd AzureSignTool + $latest_head = $(git rev-parse HEAD)[0..9] -join "" + $latest_version = "0.0.0-g$latest_head" + + Write-Host "--------" + Write-Host "git commit - $(git rev-parse HEAD)" + Write-Host "latest_head - $latest_head" + Write-Host "PACKAGE VERSION TO BUILD - $latest_version" + Write-Host "--------" + + dotnet restore + dotnet pack --output ./nupkg + dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool + + cd $HOME - name: Checkout repo uses: actions/checkout@v2 @@ -163,6 +192,13 @@ jobs: - name: Build application shell: pwsh run: npm run dist:win:ci + env: + SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} + SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} + SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} + SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} + SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} + SECRET_TEST: ${{ secrets.SECRET_TEST }} - name: Rename appx files for store shell: pwsh @@ -211,6 +247,17 @@ jobs: # with: # name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg # path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + + - name: Repack & Sign + run: | + npm run pack:win + env: + SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} + SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} + SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} + SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} + SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} + SECRET_TEST: ${{ secrets.SECRET_TEST }} #- name: Upload release assets # if: github.event_name == 'release' From 7a2aa34619a8073c4ddbe383cebaac981e539672 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 6 Jan 2021 18:07:22 +0000 Subject: [PATCH 165/228] adding the other artifacts to the windows portion of the build --- .github/workflows/build.yml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f832cff64f7..703d65c468f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -259,6 +259,37 @@ jobs: SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} SECRET_TEST: ${{ secrets.SECRET_TEST }} + - name: List Dist + run: dir ./dist + + - name: Upload signed portable exe artifact + #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}-signed.exe + path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe + + - name: Upload signed installer exe artifact + #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}-signed.exe + path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe + + - name: Upload signed appx ia32 artifact + #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx + + - name: Upload signed appx x64 artifact + #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx + #- name: Upload release assets # if: github.event_name == 'release' # run: | From 048f3fed6f85b97e76ff5eeb150a5934bf3fcbb4 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 6 Jan 2021 18:17:50 +0000 Subject: [PATCH 166/228] adding in the forgotten environment --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 703d65c468f..15ee6683ad0 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -121,7 +121,7 @@ jobs: windows: runs-on: windows-latest - + environment: test_ast steps: - name: Set up dotnet uses: actions/setup-dotnet@v1 From c508c7cd0507eba3806f8777430b711ad639bba5 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 6 Jan 2021 18:58:44 +0000 Subject: [PATCH 167/228] adding a signing flag for electron builder --- .github/workflows/build.yml | 8 ++------ sign.js | 32 +++++++++++++++++--------------- 2 files changed, 19 insertions(+), 21 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 15ee6683ad0..ffbbabee08e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -193,12 +193,7 @@ jobs: shell: pwsh run: npm run dist:win:ci env: - SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} - SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} - SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} - SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} - SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} - SECRET_TEST: ${{ secrets.SECRET_TEST }} + ELECTRON_BUILDER_SIGN: false - name: Rename appx files for store shell: pwsh @@ -252,6 +247,7 @@ jobs: run: | npm run pack:win env: + ELECTRON_BUILDER_SIGN: true SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} diff --git a/sign.js b/sign.js index e7a6df8909f..f3969c37761 100644 --- a/sign.js +++ b/sign.js @@ -1,17 +1,19 @@ exports.default = async function(configuration) { - require("child_process").execSync( - `azuresigntool sign ` + - `-kvu ${process.env.SIGNING_VAULT_URL} ` + - `-kvi ${process.env.SIGNING_CLIENT_ID} ` + - `-kvt ${process.env.SIGNING_TENANT_ID} ` + - `-kvs ${process.env.SIGNING_CLIENT_SECRET} ` + - `-kvc ${process.env.SIGNING_CERT_NAME} ` + - `-fd ${configuration.hash} ` + - `-du ${configuration.site} ` + - `-tr http://timestamp.digicert.com ` + - `${configuration.path}`, - { - stdio: "inherit" - } - ); + if (process.env.ELECTRON_BUILDER_SIGN) { + require("child_process").execSync( + `azuresigntool sign ` + + `-kvu ${process.env.SIGNING_VAULT_URL} ` + + `-kvi ${process.env.SIGNING_CLIENT_ID} ` + + `-kvt ${process.env.SIGNING_TENANT_ID} ` + + `-kvs ${process.env.SIGNING_CLIENT_SECRET} ` + + `-kvc ${process.env.SIGNING_CERT_NAME} ` + + `-fd ${configuration.hash} ` + + `-du ${configuration.site} ` + + `-tr http://timestamp.digicert.com ` + + `${configuration.path}`, + { + stdio: "inherit" + } + ); + } }; From 88bf9be15ff5c42329ba2e1029ee0250a1db700e Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 6 Jan 2021 18:59:38 +0000 Subject: [PATCH 168/228] adding in the flag to the build_and_sign workflow --- .github/workflows/build-and-sign.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index fc29cf26705..7956f68307b 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -71,8 +71,7 @@ jobs: npm run build npm run pack:win env: - CSC_LINK: ${{ secrets.EB_SIGNING_CERT_IDENTIFIER_URL }} - CSC_KEY_PASSWORD: ${{ secrets.EB_SIGNING_CERT_KEY }} + ELECTRON_BUILDER_SIGN: true SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} From 33029c1684cc173969194f8e232faf36cc036975 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 6 Jan 2021 19:19:18 +0000 Subject: [PATCH 169/228] removing the signing portion of the original workflow --- .github/workflows/build.yml | 72 ------------------------------------- 1 file changed, 72 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ffbbabee08e..b90b69fce39 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -123,11 +123,6 @@ jobs: runs-on: windows-latest environment: test_ast steps: - - name: Set up dotnet - uses: actions/setup-dotnet@v1 - with: - dotnet-version: "3.1.x" - - name: Set up Node uses: actions/setup-node@v1 with: @@ -151,30 +146,6 @@ jobs: node --version npm --version #choco --version - dotnet --version - - - - name: Install AST - shell: pwsh - run: | - cd $HOME - - git clone https://github.com/vcsjones/AzureSignTool.git - cd AzureSignTool - $latest_head = $(git rev-parse HEAD)[0..9] -join "" - $latest_version = "0.0.0-g$latest_head" - - Write-Host "--------" - Write-Host "git commit - $(git rev-parse HEAD)" - Write-Host "latest_head - $latest_head" - Write-Host "PACKAGE VERSION TO BUILD - $latest_version" - Write-Host "--------" - - dotnet restore - dotnet pack --output ./nupkg - dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool - - cd $HOME - name: Checkout repo uses: actions/checkout@v2 @@ -242,49 +213,6 @@ jobs: # with: # name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg # path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - - - name: Repack & Sign - run: | - npm run pack:win - env: - ELECTRON_BUILDER_SIGN: true - SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} - SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} - SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} - SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} - SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} - SECRET_TEST: ${{ secrets.SECRET_TEST }} - - - name: List Dist - run: dir ./dist - - - name: Upload signed portable exe artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}-signed.exe - path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe - - - name: Upload signed installer exe artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}-signed.exe - path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe - - - name: Upload signed appx ia32 artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx - path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx - - - name: Upload signed appx x64 artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx - path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx #- name: Upload release assets # if: github.event_name == 'release' From 5eb10afe856cded141575f17604767d610ba974e Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 6 Jan 2021 19:33:43 +0000 Subject: [PATCH 170/228] changing over to a value based boolean flag --- .github/workflows/build-and-sign.yml | 2 +- .github/workflows/build.yml | 2 +- sign.js | 8 +++++++- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index 7956f68307b..dae775b2389 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -71,7 +71,7 @@ jobs: npm run build npm run pack:win env: - ELECTRON_BUILDER_SIGN: true + ELECTRON_BUILDER_SIGN: 1 SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b90b69fce39..d0fe4686a42 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -164,7 +164,7 @@ jobs: shell: pwsh run: npm run dist:win:ci env: - ELECTRON_BUILDER_SIGN: false + ELECTRON_BUILDER_SIGN: 0 - name: Rename appx files for store shell: pwsh diff --git a/sign.js b/sign.js index f3969c37761..b5ba6816ab0 100644 --- a/sign.js +++ b/sign.js @@ -1,5 +1,11 @@ exports.default = async function(configuration) { - if (process.env.ELECTRON_BUILDER_SIGN) { + + console.log('+++++++++++++++++++++++++++++++++++++++++++++++++++') + console.log(`ELECTRON_BUILDER_SIGN: ${process.env.ELECTRON_BUILDER_SIGN}`) + console.log(`Type: ${typeof process.env.ELECTRON_BUILDER_SIGN}`) + console.log('+++++++++++++++++++++++++++++++++++++++++++++++++++') + + if (process.env.ELECTRON_BUILDER_SIGN === 1) { require("child_process").execSync( `azuresigntool sign ` + `-kvu ${process.env.SIGNING_VAULT_URL} ` + From b1e4bd4bdbbe536b4be89581830819903a9bb5f4 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 6 Jan 2021 19:43:42 +0000 Subject: [PATCH 171/228] assigning correct type --- sign.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sign.js b/sign.js index b5ba6816ab0..e2b5be6ccfb 100644 --- a/sign.js +++ b/sign.js @@ -5,7 +5,7 @@ exports.default = async function(configuration) { console.log(`Type: ${typeof process.env.ELECTRON_BUILDER_SIGN}`) console.log('+++++++++++++++++++++++++++++++++++++++++++++++++++') - if (process.env.ELECTRON_BUILDER_SIGN === 1) { + if (parseInt(process.env.ELECTRON_BUILDER_SIGN) === 1) { require("child_process").execSync( `azuresigntool sign ` + `-kvu ${process.env.SIGNING_VAULT_URL} ` + From 190fb423da418fd1270483f8c37e5d32d082ed6d Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 6 Jan 2021 19:46:37 +0000 Subject: [PATCH 172/228] fixing unknown syntax error --- sign.js | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/sign.js b/sign.js index e2b5be6ccfb..14bee1835f5 100644 --- a/sign.js +++ b/sign.js @@ -1,11 +1,5 @@ exports.default = async function(configuration) { - - console.log('+++++++++++++++++++++++++++++++++++++++++++++++++++') - console.log(`ELECTRON_BUILDER_SIGN: ${process.env.ELECTRON_BUILDER_SIGN}`) - console.log(`Type: ${typeof process.env.ELECTRON_BUILDER_SIGN}`) - console.log('+++++++++++++++++++++++++++++++++++++++++++++++++++') - - if (parseInt(process.env.ELECTRON_BUILDER_SIGN) === 1) { + if (process.env.ELECTRON_BUILDER_SIGN === 1) { require("child_process").execSync( `azuresigntool sign ` + `-kvu ${process.env.SIGNING_VAULT_URL} ` + From 92d4afb28dc2637ed528312f81e34652722e6371 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 6 Jan 2021 20:38:30 +0000 Subject: [PATCH 173/228] removing appveyor to stop the fork from sending the repo to be built. Testing a release --- .github/workflows/build-and-sign.yml | 27 ++++++------ .github/workflows/build.yml | 44 +++++++++---------- ...eyor.yml => appveyor.yml.flagged-to-remove | 0 3 files changed, 34 insertions(+), 37 deletions(-) rename appveyor.yml => appveyor.yml.flagged-to-remove (100%) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index dae775b2389..53c2f3bc0a9 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -110,16 +110,17 @@ jobs: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx -#- name: Upload release assets -# if: github.event_name == 'release' -# run: | -# hub release edit ` -# -a ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg ` -# -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` -# -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` -# -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` -# $env:RELEASE_TAG_NAME -# shell: pwsh -# env: -# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} -# RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} + - name: Upload release assets + if: github.event_name == 'release' + run: | + hub release edit ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx ` + -a ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe ` + -a ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe ` + -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` + $env:RELEASE_TAG_NAME + shell: pwsh + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d0fe4686a42..978200f1744 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,16 +1,13 @@ name: Build -on: - workflow_dispatch: - -# on: -# push: -# branches-ignore: -# - 'l10n_master' -# - 'gh-pages' -# release: -# types: -# - published +on: + push: + branches-ignore: + - 'l10n_master' + - 'gh-pages' + release: + types: + - published jobs: @@ -214,22 +211,21 @@ jobs: # name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg # path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - #- name: Upload release assets - # if: github.event_name == 'release' - # run: | - # hub release edit ` - # -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` - # -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` - # -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` - # $env:RELEASE_TAG_NAME - # shell: pwsh - # env: - # GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - # RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} + - name: Upload release assets + if: github.event_name == 'release' + run: | + hub release edit ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` + -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` + $env:RELEASE_TAG_NAME + shell: pwsh + env: + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} macos: runs-on: macos-latest - steps: - name: Set up Node uses: actions/setup-node@v1 diff --git a/appveyor.yml b/appveyor.yml.flagged-to-remove similarity index 100% rename from appveyor.yml rename to appveyor.yml.flagged-to-remove From 54ed6cd2b09d23e3c999f5c9dc6c460161ba4163 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 6 Jan 2021 20:39:43 +0000 Subject: [PATCH 174/228] replacing manual dispatch trigger with push/release triggers --- .github/workflows/build-and-sign.yml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index 53c2f3bc0a9..4fbdab5ce22 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -1,7 +1,14 @@ name: Build & Sign -on: - workflow_dispatch: +on: + push: + branches-ignore: + - 'l10n_master' + - 'gh-pages' + release: + types: + - published + jobs: windows: From 899acaa92a1f8958ec6eb0a2988f151d6911347f Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 6 Jan 2021 20:45:43 +0000 Subject: [PATCH 175/228] uncommenting some if conditions --- .github/workflows/build-and-sign.yml | 8 ++++---- .github/workflows/build.yml | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index 4fbdab5ce22..67efb4c2f75 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -90,28 +90,28 @@ jobs: run: dir ./dist - name: Upload signed portable exe artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}-signed.exe path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe - name: Upload signed installer exe artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}-signed.exe path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe - name: Upload signed appx ia32 artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx - name: Upload signed appx x64 artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 978200f1744..e70a68832fb 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -172,28 +172,28 @@ jobs: -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx" - name: Upload portable exe artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe - name: Upload installer exe artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe - name: Upload store appx ia32 artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx - name: Upload store appx x64 artifact - #if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx From 7534618cf18ffc72b6fc8efdc64679490057eeed Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 14 Jan 2021 21:48:12 +0000 Subject: [PATCH 176/228] undoing publisherDisplayName test --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 4a1b2ce33c1..e1870315cb4 100644 --- a/package.json +++ b/package.json @@ -197,7 +197,7 @@ "applicationId": "bitwardendesktop", "identityName": "8bitSolutionsLLC.bitwardendesktop", "publisher": "CN=14D52771-DE3C-4886-B8BF-825BA7690418", - "publisherDisplayName": "Bitwarden Inc", + "publisherDisplayName": "8bit Solutions LLC", "languages": [ "en-US" ] From 50b5d2a422b2f1a7e4dfd1416619c0408c38545a Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 14 Jan 2021 21:50:25 +0000 Subject: [PATCH 177/228] removing other testing comments --- .github/workflows/build.yml | 76 ++++++++++++++++++------------------- 1 file changed, 38 insertions(+), 38 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e70a68832fb..1d32bb7367f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -43,13 +43,13 @@ jobs: sudo apt-get update sudo apt-get -y install pkg-config libxss-dev libsecret-1-dev rpm - # - name: Set up snap - # if: github.event_name == 'release' - # run: | - # sudo snap install snapcraft --classic - # echo "$SNAP_TOKEN" | snapcraft login --with - - # env: - # SNAP_TOKEN: ${{ secrets.SNAP_TOKEN }} + - name: Set up snap + if: github.event_name == 'release' + run: | + sudo snap install snapcraft --classic + echo "$SNAP_TOKEN" | snapcraft login --with - + env: + SNAP_TOKEN: ${{ secrets.SNAP_TOKEN }} - name: Print environment run: | @@ -109,12 +109,12 @@ jobs: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage - #- name: Deploy to Snap Store - # if: github.event_name == 'release' - # run: | - # ./scripts/snap-update.ps1 -version $env:PACKAGE_VERSION - # snapcraft logout - # shell: pwsh + - name: Deploy to Snap Store + if: github.event_name == 'release' + run: | + ./scripts/snap-update.ps1 -version $env:PACKAGE_VERSION + snapcraft logout + shell: pwsh windows: runs-on: windows-latest @@ -129,20 +129,20 @@ jobs: run: echo "NODE_OPTIONS=--max_old_space_size=4096" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append shell: pwsh - # - name: Set up environment - # if: github.event_name == 'release' - # shell: pwsh - # run: | - # choco install checksum --no-progress - # choco apikey --key $env:CHOCO_API_KEY --source https://push.chocolatey.org/ - # env: - # CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} + - name: Set up environment + if: github.event_name == 'release' + shell: pwsh + run: | + choco install checksum --no-progress + choco apikey --key $env:CHOCO_API_KEY --source https://push.chocolatey.org/ + env: + CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} - name: Print environment run: | node --version npm --version - #choco --version + choco --version - name: Checkout repo uses: actions/checkout@v2 @@ -199,17 +199,17 @@ jobs: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx - # - name: Deploy to Chocolatey - # if: github.event_name == 'release' - # run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION - # shell: pwsh + - name: Deploy to Chocolatey + if: github.event_name == 'release' + run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION + shell: pwsh - # - name: Upload Chocolatey nupkg artifact - # if: github.event_name == 'release' - # uses: actions/upload-artifact@v2 - # with: - # name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - # path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + - name: Upload Chocolatey nupkg artifact + if: github.event_name == 'release' + uses: actions/upload-artifact@v2 + with: + name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - name: Upload release assets if: github.event_name == 'release' @@ -350,12 +350,12 @@ jobs: name: Bitwarden-${{ env.PACKAGE_VERSION }}.pkg path: ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg - # - name: Deploy to App Store - # if: github.event_name == 'release' - # run: npm run upload:mas - # env: - # APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} - # APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} + - name: Deploy to App Store + if: github.event_name == 'release' + run: npm run upload:mas + env: + APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} + APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} - name: Upload release assets if: github.event_name == 'release' From e1c83d324f8fa647b8fa8d11ac00d8c299dbac21 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 14 Jan 2021 23:48:50 +0000 Subject: [PATCH 178/228] testing prod signing --- .github/workflows/build-and-sign.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index 67efb4c2f75..f825a9a73b4 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -13,7 +13,7 @@ on: jobs: windows: runs-on: windows-latest - environment: test_ast + environment: prod steps: - name: Set up dotnet uses: actions/setup-dotnet@v1 @@ -84,7 +84,6 @@ jobs: SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} - SECRET_TEST: ${{ secrets.SECRET_TEST }} - name: List Dist run: dir ./dist From 1d7aa701bf4a3482ec51a425d6e4d34150b7aba9 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 15 Jan 2021 00:56:02 +0000 Subject: [PATCH 179/228] casting to integer --- sign.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sign.js b/sign.js index 14bee1835f5..cbae2b0ad7b 100644 --- a/sign.js +++ b/sign.js @@ -1,5 +1,5 @@ exports.default = async function(configuration) { - if (process.env.ELECTRON_BUILDER_SIGN === 1) { + if (parseInt(process.env.ELECTRON_BUILDER_SIGN) === 1) { require("child_process").execSync( `azuresigntool sign ` + `-kvu ${process.env.SIGNING_VAULT_URL} ` + From 081dfaaa04ca23674fbd95b756f798d4c0f78917 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 15 Jan 2021 01:07:10 +0000 Subject: [PATCH 180/228] chaning back to the other cert to test the signing --- .github/workflows/build-and-sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index f825a9a73b4..2d5e872ef35 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -13,7 +13,7 @@ on: jobs: windows: runs-on: windows-latest - environment: prod + environment: test_ast steps: - name: Set up dotnet uses: actions/setup-dotnet@v1 From 67367bb71b3c9a0b26f4ac8d9e6b602d210791b9 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 15 Jan 2021 01:24:06 +0000 Subject: [PATCH 181/228] chaning back to prod after updating client secret --- .github/workflows/build-and-sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index 2d5e872ef35..f825a9a73b4 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -13,7 +13,7 @@ on: jobs: windows: runs-on: windows-latest - environment: test_ast + environment: prod steps: - name: Set up dotnet uses: actions/setup-dotnet@v1 From 81a5c77b5edf2926ed0d288ea0bf57b3fb683594 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 15 Jan 2021 15:37:49 +0000 Subject: [PATCH 182/228] listing all of the files that electron-builder is trying to sign --- sign.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sign.js b/sign.js index cbae2b0ad7b..68b2ac42892 100644 --- a/sign.js +++ b/sign.js @@ -1,5 +1,7 @@ exports.default = async function(configuration) { if (parseInt(process.env.ELECTRON_BUILDER_SIGN) === 1) { + console.log(`[++] File to sign: ${configuration.path}`) + /* require("child_process").execSync( `azuresigntool sign ` + `-kvu ${process.env.SIGNING_VAULT_URL} ` + @@ -15,5 +17,6 @@ exports.default = async function(configuration) { stdio: "inherit" } ); + */ } }; From 404e4130dabcd5d3137a74bbfca76e2d78537040 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 15 Jan 2021 16:00:55 +0000 Subject: [PATCH 183/228] seeing what file it fails on, specifically --- sign.js | 2 -- 1 file changed, 2 deletions(-) diff --git a/sign.js b/sign.js index 68b2ac42892..8639b9b606c 100644 --- a/sign.js +++ b/sign.js @@ -1,7 +1,6 @@ exports.default = async function(configuration) { if (parseInt(process.env.ELECTRON_BUILDER_SIGN) === 1) { console.log(`[++] File to sign: ${configuration.path}`) - /* require("child_process").execSync( `azuresigntool sign ` + `-kvu ${process.env.SIGNING_VAULT_URL} ` + @@ -17,6 +16,5 @@ exports.default = async function(configuration) { stdio: "inherit" } ); - */ } }; From b4a36dbfd2a7e925c5cbd90bcc889f8f7d5f36dd Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 15 Jan 2021 16:18:14 +0000 Subject: [PATCH 184/228] only signing .exe --- sign.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/sign.js b/sign.js index 8639b9b606c..456de36a96a 100644 --- a/sign.js +++ b/sign.js @@ -1,6 +1,5 @@ exports.default = async function(configuration) { - if (parseInt(process.env.ELECTRON_BUILDER_SIGN) === 1) { - console.log(`[++] File to sign: ${configuration.path}`) + if (parseInt(process.env.ELECTRON_BUILDER_SIGN) === 1 && configuration.path.slice(-4) == ".exe") { require("child_process").execSync( `azuresigntool sign ` + `-kvu ${process.env.SIGNING_VAULT_URL} ` + From 429b0abf42e03a5983b9dedfc39215f573e15956 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 15 Jan 2021 17:19:34 +0000 Subject: [PATCH 185/228] excluding the unpacked appx executables --- sign.js | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/sign.js b/sign.js index 456de36a96a..509902be207 100644 --- a/sign.js +++ b/sign.js @@ -1,5 +1,9 @@ exports.default = async function(configuration) { - if (parseInt(process.env.ELECTRON_BUILDER_SIGN) === 1 && configuration.path.slice(-4) == ".exe") { + if ( + parseInt(process.env.ELECTRON_BUILDER_SIGN) === 1 && + configuration.path.slice(-4) == ".exe" && + !(configuration.path.includes('win-unpacked') || configuration.path.includes('win-ia32-unpacked')) + ) { require("child_process").execSync( `azuresigntool sign ` + `-kvu ${process.env.SIGNING_VAULT_URL} ` + From 8ddc5381597fbbbeef482fa74fc80aa7569b7857 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 15 Jan 2021 17:42:44 +0000 Subject: [PATCH 186/228] adding signing logging --- sign.js | 1 + 1 file changed, 1 insertion(+) diff --git a/sign.js b/sign.js index 509902be207..107f048d465 100644 --- a/sign.js +++ b/sign.js @@ -4,6 +4,7 @@ exports.default = async function(configuration) { configuration.path.slice(-4) == ".exe" && !(configuration.path.includes('win-unpacked') || configuration.path.includes('win-ia32-unpacked')) ) { + console.log(`[*] Signing file: ${configuration.path}`) require("child_process").execSync( `azuresigntool sign ` + `-kvu ${process.env.SIGNING_VAULT_URL} ` + From 4897abce7d50c009737fbe2b3911f3d0fd8162a8 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 15 Jan 2021 18:24:33 +0000 Subject: [PATCH 187/228] renaming upload tasks --- .github/workflows/build-and-sign.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index f825a9a73b4..4c510c62658 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -102,14 +102,14 @@ jobs: name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}-signed.exe path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe - - name: Upload signed appx ia32 artifact + - name: Upload appx ia32 artifact (not signed) if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx - - name: Upload signed appx x64 artifact + - name: Upload appx x64 artifact (not signed) if: github.ref == 'refs/heads/master' || github.event_name == 'release' uses: actions/upload-artifact@v2 with: From 0a68a6a36ec28fe068a74f93d867c4ca5049eaf5 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 15 Jan 2021 19:54:07 +0000 Subject: [PATCH 188/228] merging the build and signing into to the same workflow (might split it back out later) --- .github/workflows/build.yml | 51 ++++++++++++++++++++++++++++++++++--- 1 file changed, 47 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1d32bb7367f..a5c91ced298 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -120,6 +120,11 @@ jobs: runs-on: windows-latest environment: test_ast steps: + - name: Set up dotnet + uses: actions/setup-dotnet@v1 + with: + dotnet-version: "3.1.x" + - name: Set up Node uses: actions/setup-node@v1 with: @@ -129,6 +134,26 @@ jobs: run: echo "NODE_OPTIONS=--max_old_space_size=4096" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append shell: pwsh + - name: Install AST + shell: pwsh + run: | + cd $HOME + + git clone https://github.com/vcsjones/AzureSignTool.git + cd AzureSignTool + $latest_head = $(git rev-parse HEAD)[0..9] -join "" + $latest_version = "0.0.0-g$latest_head" + + Write-Host "--------" + Write-Host "git commit - $(git rev-parse HEAD)" + Write-Host "latest_head - $latest_head" + Write-Host "PACKAGE VERSION TO BUILD - $latest_version" + Write-Host "--------" + + dotnet restore + dotnet pack --output ./nupkg + dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool + - name: Set up environment if: github.event_name == 'release' shell: pwsh @@ -157,11 +182,29 @@ jobs: - name: Run linter run: npm run lint - - name: Build application - shell: pwsh - run: npm run dist:win:ci + - name: Build & Sign (dev) + if: github.event_name != 'release' + run: | + npm run build + npm run pack:win env: - ELECTRON_BUILDER_SIGN: 0 + ELECTRON_BUILDER_SIGN: 1 + SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} + SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} + SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} + SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} + SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} + + - name: Build, Sign & Release + if: github.ref == 'release' + run: npm run publish:win + env: + ELECTRON_BUILDER_SIGN: 1 + SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} + SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} + SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} + SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} + SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} - name: Rename appx files for store shell: pwsh From f76a247fa41eb9d68b1a600b79baecb6a8127606 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 15 Jan 2021 20:02:21 +0000 Subject: [PATCH 189/228] commenting out all of the release things that I don't have secrets for --- .github/workflows/build.yml | 58 ++++++++++++++++++------------------- 1 file changed, 29 insertions(+), 29 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a5c91ced298..83ba0279c7e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -47,9 +47,9 @@ jobs: if: github.event_name == 'release' run: | sudo snap install snapcraft --classic - echo "$SNAP_TOKEN" | snapcraft login --with - - env: - SNAP_TOKEN: ${{ secrets.SNAP_TOKEN }} + # echo "$SNAP_TOKEN" | snapcraft login --with - + #env: + # SNAP_TOKEN: ${{ secrets.SNAP_TOKEN }} - name: Print environment run: | @@ -109,12 +109,12 @@ jobs: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage - - name: Deploy to Snap Store - if: github.event_name == 'release' - run: | - ./scripts/snap-update.ps1 -version $env:PACKAGE_VERSION - snapcraft logout - shell: pwsh + #- name: Deploy to Snap Store + # if: github.event_name == 'release' + # run: | + # ./scripts/snap-update.ps1 -version $env:PACKAGE_VERSION + # snapcraft logout + # shell: pwsh windows: runs-on: windows-latest @@ -154,14 +154,14 @@ jobs: dotnet pack --output ./nupkg dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool - - name: Set up environment - if: github.event_name == 'release' - shell: pwsh - run: | - choco install checksum --no-progress - choco apikey --key $env:CHOCO_API_KEY --source https://push.chocolatey.org/ - env: - CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} + #- name: Set up environment + # if: false && github.event_name == 'release' + # shell: pwsh + # run: | + # choco install checksum --no-progress + # choco apikey --key $env:CHOCO_API_KEY --source https://push.chocolatey.org/ + # env: + # CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} - name: Print environment run: | @@ -254,18 +254,18 @@ jobs: name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - - name: Upload release assets - if: github.event_name == 'release' - run: | - hub release edit ` - -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` - -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` - -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` - $env:RELEASE_TAG_NAME - shell: pwsh - env: - GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} + #- name: Upload release assets + # if: github.event_name == 'release' + # run: | + # hub release edit ` + # -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` + # -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` + # -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` + # $env:RELEASE_TAG_NAME + # shell: pwsh + # env: + # GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + # RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} macos: runs-on: macos-latest From effe1cd5047c3bf77bb8c96c6fb3d680f2efce3c Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 15 Jan 2021 21:58:21 +0000 Subject: [PATCH 190/228] fixing release build --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 83ba0279c7e..e5072ddedb8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -196,7 +196,7 @@ jobs: SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} - name: Build, Sign & Release - if: github.ref == 'release' + if: github.event.name == 'release' run: npm run publish:win env: ELECTRON_BUILDER_SIGN: 1 From 7e0616f39e093bae71056b92c03606bb97b7bef5 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 15 Jan 2021 22:33:03 +0000 Subject: [PATCH 191/228] fixing syntax error --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e5072ddedb8..5393c5979a8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -196,7 +196,7 @@ jobs: SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} - name: Build, Sign & Release - if: github.event.name == 'release' + if: github.event_name == 'release' run: npm run publish:win env: ELECTRON_BUILDER_SIGN: 1 From af254a1f526fa7cbbfc9fe66d1318909fbc87ca6 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 15 Jan 2021 23:07:50 +0000 Subject: [PATCH 192/228] adding in the GH_TOKEN to the publishing task --- .github/workflows/build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 5393c5979a8..3830f69bda2 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -205,6 +205,7 @@ jobs: SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - name: Rename appx files for store shell: pwsh From 36b9295f1b6821f4d7adbe8b511224cc8e90391e Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 15 Jan 2021 23:38:39 +0000 Subject: [PATCH 193/228] fixing the git repository to publish to --- .github/workflows/build.yml | 44 ++++++++++++++++++------------------- package.json | 2 +- 2 files changed, 23 insertions(+), 23 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 3830f69bda2..7c0b5a60337 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -243,30 +243,30 @@ jobs: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx - - name: Deploy to Chocolatey - if: github.event_name == 'release' - run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION - shell: pwsh - - - name: Upload Chocolatey nupkg artifact - if: github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - - #- name: Upload release assets + #- name: Deploy to Chocolatey # if: github.event_name == 'release' - # run: | - # hub release edit ` - # -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` - # -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` - # -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` - # $env:RELEASE_TAG_NAME + # run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION # shell: pwsh - # env: - # GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - # RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} + + #- name: Upload Chocolatey nupkg artifact + # if: github.event_name == 'release' + # uses: actions/upload-artifact@v2 + # with: + # name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + # path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + + - name: Upload release assets + if: github.event_name == 'release' + run: | + hub release edit ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` + -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` + $env:RELEASE_TAG_NAME + shell: pwsh + env: + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} macos: runs-on: macos-latest diff --git a/package.json b/package.json index e1870315cb4..45cc2b611fc 100644 --- a/package.json +++ b/package.json @@ -13,7 +13,7 @@ "homepage": "https://bitwarden.com", "repository": { "type": "git", - "url": "https://github.com/bitwarden/desktop" + "url": "https://github.com/joseph-flinn/desktop" }, "license": "GPL-3.0", "scripts": { From fd6032f121827eab868cf0efdc27269127663c60 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Sat, 16 Jan 2021 00:11:36 +0000 Subject: [PATCH 194/228] changing trigger to draft instead of publish --- .github/workflows/build.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7c0b5a60337..9e790258d2a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -7,7 +7,8 @@ on: - 'gh-pages' release: types: - - published + #- published + - draft jobs: From 713d7d05a0889397f30a6c8e7bd38871cb7c94fd Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 19 Jan 2021 15:33:17 +0000 Subject: [PATCH 195/228] seeing if creating a draft PR covers the 'create' trigger in GH Actions --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9e790258d2a..20f0864b5fb 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -8,7 +8,7 @@ on: release: types: #- published - - draft + - created jobs: From 94b2e53c3f006e3db94c0be41c3fbb2246e497e4 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 19 Jan 2021 15:59:21 +0000 Subject: [PATCH 196/228] adding in release workflow that rebuilds the things --- .github/workflows/release.yml | 363 ++++++++++++++++++++++++++++++++++ 1 file changed, 363 insertions(+) create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000000..b238e832fd8 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,363 @@ +name: Release + +on: + workflow_dispatch: {} + +jobs: + + cloc: + runs-on: ubuntu-latest + + steps: + - name: Checkout repo + uses: actions/checkout@v2 + + - name: Set up cloc + run: | + sudo apt-get update + sudo apt-get -y install cloc + + - name: Print lines of code + run: cloc --include-lang TypeScript,JavaScript,HTML,Sass,CSS --vcs git + + linux: + runs-on: ubuntu-latest + + steps: + - name: Set up Node + uses: actions/setup-node@v1 + with: + node-version: '10.x' + + - name: Set Node options + run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV + + - name: Set up environment + run: | + sudo apt-get update + sudo apt-get -y install pkg-config libxss-dev libsecret-1-dev rpm + + - name: Set up snap + run: | + sudo snap install snapcraft --classic + # echo "$SNAP_TOKEN" | snapcraft login --with - + #env: + # SNAP_TOKEN: ${{ secrets.SNAP_TOKEN }} + + - name: Print environment + run: | + node --version + npm --version + snap --version + snapcraft --version || echo 'snapcraft unavailable' + + - name: Checkout repo + uses: actions/checkout@v2 + + - name: Load package version + run: ./.github/scripts/load-version.ps1 + shell: pwsh + + - name: Install Node dependencies + run: npm install + + - name: Run linter + run: npm run lint + + - name: Build application + run: npm run dist:lin + + - name: Upload .deb artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-amd64.deb + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-amd64.deb + + - name: Upload .rpm artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.rpm + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.rpm + + - name: Upload .freebsd artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64.freebsd + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.freebsd + + - name: Upload .snap artifact + uses: actions/upload-artifact@v2 + with: + name: bitwarden_${{ env.PACKAGE_VERSION }}_amd64.snap + path: ./dist/bitwarden_${{ env.PACKAGE_VERSION }}_amd64.snap + + - name: Upload .AppImage artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage + + #- name: Deploy to Snap Store + # run: | + # ./scripts/snap-update.ps1 -version $env:PACKAGE_VERSION + # snapcraft logout + # shell: pwsh + + windows: + runs-on: windows-latest + environment: test_ast + steps: + - name: Set up dotnet + uses: actions/setup-dotnet@v1 + with: + dotnet-version: "3.1.x" + + - name: Set up Node + uses: actions/setup-node@v1 + with: + node-version: '10.x' + + - name: Set Node options + run: echo "NODE_OPTIONS=--max_old_space_size=4096" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append + shell: pwsh + + - name: Install AST + shell: pwsh + run: | + cd $HOME + + git clone https://github.com/vcsjones/AzureSignTool.git + cd AzureSignTool + $latest_head = $(git rev-parse HEAD)[0..9] -join "" + $latest_version = "0.0.0-g$latest_head" + + Write-Host "--------" + Write-Host "git commit - $(git rev-parse HEAD)" + Write-Host "latest_head - $latest_head" + Write-Host "PACKAGE VERSION TO BUILD - $latest_version" + Write-Host "--------" + + dotnet restore + dotnet pack --output ./nupkg + dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool + + #- name: Set up environment + # shell: pwsh + # run: | + # choco install checksum --no-progress + # choco apikey --key $env:CHOCO_API_KEY --source https://push.chocolatey.org/ + # env: + # CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} + + - name: Print environment + run: | + node --version + npm --version + choco --version + + - name: Checkout repo + uses: actions/checkout@v2 + + - name: Load package version + run: ./.github/scripts/load-version.ps1 + shell: pwsh + + - name: Install Node dependencies + run: npm install + + - name: Run linter + run: npm run lint + + - name: Build, Sign & Release + run: npm run publish:win + env: + ELECTRON_BUILDER_SIGN: 1 + SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} + SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} + SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} + SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} + SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + + - name: Rename appx files for store + shell: pwsh + run: | + Copy-Item "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx" ` + -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx" + Copy-Item "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx" ` + -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx" + + - name: Upload portable exe artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe + path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe + + - name: Upload installer exe artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe + path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe + + - name: Upload store appx ia32 artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx + + - name: Upload store appx x64 artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx + + #- name: Deploy to Chocolatey + # run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION + # shell: pwsh + + #- name: Upload Chocolatey nupkg artifact + # uses: actions/upload-artifact@v2 + # with: + # name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + # path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + + - name: Upload release assets + run: | + hub release edit ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` + -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` + $env:RELEASE_TAG_NAME + shell: pwsh + env: + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} + + macos: + runs-on: macos-latest + steps: + - name: Set up Node + uses: actions/setup-node@v1 + with: + node-version: '10.x' + + - name: Set Node options + run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV + + - name: Print environment + run: | + node --version + npm --version + Write-Output "GitHub ref: $env:GITHUB_REF" + Write-Output "GitHub event: $env:GITHUB_EVENT" + shell: pwsh + env: + GITHUB_REF: ${{ github.ref }} + GITHUB_EVENT: ${{ github.event_name }} + + - name: Checkout repo + uses: actions/checkout@v2 + + - name: Decrypt secrets + run: ./.github/scripts/macos/decrypt-secrets.ps1 + shell: pwsh + env: + DECRYPT_FILE_PASSWORD: ${{ secrets.DECRYPT_FILE_PASSWORD }} + + - name: Set up keychain + run: ./.github/scripts/macos/setup-keychain.ps1 + shell: pwsh + env: + KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} + DESKTOP_KEY_PASSWORD: ${{ secrets.DESKTOP_KEY_PASSWORD }} + DEVID_CERT_PASSWORD: ${{ secrets.DEVID_CERT_PASSWORD }} + APPSTORE_CERT_PASSWORD: ${{ secrets.APPSTORE_CERT_PASSWORD }} + MACDEV_CERT_PASSWORD: ${{ secrets.MACDEV_CERT_PASSWORD }} + APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} + + - name: Set up provisioning profiles + run: ./.github/scripts/macos/setup-profiles.ps1 + shell: pwsh + + - name: Increment version + run: ./.github/scripts/macos/increment-version.ps1 + shell: pwsh + + - name: Load package version + run: ./.github/scripts/load-version.ps1 + shell: pwsh + + - name: Install Node dependencies + run: npm install + + - name: Run linter + run: npm run lint + + - name: Create Safari directory + shell: pwsh + run: New-Item ./dist-safari -ItemType Directory -ea 0 + + - name: Checkout browser extension + uses: actions/checkout@v2 + with: + repository: 'bitwarden/browser' + path: 'dist-safari/browser' + + - name: Build Safari extension + shell: pwsh + run: ./scripts/safari-build.ps1 -skipcheckout -skipoutcopy + + - name: Load Safari extension for .dmg + shell: pwsh + run: ./scripts/safari-build.ps1 -copyonly + + - name: Build application (dist) + run: npm run dist:mac + env: + APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} + APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} + + - name: Upload .zip artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-mac.zip + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-mac.zip + + - name: Upload .dmg artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}.dmg + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}.dmg + + - name: Load Safari extension for App Store + shell: pwsh + run: ./scripts/safari-build.ps1 -mas -copyonly + + - name: Build application for App Store + run: npm run dist:mac:mas + env: + APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} + APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} + + - name: Upload .pkg artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}.pkg + path: ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg + + - name: Deploy to App Store + run: npm run upload:mas + env: + APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} + APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} + + - name: Upload release assets + run: | + hub release edit ` + -a ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg ` + -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` + $env:RELEASE_TAG_NAME + shell: pwsh + env: + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} From 9e59dd6d634e101e3ea2fe5293b50588722f813f Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 19 Jan 2021 17:31:23 +0000 Subject: [PATCH 197/228] adding the release tag name to the manual trigger for the release action --- .github/workflows/release.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b238e832fd8..1b1e7700db9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,7 +1,11 @@ name: Release on: - workflow_dispatch: {} + workflow_dispatch: + inputs: + release_tag_name: + description: 'Release Tag Name (vX.X.X)' + required: true jobs: @@ -360,4 +364,4 @@ jobs: shell: pwsh env: GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} + RELEASE_TAG_NAME: ${{ github.event.input.release_tag_name }} From 0d42b7e8b46d9ef1be792749da55d46b3365d36f Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 19 Jan 2021 17:40:46 +0000 Subject: [PATCH 198/228] commenting out all release specific tasks in the build pipeline --- .github/workflows/build.yml | 96 ++++++++++++++++++------------------- 1 file changed, 48 insertions(+), 48 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 20f0864b5fb..4e47dbaba99 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -44,13 +44,13 @@ jobs: sudo apt-get update sudo apt-get -y install pkg-config libxss-dev libsecret-1-dev rpm - - name: Set up snap - if: github.event_name == 'release' - run: | - sudo snap install snapcraft --classic - # echo "$SNAP_TOKEN" | snapcraft login --with - - #env: - # SNAP_TOKEN: ${{ secrets.SNAP_TOKEN }} + #- name: Set up snap + # if: github.event_name == 'release' + # run: | + # sudo snap install snapcraft --classic + # echo "$SNAP_TOKEN" | snapcraft login --with - + # env: + # SNAP_TOKEN: ${{ secrets.SNAP_TOKEN }} - name: Print environment run: | @@ -156,7 +156,7 @@ jobs: dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool #- name: Set up environment - # if: false && github.event_name == 'release' + # if: false github.event_name == 'release' # shell: pwsh # run: | # choco install checksum --no-progress @@ -196,17 +196,17 @@ jobs: SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} - - name: Build, Sign & Release - if: github.event_name == 'release' - run: npm run publish:win - env: - ELECTRON_BUILDER_SIGN: 1 - SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} - SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} - SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} - SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} - SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} - GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + #- name: Build, Sign & Release + # if: github.event_name == 'release' + # run: npm run publish:win + # env: + # ELECTRON_BUILDER_SIGN: 1 + # SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} + # SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} + # SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} + # SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} + # SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} + # GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - name: Rename appx files for store shell: pwsh @@ -256,18 +256,18 @@ jobs: # name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg # path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - - name: Upload release assets - if: github.event_name == 'release' - run: | - hub release edit ` - -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` - -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` - -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` - $env:RELEASE_TAG_NAME - shell: pwsh - env: - GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} + #- name: Upload release assets + # if: github.event_name == 'release' + # run: | + # hub release edit ` + # -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` + # -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` + # -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` + # $env:RELEASE_TAG_NAME + # shell: pwsh + # env: + # GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + # RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} macos: runs-on: macos-latest @@ -395,21 +395,21 @@ jobs: name: Bitwarden-${{ env.PACKAGE_VERSION }}.pkg path: ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg - - name: Deploy to App Store - if: github.event_name == 'release' - run: npm run upload:mas - env: - APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} - APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} + #- name: Deploy to App Store + # if: github.event_name == 'release' + # run: npm run upload:mas + # env: + # APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} + # APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} - - name: Upload release assets - if: github.event_name == 'release' - run: | - hub release edit ` - -a ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg ` - -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` - $env:RELEASE_TAG_NAME - shell: pwsh - env: - GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} + #- name: Upload release assets + # if: github.event_name == 'release' + # run: | + # hub release edit ` + # -a ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg ` + # -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` + # $env:RELEASE_TAG_NAME + # shell: pwsh + # env: + # GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + # RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} From 1e545973fc756235fee7723c5f3db54a53b80fd0 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 19 Jan 2021 17:55:26 +0000 Subject: [PATCH 199/228] Trying to add release tag to action name --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1b1e7700db9..25fafec7ded 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,4 +1,4 @@ -name: Release +name: Release ${{ github.event.input.release_tag_name }} on: workflow_dispatch: From c414121413a3719e7ee236891e609f524a3770ec Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 19 Jan 2021 17:56:49 +0000 Subject: [PATCH 200/228] removing the failed attempt of custom name for Release Action --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 25fafec7ded..1b1e7700db9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,4 +1,4 @@ -name: Release ${{ github.event.input.release_tag_name }} +name: Release on: workflow_dispatch: From 686b6931dc3c9664038ed79455217636894efcac Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 19 Jan 2021 18:10:10 +0000 Subject: [PATCH 201/228] changing release edit task shell to powershell --- .github/workflows/release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1b1e7700db9..6da355d6044 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -356,6 +356,7 @@ jobs: APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} - name: Upload release assets + shell: pwsh run: | hub release edit ` -a ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg ` From 1a3cfb52017d1c5ca535fcb66fed4c079ccc4095 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 19 Jan 2021 18:17:05 +0000 Subject: [PATCH 202/228] creating quick test of the workflow dispatch input --- .github/workflows/release.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6da355d6044..fa3391afbb9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -111,6 +111,15 @@ jobs: runs-on: windows-latest environment: test_ast steps: + - name: Testing workflow_dispatch input + shell: pwsh + run: | + Write-Host "Version: $($env:RELEASE_TAG_NAME)" + Write-Host "Release Tag Name: $($env:RELEASE_TAG_NAME.TrimStart('v'))" + exit 1 + env: + RELEASE_TAG_NAME: ${{ github.event.input.release_tag_name }} + - name: Set up dotnet uses: actions/setup-dotnet@v1 with: @@ -356,7 +365,6 @@ jobs: APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} - name: Upload release assets - shell: pwsh run: | hub release edit ` -a ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg ` From e3da2013f2c68f75c5ecc74557b1102e02cfb705 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 19 Jan 2021 18:20:09 +0000 Subject: [PATCH 203/228] fixing workflow inputs typo --- .github/workflows/release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index fa3391afbb9..03e66b2ac88 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -118,7 +118,7 @@ jobs: Write-Host "Release Tag Name: $($env:RELEASE_TAG_NAME.TrimStart('v'))" exit 1 env: - RELEASE_TAG_NAME: ${{ github.event.input.release_tag_name }} + RELEASE_TAG_NAME: ${{ github.event.inputs.release_tag_name }} - name: Set up dotnet uses: actions/setup-dotnet@v1 @@ -373,4 +373,4 @@ jobs: shell: pwsh env: GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - RELEASE_TAG_NAME: ${{ github.event.input.release_tag_name }} + RELEASE_TAG_NAME: ${{ github.event.inputs.release_tag_name }} From ebdf160378f637096a18f942d05fbed1c7da25ca Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 19 Jan 2021 18:22:27 +0000 Subject: [PATCH 204/228] removing the testing task --- .github/workflows/release.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 03e66b2ac88..aaadfc976e0 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -111,15 +111,6 @@ jobs: runs-on: windows-latest environment: test_ast steps: - - name: Testing workflow_dispatch input - shell: pwsh - run: | - Write-Host "Version: $($env:RELEASE_TAG_NAME)" - Write-Host "Release Tag Name: $($env:RELEASE_TAG_NAME.TrimStart('v'))" - exit 1 - env: - RELEASE_TAG_NAME: ${{ github.event.inputs.release_tag_name }} - - name: Set up dotnet uses: actions/setup-dotnet@v1 with: From 9fef65dfb8d03b21190e4fa3f83bc64a20a5ad09 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 19 Jan 2021 18:38:28 +0000 Subject: [PATCH 205/228] changing the other release edit tasks to use the inputs... --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index aaadfc976e0..86a7b095268 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -235,7 +235,7 @@ jobs: shell: pwsh env: GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} + RELEASE_TAG_NAME: ${{ github.event.inputs.release_tag_name }} macos: runs-on: macos-latest From c60090172298ab528bc32ab7f7c3fb15983e5289 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 19 Jan 2021 19:19:10 +0000 Subject: [PATCH 206/228] changing windows build environment to prod to use the HSM backed EV CS key --- .github/workflows/build.yml | 2 +- .github/workflows/release.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4e47dbaba99..43f24a53340 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -119,7 +119,7 @@ jobs: windows: runs-on: windows-latest - environment: test_ast + environment: prod steps: - name: Set up dotnet uses: actions/setup-dotnet@v1 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 86a7b095268..d4426c3a237 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -109,7 +109,7 @@ jobs: windows: runs-on: windows-latest - environment: test_ast + environment: prod steps: - name: Set up dotnet uses: actions/setup-dotnet@v1 From 46d70441f9a3479df8807c4de2d5f3fb047b4953 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Tue, 19 Jan 2021 20:35:24 +0000 Subject: [PATCH 207/228] changing package repo just in case --- src/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/package.json b/src/package.json index ce88bc06d95..1f4a6577b55 100644 --- a/src/package.json +++ b/src/package.json @@ -9,7 +9,7 @@ "main": "main.js", "repository": { "type": "git", - "url": "https://github.com/bitwarden/desktop" + "url": "https://github.com/joseph-flinn/desktop" }, "dependencies": { "@nodert-win10-rs4/windows.security.credentials.ui": "^0.4.4", From 6a2eb5f00194ec2a5b2041b78d2946de87e2e57e Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 20 Jan 2021 15:53:35 +0000 Subject: [PATCH 208/228] removing the testing code from the pipelines --- .github/workflows/build-and-sign.yml | 132 --------------------------- .github/workflows/build.yml | 130 ++++++-------------------- .github/workflows/release.yml | 47 +++++----- 3 files changed, 50 insertions(+), 259 deletions(-) delete mode 100644 .github/workflows/build-and-sign.yml diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml deleted file mode 100644 index 4c510c62658..00000000000 --- a/.github/workflows/build-and-sign.yml +++ /dev/null @@ -1,132 +0,0 @@ -name: Build & Sign - -on: - push: - branches-ignore: - - 'l10n_master' - - 'gh-pages' - release: - types: - - published - - -jobs: - windows: - runs-on: windows-latest - environment: prod - steps: - - name: Set up dotnet - uses: actions/setup-dotnet@v1 - with: - dotnet-version: "3.1.x" - - - name: Set up Node - uses: actions/setup-node@v1 - with: - node-version: '10.x' - - - name: Set Node options - run: echo "NODE_OPTIONS=--max_old_space_size=4096" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append - shell: pwsh - - - name: Print environment - run: | - node --version - npm --version - dotnet --version - - - name: Install AST - shell: pwsh - run: | - cd $HOME - - git clone https://github.com/vcsjones/AzureSignTool.git - cd AzureSignTool - $latest_head = $(git rev-parse HEAD)[0..9] -join "" - $latest_version = "0.0.0-g$latest_head" - - Write-Host "--------" - Write-Host "git commit - $(git rev-parse HEAD)" - Write-Host "latest_head - $latest_head" - Write-Host "PACKAGE VERSION TO BUILD - $latest_version" - Write-Host "--------" - - dotnet restore - dotnet pack --output ./nupkg - dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool - - cd $HOME - - - name: Checkout repo - uses: actions/checkout@v2 - - - name: Load package version - run: ./.github/scripts/load-version.ps1 - shell: pwsh - - - name: Install Node dependencies - run: npm install - - - name: Run linter - run: npm run lint - - - name: Build application - run: npm run build - - - name: Build & Sign - run: | - npm run build - npm run pack:win - env: - ELECTRON_BUILDER_SIGN: 1 - SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} - SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} - SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} - SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} - SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} - - - name: List Dist - run: dir ./dist - - - name: Upload signed portable exe artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}-signed.exe - path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe - - - name: Upload signed installer exe artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}-signed.exe - path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe - - - name: Upload appx ia32 artifact (not signed) - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx - path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx - - - name: Upload appx x64 artifact (not signed) - if: github.ref == 'refs/heads/master' || github.event_name == 'release' - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx - path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx - - - name: Upload release assets - if: github.event_name == 'release' - run: | - hub release edit ` - -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx ` - -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx ` - -a ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe ` - -a ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe ` - -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` - $env:RELEASE_TAG_NAME - shell: pwsh - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 43f24a53340..1ce0a04f964 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -5,10 +5,6 @@ on: branches-ignore: - 'l10n_master' - 'gh-pages' - release: - types: - #- published - - created jobs: @@ -44,13 +40,9 @@ jobs: sudo apt-get update sudo apt-get -y install pkg-config libxss-dev libsecret-1-dev rpm - #- name: Set up snap - # if: github.event_name == 'release' - # run: | - # sudo snap install snapcraft --classic - # echo "$SNAP_TOKEN" | snapcraft login --with - - # env: - # SNAP_TOKEN: ${{ secrets.SNAP_TOKEN }} + - name: Set up snap + run: | + sudo snap install snapcraft --classic - name: Print environment run: | @@ -76,50 +68,43 @@ jobs: run: npm run dist:lin - name: Upload .deb artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-amd64.deb path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-amd64.deb - name: Upload .rpm artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.rpm path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.rpm - name: Upload .freebsd artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64.freebsd path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.freebsd - name: Upload .snap artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' uses: actions/upload-artifact@v2 with: name: bitwarden_${{ env.PACKAGE_VERSION }}_amd64.snap path: ./dist/bitwarden_${{ env.PACKAGE_VERSION }}_amd64.snap - name: Upload .AppImage artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage - #- name: Deploy to Snap Store - # if: github.event_name == 'release' - # run: | - # ./scripts/snap-update.ps1 -version $env:PACKAGE_VERSION - # snapcraft logout - # shell: pwsh windows: runs-on: windows-latest - environment: prod steps: - name: Set up dotnet uses: actions/setup-dotnet@v1 @@ -155,14 +140,10 @@ jobs: dotnet pack --output ./nupkg dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool - #- name: Set up environment - # if: false github.event_name == 'release' - # shell: pwsh - # run: | - # choco install checksum --no-progress - # choco apikey --key $env:CHOCO_API_KEY --source https://push.chocolatey.org/ - # env: - # CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} + - name: Set up environment + shell: pwsh + run: | + choco install checksum --no-progress - name: Print environment run: | @@ -184,7 +165,6 @@ jobs: run: npm run lint - name: Build & Sign (dev) - if: github.event_name != 'release' run: | npm run build npm run pack:win @@ -196,18 +176,6 @@ jobs: SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} - #- name: Build, Sign & Release - # if: github.event_name == 'release' - # run: npm run publish:win - # env: - # ELECTRON_BUILDER_SIGN: 1 - # SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} - # SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} - # SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} - # SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} - # SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} - # GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - - name: Rename appx files for store shell: pwsh run: | @@ -217,58 +185,33 @@ jobs: -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx" - name: Upload portable exe artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' uses: actions/upload-artifact@v2 with: name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe - name: Upload installer exe artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' uses: actions/upload-artifact@v2 with: name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe - name: Upload store appx ia32 artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx - name: Upload store appx x64 artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx - #- name: Deploy to Chocolatey - # if: github.event_name == 'release' - # run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION - # shell: pwsh - - #- name: Upload Chocolatey nupkg artifact - # if: github.event_name == 'release' - # uses: actions/upload-artifact@v2 - # with: - # name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - # path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - - #- name: Upload release assets - # if: github.event_name == 'release' - # run: | - # hub release edit ` - # -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` - # -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` - # -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` - # $env:RELEASE_TAG_NAME - # shell: pwsh - # env: - # GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - # RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} - macos: runs-on: macos-latest steps: @@ -330,86 +273,67 @@ jobs: run: npm run lint - name: Create Safari directory - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' shell: pwsh run: New-Item ./dist-safari -ItemType Directory -ea 0 - name: Checkout browser extension - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' uses: actions/checkout@v2 with: repository: 'bitwarden/browser' path: 'dist-safari/browser' - name: Build Safari extension - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' shell: pwsh run: ./scripts/safari-build.ps1 -skipcheckout -skipoutcopy - name: Load Safari extension for .dmg - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' shell: pwsh run: ./scripts/safari-build.ps1 -copyonly - name: Build application (dev) - if: github.ref != 'refs/heads/master' && github.event_name != 'release' + if: github.ref != 'refs/heads/master' run: npm run build - name: Build application (dist) - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' run: npm run dist:mac env: APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} - name: Upload .zip artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}-mac.zip path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-mac.zip - name: Upload .dmg artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}.dmg path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}.dmg - name: Load Safari extension for App Store - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' shell: pwsh run: ./scripts/safari-build.ps1 -mas -copyonly - name: Build application for App Store - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' run: npm run dist:mac:mas env: APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} - name: Upload .pkg artifact - if: github.ref == 'refs/heads/master' || github.event_name == 'release' + if: github.ref == 'refs/heads/master' uses: actions/upload-artifact@v2 with: name: Bitwarden-${{ env.PACKAGE_VERSION }}.pkg path: ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg - - #- name: Deploy to App Store - # if: github.event_name == 'release' - # run: npm run upload:mas - # env: - # APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} - # APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} - - #- name: Upload release assets - # if: github.event_name == 'release' - # run: | - # hub release edit ` - # -a ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg ` - # -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` - # $env:RELEASE_TAG_NAME - # shell: pwsh - # env: - # GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - # RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d4426c3a237..e631868154d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -44,9 +44,9 @@ jobs: - name: Set up snap run: | sudo snap install snapcraft --classic - # echo "$SNAP_TOKEN" | snapcraft login --with - - #env: - # SNAP_TOKEN: ${{ secrets.SNAP_TOKEN }} + echo "$SNAP_TOKEN" | snapcraft login --with - + env: + SNAP_TOKEN: ${{ secrets.SNAP_TOKEN }} - name: Print environment run: | @@ -101,15 +101,14 @@ jobs: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage - #- name: Deploy to Snap Store - # run: | - # ./scripts/snap-update.ps1 -version $env:PACKAGE_VERSION - # snapcraft logout - # shell: pwsh + - name: Deploy to Snap Store + run: | + ./scripts/snap-update.ps1 -version $env:PACKAGE_VERSION + snapcraft logout + shell: pwsh windows: runs-on: windows-latest - environment: prod steps: - name: Set up dotnet uses: actions/setup-dotnet@v1 @@ -145,13 +144,13 @@ jobs: dotnet pack --output ./nupkg dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool - #- name: Set up environment - # shell: pwsh - # run: | - # choco install checksum --no-progress - # choco apikey --key $env:CHOCO_API_KEY --source https://push.chocolatey.org/ - # env: - # CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} + - name: Set up environment + shell: pwsh + run: | + choco install checksum --no-progress + choco apikey --key $env:CHOCO_API_KEY --source https://push.chocolatey.org/ + env: + CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} - name: Print environment run: | @@ -215,15 +214,15 @@ jobs: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx - #- name: Deploy to Chocolatey - # run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION - # shell: pwsh + - name: Deploy to Chocolatey + run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION + shell: pwsh - #- name: Upload Chocolatey nupkg artifact - # uses: actions/upload-artifact@v2 - # with: - # name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - # path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + - name: Upload Chocolatey nupkg artifact + uses: actions/upload-artifact@v2 + with: + name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - name: Upload release assets run: | From 2efcf8386fedfd7f7448f4d60ae9a98f30e1ee77 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 20 Jan 2021 15:58:28 +0000 Subject: [PATCH 209/228] fixing the package.json testing code --- .github/workflows/release.yml | 2 -- package.json | 2 +- src/package.json | 4 ++-- 3 files changed, 3 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e631868154d..0e19f9e6c5e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -8,7 +8,6 @@ on: required: true jobs: - cloc: runs-on: ubuntu-latest @@ -26,7 +25,6 @@ jobs: linux: runs-on: ubuntu-latest - steps: - name: Set up Node uses: actions/setup-node@v1 diff --git a/package.json b/package.json index 45cc2b611fc..e1870315cb4 100644 --- a/package.json +++ b/package.json @@ -13,7 +13,7 @@ "homepage": "https://bitwarden.com", "repository": { "type": "git", - "url": "https://github.com/joseph-flinn/desktop" + "url": "https://github.com/bitwarden/desktop" }, "license": "GPL-3.0", "scripts": { diff --git a/src/package.json b/src/package.json index 1f4a6577b55..781a491dc03 100644 --- a/src/package.json +++ b/src/package.json @@ -2,14 +2,14 @@ "name": "bitwarden", "productName": "Bitwarden", "description": "A secure and free password manager for all of your devices.", - "version": "1.23.3-alpha", + "version": "1.23.1", "author": "Bitwarden Inc. (https://bitwarden.com)", "homepage": "https://bitwarden.com", "license": "GPL-3.0", "main": "main.js", "repository": { "type": "git", - "url": "https://github.com/joseph-flinn/desktop" + "url": "https://github.com/bitwarden/desktop" }, "dependencies": { "@nodert-win10-rs4/windows.security.credentials.ui": "^0.4.4", From e44fe9e801bcd178f042203e67d81d4dc68e60e0 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 20 Jan 2021 16:03:23 +0000 Subject: [PATCH 210/228] renaming GH_TOKEN to the already used GITHUB_TOKEN --- .github/workflows/release.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0e19f9e6c5e..98ca04ea4a6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -178,7 +178,7 @@ jobs: SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} - GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Rename appx files for store shell: pwsh @@ -231,7 +231,7 @@ jobs: $env:RELEASE_TAG_NAME shell: pwsh env: - GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} RELEASE_TAG_NAME: ${{ github.event.inputs.release_tag_name }} macos: @@ -360,5 +360,5 @@ jobs: $env:RELEASE_TAG_NAME shell: pwsh env: - GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} RELEASE_TAG_NAME: ${{ github.event.inputs.release_tag_name }} From 20d2801ef7ae7f698c54951f08da02075a73d727 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Wed, 20 Jan 2021 21:48:22 +0000 Subject: [PATCH 211/228] switching GITHUB_TOKEN back to GH_TOKEN because I can't create the GITHUB_TOKEN secret in my repo. GITHUB_* is probably reserved --- .github/workflows/release.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 98ca04ea4a6..0e19f9e6c5e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -178,7 +178,7 @@ jobs: SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - name: Rename appx files for store shell: pwsh @@ -231,7 +231,7 @@ jobs: $env:RELEASE_TAG_NAME shell: pwsh env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} RELEASE_TAG_NAME: ${{ github.event.inputs.release_tag_name }} macos: @@ -360,5 +360,5 @@ jobs: $env:RELEASE_TAG_NAME shell: pwsh env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} RELEASE_TAG_NAME: ${{ github.event.inputs.release_tag_name }} From c4b5f8a88b5e12880fa566349debef11ddda9775 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 21 Jan 2021 23:02:22 +0000 Subject: [PATCH 212/228] switching over to the provided action to upload release assets --- .github/workflows/release.yml | 221 ++++++++++++++++++---------------- package.json | 2 +- src/package.json | 4 +- 3 files changed, 122 insertions(+), 105 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0e19f9e6c5e..4133c5fd1b3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -7,6 +7,7 @@ on: description: 'Release Tag Name (vX.X.X)' required: true + jobs: cloc: runs-on: ubuntu-latest @@ -23,8 +24,36 @@ jobs: - name: Print lines of code run: cloc --include-lang TypeScript,JavaScript,HTML,Sass,CSS --vcs git + + setup: + runs-on: ubuntu-latest + outputs: + release_upload_url: ${{ steps.create_release.outputs.upload_url }} + steps: + - name: Checkout repo + uses: actions/checkout@v2 + + - name: Create Release Name + run: | + echo "RELEASE_NAME=${RELEASE_TAG_NAME:1}" >> $GITHUB_ENV + env: + RELEASE_TAG_NAME: ${{ github.event.inputs.release_tag_name }} + + - name: Create Draft Release + id: create_release + uses: actions/create-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + with: + tag_name: ${{ github.event.inputs.release_tag_name }} + release_name: ${{ env.RELEASE_NAME }} + draft: true + prerelease: false + + linux: runs-on: ubuntu-latest + needs: setup steps: - name: Set up Node uses: actions/setup-node@v1 @@ -42,9 +71,9 @@ jobs: - name: Set up snap run: | sudo snap install snapcraft --classic - echo "$SNAP_TOKEN" | snapcraft login --with - - env: - SNAP_TOKEN: ${{ secrets.SNAP_TOKEN }} + # echo "$SNAP_TOKEN" | snapcraft login --with - + #env: + # SNAP_TOKEN: ${{ secrets.SNAP_TOKEN }} - name: Print environment run: | @@ -69,41 +98,62 @@ jobs: - name: Build application run: npm run dist:lin - - name: Upload .deb artifact - uses: actions/upload-artifact@v2 + - name: Upload .deb release asset + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}-amd64.deb - path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-amd64.deb + upload_url: ${{ needs.setup.outputs.release_upload_url }} + asset_name: Bitwarden-${{ env.PACKAGE_VERSION }}-amd64.deb + asset_path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-amd64.deb + asset_content_type: application/x-debian-package - - name: Upload .rpm artifact - uses: actions/upload-artifact@v2 + - name: Upload .rpm release asset + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.rpm - path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.rpm + upload_url: ${{ needs.setup.outputs.release_upload_url }} + asset_name: Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.rpm + asset_path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.rpm + asset_content_type: application - - name: Upload .freebsd artifact - uses: actions/upload-artifact@v2 + - name: Upload .freebsd release asset + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64.freebsd - path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.freebsd + upload_url: ${{ needs.setup.outputs.release_upload_url }} + asset_name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64.freebsd + asset_path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.freebsd + asset_content_type: application - - name: Upload .snap artifact - uses: actions/upload-artifact@v2 + - name: Upload .snap checksum release asset + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: - name: bitwarden_${{ env.PACKAGE_VERSION }}_amd64.snap - path: ./dist/bitwarden_${{ env.PACKAGE_VERSION }}_amd64.snap + upload_url: ${{ needs.setup.outputs.release_upload_url }} + asset_name: bitwarden_${{ env.PACKAGE_VERSION }}_amd64.snap + asset_path: ./dist/bitwarden_${{ env.PACKAGE_VERSION }}_amd64.snap + asset_content_type: application - - name: Upload .AppImage artifact - uses: actions/upload-artifact@v2 + - name: Upload .AppImage checksum release asset + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage - path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage + upload_url: ${{ needs.setup.outputs.release_upload_url }} + asset_name: Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage + asset_path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage + asset_content_type: application + + #- name: Deploy to Snap Store + # run: | + # ./scripts/snap-update.ps1 -version $env:PACKAGE_VERSION + # snapcraft logout + # shell: pwsh - - name: Deploy to Snap Store - run: | - ./scripts/snap-update.ps1 -version $env:PACKAGE_VERSION - snapcraft logout - shell: pwsh windows: runs-on: windows-latest @@ -146,9 +196,9 @@ jobs: shell: pwsh run: | choco install checksum --no-progress - choco apikey --key $env:CHOCO_API_KEY --source https://push.chocolatey.org/ - env: - CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} + # choco apikey --key $env:CHOCO_API_KEY --source https://push.chocolatey.org/ + #env: + # CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} - name: Print environment run: | @@ -188,51 +238,17 @@ jobs: Copy-Item "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx" ` -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx" - - name: Upload portable exe artifact - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe - path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe - - - name: Upload installer exe artifact - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe - path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe - - - name: Upload store appx ia32 artifact - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx - path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx - - - name: Upload store appx x64 artifact - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx - path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx - - - name: Deploy to Chocolatey - run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION - shell: pwsh - - - name: Upload Chocolatey nupkg artifact - uses: actions/upload-artifact@v2 - with: - name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - - - name: Upload release assets - run: | - hub release edit ` - -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` - -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` - -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` - $env:RELEASE_TAG_NAME - shell: pwsh + - name: Upload Chocolatey nupkg release asset + id: upload-macos-checksum + uses: actions/upload-release-asset@v1 env: - GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - RELEASE_TAG_NAME: ${{ github.event.inputs.release_tag_name }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ needs.setup.outputs.release_upload_url }} + asset_name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + asset_path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + asset_content_type: text/plain + macos: runs-on: macos-latest @@ -318,18 +334,6 @@ jobs: APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} - - name: Upload .zip artifact - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}-mac.zip - path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-mac.zip - - - name: Upload .dmg artifact - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}.dmg - path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}.dmg - - name: Load Safari extension for App Store shell: pwsh run: ./scripts/safari-build.ps1 -mas -copyonly @@ -340,25 +344,38 @@ jobs: APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} - - name: Upload .pkg artifact - uses: actions/upload-artifact@v2 - with: - name: Bitwarden-${{ env.PACKAGE_VERSION }}.pkg - path: ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg - - name: Deploy to App Store run: npm run upload:mas env: APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} - - name: Upload release assets - run: | - hub release edit ` - -a ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg ` - -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` - $env:RELEASE_TAG_NAME - shell: pwsh + - name: Upload .pkg release asset + uses: actions/upload-release-asset@v1 env: - GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - RELEASE_TAG_NAME: ${{ github.event.inputs.release_tag_name }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ needs.setup.outputs.release_upload_url }} + asset_name: Bitwarden-${{ env.PACKAGE_VERSION }}.pkg + asset_path: ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg + asset_content_type: text/plain + + - name: Upload zip release asset + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ needs.setup.outputs.release_upload_url }} + asset_name: Bitwarden-${{ env.PACKAGE_VERSION }}-mac.zip + asset_path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-mac.zip + asset_content_type: text/plain + + - name: Upload .dmg release asset + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ needs.setup.outputs.release_upload_url }} + asset_name: Bitwarden-${{ env.PACKAGE_VERSION }}.dmg + asset_path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}.dmg + asset_content_type: text/plain diff --git a/package.json b/package.json index e1870315cb4..45cc2b611fc 100644 --- a/package.json +++ b/package.json @@ -13,7 +13,7 @@ "homepage": "https://bitwarden.com", "repository": { "type": "git", - "url": "https://github.com/bitwarden/desktop" + "url": "https://github.com/joseph-flinn/desktop" }, "license": "GPL-3.0", "scripts": { diff --git a/src/package.json b/src/package.json index 781a491dc03..0ecc4c17070 100644 --- a/src/package.json +++ b/src/package.json @@ -2,14 +2,14 @@ "name": "bitwarden", "productName": "Bitwarden", "description": "A secure and free password manager for all of your devices.", - "version": "1.23.1", + "version": "1.23.4-alpha", "author": "Bitwarden Inc. (https://bitwarden.com)", "homepage": "https://bitwarden.com", "license": "GPL-3.0", "main": "main.js", "repository": { "type": "git", - "url": "https://github.com/bitwarden/desktop" + "url": "https://github.com/joseph-flinn/desktop" }, "dependencies": { "@nodert-win10-rs4/windows.security.credentials.ui": "^0.4.4", From 8b56129dcd3de806ea1ce795dc30ff726c31678a Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 21 Jan 2021 23:06:32 +0000 Subject: [PATCH 213/228] updating the content types --- .github/workflows/release.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4133c5fd1b3..649a2874c52 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -157,6 +157,7 @@ jobs: windows: runs-on: windows-latest + needs: setup steps: - name: Set up dotnet uses: actions/setup-dotnet@v1 @@ -247,11 +248,12 @@ jobs: upload_url: ${{ needs.setup.outputs.release_upload_url }} asset_name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg asset_path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg - asset_content_type: text/plain + asset_content_type: application macos: runs-on: macos-latest + needs: setup steps: - name: Set up Node uses: actions/setup-node@v1 @@ -358,7 +360,7 @@ jobs: upload_url: ${{ needs.setup.outputs.release_upload_url }} asset_name: Bitwarden-${{ env.PACKAGE_VERSION }}.pkg asset_path: ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg - asset_content_type: text/plain + asset_content_type: application/vnd.apple.installer+xml - name: Upload zip release asset uses: actions/upload-release-asset@v1 @@ -368,7 +370,7 @@ jobs: upload_url: ${{ needs.setup.outputs.release_upload_url }} asset_name: Bitwarden-${{ env.PACKAGE_VERSION }}-mac.zip asset_path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-mac.zip - asset_content_type: text/plain + asset_content_type: application/zip - name: Upload .dmg release asset uses: actions/upload-release-asset@v1 @@ -378,4 +380,4 @@ jobs: upload_url: ${{ needs.setup.outputs.release_upload_url }} asset_name: Bitwarden-${{ env.PACKAGE_VERSION }}.dmg asset_path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}.dmg - asset_content_type: text/plain + asset_content_type: application/x-apple-diskimage From f908b1a7b25ce7ee57f02739470aab849f0325a1 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 21 Jan 2021 23:23:03 +0000 Subject: [PATCH 214/228] trying the linux publish and different windows setup --- .github/workflows/release.yml | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 649a2874c52..3e8573dc54d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -95,10 +95,17 @@ jobs: - name: Run linter run: npm run lint + - name: Build & Publish + run: npm run publish:lin + env: + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + - name: Build application + if: false run: npm run dist:lin - name: Upload .deb release asset + if: false uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -109,6 +116,7 @@ jobs: asset_content_type: application/x-debian-package - name: Upload .rpm release asset + if: false uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -119,6 +127,7 @@ jobs: asset_content_type: application - name: Upload .freebsd release asset + if: false uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -129,6 +138,7 @@ jobs: asset_content_type: application - name: Upload .snap checksum release asset + if: false uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -139,6 +149,7 @@ jobs: asset_content_type: application - name: Upload .AppImage checksum release asset + if: false uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -193,13 +204,19 @@ jobs: dotnet pack --output ./nupkg dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool + - name: Set up environment + if: false + shell: pwsh + run: | + choco install checksum --no-progress + choco apikey --key $env:CHOCO_API_KEY --source https://push.chocolatey.org/ + env: + CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} + - name: Set up environment shell: pwsh run: | choco install checksum --no-progress - # choco apikey --key $env:CHOCO_API_KEY --source https://push.chocolatey.org/ - #env: - # CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} - name: Print environment run: | @@ -252,6 +269,7 @@ jobs: macos: + if: false runs-on: macos-latest needs: setup steps: From 58a830fc83fa84deb2c35557932e073178553eab Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Thu, 21 Jan 2021 23:47:36 +0000 Subject: [PATCH 215/228] adding in the environment for windows signing --- .github/workflows/release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3e8573dc54d..877a943c8fe 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -168,6 +168,7 @@ jobs: windows: runs-on: windows-latest + environment: prod needs: setup steps: - name: Set up dotnet From de7ba57a1011b37d8b38b57745de40a15ae2b9c7 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 22 Jan 2021 00:13:04 +0000 Subject: [PATCH 216/228] fixing the chocolatey issue --- .github/workflows/release.yml | 4 ++++ scripts/choco-update.ps1 | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 877a943c8fe..db38a1107b0 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -257,6 +257,10 @@ jobs: Copy-Item "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx" ` -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx" + - name: Deploy to Chocolatey + shell: pwsh + run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION + - name: Upload Chocolatey nupkg release asset id: upload-macos-checksum uses: actions/upload-release-asset@v1 diff --git a/scripts/choco-update.ps1 b/scripts/choco-update.ps1 index 72677357aaa..4e2496581ec 100644 --- a/scripts/choco-update.ps1 +++ b/scripts/choco-update.ps1 @@ -30,5 +30,5 @@ $chocoInstall = $distChocoDir + "\tools\chocolateyinstall.ps1"; (Get-Content $chocoInstall).replace('__version__', $version).replace('__checksum__', $checksum) | Set-Content $chocoInstall choco pack $nuspec --version $version --out $distChocoDir cd $distChocoDir -choco push +#choco push cd $rootDir From ef7b1d9a19a4d0bada649bf5658f4d79c59b3d60 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 22 Jan 2021 02:46:11 +0000 Subject: [PATCH 217/228] moving the choco update script into the release pipeline and the build pipeline --- .github/workflows/build.yml | 18 ++++++++++++++++++ .github/workflows/release.yml | 11 ++++++++++- 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1ce0a04f964..7e7e89c5b39 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -184,6 +184,17 @@ jobs: Copy-Item "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx" ` -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx" + - name: Deploy to Chocolatey + shell: pwsh + run: | + Copy-Item -Path ./stores/chocolatey -Destination ./chocolatey -Recurse + Copy-Item -Path ./dist/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe -Destination ./chocolatey + + $checksum = checksum -t sha256 ./chocoloatey/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe + $chocoInstall = "./chocolatey/tools/chocolateyinstall.ps1" + (Get-Content $chocoInstall).replace('__version__', ${{ env.PACKAGE_VERSION }}).replace('__checksum__', $checksum) | Set-Content $chocoInstall + choco pack ./chocolatey/bitwarden.nuspec --version ${{ env.PACKAGE_VERSION }} --out ./chocolately + - name: Upload portable exe artifact if: github.ref == 'refs/heads/master' uses: actions/upload-artifact@v2 @@ -212,6 +223,13 @@ jobs: name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx + - name: Upload nupkg artifact + if: github.ref == 'refs/heads/master' + uses: actions/upload-artifact@v2 + with: + name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + macos: runs-on: macos-latest steps: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index db38a1107b0..7a5912cf211 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -259,7 +259,16 @@ jobs: - name: Deploy to Chocolatey shell: pwsh - run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION + run: | + Copy-Item -Path ./stores/chocolatey -Destination ./dist/chocolatey -Recurse + Copy-Item -Path ./dist/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe -Destination ./dist/chocolatey + + $checksum = checksum -t sha256 ./dist/chocoloatey/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe + $chocoInstall = "./dist/chocolatey/tools/chocolateyinstall.ps1" + (Get-Content $chocoInstall).replace('__version__', ${{ env.PACKAGE_VERSION }}).replace('__checksum__', $checksum) | Set-Content $chocoInstall + choco pack ./dist/chocolatey/bitwarden.nuspec --version ${{ env.PACKAGE_VERSION }} --out ./dist/chocolately + cd ./dist/chocolately + #choco push - name: Upload Chocolatey nupkg release asset id: upload-macos-checksum From 9c4a6bfbb67640441b344a39d4e4bf5c973acde9 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 22 Jan 2021 03:13:54 +0000 Subject: [PATCH 218/228] fixing the package version to be a string --- .github/workflows/release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7a5912cf211..e816371db6b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -265,8 +265,8 @@ jobs: $checksum = checksum -t sha256 ./dist/chocoloatey/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe $chocoInstall = "./dist/chocolatey/tools/chocolateyinstall.ps1" - (Get-Content $chocoInstall).replace('__version__', ${{ env.PACKAGE_VERSION }}).replace('__checksum__', $checksum) | Set-Content $chocoInstall - choco pack ./dist/chocolatey/bitwarden.nuspec --version ${{ env.PACKAGE_VERSION }} --out ./dist/chocolately + (Get-Content $chocoInstall).replace('__version__', "$env:PACKAGE_VERSION").replace('__checksum__', $checksum) | Set-Content $chocoInstall + choco pack ./dist/chocolatey/bitwarden.nuspec --version "$env:PACKAGE_VERSION" --out ./dist/chocolately cd ./dist/chocolately #choco push From 6909a09a34c4799ee909f3e7974a4d9cb44211c7 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 22 Jan 2021 03:30:34 +0000 Subject: [PATCH 219/228] fixing path --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e816371db6b..a1cca2dd6ac 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -261,7 +261,7 @@ jobs: shell: pwsh run: | Copy-Item -Path ./stores/chocolatey -Destination ./dist/chocolatey -Recurse - Copy-Item -Path ./dist/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe -Destination ./dist/chocolatey + Copy-Item -Path ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe -Destination ./dist/chocolatey $checksum = checksum -t sha256 ./dist/chocoloatey/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe $chocoInstall = "./dist/chocolatey/tools/chocolateyinstall.ps1" From 13c9148e24d5038f0c6f6a16efbe62e20c725b80 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 22 Jan 2021 03:52:04 +0000 Subject: [PATCH 220/228] debugging code --- .github/workflows/release.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a1cca2dd6ac..ea925cd0ed1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -257,12 +257,17 @@ jobs: Copy-Item "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx" ` -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx" + - name: List Dir + run: ls ./dist + - name: Deploy to Chocolatey shell: pwsh run: | Copy-Item -Path ./stores/chocolatey -Destination ./dist/chocolatey -Recurse Copy-Item -Path ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe -Destination ./dist/chocolatey + ls ./dist + $checksum = checksum -t sha256 ./dist/chocoloatey/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe $chocoInstall = "./dist/chocolatey/tools/chocolateyinstall.ps1" (Get-Content $chocoInstall).replace('__version__', "$env:PACKAGE_VERSION").replace('__checksum__', $checksum) | Set-Content $chocoInstall From dbb7ca43361c5bfa77c84fefbe84c68f77688936 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 22 Jan 2021 04:12:47 +0000 Subject: [PATCH 221/228] more debugging --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ea925cd0ed1..93f4b1634e9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -266,7 +266,7 @@ jobs: Copy-Item -Path ./stores/chocolatey -Destination ./dist/chocolatey -Recurse Copy-Item -Path ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe -Destination ./dist/chocolatey - ls ./dist + ls ./dist/chocolatey $checksum = checksum -t sha256 ./dist/chocoloatey/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe $chocoInstall = "./dist/chocolatey/tools/chocolateyinstall.ps1" From 68babd624339bb49d4c9cb11c2e24f030da89768 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 22 Jan 2021 04:30:06 +0000 Subject: [PATCH 222/228] fixing typo --- .github/workflows/release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 93f4b1634e9..36072260a69 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -271,8 +271,8 @@ jobs: $checksum = checksum -t sha256 ./dist/chocoloatey/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe $chocoInstall = "./dist/chocolatey/tools/chocolateyinstall.ps1" (Get-Content $chocoInstall).replace('__version__', "$env:PACKAGE_VERSION").replace('__checksum__', $checksum) | Set-Content $chocoInstall - choco pack ./dist/chocolatey/bitwarden.nuspec --version "$env:PACKAGE_VERSION" --out ./dist/chocolately - cd ./dist/chocolately + choco pack ./dist/chocolatey/bitwarden.nuspec --version "$env:PACKAGE_VERSION" --out ./dist/chocolatey + cd ./dist/chocolatey #choco push - name: Upload Chocolatey nupkg release asset From 56bf4d66bace0bbb6cebf0c6fcf98e99c704db89 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 22 Jan 2021 04:49:35 +0000 Subject: [PATCH 223/228] removing debugging code --- .github/workflows/release.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 36072260a69..334097cf19a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -257,17 +257,12 @@ jobs: Copy-Item "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx" ` -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx" - - name: List Dir - run: ls ./dist - - name: Deploy to Chocolatey shell: pwsh run: | Copy-Item -Path ./stores/chocolatey -Destination ./dist/chocolatey -Recurse Copy-Item -Path ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe -Destination ./dist/chocolatey - ls ./dist/chocolatey - $checksum = checksum -t sha256 ./dist/chocoloatey/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe $chocoInstall = "./dist/chocolatey/tools/chocolateyinstall.ps1" (Get-Content $chocoInstall).replace('__version__', "$env:PACKAGE_VERSION").replace('__checksum__', $checksum) | Set-Content $chocoInstall From a1559faefb0242ca4db796b91c8ce679dd736cde Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 22 Jan 2021 04:53:28 +0000 Subject: [PATCH 224/228] reverting all of the testing code --- .github/workflows/build.yml | 12 +++--- .github/workflows/release.yml | 79 +++-------------------------------- package.json | 2 +- scripts/choco-update.ps1 | 2 +- 4 files changed, 14 insertions(+), 81 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7e7e89c5b39..95817329a56 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -187,13 +187,13 @@ jobs: - name: Deploy to Chocolatey shell: pwsh run: | - Copy-Item -Path ./stores/chocolatey -Destination ./chocolatey -Recurse - Copy-Item -Path ./dist/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe -Destination ./chocolatey + Copy-Item -Path ./stores/chocolatey -Destination ./dist/chocolatey -Recurse + Copy-Item -Path ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe -Destination ./dist/chocolatey - $checksum = checksum -t sha256 ./chocoloatey/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe - $chocoInstall = "./chocolatey/tools/chocolateyinstall.ps1" - (Get-Content $chocoInstall).replace('__version__', ${{ env.PACKAGE_VERSION }}).replace('__checksum__', $checksum) | Set-Content $chocoInstall - choco pack ./chocolatey/bitwarden.nuspec --version ${{ env.PACKAGE_VERSION }} --out ./chocolately + $checksum = checksum -t sha256 ./dist/chocoloatey/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe + $chocoInstall = "./dist/chocolatey/tools/chocolateyinstall.ps1" + (Get-Content $chocoInstall).replace('__version__', "$env:PACKAGE_VERSION").replace('__checksum__', $checksum) | Set-Content $chocoInstall + choco pack ./dist/chocolatey/bitwarden.nuspec --version "$env:PACKAGE_VERSION" --out ./dist/chocolatey - name: Upload portable exe artifact if: github.ref == 'refs/heads/master' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 334097cf19a..2800cc537cb 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -100,75 +100,15 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} - - name: Build application - if: false - run: npm run dist:lin - - - name: Upload .deb release asset - if: false - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ needs.setup.outputs.release_upload_url }} - asset_name: Bitwarden-${{ env.PACKAGE_VERSION }}-amd64.deb - asset_path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-amd64.deb - asset_content_type: application/x-debian-package - - - name: Upload .rpm release asset - if: false - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ needs.setup.outputs.release_upload_url }} - asset_name: Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.rpm - asset_path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.rpm - asset_content_type: application - - - name: Upload .freebsd release asset - if: false - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ needs.setup.outputs.release_upload_url }} - asset_name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64.freebsd - asset_path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.freebsd - asset_content_type: application - - - name: Upload .snap checksum release asset - if: false - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ needs.setup.outputs.release_upload_url }} - asset_name: bitwarden_${{ env.PACKAGE_VERSION }}_amd64.snap - asset_path: ./dist/bitwarden_${{ env.PACKAGE_VERSION }}_amd64.snap - asset_content_type: application - - - name: Upload .AppImage checksum release asset - if: false - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ needs.setup.outputs.release_upload_url }} - asset_name: Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage - asset_path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage - asset_content_type: application - - #- name: Deploy to Snap Store - # run: | - # ./scripts/snap-update.ps1 -version $env:PACKAGE_VERSION - # snapcraft logout - # shell: pwsh + - name: Deploy to Snap Store + run: | + ./scripts/snap-update.ps1 -version $env:PACKAGE_VERSION + snapcraft logout + shell: pwsh windows: runs-on: windows-latest - environment: prod needs: setup steps: - name: Set up dotnet @@ -206,7 +146,6 @@ jobs: dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool - name: Set up environment - if: false shell: pwsh run: | choco install checksum --no-progress @@ -214,11 +153,6 @@ jobs: env: CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} - - name: Set up environment - shell: pwsh - run: | - choco install checksum --no-progress - - name: Print environment run: | node --version @@ -268,7 +202,7 @@ jobs: (Get-Content $chocoInstall).replace('__version__', "$env:PACKAGE_VERSION").replace('__checksum__', $checksum) | Set-Content $chocoInstall choco pack ./dist/chocolatey/bitwarden.nuspec --version "$env:PACKAGE_VERSION" --out ./dist/chocolatey cd ./dist/chocolatey - #choco push + choco push - name: Upload Chocolatey nupkg release asset id: upload-macos-checksum @@ -283,7 +217,6 @@ jobs: macos: - if: false runs-on: macos-latest needs: setup steps: diff --git a/package.json b/package.json index 45cc2b611fc..e1870315cb4 100644 --- a/package.json +++ b/package.json @@ -13,7 +13,7 @@ "homepage": "https://bitwarden.com", "repository": { "type": "git", - "url": "https://github.com/joseph-flinn/desktop" + "url": "https://github.com/bitwarden/desktop" }, "license": "GPL-3.0", "scripts": { diff --git a/scripts/choco-update.ps1 b/scripts/choco-update.ps1 index 4e2496581ec..72677357aaa 100644 --- a/scripts/choco-update.ps1 +++ b/scripts/choco-update.ps1 @@ -30,5 +30,5 @@ $chocoInstall = $distChocoDir + "\tools\chocolateyinstall.ps1"; (Get-Content $chocoInstall).replace('__version__', $version).replace('__checksum__', $checksum) | Set-Content $chocoInstall choco pack $nuspec --version $version --out $distChocoDir cd $distChocoDir -#choco push +choco push cd $rootDir From 6b0c4114f76b19ed9778b4bab2434ecaa9503351 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 22 Jan 2021 04:55:28 +0000 Subject: [PATCH 225/228] removing commented out code --- .github/workflows/release.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2800cc537cb..b95b4417eb1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -71,9 +71,9 @@ jobs: - name: Set up snap run: | sudo snap install snapcraft --classic - # echo "$SNAP_TOKEN" | snapcraft login --with - - #env: - # SNAP_TOKEN: ${{ secrets.SNAP_TOKEN }} + echo "$SNAP_TOKEN" | snapcraft login --with - + env: + SNAP_TOKEN: ${{ secrets.SNAP_TOKEN }} - name: Print environment run: | From 1fb9e41bcfb9aad38aac6d7d68a8ba13770b206f Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 22 Jan 2021 04:56:58 +0000 Subject: [PATCH 226/228] more reverting --- src/package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/package.json b/src/package.json index 0ecc4c17070..781a491dc03 100644 --- a/src/package.json +++ b/src/package.json @@ -2,14 +2,14 @@ "name": "bitwarden", "productName": "Bitwarden", "description": "A secure and free password manager for all of your devices.", - "version": "1.23.4-alpha", + "version": "1.23.1", "author": "Bitwarden Inc. (https://bitwarden.com)", "homepage": "https://bitwarden.com", "license": "GPL-3.0", "main": "main.js", "repository": { "type": "git", - "url": "https://github.com/joseph-flinn/desktop" + "url": "https://github.com/bitwarden/desktop" }, "dependencies": { "@nodert-win10-rs4/windows.security.credentials.ui": "^0.4.4", From 2384bbf75834b4570e8ac1208a2e6c58c8fc90c8 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 22 Jan 2021 17:27:37 +0000 Subject: [PATCH 227/228] testing GITHUB_TOKEN --- .github/workflows/release.yml | 6 +++--- package.json | 2 +- src/package.json | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b95b4417eb1..88cc58fe4c4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -43,7 +43,7 @@ jobs: id: create_release uses: actions/create-release@v1 env: - GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: tag_name: ${{ github.event.inputs.release_tag_name }} release_name: ${{ env.RELEASE_NAME }} @@ -98,7 +98,7 @@ jobs: - name: Build & Publish run: npm run publish:lin env: - GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Deploy to Snap Store run: | @@ -181,7 +181,7 @@ jobs: SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} - GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Rename appx files for store shell: pwsh diff --git a/package.json b/package.json index e1870315cb4..45cc2b611fc 100644 --- a/package.json +++ b/package.json @@ -13,7 +13,7 @@ "homepage": "https://bitwarden.com", "repository": { "type": "git", - "url": "https://github.com/bitwarden/desktop" + "url": "https://github.com/joseph-flinn/desktop" }, "license": "GPL-3.0", "scripts": { diff --git a/src/package.json b/src/package.json index 781a491dc03..1ddfb3bd2c0 100644 --- a/src/package.json +++ b/src/package.json @@ -9,7 +9,7 @@ "main": "main.js", "repository": { "type": "git", - "url": "https://github.com/bitwarden/desktop" + "url": "https://github.com/joseph-flinn/desktop" }, "dependencies": { "@nodert-win10-rs4/windows.security.credentials.ui": "^0.4.4", From a8ee338ae36a2f2b941217cd0f01dc3575985fc7 Mon Sep 17 00:00:00 2001 From: Joseph Flinn Date: Fri, 22 Jan 2021 17:32:21 +0000 Subject: [PATCH 228/228] removing testing code --- package.json | 2 +- src/package.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 45cc2b611fc..e1870315cb4 100644 --- a/package.json +++ b/package.json @@ -13,7 +13,7 @@ "homepage": "https://bitwarden.com", "repository": { "type": "git", - "url": "https://github.com/joseph-flinn/desktop" + "url": "https://github.com/bitwarden/desktop" }, "license": "GPL-3.0", "scripts": { diff --git a/src/package.json b/src/package.json index 1ddfb3bd2c0..781a491dc03 100644 --- a/src/package.json +++ b/src/package.json @@ -9,7 +9,7 @@ "main": "main.js", "repository": { "type": "git", - "url": "https://github.com/joseph-flinn/desktop" + "url": "https://github.com/bitwarden/desktop" }, "dependencies": { "@nodert-win10-rs4/windows.security.credentials.ui": "^0.4.4",