mudhorn/oh-my-posh
1
0
Fork 0
mirror of https://github.com/JanDeDobbeleer/oh-my-posh.git synced 2024-12-28 04:19:41 -08:00
Code Issues Actions Packages Projects Releases Wiki Activity
oh-my-posh/packages/inno/build.ps1
Jan De Dobbeleer 02e819fc00
Some checks are pending
Code QL / code-ql (push) Waiting to run
Details
Release / changelog (push) Waiting to run
Details
Release / artifacts (push) Blocked by required conditions
Details
fix(inno): sign installer with signtool 
this effectively disables signing the uninstaller
as somehow inno setup doesn't forward environment
variables to the subshell used to run signtool. As
we can't authenticate using environment variables
that way, we also can't sign with our new
certificate. Future thought will need to be given.
2024-11-16 20:18:33 +01:00

48 lines
1.7 KiB
PowerShell
Raw Blame History

Param
(
[parameter(Mandatory = $true)]
[ValidateSet('amd64', 'arm64', '386')]
[System.String]$Architecture,
[parameter(Mandatory = $true)]
[string]
$Version
)
$PSDefaultParameterValues['Out-File:Encoding']='UTF8'
# setup dependencies
nuget.exe install Microsoft.Trusted.Signing.Client -Version 1.0.60 -x
$signtoolDlib = "$PWD/Microsoft.Trusted.Signing.Client/bin/x64/Azure.CodeSigning.Dlib.dll"
$signtool = 'C:/Program Files (x86)/Windows Kits/10/bin/10.0.22621.0/x64/signtool.exe'
New-Item -Path "." -Name "bin" -ItemType Directory
Copy-Item -Path "../../themes" -Destination "./bin" -Recurse
# download the executable
$file = "posh-windows-$Architecture.exe"
$name = "oh-my-posh.exe"
$download = "https://github.com/jandedobbeleer/oh-my-posh/releases/download/v$Version/$($file)"
Invoke-WebRequest $download -Out "./bin/$($name)"
# license
Invoke-WebRequest "https://raw.githubusercontent.com/JanDeDobbeleer/oh-my-posh/v$Version/COPYING" -Out "./bin/COPYING.txt"
$content = Get-Content '.\oh-my-posh.iss' -Raw
$content = $content.Replace('<VERSION>', $Version)
$ISSName = ".oh-my-posh-$Architecture-$Version.iss"
$content | Out-File -Encoding 'UTF8' $ISSName
# clean paths
$signtool = $signtool -Replace '\\', '/'
$signtoolDlib = $signtoolDlib -Replace '\\', '/'
# package content
$installer = "install-$Architecture"
ISCC.exe /F$installer $ISSName
# sign installer
& "$signtool" sign /v /debug /fd SHA256 /tr 'http://timestamp.acs.microsoft.com' /td SHA256 /dlib "$signtoolDlib" /dmdf ../../src/metadata.json "./Output/$installer.exe"
# get hash
$zipHash = Get-FileHash "Output/$installer.exe" -Algorithm SHA256
$zipHash.Hash | Out-File -Encoding 'UTF8' "Output/$installer.exe.sha256"
Reference in a new issue View git blame Copy permalink