-
Notifications
You must be signed in to change notification settings - Fork 875
/
appveyor.yml
166 lines (111 loc) · 5.41 KB
/
appveyor.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
# AppVeyor configuration to build GDevelop app running
# on the Electron runtime (newIDE/electron-app) for Windows.
# For macOS and Linux, see the config.yml file.
version: 1.0.{build}
pull_requests:
do_not_increment_build_number: true
image: Visual Studio 2019
clone_depth: 5
# Only build
branches:
only:
- master
- /experimental-build.*/
skip_tags: true # Don't rebuild on tags.
init:
- ps: Install-Product node 16
- cmd: set NODE_OPTIONS=--max-old-space-size=8192
cache:
- '%APPDATA%\npm-cache' # npm cache
- newIDE\app\node_modules -> newIDE\app\package-lock.json
- newIDE\electron-app\node_modules -> newIDE\electron-app\package-lock.json
- GDevelop.js\node_modules -> GDevelop.js\package-lock.json
install:
# Download and install SSL.com eSigner CKA.
# See https://www.ssl.com/how-to/how-to-integrate-esigner-cka-with-ci-cd-tools-for-automated-code-signing/.
#
# This is necessary because of "signing to be FIPS-140 compliant". See
# https://github.com/electron-userland/electron-builder/issues/6158
#
# Make sure to DISABLE "malware blocker" in SSL.com to avoid errors like:
# Error information: "Error: SignerSign() failed." (-2146893821/0x80090003)
- ps: >-
# Download and Unzip eSignerCKA Setup
Set-StrictMode -Version 'Latest'
Invoke-WebRequest -OutFile eSigner_CKA_Setup.zip "https://github.com/SSLcom/eSignerCKA/releases/download/v1.0.6/SSL.COM-eSigner-CKA_1.0.6.zip"
Expand-Archive -Force eSigner_CKA_Setup.zip
Remove-Item eSigner_CKA_Setup.zip
Move-Item -Destination "eSigner_CKA_Installer.exe" -Path "eSigner_CKA_*\*.exe"
# Install it. See https://www.ssl.com/how-to/how-to-integrate-esigner-cka-with-ci-cd-tools-for-automated-code-signing/
New-Item -ItemType Directory -Force -Path "C:\projects\gdevelop\eSignerCKA"
./eSigner_CKA_Installer.exe /CURRENTUSER /VERYSILENT /SUPPRESSMSGBOXES /DIR="C:\projects\gdevelop\eSignerCKA" | Out-Null
# Disable logger.
# $LogConfig = Get-Content -Path C:\projects\gdevelop\eSignerCKA/log4net.config
# $LogConfig[0] = '<log4net threshold="OFF">'
# $LogConfig | Set-Content -Path C:\projects\gdevelop\eSignerCKA/log4net.config
# Build GDevelop.js (and run tests to ensure it works).
# (in a subshell to avoid Emscripten polluting the Node.js and npm version for the rest of the build)
- cmd: >-
cd GDevelop.js
npm -v && npm install
git clone https://github.com/juj/emsdk.git
cd emsdk
emsdk install 3.1.21
CMD /C "emsdk activate 3.1.21 && cd .. && npm run build"
cd ..\..
# Build GDevelop IDE.
# Also install setuptools as something requires distutils in electron-app, and it was removed in Python 3.12.
# setuptools will make distutils available again (but we should migrate our packages probably).
- cmd: >-
pip install setuptools
cd newIDE\app
npm -v && npm install
cd ..\electron-app
npm -v && npm install
cd ..\..
# Package the app for Windows (and sign it).
# Don't sign the appx (it will be signed by the Microsoft Store).
build_script:
- ps: >-
cd newIDE\electron-app
# Prepare certificate. See https://www.ssl.com/how-to/automate-ev-code-signing-with-signtool-or-certutil-esigner/?_gl=1*vuybcy*_gcl_au*MTEwODg1NDM2Mi4xNzA1ODU1NjM4#automated-code-signing
C:\projects\gdevelop\eSignerCKA/eSignerCKATool.exe config -mode product -user "$Env:ESIGNER_USER_NAME" -pass "$Env:ESIGNER_USER_PASSWORD" -totp "$Env:ESIGNER_USER_TOTP" -key "C:\projects\gdevelop\eSignerCKA\master.key" -r
C:\projects\gdevelop\eSignerCKA/eSignerCKATool.exe unload
C:\projects\gdevelop\eSignerCKA/eSignerCKATool.exe load
# Find certificate so we can tell electron-builder which one to use.
$CodeSigningCert = Get-ChildItem Cert:\CurrentUser\My -CodeSigningCert | Select-Object -First 1
echo Certificate: $CodeSigningCert
# Use a custom signtool path because of the signtool.exe bundled withy electron-builder not working for some reason.
# Can also be found in versioned folders like "C:/Program Files (x86)/Windows Kits/10/bin/10.0.22000.0/x86/signtool.exe".
$Env:SIGNTOOL_PATH = "C:\Program Files (x86)\Windows Kits\10\App Certification Kit\signtool.exe"
# Extract thumbprint and subject name of the certificate (will be passed to electron-builder).
$Env:GD_SIGNTOOL_THUMBPRINT = $CodeSigningCert.Thumbprint
$Env:GD_SIGNTOOL_SUBJECT_NAME = ($CodeSigningCert.Subject -replace ", ?", "`n" | ConvertFrom-StringData).CN
# Build the nsis installer (signed: electron-builder will use SignTool.exe with the certificate)
node scripts/build.js --win nsis --publish=never
# Build the appx (not signed).
$Env:GD_SIGNTOOL_THUMBPRINT = ''
$Env:GD_SIGNTOOL_SUBJECT_NAME = ''
node scripts/build.js --skip-app-build --win appx --publish=never
cd ..\..
# Clean dist folder to keep only installers/binaries.
- cmd: >-
rmdir /s /q newIDE\electron-app\dist\win-unpacked
# Run a few tests on Windows.
test_script:
- cmd: >-
cd GDevelop.js
npm test
cd ..
cd newIDE\app
npm test
cd ..\..
artifacts:
- path: newIDE\electron-app\dist
name: GDevelopWindows
# Upload artifacts (AWS) - configuration is stored on AppVeyor itself.
deploy:
- provider: Environment
name: Amazon S3 releases
- provider: Environment
name: Amazon S3 latest releases