This repository has been archived by the owner on Dec 20, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 4
/
index.js
109 lines (96 loc) · 2.93 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
/* eslint no-console:0 */
var fs = require('fs');
var path = require('path');
var del = require('del');
var run = require('electron-installer-run');
var async = require('async');
var chalk = require('chalk');
var figures = require('figures');
var sign = require('electron-osx-sign');
var debug = require('debug')('electron-installer-codesign');
function checkAppExists(opts, fn) {
debug('checking appPath `%s` exists...', opts.appPath);
fs.exists(opts.appPath, function(exists) {
if (!exists) {
debug('appPath `%s` does not exist!', opts.appPath);
return fn(new Error(opts.appPath + ' does not exist.'));
}
debug('appPath exists');
fn();
});
}
// Clean up ".cstemp" files from previous attempts
function cleanup(opts, fn) {
debug('running cleanup');
del([opts.appPath + '/*.cstemp']).then(function() {
fn();
});
}
function runCodesign(src, opts, fn) {
var entitlementsFile = opts.entitlements ||
path.resolve(__dirname, 'entitlements.xml');
sign({
app: src,
hardenedRuntime: true,
identity: opts.identity,
'gatekeeper-assess': false,
entitlements: entitlementsFile,
'entitlements-inherit': entitlementsFile,
'entitlements-loginheler': entitlementsFile
}, function(err) {
if (err) {
fn(new Error('codesign failed ' + path.basename(src)
+ ': ' + err.message));
return;
}
fn(null, src);
});
}
/**
* @param {String} commonName
* @param {Function} fn - Callback.
*/
function isIdentityAvailable(commonName, fn) {
run('certtool', ['y'], function(err, output) {
if (err) {
debug('Failed to list certificates.');
fn(null, false);
return;
}
if (output.indexOf(commonName) === -1) {
debug('Signing identity `%s` not detected.',
commonName);
fn(null, false);
return;
}
debug('The signing identity `%s` is available!', commonName);
fn(null, true);
});
}
module.exports = function(opts, done) {
async.series([
checkAppExists.bind(null, opts),
cleanup.bind(null, opts),
runCodesign.bind(null, opts.appPath, opts)
], done);
};
module.exports.isIdentityAvailable = isIdentityAvailable;
module.exports.codesign = runCodesign;
module.exports.printWarning = function() {
console.error(chalk.yellow.bold(figures.warning),
' User confusion ahead!');
console.error(chalk.gray(
' The default preferences for OSX Gatekeeper will not',
'allow users to run unsigned applications.'));
console.error(chalk.gray(
' However, we\'re going to continue building',
'the app and an installer because you\'re most likely'));
console.error(chalk.gray(
' a developer trying to test',
'the app\'s installation process.'));
console.error(chalk.gray(
' For more information on OSX Gatekeeper and how to change your',
'system preferences to run unsigned applications,'));
console.error(chalk.gray(' please see',
'https://support.apple.com/en-us/HT202491'));
};