Skip to content

Commit

Permalink
Merge pull request #16 from SSLcom/develop
Browse files Browse the repository at this point in the history
Develop
  • Loading branch information
bayrakmustafa authored Nov 18, 2023
2 parents 4dad9fe + 51daed1 commit 121e2a8
Show file tree
Hide file tree
Showing 9 changed files with 274 additions and 41 deletions.
92 changes: 92 additions & 0 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,60 @@ jobs:
name: sign-external.ps1
path: ./artifacts/codesign.ps1

sign-multi-same-job:
strategy:
matrix:
os: [ ubuntu-latest, windows-latest, macos-latest ]
runs-on: ${{ matrix.os }}
needs: ['build']
steps:
- uses: actions/checkout@v3

- name: Create Input file for test signing
shell: bash
run: |
mkdir -p ${GITHUB_WORKSPACE}/example
echo 'Write-Output -InputObject "Happy Signing From ESigner.com!"' > ${GITHUB_WORKSPACE}/example/codesign1.ps1
echo 'Write-Output -InputObject "Happy Signing From ESigner.com!"' > ${GITHUB_WORKSPACE}/example/codesign2.ps1
- uses: ./
with:
command: sign
username: ${{ secrets.ES_USERNAME }}
password: ${{ secrets.ES_PASSWORD }}
credential_id: ${{ secrets.CREDENTIAL_ID }}
totp_secret: ${{ secrets.ES_TOTP_SECRET }}
file_path: ${GITHUB_WORKSPACE}/example/codesign1.ps1
output_path: ${GITHUB_WORKSPACE}/artifacts
malware_block: false
environment_name: TEST
jvm_max_memory: 2048M

- uses: ./
with:
command: sign
username: ${{ secrets.ES_USERNAME }}
password: ${{ secrets.ES_PASSWORD }}
credential_id: ${{ secrets.CREDENTIAL_ID }}
totp_secret: ${{ secrets.ES_TOTP_SECRET }}
file_path: ${GITHUB_WORKSPACE}/example/codesign2.ps1
output_path: ${GITHUB_WORKSPACE}/artifacts
malware_block: false
environment_name: TEST
jvm_max_memory: 2048M

- name: Upload Signed Files (1)
uses: actions/upload-artifact@v3
with:
name: sign.ps1
path: ./artifacts/codesign1.ps1

- name: Upload Signed Files (2)
uses: actions/upload-artifact@v3
with:
name: sign.ps1
path: ./artifacts/codesign2.ps1

batch-sign:
strategy:
matrix:
Expand Down Expand Up @@ -151,3 +205,41 @@ jobs:
with:
name: batch-sign
path: ./artifacts

batch-sign-scan-code:
strategy:
matrix:
os: [ ubuntu-latest, windows-latest, macos-latest ]
runs-on: ${{ matrix.os }}
needs: ['batch-sign']
steps:
- uses: actions/checkout@v3

- name: Create multiple Input file for test signing
shell: bash
run: |
mkdir -p ${GITHUB_WORKSPACE}/example
echo 'Write-Output -InputObject "Happy Signing From ESigner.com for Batch Sign 1!"' > ${GITHUB_WORKSPACE}/example/batch1.ps1
echo 'Write-Output -InputObject "Happy Signing From ESigner.com for Batch Sign 2!"' > ${GITHUB_WORKSPACE}/example/batch2.ps1
echo 'Write-Output -InputObject "Happy Signing From ESigner.com for Batch Sign 3!"' > ${GITHUB_WORKSPACE}/example/batch3.ps1
cp ./sample/minimal.exe ${GITHUB_WORKSPACE}/example/minimal.exe
cp ./sample/minimal.msi ${GITHUB_WORKSPACE}/example/minimal.msi
- uses: ./
with:
command: batch_sign
username: ${{ secrets.ES_USERNAME }}
password: ${{ secrets.ES_PASSWORD }}
credential_id: ${{ secrets.CREDENTIAL_ID }}
totp_secret: ${{ secrets.ES_TOTP_SECRET }}
dir_path: ${GITHUB_WORKSPACE}/example
output_path: ${GITHUB_WORKSPACE}/artifacts
environment_name: TEST
malware_block: true
jvm_max_memory: 4096M

- name: Upload Signed Files
uses: actions/upload-artifact@v3
with:
name: batch-sign
path: ./artifacts
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@
output_path: ${GITHUB_WORKSPACE}/artifacts

# Scans your file for any possible malware in order to avoid code compromise and prevents signing of code if malware is detected.
# On batch_sign command: If you are getting 'Error: hash needs to be scanned first before submitting for signing: <hash_value>', you can set this value to true
malware_block: false

# Overrides the input file after signing, if this parameter is set and no -output_dir_path parameter
Expand Down
107 changes: 86 additions & 21 deletions dist/index.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion dist/index.js.map

Large diffs are not rendered by default.

5 changes: 4 additions & 1 deletion src/constants.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ export const UNIX = 'UNIX';
export const MACOS = 'MACOS';
export const WINDOWS = 'WINDOWS';
export const CODESIGNTOOL_VERSION = 'v1.2.7';
export const CODESIGNTOOL_BASEPATH = `CodeSignTool-${CODESIGNTOOL_VERSION}`;

export const CODESIGNTOOL_WINDOWS_SETUP = `https://github.com/SSLcom/CodeSignTool/releases/download/${CODESIGNTOOL_VERSION}/CodeSignTool-${CODESIGNTOOL_VERSION}-windows.zip`;
export const CODESIGNTOOL_UNIX_SETUP = `https://github.com/SSLcom/CodeSignTool/releases/download/${CODESIGNTOOL_VERSION}/CodeSignTool-${CODESIGNTOOL_VERSION}.zip`;
Expand All @@ -13,10 +14,12 @@ export const CODESIGNTOOL_UNIX_RUN_CMD = 'CodeSignTool.sh';

export const ACTION_SIGN = 'sign';
export const ACTION_BATCH_SIGN = 'batch_sign';
export const ACTION_SCAN_CODE = 'scan_code';

export const SUPPORT_COMMANDS = new Map<string, string[]>([
['sign', ['username', 'password', 'credential_id', 'totp_secret', 'program_name', 'file_path', 'output_path', 'malware_block', 'override']],
['batch_sign', ['username', 'password', 'credential_id', 'totp_secret', 'program_name', 'dir_path', 'output_path']]
['batch_sign', ['username', 'password', 'credential_id', 'totp_secret', 'program_name', 'dir_path', 'output_path']],
['scan_code', ['username', 'password', 'credential_id', 'program_name']]
]);

export const INPUT_COMMAND = 'command';
Expand Down
Loading

0 comments on commit 121e2a8

Please sign in to comment.