suzanne.soy/distro-build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Windows code-signing and ".tgz" options

Browse Source
This commit is contained in:
Matthew Flatt 2016-01-07 16:25:32 -07:00
parent 490d1677fe
commit a4b7d3bbba
6 changed files with 97 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
distro-build-client/installer-exe.rkt
View File

@ -3,6 +3,7 @@
racket/list racket/list
racket/system racket/system
racket/path racket/path
racket/file
racket/runtime-path racket/runtime-path
setup/getinfo setup/getinfo
setup/cross-system) setup/cross-system)
@ -411,7 +412,7 @@ SectionEnd
"-V3")) "-V3"))
(system* makensis verbose "installer.nsi"))) (system* makensis verbose "installer.nsi")))
(define (installer-exe human-name base-name versionless? dist-suffix readme) (define (installer-exe human-name base-name versionless? dist-suffix readme osslsigncode-args)
(define makensis (or (case (system-type) (define makensis (or (case (system-type)
[(windows) [(windows)
(or (find-executable-path "makensis.exe") (or (find-executable-path "makensis.exe")
@ -437,4 +438,19 @@ SectionEnd
#:extension-registers (get-extreg "bundle/racket") #:extension-registers (get-extreg "bundle/racket")
#:start-menus (get-startmenu "bundle/racket") #:start-menus (get-startmenu "bundle/racket")
#:auto-launch (get-auto-launch "bundle/racket")) #:auto-launch (get-auto-launch "bundle/racket"))
(unless (null? osslsigncode-args)
(define unsigned-exe-path (let-values ([(base name dir?) (split-path exe-path)])
(build-path base "unsigned" name)))
(make-directory* "bundle/unsigned")
(rename-file-or-directory exe-path unsigned-exe-path #t)
(unless (apply system*
(or (find-executable-path (case (system-type)
[(windows) "osslsigncode.exe"]
[else "osslsigncode"]))
(error "cannot find `osslsigncode`"))
(append osslsigncode-args
(list "-n" human-name
"-t" "http://timestamp.verisign.com/scripts/timstamp.dll"
"-in" unsigned-exe-path "-out" exe-path)))
(error "signing failed")))
exe-path) exe-path)

20
distro-build-client/installer-tgz.rkt
View File

@ -2,7 +2,8 @@
(require racket/system (require racket/system
racket/file racket/file
racket/format racket/format
file/tar) file/tar
setup/cross-system)
(provide installer-tgz) (provide installer-tgz)
@ -25,11 +26,22 @@
(parameterize ([current-directory src-dir]) (parameterize ([current-directory src-dir])
(apply tar-gzip dest #:path-prefix target-dir-name (directory-list)))) (apply tar-gzip dest #:path-prefix target-dir-name (directory-list))))
(define (installer-tgz base-name dir-name dist-suffix readme) (define (installer-tgz source? base-name dir-name dist-suffix readme)
(define tgz-path (format "bundle/~a-src~a.tgz" (define tgz-path (format "bundle/~a-~a~a.tgz"
base-name base-name
(if source?
"src"
(get-platform-name))
dist-suffix)) dist-suffix))
(generate-tgz "bundle/racket" tgz-path (generate-tgz "bundle/racket" tgz-path
dir-name dir-name
readme) readme)
tgz-path) tgz-path)
(define (get-platform-name)
(case (cross-system-type)
[(windows)
(define-values (base name dir?) (split-path (cross-system-library-subpath #f)))
(format "~a-win32" (bytes->string/utf-8 (path-element->bytes name)))]
[else
(format "~a" (cross-system-library-subpath #f))]))

56
distro-build-client/installer.rkt
View File

@ -9,6 +9,7 @@
racket/file racket/file
racket/path racket/path
racket/port racket/port
net/base64
setup/cross-system setup/cross-system
"display-time.rkt") "display-time.rkt")
@ -17,12 +18,14 @@
(define release? #f) (define release? #f)
(define source? #f) (define source? #f)
(define versionless? #f) (define versionless? #f)
(define tgz? #f)
(define mac-pkg? #f) (define mac-pkg? #f)
(define upload-to #f) (define upload-to #f)
(define upload-desc "") (define upload-desc "")
(define download-readme #f) (define download-readme #f)
(define-values (short-human-name human-name base-name dir-name dist-suffix sign-identity) (define-values (short-human-name human-name base-name dir-name dist-suffix
sign-identity osslsigncode-args-base64)
(command-line (command-line
#:once-each #:once-each
[("--release") "Create a release installer" [("--release") "Create a release installer"
@ -31,6 +34,8 @@
(set! source? #t)] (set! source? #t)]
[("--versionless") "Avoid version number in names and paths" [("--versionless") "Avoid version number in names and paths"
(set! versionless? #t)] (set! versionless? #t)]
[("--tgz") "Create a \".tgz\" archive instead of an installer"
(set! tgz? #t)]
[("--mac-pkg") "Create a \".pkg\" installer on Mac OS X" [("--mac-pkg") "Create a \".pkg\" installer on Mac OS X"
(set! mac-pkg? #t)] (set! mac-pkg? #t)]
[("--upload") url "Upload installer" [("--upload") url "Upload installer"
@ -42,7 +47,7 @@
(unless (string=? readme "") (unless (string=? readme "")
(set! download-readme readme))] (set! download-readme readme))]
#:args #:args
(human-name base-name dir-name dist-suffix sign-identity) (human-name base-name dir-name dist-suffix sign-identity osslsigncode-args-base64)
(values human-name (values human-name
(format "~a v~a" human-name (version)) (format "~a v~a" human-name (version))
(if versionless? (if versionless?
@ -55,7 +60,7 @@
(if (string=? dist-suffix "") (if (string=? dist-suffix "")
"" ""
(string-append "-" dist-suffix)) (string-append "-" dist-suffix))
sign-identity))) sign-identity osslsigncode-args-base64)))
(display-time) (display-time)
@ -68,22 +73,39 @@
(port->string i) (port->string i)
(close-input-port i))))) (close-input-port i)))))
(define (unpack-base64-arguments str)
(define p (open-input-bytes (base64-decode (string->bytes/utf-8 str))))
(define l (read p))
(unless (and (list? l)
(andmap string? l)
(eof-object? (read p)))
(error 'unpack-base64-arguments
"encoded arguments didn't decode and `read` as a list of strings: ~e" str))
l)
(define installer-file (define installer-file
(if source? (if (or source? tgz?)
(installer-tgz base-name dir-name dist-suffix readme) (installer-tgz source? base-name dir-name dist-suffix readme)
(case (cross-system-type) (case (cross-system-type)
[(unix) (installer-sh human-name base-name dir-name release? dist-suffix readme)] [(unix)
[(macosx) (if mac-pkg? (installer-sh human-name base-name dir-name release? dist-suffix readme)]
(installer-pkg (if (or release? versionless?) [(macosx)
short-human-name (if mac-pkg?
human-name) (installer-pkg (if (or release? versionless?)
base-name dist-suffix readme sign-identity) short-human-name
(installer-dmg (if versionless? human-name)
short-human-name base-name dist-suffix readme sign-identity)
human-name) (installer-dmg (if versionless?
base-name dist-suffix readme sign-identity))] short-human-name
[(windows) (installer-exe short-human-name base-name (or release? versionless?) human-name)
dist-suffix readme)]))) base-name dist-suffix readme sign-identity))]
[(windows)
(define osslsigncode-args
(and (not (equal? osslsigncode-args-base64 ""))
(unpack-base64-arguments osslsigncode-args-base64)))
(installer-exe short-human-name base-name (or release? versionless?)
dist-suffix readme
osslsigncode-args)])))
(call-with-output-file* (call-with-output-file*
(build-path "bundle" "installer.txt") (build-path "bundle" "installer.txt")

15
distro-build-doc/distro-build.scrbl
View File

@ -352,9 +352,14 @@ spaces, etc.):
on the value of @racket[#:bits]} on the value of @racket[#:bits]}
@item{@racket[#:sign-identity _string] --- provides an identity to @item{@racket[#:sign-identity _string] --- provides an identity to
be passed to @exec{codesign} for code signing on Mac OS X (for all be passed to @exec{codesign} for code signing on Mac OS X (for a
executables in a distribution), where an empty string disables package or all executables in a distribution), where an empty
signing; the default is @racket[""]} string disables signing; the default is @racket[""]}
@item{@racket[#:osslsigncode-args (list _string ...)] --- provides
arguments for signing a Windows executable using
@exec{osslsigncode}, where @Flag{n}, @Flag{t}, @Flag{in}, and
@Flag{-out} arguments are supplied automatically.}
@item{@racket[#:j _integer] --- parallelism for @tt{make} on Unix @item{@racket[#:j _integer] --- parallelism for @tt{make} on Unix
and Mac OS X and for @exec{raco setup} on all platforms; defaults and Mac OS X and for @exec{raco setup} on all platforms; defaults
@ -408,6 +413,10 @@ spaces, etc.):
@filepath{.pkg} for Mac OS X (in single-file format) instead of a @filepath{.pkg} for Mac OS X (in single-file format) instead of a
@filepath{.dmg}; the default is @racket[#f]} @filepath{.dmg}; the default is @racket[#f]}
@item{@racket[#:tgz? _boolean] --- if true, creates a
@filepath{.tgz} archive instead of an installer; the default is
@racket[#f]}
@item{@racket[#:pause-before _nonnegative-real] --- a pause in @item{@racket[#:pause-before _nonnegative-real] --- a pause in
seconds to wait before starting a machine, which may help a seconds to wait before starting a machine, which may help a
virtual machine avoid confusion from being stopped and started too virtual machine avoid confusion from being stopped and started too

2
distro-build-server/config.rkt
View File

@ -146,6 +146,7 @@
[(#:bits) (or (equal? val 32) (equal? val 64))] [(#:bits) (or (equal? val 32) (equal? val 64))]
[(#:vc) (string? val)] [(#:vc) (string? val)]
[(#:sign-identity) (string? val)] [(#:sign-identity) (string? val)]
[(#:osslsigncode-args) (and (list? val) (andmap string? val))]
[(#:timeout) (real? val)] [(#:timeout) (real? val)]
[(#:j) (exact-positive-integer? val)] [(#:j) (exact-positive-integer? val)]
[(#:repo) (string? val)] [(#:repo) (string? val)]
@ -157,6 +158,7 @@
[(#:source-pkgs?) (boolean? val)] [(#:source-pkgs?) (boolean? val)]
[(#:versionless?) (boolean? val)] [(#:versionless?) (boolean? val)]
[(#:mac-pkg?) (boolean? val)] [(#:mac-pkg?) (boolean? val)]
[(#:tgz?) (boolean? val)]
[(#:site-dest) (path-string? val)] [(#:site-dest) (path-string? val)]
[(#:site-help) (hash? val)] [(#:site-help) (hash? val)]
[(#:site-title) (string? val)] [(#:site-title) (string? val)]

11
distro-build-server/drive-clients.rkt
View File

@ -6,6 +6,7 @@
racket/file racket/file
racket/string racket/string
racket/path racket/path
net/base64
(only-in distro-build/config (only-in distro-build/config
current-mode current-mode
site-config? site-config?
@ -233,6 +234,10 @@
"\"\\&\\&\"")] "\"\\&\\&\"")]
[else s])) [else s]))
(define (pack-base64-arguments args)
(bytes->string/utf-8 (base64-encode (string->bytes/utf-8 (format "~s" args))
#"")))
(define (client-args c server server-port kind readme) (define (client-args c server server-port kind readme)
(define desc (client-name c)) (define desc (client-name c))
(define pkgs (let ([l (get-opt c '#:pkgs)]) (define pkgs (let ([l (get-opt c '#:pkgs)])
@ -250,12 +255,14 @@
(define dist-suffix (get-opt c '#:dist-suffix "")) (define dist-suffix (get-opt c '#:dist-suffix ""))
(define dist-catalogs (choose-catalogs c '(""))) (define dist-catalogs (choose-catalogs c '("")))
(define sign-identity (get-opt c '#:sign-identity "")) (define sign-identity (get-opt c '#:sign-identity ""))
(define osslsigncode-args (get-opt c '#:osslsigncode-args))
(define release? (get-opt c '#:release? default-release?)) (define release? (get-opt c '#:release? default-release?))
(define source? (get-opt c '#:source? default-source?)) (define source? (get-opt c '#:source? default-source?))
(define versionless? (get-opt c '#:versionless? default-versionless?)) (define versionless? (get-opt c '#:versionless? default-versionless?))
(define source-pkgs? (get-opt c '#:source-pkgs? source?)) (define source-pkgs? (get-opt c '#:source-pkgs? source?))
(define source-runtime? (get-opt c '#:source-runtime? source?)) (define source-runtime? (get-opt c '#:source-runtime? source?))
(define mac-pkg? (get-opt c '#:mac-pkg? #f)) (define mac-pkg? (get-opt c '#:mac-pkg? #f))
(define tgz? (get-opt c '#:tgz? #f))
(define install-name (get-opt c '#:install-name (if release? (define install-name (get-opt c '#:install-name (if release?
"" ""
snapshot-install-name))) snapshot-install-name)))
@ -276,6 +283,9 @@
" DIST_SUFFIX=" (q dist-suffix) " DIST_SUFFIX=" (q dist-suffix)
" DIST_CATALOGS_q=" (qq dist-catalogs kind) " DIST_CATALOGS_q=" (qq dist-catalogs kind)
" SIGN_IDENTITY=" (q sign-identity) " SIGN_IDENTITY=" (q sign-identity)
" OSSLSIGNCODE_ARGS_BASE64=" (q (if osslsigncode-args
(pack-base64-arguments osslsigncode-args)
""))
" INSTALL_NAME=" (q install-name) " INSTALL_NAME=" (q install-name)
" BUILD_STAMP=" (q build-stamp) " BUILD_STAMP=" (q build-stamp)
" RELEASE_MODE=" (if release? "--release" (q "")) " RELEASE_MODE=" (if release? "--release" (q ""))
@ -285,6 +295,7 @@
(q "--source --no-setup") (q "--source --no-setup")
(q "")) (q ""))
" MAC_PKG_MODE=" (if mac-pkg? "--mac-pkg" (q "")) " MAC_PKG_MODE=" (if mac-pkg? "--mac-pkg" (q ""))
" TGZ_MODE=" (if tgz? "--tgz" (q ""))
" UPLOAD=http://" server ":" server-port "/upload/" " UPLOAD=http://" server ":" server-port "/upload/"
" README=http://" server ":" server-port "/" (q (file-name-from-path readme)))) " README=http://" server ":" server-port "/" (q (file-name-from-path readme))))