GithubHelp home page GithubHelp logo

actions-codesigner's People

Contributors

ruby-dev avatar

Stargazers

avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

atralupus anemortalkid hacksore

actions-codesigner's Issues

program_name is not working as expected on MSI build

example:

  - uses: sslcom/actions-codesigner@develop
    with:
      command: sign
      username: ${{secrets.ES_USERNAME}}
      password: ${{secrets.ES_PASSWORD}}
      credential_id: ${{secrets.ES_CREDENTIAL_ID}}
      totp_secret: ${{secrets.ES_TOTP_SECRET}}
      file_path: windows-any.msi
      program_name: "*** Connect"
      output_path: ./out

Expected:

   program_name is updated and show during msi installation progress  on approve

actual:
no program_name is display, just the msi/exe name.

Silent failure issue / Action does not fail if an exception is thrown

We've noticed the action will not throw a failure state if an java.io.IOException is thrown when running the codesign.

So for example, something like the following log:

Run CodeSigner
  Running ESigner.com CodeSign Action ====>
  
  java.io.IOException: Source '/github/workspace/artifacts/windows-latest-artifacts/insomnia/dist/squirrel-windows/Insomnia.Core-2022.7.0-alpha.0.exe' and destination '/github/workspace/artifacts/windows-latest-artifacts/insomnia/dist/squirrel-windows/Insomnia.Core-2022.7.0-alpha.0.exe' are the same
  	at org.apache.commons.io.FileUtils.copyFile(FileUtils.java:874)
  	at org.apache.commons.io.FileUtils.copyFile(FileUtils.java:835)
  	at org.apache.commons.io.FileUtils.copyFile(FileUtils.java:802)
  	at com.ssl.code.signing.tool.commands.SignCommand.run(SignCommand.java:250)
  	at picocli.CommandLine.executeUserObject(CommandLine.java:1939)
  	at picocli.CommandLine.access$1300(CommandLine.java:145)
  	at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2352)
  	at picocli.CommandLine$RunLast.handle(CommandLine.java:2346)
  	at picocli.CommandLine$RunLast.handle(CommandLine.java:2311)
  	at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2179)
  	at picocli.CommandLine.execute(CommandLine.java:2078)
  	at com.ssl.code.signing.tool.CodeSignTool.main(CodeSignTool.java:35)

Is still picked up as being a successful run on Github, even though the code signing didn't happen. Example of this happening can be found here

image

Possible workaround fix could be changing this check to also parse for Exception.

cc @ruby-dev

Action creates logs as root

This github action creates logs as root which introduces a new requirement to clean up these logs as root in our action definition - this wasn't always the behavior of this action - is it possible for the codesign tool to please not to do this?

john@box:~/path/to/workdir$ ls -l logs
-rw-r--r-- 1 root root 3128 Mar 15 19:15 code_signing_tool.log

Action does not work for Windows runners

Running the action on a Windows runner gives the following error

Error: Container action is only supported on Linux

It seems odd not to support Windows as the CodeSignTool tool is advertised as multi-platform

BUG: Inplace not supported

According to the docs, omitting output_path should make the tool operate inplace. However, when I try this, I get a build that "succeeds" but does not modify the binary:

https://github.com/mne-tools/mne-installers/actions/runs/3161136522/jobs/5146607163

Looking at the EV-code sign installer (Windows) step you'll see:

Run CodeSigner
  Running ESigner.com CodeSign Action ====>
  java.util.NoSuchElementException: No line found
  	at java.base/java.util.Scanner.nextLine(Scanner.java:1651)
  	at com.ssl.code.signing.tool.commands.SignCommand.run(SignCommand.java:143)
  	at picocli.CommandLine.executeUserObject(CommandLine.java:1939)
  	at picocli.CommandLine.access$1300(CommandLine.java:145)
  	at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2352)
  	at picocli.CommandLine$RunLast.handle(CommandLine.java:2346)
  	at picocli.CommandLine$RunLast.handle(CommandLine.java:2311)
  	at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2179)
  	at picocli.CommandLine.execute(CommandLine.java:2078)
  	at com.ssl.code.signing.tool.CodeSignTool.main(CodeSignTool.java:35)
  Warn: '-output_directory' parameter is not set. The output signed file will replace the original file. Do you still want to continue [y/n]?

which looks suspiciously like a stdin failure, but I could be wrong. And then in the next step I compare the hashes before and after and they are equal:

Old hash:
a81816db62c56d297217f863d7de9b164756e1efd110a625c7b38191b0b93b41 *MNE-Python-1.1.1_0-Windows.exe
New hash:
a81816db62c56d297217f863d7de9b164756e1efd110a625c7b38191b0b93b41  MNE-Python-1.1.1_0-Windows.exe

When I change the action to have a non-empty output_path, the output is reasonable:

https://github.com/mne-tools/mne-installers/actions/runs/3161464651/jobs/5147286622

 Running ESigner.com CodeSign Action ====>
  
  Code signed successfully: /github/workspace/signed/MNE-Python-1.1.1_0-Windows.exe

And the hashes do change:

Old hash:
64dd1e617805c0feb0ea35f0c2aa3a69a4af76cb6d4135328f3757e1730ec2fe *MNE-Python-1.1.1_0-Windows.exe
New hash:
e6d958683b6686df60b83dbaa5966a55b2e843ded5460cc156634a3f721809a8  MNE-Python-1.1.1_0-Windows.exe

So I think there is a bug with the Java inplace operation. Maybe a new command-line -accept could be added in Java that avoids this prompt (equivalent to accepting with "yes"), and then this could be passed inside this action when output_path is empty...?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.