search

BugSplat-Git / symbol-upload

Cross-platform symbol upload utility
MIT License
10 stars 3 forks source link

Signtool requirements for running `npm run sea:windows` #134

Open ariffammobox opened 2 months ago

ariffammobox commented 2 months ago

I have setup on our build agents to clone this repository and run npm install with npm run pkg:windows previously so the Bugsplat executable will always kept up to date.

However I notice since the SEA update the new command to package the executable is with npm run sea:windows which has a dependency on signtool of a specific windows sdk version to remove signature from the exe and will cause warning when doing npx postject later on but the symbol-upload-windows.exe will still work.

Is there an alternative other than using microsoft own signtool as I'm unable to find the specific version from the symbol-upload\sea\windows.ps1 ?

bobbyg603 commented 2 months ago

hi @ariffammobox, we use GitHub action runners to create our version of the symbol-upload-windows executable and I think we hard coded the path in a hurry because that was the version on the default windows runner and the alternative seemed fairly involved.

I don't know of any alternatives to Microsoft's signtool, however I'm not sure it matters which version of signtool you use.

Perhaps we could make a change our script to accept an argument with a path to signtool? That way you could invoke sea\Windows.ps1 yourself and pass it the path to any signtool version on the machine.

bobbyg603 commented 2 months ago

@ariffammobox thinking about this again, you might also just be able to install any version of sign tool, and make a symbolic link at the path in Windows.ps1

ariffammobox commented 2 months ago

hi @ariffammobox, we use GitHub action runners to create our version of the symbol-upload-windows executable and I think we hard coded the path in a hurry because that was the version on the default windows runner and the alternative seemed fairly involved.

I don't know of any alternatives to Microsoft's signtool, however I'm not sure it matters which version of signtool you use.

Perhaps we could make a change our script to accept an argument with a path to signtool? That way you could invoke sea\Windows.ps1 yourself and pass it the path to any signtool version on the machine.

That works too! I thought we needed that specific signtool, and from what I understand the signtool actually just removes the digital signature correct? I tried with another mini executable that does only that. Seems to work fine for us.