search

SSLcom / esigner-codesign

GitHub Action for CodeSigner by SSL.com
14 stars 2 forks source link

Sign file_path with spaces in name #11

Closed AnEmortalKid closed 11 months ago

AnEmortalKid commented 1 year ago

I'm trying to use the eSigner action and my file_path contains a name in the executable, like "x64/my-app-0.1.0 Setup.exe", this is produced by electron-forge/SquierrelWindows https://github.com/electron/forge/blob/52a45f444b46ea686365bc690ecbb9da60f1efd3/packages/maker/squirrel/src/MakerSquirrel.ts#L28

I was wondering if there's any way to get the action to recognize the escaped space (or if there's a proper way to escape the space):

The sign tool binary throws an error

Unmatched argument at index 6: 'Setup.exe'
bayrakmustafa commented 12 months ago

I'm trying to use the eSigner action and my file_path contains a name in the executable, like "x64/my-app-0.1.0 Setup.exe", this is produced by electron-forge/SquierrelWindows https://github.com/electron/forge/blob/52a45f444b46ea686365bc690ecbb9da60f1efd3/packages/maker/squirrel/src/MakerSquirrel.ts#L28

I was wondering if there's any way to get the action to recognize the escaped space (or if there's a proper way to escape the space):

The sign tool binary throws an error

Unmatched argument at index 6: 'Setup.exe'

@AnEmortalKid We've made an update to the issue with space characters. Can you test it in develop branch?

elranu commented 6 months ago

@AnEmortalKid Do you have an example with electron forge and SSLcom to share?

AnEmortalKid commented 6 months ago

I haven’t had to sign a project in about 8 months so I cancelled my eSigner subscription.

Here’s a GitHub workflow file I was using https://github.com/AnEmortalKid/starcitizen-byecache/blob/main/.github/workflows/release.yaml (which I commented out when I found the bug)

electon forge itself wouldn’t work with its built in signing mechanism, since that relied on downloading the PFX file to the file system (which isn’t supported anymore)

I think now a days, this would be what you use to integrate it directly into the forge lifecycle https://github.com/electron/windows-sign?tab=readme-ov-file#with-a-custom-signtoolexe-or-custom-parameters

My approach was to do this:

  1. election forge builds the package/app for me with publish
  2. The ssldotcom action signs the binary at the expected output path and overrides the binary
  3. That new binary gets attached to the release

It looks like you can use the custom binary approach for that windows-sign library and maybe specify the tool to be the code sign tool and parameters for the password etc (I don’t think that was an option for me when I first tried things)

elranu commented 6 months ago

Thanks @AnEmortalKid