Clean up

NordicSemiconductor · Jun 6, 2024 · af76a0a · af76a0a
1 parent da7c5fe
commit af76a0a
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 32 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -3,6 +3,10 @@ name: Build nRF Connect for Desktop
 on:
     workflow_dispatch:
         inputs:
+            sign:
+                type: boolean
+                default: false
+                required: true
     pull_request:
         branches:
             - main

diff --git a/.github/workflows/build_win.yml b/.github/workflows/build_win.yml
@@ -3,6 +3,10 @@ name: Build nRF Connect for Desktop for Windows x64
 on:
     workflow_dispatch:
         inputs:
+            sign:
+                type: boolean
+                default: false
+                required: true
     workflow_call:
 
 jobs:
@@ -19,7 +23,7 @@ jobs:
               run: |
                   echo "$SM_CLIENT_CERT_FILE_B64" | base64 --decode > /d/Certificate_pkcs12.p12
                   cat /d/Certificate_pkcs12.p12
-              if: github.event_name != 'pull_request'
+              if: ${{ github.event_name != 'pull_request' && inputs.sign}}
 
             - name: Set variables
               shell: bash
@@ -33,28 +37,11 @@ jobs:
                   echo "C:\\Program Files (x86)\\Windows Kits\\10\\App Certification Kit" >> $GITHUB_PATH
                   echo "C:\\Program Files (x86)\\Microsoft SDKs\\Windows\\v10.0A\\bin\\NETFX 4.8 Tools" >> $GITHUB_PATH
                   echo "C:\\Program Files\\DigiCert\\DigiCert One Signing Manager Tools" >> $GITHUB_PATH
-              if: github.event_name != 'pull_request'
+              if: ${{ github.event_name != 'pull_request' && inputs.sign}}
 
             - name: Build
               uses: ./.github/actions/build-action
 
-            # - name: Code signing with Software Trust Manager
-            #   uses: digicert/[email protected]
-            #   env:
-            #       SM_HOST: ${{ env.SM_HOST }}
-            #       SM_API_KEY: ${{ env.SM_API_KEY }}
-            #       SM_KEYPAIR_ALIAS: ${{ env.SM_KEYPAIR_ALIAS }}
-            #       SM_CLIENT_CERT_FILE: ${{ env.SM_CLIENT_CERT_FILE }}
-            #       SM_CLIENT_CERT_PASSWORD: ${{ env.SM_CLIENT_CERT_PASSWORD }}
-            #       SM_CODE_SIGNING_CERT_SHA1_HASH:
-            #           ${{ env.SM_CODE_SIGNING_CERT_SHA1_HASH }}
-            #   if: github.event_name != 'pull_request'
-
-            # - name: Initiate the client tools setup
-            #   run:
-            #       echo “The config file path ${{
-            #       steps.SSMClientToolSetup.outputs.PKCS11_CONFIG }}”
-
             - name: Setup signing tools
               run: |
                   curl -X GET  https://one.digicert.com/signingmanager/api-ui/v1/releases/smtools-windows-x64.msi/download -H "x-api-key:%SM_API_KEY%" -o smtools-windows-x64.msi
@@ -64,24 +51,24 @@ jobs:
                   C:\Windows\System32\certutil.exe -csp "DigiCert Signing Manager KSP" -key -user
                   smksp_cert_sync.exe
               shell: cmd
-              if: github.event_name != 'pull_request'
+              if: ${{ github.event_name != 'pull_request' && inputs.sign}}
 
             - name: Certificates Sync
               run: |
                   smctl windows certsync
               shell: cmd
-              if: github.event_name != 'pull_request'
+              if: ${{ github.event_name != 'pull_request' && inputs.sign}}
 
             - name: Run Electron Builder
               run: |
                   export DEBUG=electron-builder
                   export SM_LOG_LEVEL=TRACE
                   npx electron-builder -p never --windows nsis:x64
-                  cd ~/.signingmanager/logs
-                  ls
-                  cat smctl.log
-                  cat smksp.log
-                  cat smksp_cert_sync.log
+                  # Keep the lines for debugging
+                  # cd ~/.signingmanager/logs
+                  # cat smctl.log
+                  # cat smksp.log
+                  # cat smksp_cert_sync.log
               shell: bash
               if: github.event_name != 'pull_request'
 

diff --git a/build/winSign.js b/build/winSign.js
@@ -6,7 +6,7 @@
 
 const { execSync } = require('child_process');
 
-exports.default = async configuration => {
+exports.default = configuration => {
     if (!process.env.SM_API_KEY) {
         console.info(`Skip signing because SM_API_KEY is not configured`);
         return;
@@ -21,17 +21,15 @@ exports.default = async configuration => {
 
     if (configuration.path) {
         try {
-            const output = await execSync(
+            const output = execSync(
                 `smctl sign --keypair-alias="${keypairAlias}" --input "${String(
                     configuration.path
                 )}"  --verbose`,
                 {
                     stdio: 'inherit',
                 }
-            )
-                .toString()
-                .trim();
-            console.log(`Signing succeeded???: ${output}`);
+            );
+            console.log(`Signing succeeded: ${output}`);
         } catch (e) {
             console.log(`Signing failed with error: ${e}`);
         }