Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
AI
/
opencode
-ын хуулбар https://github.com/anomalyco/opencode.git
2
0
Салаа 0
Файлууд Асуудлууд 0 Мэдлэгийн сан
Салаа: dev
Салаанууд Тагууд
opencode
/
script
/
sign-windows.ps1

sign-windows.ps1 2.2 KB
Байнгын холболт Түүх Анхны өгөгдөл

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 
  1. param(
    2. 

  2.   [Parameter(ValueFromRemainingArguments = $true)]
    3. 

  3.   [string[]] $Path
    4. 

  4. )
    5. 

  5. 

  6. $ErrorActionPreference = "Stop"
    7. 

  7. 

  8. if (-not $Path -or $Path.Count -eq 0) {
    9. 

  9.   throw "At least one path is required"
    10. 

  10. }
    11. 

  11. 

  12. if ($env:GITHUB_ACTIONS -ne "true") {
    13. 

  13.   Write-Host "Skipping Windows signing because this is not running on GitHub Actions"
    14. 

  14.   exit 0
    15. 

  15. }
    16. 

  16. 

  17. $vars = @{
    18. 

  18.   endpoint = $env:AZURE_TRUSTED_SIGNING_ENDPOINT
    19. 

  19.   account = $env:AZURE_TRUSTED_SIGNING_ACCOUNT_NAME
    20. 

  20.   profile = $env:AZURE_TRUSTED_SIGNING_CERTIFICATE_PROFILE
    21. 

  21. }
    22. 

  22. 

  23. if ($vars.Values | Where-Object { -not $_ }) {
    24. 

  24.   Write-Host "Skipping Windows signing because Azure Artifact Signing is not configured"
    25. 

  25.   exit 0
    26. 

  26. }
    27. 

  27. 

  28. $moduleVersion = "0.5.8"
    29. 

  29. $module = Get-Module -ListAvailable -Name TrustedSigning | Where-Object { $_.Version -eq [version] $moduleVersion }
    30. 

  30. 

  31. if (-not $module) {
    32. 

  32.   try {
    33. 

  33.     Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force -Scope CurrentUser | Out-Null
    34. 

  34.   }
    35. 

  35.   catch {
    36. 

  36.     Write-Host "NuGet package provider install skipped: $($_.Exception.Message)"
    37. 

  37.   }
    38. 

  38. 

  39.   Install-Module -Name TrustedSigning -RequiredVersion $moduleVersion -Force -Repository PSGallery -Scope CurrentUser
    40. 

  40. }
    41. 

  41. 

  42. Import-Module TrustedSigning -RequiredVersion $moduleVersion -Force
    43. 

  43. 

  44. $files = @($Path | ForEach-Object { Resolve-Path $_ -ErrorAction SilentlyContinue } | Select-Object -ExpandProperty Path -Unique)
    45. 

  45. 

  46. if (-not $files -or $files.Count -eq 0) {
    47. 

  47.   throw "No files matched the requested paths"
    48. 

  48. }
    49. 

  49. 

  50. $params = @{
    51. 

  51.   Endpoint                         = $vars.endpoint
    52. 

  52.   CodeSigningAccountName           = $vars.account
    53. 

  53.   CertificateProfileName           = $vars.profile
    54. 

  54.   Files                            = ($files -join ",")
    55. 

  55.   FileDigest                       = "SHA256"
    56. 

  56.   TimestampDigest                  = "SHA256"
    57. 

  57.   TimestampRfc3161                 = "http://timestamp.acs.microsoft.com"
    58. 

  58.   ExcludeEnvironmentCredential     = $true
    59. 

  59.   ExcludeWorkloadIdentityCredential = $true
    60. 

  60.   ExcludeManagedIdentityCredential = $true
    61. 

  61.   ExcludeSharedTokenCacheCredential = $true
    62. 

  62.   ExcludeVisualStudioCredential    = $true
    63. 

  63.   ExcludeVisualStudioCodeCredential = $true
    64. 

  64.   ExcludeAzureCliCredential        = $false
    65. 

  65.   ExcludeAzurePowerShellCredential = $true
    66. 

  66.   ExcludeAzureDeveloperCliCredential = $true
    67. 

  67.   ExcludeInteractiveBrowserCredential = $true
    68. 

  68. }
    69. 

  69. 

  70. Invoke-TrustedSigning @params
    71.