upstream/mercurial-mirror Commit - r45272:a3998409

packaging: integrate signing into run_wix_packaging()...

Gregory Szorc -

r45272:a3998409 stable

parent child

contrib/packaging/hgpackaging/cli.py

0 +8 -8

                 extra_wxs=None,
                 extra_features=None,
             ):
-                fn = wix.build_installer
                 kwargs = {
                     "source_dir": SOURCE_DIR,
                     "python_exe": pathlib.Path(python),
                     kwargs["extra_features"] = extra_features.split(",")
                 if sign_sn or sign_cert:
-                    fn = wix.build_signed_installer
+                    kwargs["signing_info"] = {
-                    kwargs["name"] = name
+                        "name": name,
-                    kwargs["subject_name"] = sign_sn
+                        "subject_name": sign_sn,
-                    kwargs["cert_path"] = sign_cert
+                        "cert_path": sign_cert,
-                    kwargs["cert_password"] = sign_password
+                        "cert_password": sign_password,
-                    kwargs["timestamp_url"] = sign_timestamp_url
+                        "timestamp_url": sign_timestamp_url,
+                    }
-                fn(**kwargs)
+                wix.build_installer(**kwargs)
             def get_parser():

contrib/packaging/hgpackaging/wix.py

0 +30 -80

@@ -121,30 +121,6 b' def run_candle(wix, cwd, wxs, source_dir'
121	subprocess.run(args, cwd=str(cwd), check=True)	121	subprocess.run(args, cwd=str(cwd), check=True)
122		122
123		123
124	def make_post_build_signing_fn(
125	name,
126	subject_name=None,
127	cert_path=None,
128	cert_password=None,
129	timestamp_url=None,
130	):
131	"""Create a callable that will use signtool to sign hg.exe."""
132
133	def post_build_sign(source_dir, build_dir, dist_dir, version):
134	description = '%s %s' % (name, version)
135
136	sign_with_signtool(
137	dist_dir / 'hg.exe',
138	description,
139	subject_name=subject_name,
140	cert_path=cert_path,
141	cert_password=cert_password,
142	timestamp_url=timestamp_url,
143	)
144
145	return post_build_sign
146
147
148	def make_files_xml(staging_dir: pathlib.Path, is_x64) -> str:	124	def make_files_xml(staging_dir: pathlib.Path, is_x64) -> str:
149	"""Create XML string listing every file to be installed."""	125	"""Create XML string listing every file to be installed."""
150		126
@@ -313,10 +289,10 b' def build_installer('
313	python_exe: pathlib.Path,	289	python_exe: pathlib.Path,
314	msi_name='mercurial',	290	msi_name='mercurial',
315	version=None,	291	version=None,
316	post_build_fn=None,
317	extra_packages_script=None,	292	extra_packages_script=None,
318	extra_wxs: typing.Optional[typing.Dict[str, str]] = None,	293	extra_wxs: typing.Optional[typing.Dict[str, str]] = None,
319	extra_features: typing.Optional[typing.List[str]] = None,	294	extra_features: typing.Optional[typing.List[str]] = None,
		295	signing_info: typing.Optional[typing.Dict[str, str]] = None,
320	):	296	):
321	"""Build a WiX MSI installer.	297	"""Build a WiX MSI installer.
322		298
@@ -325,10 +301,6 b' def build_installer('
325	``python_exe`` is the path to the Python executable to use/bundle.	301	``python_exe`` is the path to the Python executable to use/bundle.
326	``version`` is the Mercurial version string. If not defined,	302	``version`` is the Mercurial version string. If not defined,
327	``mercurial/__version__.py`` will be consulted.	303	``mercurial/__version__.py`` will be consulted.
328	``post_build_fn`` is a callable that will be called after building
329	Mercurial but before invoking WiX. It can be used to e.g. facilitate
330	signing. It is passed the paths to the Mercurial source, build, and
331	dist directories and the resolved Mercurial version.
332	``extra_packages_script`` is a command to be run to inject extra packages	304	``extra_packages_script`` is a command to be run to inject extra packages
333	into the py2exe binary. It should stage packages into the virtualenv and	305	into the py2exe binary. It should stage packages into the virtualenv and
334	print a null byte followed by a newline-separated list of packages that	306	print a null byte followed by a newline-separated list of packages that
@@ -340,7 +312,6 b' def build_installer('
340	arch = 'x64' if r'\x64' in os.environ.get('LIB', '') else 'x86'	312	arch = 'x64' if r'\x64' in os.environ.get('LIB', '') else 'x86'
341		313
342	hg_build_dir = source_dir / 'build'	314	hg_build_dir = source_dir / 'build'
343	dist_dir = source_dir / 'dist'
344		315
345	requirements_txt = (	316	requirements_txt = (
346	source_dir / 'contrib' / 'packaging' / 'requirements_win32.txt'	317	source_dir / 'contrib' / 'packaging' / 'requirements_win32.txt'
@@ -362,9 +333,6 b' def build_installer('
362	if version != orig_version:	333	if version != orig_version:
363	print('(normalized from: %s)' % orig_version)	334	print('(normalized from: %s)' % orig_version)
364		335
365	if post_build_fn:
366	post_build_fn(source_dir, hg_build_dir, dist_dir, version)
367
368	build_dir = hg_build_dir / ('wix-%s' % arch)	336	build_dir = hg_build_dir / ('wix-%s' % arch)
369	staging_dir = build_dir / 'stage'	337	staging_dir = build_dir / 'stage'
370		338
@@ -397,6 +365,7 b' def build_installer('
397	msi_name=msi_name,	365	msi_name=msi_name,
398	extra_wxs=extra_wxs,	366	extra_wxs=extra_wxs,
399	extra_features=extra_features,	367	extra_features=extra_features,
		368	signing_info=signing_info,
400	)	369	)
401		370
402		371
@@ -410,8 +379,25 b' def run_wix_packaging('
410	msi_name: typing.Optional[str] = "mercurial",	379	msi_name: typing.Optional[str] = "mercurial",
411	extra_wxs: typing.Optional[typing.Dict[str, str]] = None,	380	extra_wxs: typing.Optional[typing.Dict[str, str]] = None,
412	extra_features: typing.Optional[typing.List[str]] = None,	381	extra_features: typing.Optional[typing.List[str]] = None,
		382	signing_info: typing.Optional[typing.Dict[str, str]] = None,
413	):	383	):
414	"""Invokes WiX to package up a built Mercurial.~~"""~~	384	"""Invokes WiX to package up a built Mercurial.
		385
		386	``signing_info`` is a dict defining properties to facilitate signing the
		387	installer. Recognized keys include ``name``, ``subject_name``,
		388	``cert_path``, ``cert_password``, and ``timestamp_url``. If populated,
		389	we will sign both the hg.exe and the .msi using the signing credentials
		390	specified.
		391	"""
		392	if signing_info:
		393	sign_with_signtool(
		394	staging_dir / "hg.exe",
		395	"%s %s" % (signing_info["name"], version),
		396	subject_name=signing_info["subject_name"],
		397	cert_path=signing_info["cert_path"],
		398	cert_password=signing_info["cert_password"],
		399	timestamp_url=signing_info["timestamp_url"],
		400	)
415		401
416	wix_dir = source_dir / 'contrib' / 'packaging' / 'wix'	402	wix_dir = source_dir / 'contrib' / 'packaging' / 'wix'
417		403
@@ -475,52 +461,16 b' def run_wix_packaging('
475		461
476	print('%s created' % msi_path)	462	print('%s created' % msi_path)
477		463
		464	if signing_info:
		465	sign_with_signtool(
		466	msi_path,
		467	"%s %s" % (signing_info["name"], version),
		468	subject_name=signing_info["subject_name"],
		469	cert_path=signing_info["cert_path"],
		470	cert_password=signing_info["cert_password"],
		471	timestamp_url=signing_info["timestamp_url"],
		472	)
		473
478	return {	474	return {
479	'msi_path': msi_path,	475	'msi_path': msi_path,
480	}	476	}
481
482
483	def build_signed_installer(
484	source_dir: pathlib.Path,
485	python_exe: pathlib.Path,
486	name: str,
487	version=None,
488	subject_name=None,
489	cert_path=None,
490	cert_password=None,
491	timestamp_url=None,
492	extra_packages_script=None,
493	extra_wxs=None,
494	extra_features=None,
495	):
496	"""Build an installer with signed executables."""
497
498	post_build_fn = make_post_build_signing_fn(
499	name,
500	subject_name=subject_name,
501	cert_path=cert_path,
502	cert_password=cert_password,
503	timestamp_url=timestamp_url,
504	)
505
506	info = build_installer(
507	source_dir,
508	python_exe=python_exe,
509	msi_name=name.lower(),
510	version=version,
511	post_build_fn=post_build_fn,
512	extra_packages_script=extra_packages_script,
513	extra_wxs=extra_wxs,
514	extra_features=extra_features,
515	)
516
517	description = '%s %s' % (name, version)
518
519	sign_with_signtool(
520	info['msi_path'],
521	description,
522	subject_name=subject_name,
523	cert_path=cert_path,
524	cert_password=cert_password,
525	timestamp_url=timestamp_url,
526	)

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages