Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
microsoft
GitHub Repository: microsoft/vscode
 Path: blob/main/build/darwin/sign.js
3520 views
1
"use strict";

2
var __importDefault = (this && this.__importDefault) || function (mod) {

3
    return (mod && mod.__esModule) ? mod : { "default": mod };

4
};

5
Object.defineProperty(exports, "__esModule", { value: true });

6
/*---------------------------------------------------------------------------------------------

7
 *  Copyright (c) Microsoft Corporation. All rights reserved.

8
 *  Licensed under the MIT License. See License.txt in the project root for license information.

9
 *--------------------------------------------------------------------------------------------*/

10
const fs_1 = __importDefault(require("fs"));

11
const path_1 = __importDefault(require("path"));

12
const osx_sign_1 = require("@electron/osx-sign");

13
const cross_spawn_promise_1 = require("@malept/cross-spawn-promise");

14
const root = path_1.default.dirname(path_1.default.dirname(__dirname));

15
const baseDir = path_1.default.dirname(__dirname);

16
const product = JSON.parse(fs_1.default.readFileSync(path_1.default.join(root, 'product.json'), 'utf8'));

17
const helperAppBaseName = product.nameShort;

18
const gpuHelperAppName = helperAppBaseName + ' Helper (GPU).app';

19
const rendererHelperAppName = helperAppBaseName + ' Helper (Renderer).app';

20
const pluginHelperAppName = helperAppBaseName + ' Helper (Plugin).app';

21
function getElectronVersion() {

22
    const npmrc = fs_1.default.readFileSync(path_1.default.join(root, '.npmrc'), 'utf8');

23
    const target = /^target="(.*)"$/m.exec(npmrc)[1];

24
    return target;

25
}

26
function getEntitlementsForFile(filePath) {

27
    if (filePath.includes(gpuHelperAppName)) {

28
        return path_1.default.join(baseDir, 'azure-pipelines', 'darwin', 'helper-gpu-entitlements.plist');

29
    }

30
    else if (filePath.includes(rendererHelperAppName)) {

31
        return path_1.default.join(baseDir, 'azure-pipelines', 'darwin', 'helper-renderer-entitlements.plist');

32
    }

33
    else if (filePath.includes(pluginHelperAppName)) {

34
        return path_1.default.join(baseDir, 'azure-pipelines', 'darwin', 'helper-plugin-entitlements.plist');

35
    }

36
    return path_1.default.join(baseDir, 'azure-pipelines', 'darwin', 'app-entitlements.plist');

37
}

38
async function main(buildDir) {

39
    const tempDir = process.env['AGENT_TEMPDIRECTORY'];

40
    const arch = process.env['VSCODE_ARCH'];

41
    const identity = process.env['CODESIGN_IDENTITY'];

42
    if (!buildDir) {

43
        throw new Error('$AGENT_BUILDDIRECTORY not set');

44
    }

45
    if (!tempDir) {

46
        throw new Error('$AGENT_TEMPDIRECTORY not set');

47
    }

48
    const appRoot = path_1.default.join(buildDir, `VSCode-darwin-${arch}`);

49
    const appName = product.nameLong + '.app';

50
    const infoPlistPath = path_1.default.resolve(appRoot, appName, 'Contents', 'Info.plist');

51
    const appOpts = {

52
        app: path_1.default.join(appRoot, appName),

53
        platform: 'darwin',

54
        optionsForFile: (filePath) => ({

55
            entitlements: getEntitlementsForFile(filePath),

56
            hardenedRuntime: true,

57
        }),

58
        preAutoEntitlements: false,

59
        preEmbedProvisioningProfile: false,

60
        keychain: path_1.default.join(tempDir, 'buildagent.keychain'),

61
        version: getElectronVersion(),

62
        identity,

63
    };

64
    // Only overwrite plist entries for x64 and arm64 builds,

65
    // universal will get its copy from the x64 build.

66
    if (arch !== 'universal') {

67
        await (0, cross_spawn_promise_1.spawn)('plutil', [

68
            '-insert',

69
            'NSAppleEventsUsageDescription',

70
            '-string',

71
            'An application in Visual Studio Code wants to use AppleScript.',

72
            `${infoPlistPath}`

73
        ]);

74
        await (0, cross_spawn_promise_1.spawn)('plutil', [

75
            '-replace',

76
            'NSMicrophoneUsageDescription',

77
            '-string',

78
            'An application in Visual Studio Code wants to use the Microphone.',

79
            `${infoPlistPath}`

80
        ]);

81
        await (0, cross_spawn_promise_1.spawn)('plutil', [

82
            '-replace',

83
            'NSCameraUsageDescription',

84
            '-string',

85
            'An application in Visual Studio Code wants to use the Camera.',

86
            `${infoPlistPath}`

87
        ]);

88
    }

89
    await (0, osx_sign_1.sign)(appOpts);

90
}

91
if (require.main === module) {

92
    main(process.argv[2]).catch(async err => {

93
        console.error(err);

94
        const tempDir = process.env['AGENT_TEMPDIRECTORY'];

95
        if (tempDir) {

96
            const keychain = path_1.default.join(tempDir, 'buildagent.keychain');

97
            const identities = await (0, cross_spawn_promise_1.spawn)('security', ['find-identity', '-p', 'codesigning', '-v', keychain]);

98
            console.error(`Available identities:\n${identities}`);

99
            const dump = await (0, cross_spawn_promise_1.spawn)('security', ['dump-keychain', keychain]);

100
            console.error(`Keychain dump:\n${dump}`);

101
        }

102
        process.exit(1);

103
    });

104
}

105
//# sourceMappingURL=sign.js.map

106