Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MacOS: Option to skip TLS certificate creation for Safari #217

Merged
merged 5 commits into from
Aug 1, 2023
Merged

MacOS: Option to skip TLS certificate creation for Safari #217

merged 5 commits into from
Aug 1, 2023

Conversation

pomali
Copy link
Contributor

@pomali pomali commented Jul 6, 2023

Ked sa spusta instalacia cez brew, nemoze vyzadovat interakciu.

Pridavame teda spravanie, ze ak existuje subor$HOME/Library/Application Support/Autogram/tls/skip tak sa vytvaranie preskoci

takisto pridavame moznost spustit Autogram.app/Contents/Resources/Scripts/create-cert.sh ktory to urobi v buducnosti ak by pouzivatel chcel pouzivat rozsirenie na safari

@pomali pomali requested a review from a team as a code owner July 6, 2023 13:29
@celuchmarek
Copy link
Member

Jo, to dáva zmysel. Čiže takto bude vedieť user nainštalovať Autogram cez brew a potom tým create-cert.sh vie dogenerovať certifikáty, aby moholo používať aj https pre Safari, hej?

To s tým skip súborom je nejaký best practice? Ešte som to nevidel, ale zase nemám toľko skúseností, tak sa pýtam. To bude musieť user vytvoriť ten skip súbor predtým ako si ide inštalovať Autogram cez brew?

@pomali
Copy link
Contributor Author

pomali commented Jul 6, 2023

Ano, asi idealne by bolo keby to generovanie certifikatov riesil instalator safari extensionu, ale zatial to mame takto nastavene.

Skip subor je uplny hack, lebo kvoli "bezpecnosti" nema pristup ani ku env ani k nicomu inemu cez co by som vedel posunut info, ze ma preskocit ten krok.

Nebude musiet nic urobit, vyriesi to za neho brew package https://slovensko-digital.slack.com/archives/C0564RNLT62/p1688645300083349?thread_ts=1683236585.047879&cid=C0564RNLT62

Alternativy ako toto vyriesit su

  • dat vytvaranie certifikatu do samostaneho package-u
  • dat vytvaranie certifikatu do safari extension instalatora
    obe su vsak na dlhsie, takze zatial je tu tento hack

jsuchal
jsuchal reviewed Jul 19, 2023
View reviewed changes
.vscode/tasks.json
@@ -93,7 +93,7 @@

{
"label": "MacOS: Send package for notarization",
"command": "xcrun notarytool submit --keychain-profile \"autogram\" --keychain $APPLE_KEYCHAIN_PATH --wait target/Autogram-*.pkg",
"command": "pkgutil --check-signature target/Autogram-*.pkg && xcrun notarytool submit --keychain-profile \"autogram\" --keychain $APPLE_KEYCHAIN_PATH --wait target/Autogram-*.pkg",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Toto je nieco nove?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

toto je aby to faillo co najskor pred tym nez sa robi upload

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

a teda ide iba o comand vo vscode, ktory pouziva developer

jsuchal
jsuchal reviewed Jul 19, 2023
View reviewed changes
src/main/scripts/package.sh
@@ -167,6 +167,7 @@ if [[ "$platform" == "mac" ]]; then
fi

if [[ "$properties_mac_sign" == "1" ]]; then
export JPACKAGE_MAC_SIGN="1"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Toto tu ma byt na tvrdo?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ano, jedine ine co by tam davalo zmysel je "$properties_mac_sign" ale to je tiez "1"

@jsuchal jsuchal merged commit 3d1c956 into slovensko-digital:main Aug 1, 2023
3 checks passed
@jsuchal jsuchal deleted the macos-skip-cert-option branch August 1, 2023 09:36
pomali added a commit to pomali/autogram that referenced this pull request Aug 2, 2023
@pomali
MacOS: Option to skip TLS certificate creation for Safari (slovensko-…
af980ec 
…digital#217)

split out cert creation
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jsuchal jsuchal jsuchal approved these changes

@celuchmarek celuchmarek celuchmarek approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@pomali @celuchmarek @jsuchal