Age | Commit message (Collapse) | Author |
|
|
|
|
|
This reverts commit 9d172f007eeb5ade5ddad03e1f71fa4c373855f8.
Got a second thought and remembered why it was not done in the first place.
The issue here is that the server needs to communicate codesign result back
and that must happen within the new protocol. So if the client talks old
protocol it is possible to receieve data from it, but is not possible to
communicate result back to it.
|
|
Turns out it is easier to have suboptimal versioning code on the server
side than to deal with branches where changes are to be merged into.
|
|
Pass codesign errors (if any) from codesign buildbot server to the
buildbot worker, so that the latter one can abort build process if
the error happens. This solves issues when non-properly-notarized
DMG package gets uploaded to the buildbot website.
|
|
|
|
Solves problem with different order of codesign server startup and
mount of network shares: avoids exception happening when server is
started prior to the mounts are ready.
|
|
|
|
|
|
Is achieved by replacing hard-coded signed/unsigned file names with
"<uuid>" which acts as a "request ID". This way multiple workers can
put their requests into a single directory without collisions. The
code sign server will handle the requests sequentially in an unknown
order.
|
|
|
|
|
|
Seems like sometimes files are being only partially ready, which makes it so there
are unsigned files, failing to deliver fully signed bundle.
Now expected archive file size is stored into stamp file and is checked against
size of the archive file on another side.
There are some bare prints used for debugging, would need to switch it to a proper
logger (or to be removed).
|
|
Is still sometimes .ready file appears prior to an actual archive.
|
|
Apparently, there is no os.sync() on Windows.
|
|
From looking into builder's logs it seems that stamp file is picked
up prior to actual archive: sometimes worker reports missing archive
file, from a code path which is only possible if there is a stamp file.
Could be something with IO scheduling where bigger file is sent to
Samba server after smaller file.
Hopefully with this change this will not happen anymore.
|
|
|
|
Works similarly to Windows configuration where buildbot worker and
codesign machines are communicating with each other using network
drive.
|
|
|
|
The current authority we use RFC 3161 time stamp server,
so need to pass different command line argument.
|
|
It was possible that it would exceed when signing all the DLLs if the machine
is busy with some background tasks or when internet is slow.
|
|
This changes integrates code signing steps into a buildbot worker
process.
The configuration requires having a separate machine running with
a shared folder access between the signing machine and worker machine.
Actual signing is happening as a "POST-INSTALL" script run by CMake,
which allows to sign any binary which ends up in the final bundle.
Additionally, such way allows to avoid signing binaries in the build
folder (if we were signing as a built process, which iwas another
alternative).
Such complexity is needed on platforms which are using CPack to
generate final bundle: CPack runs INSTALL target into its own location,
so it is useless to run signing on a folder which is considered INSTALL
by the buildbot worker.
There is a signing script which can be used as a standalone tool,
making it possible to hook up signing for macOS's bundler.
There is a dummy Linux signer implementation, which can be activated
by returning True from mock_codesign in linux_code_signer.py.
Main purpose of this signer is to give an ability to develop the
scripts on Linux environment, without going to Windows VM.
The code is based on D6036 from Nathan Letwory.
Differential Revision: https://developer.blender.org/D6216
|