From 1bb87a3a2264a1b37b8c0d60ec3c76a01b9378b6 Mon Sep 17 00:00:00 2001 From: Tony <68118705+Legend-Master@users.noreply.github.com> Date: Tue, 30 Apr 2024 23:45:24 +0800 Subject: [PATCH] feat(cli): generate signature for updater-enabled bundles (#9446) --- rustfmt.toml | 1 - tooling/cli/src/build.rs | 51 +++++++++++++++++++--------------------- 2 files changed, 24 insertions(+), 28 deletions(-) diff --git a/rustfmt.toml b/rustfmt.toml index cb7457be1..9446a9df5 100644 --- a/rustfmt.toml +++ b/rustfmt.toml @@ -12,5 +12,4 @@ use_try_shorthand = false use_field_init_shorthand = false force_explicit_abi = true # normalize_comments = true -normalize_doc_attributes = true # wrap_comments = true diff --git a/tooling/cli/src/build.rs b/tooling/cli/src/build.rs index ec10e030b..d412ea466 100644 --- a/tooling/cli/src/build.rs +++ b/tooling/cli/src/build.rs @@ -22,7 +22,10 @@ use std::{ str::FromStr, sync::OnceLock, }; -use tauri_bundler::bundle::{bundle_project, Bundle, PackageType}; +use tauri_bundler::{ + bundle::{bundle_project, PackageType}, + Bundle, +}; use tauri_utils::platform::Target; #[derive(Debug, Clone)] @@ -249,23 +252,6 @@ fn bundle( return Ok(()); } - let updater_pub_key = config - .plugins - .0 - .get("updater") - .and_then(|k| k.get("pubkey")) - .and_then(|v| v.as_str()) - .map(|v| v.to_string()); - - if updater_pub_key - .as_ref() - .map(|v| !v.is_empty()) - .unwrap_or(false) - && !package_types.contains(&PackageType::Updater) - { - log::warn!("`plugins > updater > pubkey` is set, but the bundle target list does not contain `updater`, so the updater artifacts won't be generated."); - } - // if we have a package to bundle, let's run the `before_bundle_command`. if !package_types.is_empty() { if let Some(before_bundle) = config.build.before_bundle_command.clone() { @@ -310,13 +296,26 @@ fn bundle( .map_err(|e| anyhow::anyhow!("{:#}", e)) .with_context(|| "failed to bundle project")?; - let updater_bundles: Vec<&Bundle> = bundles + let update_enabled_bundles: Vec<&Bundle> = bundles .iter() - .filter(|bundle| bundle.package_type == PackageType::Updater) + .filter(|bundle| { + matches!( + bundle.package_type, + PackageType::Updater | PackageType::Nsis | PackageType::WindowsMsi | PackageType::AppImage + ) + }) .collect(); - // If updater is active and we bundled it - if !updater_bundles.is_empty() { + // Skip if no updater is active + if !update_enabled_bundles.is_empty() { + let updater_pub_key = config + .plugins + .0 + .get("updater") + .and_then(|k| k.get("pubkey")) + .and_then(|v| v.as_str()) + .map(|v| v.to_string()); + if let Some(pubkey) = updater_pub_key { // get the public key // check if pubkey points to a file... @@ -357,16 +356,14 @@ fn bundle( // make sure we have our package built let mut signed_paths = Vec::new(); - for elem in updater_bundles { + for bundle in update_enabled_bundles { // we expect to have only one path in the vec but we iter if we add // another type of updater package who require multiple file signature - for path in elem.bundle_paths.iter() { + for path in bundle.bundle_paths.iter() { // sign our path from environment variables let (signature_path, signature) = sign_file(&secret_key, path)?; if signature.keynum() != public_key.keynum() { - log::warn!( - "The updater secret key from `TAURI_PRIVATE_KEY` does not match the public key from `plugins > updater > pubkey`. If you are not rotating keys, this means your configuration is wrong and won't be accepted at runtime when performing update." - ); + log::warn!("The updater secret key from `TAURI_PRIVATE_KEY` does not match the public key from `plugins > updater > pubkey`. If you are not rotating keys, this means your configuration is wrong and won't be accepted at runtime when performing update."); } signed_paths.push(signature_path); }