Blender Git Commit Log

Git Commits -> Revision c73a99e

Revision c73a99e by Sergey Sharybin (master)
November 13, 2019, 08:24 (GMT)
Initial implementation of code signing routines

This changes integrates code signing steps into a buildbot worker
process.

The configuration requires having a separate machine running with
a shared folder access between the signing machine and worker machine.

Actual signing is happening as a "POST-INSTALL" script run by CMake,
which allows to sign any binary which ends up in the final bundle.
Additionally, such way allows to avoid signing binaries in the build
folder (if we were signing as a built process, which iwas another
alternative).
Such complexity is needed on platforms which are using CPack to
generate final bundle: CPack runs INSTALL target into its own location,
so it is useless to run signing on a folder which is considered INSTALL
by the buildbot worker.

There is a signing script which can be used as a standalone tool,
making it possible to hook up signing for macOS's bundler.

There is a dummy Linux signer implementation, which can be activated
by returning True from mock_codesign in linux_code_signer.py.
Main purpose of this signer is to give an ability to develop the
scripts on Linux environment, without going to Windows VM.

The code is based on D6036 from Nathan Letwory.

Differential Revision: https://developer.blender.org/D6216

Commit Details:

Full Hash: c73a99ef902b21cc0ed2b03daffa9f1adfb70412
Parent Commit: d325209
Lines Changed: +1269, -3

16 Added Paths:

/build_files/buildbot/codesign/absolute_and_relative_filename.py (+77, -0) (View)
/build_files/buildbot/codesign/archive_with_indicator.py (+101, -0) (View)
/build_files/buildbot/codesign/base_code_signer.py (+385, -0) (View)
/build_files/buildbot/codesign/config_builder.py (+57, -0) (View)
/build_files/buildbot/codesign/config_common.py (+33, -0) (View)
/build_files/buildbot/codesign/config_server_template.py (+63, -0) (View)
/build_files/buildbot/codesign/linux_code_signer.py (+72, -0) (View)
/build_files/buildbot/codesign/simple_code_signer.py (+47, -0) (View)
/build_files/buildbot/codesign/util.py (+35, -0) (View)
/build_files/buildbot/codesign/windows_code_signer.py (+75, -0) (View)
/build_files/buildbot/codesign_server_linux.py (+37, -0) (View)
/build_files/buildbot/codesign_server_windows.bat (+11, -0) (View)
/build_files/buildbot/codesign_server_windows.py (+44, -0) (View)
/build_files/buildbot/README.md (+70, -0) (View)
/build_files/buildbot/slave_codesign.cmake (+44, -0) (View)
/build_files/buildbot/slave_codesign.py (+74, -0) (View)

5 Modified Paths:

/.gitignore (+3, -0) (Diff)
/build_files/buildbot/slave_compile.py (+18, -2) (Diff)
/build_files/buildbot/slave_pack.py (+12, -1) (Diff)
/CMakeLists.txt (+4, -0) (Diff)
/source/creator/CMakeLists.txt (+7, -0) (Diff)
By: Miika HämäläinenLast update: Nov-07-2014 14:18MiikaHweb | 2003-2021