camunda-modeler icon indicating copy to clipboard operation
camunda-modeler copied to clipboard

Published 20 hours ago verified publisher icon camunda

Windows build fails to sign the application

Open marstamm opened this issue 10 months ago • 7 comments

What should we do?

Update our Certificates we use to sign the application during the build process. The windows certs expired on Apr 11.

cf. https://github.com/camunda/camunda-modeler/actions/runs/8681071392

  • [ ] Migrate https://github.com/camunda/camunda-modeler/blob/develop/.github/workflows/BUILD_ON_DEMAND.yml
  • [ ] Migrate https://github.com/camunda/camunda-modeler/blob/develop/.github/workflows/RELEASE.yml
  • [ ] Migrate https://github.com/camunda/camunda-modeler/blob/develop/.github/workflows/NIGHTLY.yml

Why should we do it?

To ensure we can release the camunda modeler on windows

marstamm avatar Apr 15 '24 06:04 marstamm

As part of this change we want to migrate the certificate handling over to vault (cf. https://github.com/bpmn-io/internal-docs/issues/802).

nikku avatar Apr 15 '24 08:04 nikku

Reached out to internally (IT) for further investigation.

nikku avatar Apr 15 '24 09:04 nikku

Shared updated certificate with @marstamm; you should now be unblocked to work on this issue.

nikku avatar Apr 22 '24 12:04 nikku

Cross-posting my assessment (yesterday) here:

Status update (quick check with Tim):

There is new restrictions to work with code signing certificates, effectively enabled with June 1, 2023 Code signing can only happen via dedicated signing APIs (similar to MacOS notarization) > and/or via hardware tokens

  • We ordered a hardware token which is not usable for our cases (CI/CD-based code signing)
  • We need to investigate (ref) how to do signing on our CI using the newly enforced restrictions

Let's look into the linked material as well as the electron builder docs to figure out what we need to change. At the moment I see the next release slightly at risk, but then again it is just a minor we can skip or postpone (for Windows).

nikku avatar Apr 24 '24 07:04 nikku

Summary update from internal Slack:

  • The main problem we are facing is the increased security standards for storing the private keys. We will move to a cloud based certificate provider (DigiCert) and kicked of the purchasing process
  • Until then and as fallback, signing is a manual step using the hardware token on a local machine

marstamm avatar Apr 29 '24 07:04 marstamm

[Update] We disabled Code signing on Windows for now. @philippfromme has the physical token for backup signing. DigiCert purchase is still in progress

marstamm avatar May 06 '24 10:05 marstamm