electron-builder icon indicating copy to clipboard operation
electron-builder copied to clipboard

Published 20 hours ago verified publisher icon electron-userland

`afterAllArtifactBuild` Hook runs after file uploads / prevents them?

Open hrueger opened this issue 2 years ago • 3 comments

  • Electron-Builder Version: 23.3.3
  • Node Version: 16.13.0
  • Electron Version: 17.1.2
  • Electron Type (current, beta, nightly): current
  • Target: mac universal

I'm building a MacOS Universal app for the pkg target. As electron-notarize can not currently notarize .pkg files, I'm doing that myself in the afterAllArtifactBuild hook.

The notarization itself is working fine, however, the upload process starts before my script even runs. As the notarization script staples a ticket to the .pkg file, I want to upload the modified file.

The second problem is, that it just does not upload the latest-mac.yml, beta-mac.yml and alpha-mac.yml files at all.

Any idea?

hrueger avatar Sep 19 '22 10:09 hrueger

probably linked to #4446, however, as I'm not using the .yml files in my script, this should not result in them not being uploaded.

hrueger avatar Sep 19 '22 10:09 hrueger

I digged a little bit into the code and it seems like the uploading is done automatically here https://github.com/electron-userland/electron-builder/blob/d71a5790a94cd56b6e033b656b4892ec31f14b9d/packages/app-builder-lib/src/publish/PublishManager.ts#L123-L134 whenever an artifact is created.

However, that does not explain why the .yml files are not being uploaded at all.

I think the best idea would be to add another hook like in #6766 (maybe called beforePublish) which runs after all artifacts have been packaged but blocks all uploads.

Edit: I'm happy to create a PR if someone points me in the right direction where that hook would have to go.

hrueger avatar Sep 20 '22 07:09 hrueger

After some more debugging, I found why the .yml files are not being uploaded: They are not even generated!

Because of the problems described above, I (hopefully temporarily) switched to a manual S3 notarization and upload script. That means I got rid of the afterAllArtifactBuild hook. If I build on MacOS for the universal arch and the pkg target, no .yml files are generated...

hrueger avatar Sep 22 '22 06:09 hrueger

latest.yml files are only created when there's a publish setting and under a few circumstances, such as --publish always being passed via command line. There should also be a setting within the config for this as well.

mmaietta avatar Oct 07 '22 15:10 mmaietta

It's strange, though, because on Windows and Linux (using matrix builds in GitHub Actions) everything worked fine. Just the hook causes problems...

hrueger avatar Oct 07 '22 16:10 hrueger

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days.

github-actions[bot] avatar Jun 19 '23 02:06 github-actions[bot]

Hi! I think I found a work around, so posting here for posterity :smile: Seems using artifactBuildCompleted event instead of afterAllArtifactBuild does wait the notarization before publishing!

require("dotenv").config();
const { spawn } = require("node:child_process");
const os = require("os");

exports.default = async function notarizing(context) {
  if (os.platform() !== "darwin") {
    console.log("Not notarizing app because not running on MacOS.");
    return;
  }

  const filename = context.file.endsWith(".dmg") ? context.file : false;
  if (!filename) {
    console.log(`Skipping ${context.file}`);
    return;
  }
  console.log("Notarizing app...");
  console.log(`Found artifact: ${filename}`);
  let auth = '--keychain-profile "AC_PASSWORD"';
  if (process.env.APPLE_ID && process.env.APPLE_ID_PASS && process.env.TEAM_ID) {
    auth = `--apple-id ${process.env.APPLE_ID} --password "${process.env.APPLE_ID_PASS}" --team-id ${process.env.TEAM_ID}`;
  }
  const content = await exec(`xcrun notarytool submit ${filename} ${auth} --wait`);
  const uuid = content.match(/[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/g)[0];
  await exec(`xcrun notarytool log ${uuid} ${auth}`);
  await exec(`xcrun stapler staple ${filename}`);

  console.log("App notarized successfully.");
};

function exec(cmd) {
  return new Promise((resolve, reject) => {
    console.log(cmd);
    const proc = spawn(cmd, [], { shell: true });

    const chunks = [];
    proc.stdout.on("data", (data) => {
      console.log(data.toString());
      chunks.push(data);
    });
    proc.stderr.on("data", (data) => {
      console.error(data.toString());
      chunks.push(data);
    });
    proc.on("close", (code) => {
      console.log(`Process exited with code ${code}.`);
      resolve(Buffer.concat(chunks).toString("utf8"));
    });
  });
}

Its the same script @hrueger posted here but it skips all files that are not the required for notarization. I didn't test it with a .pkg, but I guess its worth trying 🤔

le4onardo avatar Jun 22 '23 18:06 le4onardo

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days.

github-actions[bot] avatar Aug 24 '23 00:08 github-actions[bot]

This issue was closed because it has been stalled for 30 days with no activity.

github-actions[bot] avatar Dec 21 '23 00:12 github-actions[bot]