From 184eedd0a05e1e45de5448d00f8da19a81717d51 Mon Sep 17 00:00:00 2001 From: Brian Faust Date: Mon, 21 Jul 2025 10:58:22 +0300 Subject: [PATCH 1/2] feat: add Azure code signing configuration MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add support for Azure code signing in Electron builder configuration. Includes environment variables for publisher name, endpoint, certificate profile name, and code signing account name. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- resources/js/electron-builder.js | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/resources/js/electron-builder.js b/resources/js/electron-builder.js index 8a8a9a2f..71390562 100644 --- a/resources/js/electron-builder.js +++ b/resources/js/electron-builder.js @@ -1,5 +1,5 @@ -import { join } from 'path'; import { exec } from 'child_process'; +import { join } from 'path'; const appUrl = process.env.APP_URL; const appId = process.env.NATIVEPHP_APP_ID; @@ -11,6 +11,12 @@ const appVersion = process.env.NATIVEPHP_APP_VERSION; const appCopyright = process.env.NATIVEPHP_APP_COPYRIGHT; const deepLinkProtocol = process.env.NATIVEPHP_DEEPLINK_SCHEME; +// Azure signing configuration +const azurePublisherName = process.env.NATIVEPHP_AZURE_PUBLISHER_NAME; +const azureEndpoint = process.env.NATIVEPHP_AZURE_ENDPOINT; +const azureCertificateProfileName = process.env.NATIVEPHP_AZURE_CERTIFICATE_PROFILE_NAME; +const azureCodeSigningAccountName = process.env.NATIVEPHP_AZURE_CODE_SIGNING_ACCOUNT_NAME; + // Since we do not copy the php executable here, we only need these for building const isWindows = process.argv.includes('--win'); const isLinux = process.argv.includes('--linux'); @@ -78,6 +84,14 @@ export default { afterSign: 'build/notarize.js', win: { executableName: fileName, + ...(azurePublisherName && azureEndpoint && azureCertificateProfileName && azureCodeSigningAccountName ? { + azureSignOptions: { + publisherName: azurePublisherName, + endpoint: azureEndpoint, + certificateProfileName: azureCertificateProfileName, + codeSigningAccountName: azureCodeSigningAccountName + } + } : {}), }, nsis: { artifactName: appName + '-${version}-setup.${ext}', From fdd2f7c87fa379b5cf4665dccbc6d363afabb4ba Mon Sep 17 00:00:00 2001 From: Brian Faust Date: Mon, 21 Jul 2025 11:08:04 +0300 Subject: [PATCH 2/2] feat: add Azure Trusted Signing environment variables MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add support for Azure Trusted Signing by including necessary environment variables in the build process. This enables code signing for Windows applications using Azure's Trusted Signing service. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- src/Commands/BuildCommand.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/Commands/BuildCommand.php b/src/Commands/BuildCommand.php index 50649647..e5db8d23 100644 --- a/src/Commands/BuildCommand.php +++ b/src/Commands/BuildCommand.php @@ -154,6 +154,14 @@ protected function getEnvironmentVariables(): array 'NATIVEPHP_APPLE_ID' => config('nativephp-internal.notarization.apple_id'), 'NATIVEPHP_APPLE_ID_PASS' => config('nativephp-internal.notarization.apple_id_pass'), 'NATIVEPHP_APPLE_TEAM_ID' => config('nativephp-internal.notarization.apple_team_id'), + // Azure Trusted Signing + 'AZURE_TENANT_ID' => config('nativephp-internal.azure_trusted_signing.tenant_id'), + 'AZURE_CLIENT_ID' => config('nativephp-internal.azure_trusted_signing.client_id'), + 'AZURE_CLIENT_SECRET' => config('nativephp-internal.azure_trusted_signing.client_secret'), + 'NATIVEPHP_AZURE_PUBLISHER_NAME' => config('nativephp-internal.azure_trusted_signing.publisher_name'), + 'NATIVEPHP_AZURE_ENDPOINT' => config('nativephp-internal.azure_trusted_signing.endpoint'), + 'NATIVEPHP_AZURE_CERTIFICATE_PROFILE_NAME' => config('nativephp-internal.azure_trusted_signing.certificate_profile_name'), + 'NATIVEPHP_AZURE_CODE_SIGNING_ACCOUNT_NAME' => config('nativephp-internal.azure_trusted_signing.code_signing_account_name'), ], Updater::environmentVariables(), );