Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extract-DriverSubmission.ps1 extracts i386 signed files in root of dist directory rather then create i386 folder inside dist #132

Open
shkpk opened this issue Oct 1, 2020 · 2 comments
Open

Extract-DriverSubmission.ps1 extracts i386 signed files in root of dist directory rather then create i386 folder inside dist #132

shkpk opened this issue Oct 1, 2020 · 2 comments

Comments

@shkpk
Copy link
Contributor

shkpk commented Oct 1, 2020

Following Release process and signing, at the step before extracting signed files, instructions are to rename dist directory

$ Move-Item dist dist.win7

and then run powershell script to extract signed files from Microsoft

$ Get-ChildItem -Path tempdir -Filter "*.zip"|sign\Extract-DriverSubmission.ps1

At this point, since dist folder is renamed with dist.win7, and there is no dist folder, Extract-DriverSubmission.ps1 script extracts first .zip file and renamed it with dist and then copy remaining signed artifact to dist directory.

I my case, i386 was copied and renamed to dist and remaining amd64|arm64 are copied inside dist, hence all 4 files of i386 architectures were in root of dist folder rather then inside i386 subdirectory.

Therefore running packaging with NSIS was failing.
@shkpk shkpk mentioned this issue Oct 1, 2020
Closed
@mattock
Copy link
Member

mattock commented Oct 1, 2020

Unless you typoed NSIS (meant MSI) you're following the wrong instructions. The renaming of dist folders is related to the MSM builds.

@shkpk
Copy link
Contributor Author

shkpk commented Oct 6, 2020

Well in this case, instructions on readme needs to be updated. They ask to rename folder and then run buildtap.py with -p argument, which is for NSIS build, not MSM.

Next produce a driver submission cabinet files for attestation signing:

$ sign\Create-DriverSubmission.ps1
$ Get-ChildItem -Path disk1|sign\Sign-File.ps1
Three architecture-specific (i386, amd64, arm64) cabinet files are created. Submit these to Windows Dev Center for attestation signing. Note that unsigned cabinet files will be automatically rejected.

When submitting the drivers to Microsoft take care to only request signatures applicable for each architecture.

At this point move the cross-signed "dist" directory away:

$ Move-Item dist dist.win7
Download the attestation-signed drivers as zip files put them into a temporary directory (e.g. tap-windows6tempdir). Then run Extract-DriverSubmission.ps1:

$ Get-ChildItem -Path tempdir -Filter "*.zip"|sign\Extract-DriverSubmission.ps1
This extracts the drivers into the "dist" directory. Move that directory to dist.win10:

$ Move-Item dist dist.win10
After this you can start creating the installers and/or MSM packages.

If you're creating NSIS packages do:

$ Move-Item dist.win7 dist
$ python.exe buildtap.py -p --ti=devcon
$ Move-Item dist dist.win7
Followed by:

$ Move-Item dist.win10 dist
$ python.exe buildtap.py -p --ti=devcon
$ Move-Item dist dist.win10
Finally sign both installers:

$ Get-Item tap-windows*.exe|sign\Sign-File.ps1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mattock @shkpk