feat: add sign method

PeculiarVentures · May 24, 2024 · 16ac8b3 · 16ac8b3
1 parent ab6da83
commit 16ac8b3
Show file tree

Hide file tree

Showing 5 changed files with 54 additions and 5 deletions.
diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml
@@ -7,9 +7,14 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v4
+      - name: Create test file
+        run: echo "Hello, world!" > test.txt
       - name: Run the action
         uses: ./
         with:
           organization: ${{ secrets.ORGANIZATION }}
           token: ${{ secrets.TOKEN }}
+          file: "test.txt"
+      - name: Check the output
+        run: cat test.txt
 
diff --git a/action.yml b/action.yml
@@ -10,6 +10,9 @@ inputs:
   token:
     description: "The GoodKey API token."
     required: true
+  file:
+    description: "The file to sign."
+    required: true
 
 runs:
   using: "node20"

diff --git a/dist/index.js b/dist/index.js
diff --git a/src/index.ts b/src/index.ts
@@ -1,16 +1,16 @@
 import * as core from '@actions/core';
 import path from 'node:path';
-import { SYSTEM_ROOT, installGoodKey, registerUser } from './utils';
+import { SYSTEM_ROOT, installGoodKey, registerUser, sign } from './utils';
 
 const TOKEN = 'token';
 const ORGANIZATION = 'organization';
 
 async function run() {
   core.setSecret(core.getInput(TOKEN));
   try {
-    // to System32
     await installGoodKey(__dirname, path.join(SYSTEM_ROOT, 'System32'));
     await registerUser(core.getInput(TOKEN), core.getInput(ORGANIZATION));
+    await sign(core.getInput('file'));
   }
   catch (error) {
     if (error instanceof Error) {

diff --git a/src/utils.ts b/src/utils.ts
@@ -51,8 +51,9 @@ export async function installGoodKey(distDir: string, systemDir: string) {
     }
 
     // Get User status using `gkutils auth status` and log it
-    const { stdout } = await execAsync(`${path.join(systemDir, utilFile)} auth status`);
-    console.log(stdout);
+    // const { stdout } = await execAsync(`${path.join(systemDir, utilFile)} auth status`);
+    // console.log(stdout);
+    // Error: Installation of GoodKey failed: rpc error: code = Unknown desc = Client for GoodKey Server is not initialized. Run 'gkutils auth register' to authenticate.
   } catch (error) {
     if (error instanceof Error) {
       const message = 'stdout' in error && error.stdout ? error.stdout.toString() : error.message;
@@ -73,4 +74,44 @@ export async function registerUser(token: string, organizationId: string) {
     }
     throw error;
   }
+}
+
+export async function sign(file: string) {
+  try {
+    const signtool = await getSignToolPath();
+    // signtool.exe sign /v /fd sha256 /a "file"
+    const { stdout } = await execAsync(`${signtool} sign /v /fd sha256 /a "${file}"`);
+    console.log(stdout); 
+  } catch (error) {
+    if (error instanceof Error) {
+      const message = 'stdout' in error && error.stdout ? error.stdout.toString() : error.message;
+      throw new Error(`Signing of file failed: ${message}`);
+    }
+    throw error;
+  }
+}
+
+export async function getSignToolPath(): Promise<string> {
+  const rootDir = 'C:\\Program Files (x86)\\Windows Kits';
+  const signtoolName = 'signtool.exe';
+
+  const directories = [rootDir];
+
+  while (directories.length > 0) {
+    const directory = directories.pop() as string;
+    const files = await fs.readdir(directory);
+
+    for (const file of files) {
+      const absolutePath = path.join(directory, file);
+
+      const stat = await fs.stat(absolutePath);
+      if (file === signtoolName && stat.isFile()) {
+        return absolutePath;
+      } else if (stat.isDirectory()) {
+        directories.push(absolutePath);
+      }
+    }
+  }
+
+  throw new Error('signtool.exe not found');
 }