Add config.sh for default registry and code signing

It is gitignore'd so users can put their private details there (path to keystore and most importantly password) without having to version them in git.
2025-12-31 05:48:35 +03:00 · 2019-11-12 15:03:25 +01:00
parent e583fcba03
commit 5ee9f371bd
4 changed files with 50 additions and 3 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,5 @@
-# Private signing key
+# User-specific configuration and signing key
+config.sh
 *.pkcs12

 # Generated by build scripts
--- a/build-release.sh
+++ b/build-release.sh
@@ -9,8 +9,21 @@ if [ -z $1 ]; then
  exit 1
 fi

+# For signing keystore and password.
+source ./config.sh
+
+can_sign=0
+if [ ! -z "${SIGN_KEYSTORE}" ] && [ ! -z "${SIGN_PASSWORD}" ]; then
+  can_sign=1
+else
+  echo "Disabling binary signing as config.sh does not define the required data."
+fi
+
 function sign {
-  ./osslsigncode -pkcs12 REDACTED.pkcs12 -pass "REDACTED" -n "Godot Game Engine" -i "https://godotengine.org" -t http://timestamp.comodoca.com -in $1 -out $1-signed
+  if [ $can_sign == 0 ]; then
+    return
+  fi
+  ./osslsigncode -pkcs12 ${SIGN_KEYSTORE} -pass "${SIGN_PASSWORD}" -n "${SIGN_NAME}" -i "${SIGN_URL}" -t http://timestamp.comodoca.com -in $1 -out $1-signed
  mv $1-signed $1
 }

--- a/build.sh
+++ b/build.sh
@@ -4,7 +4,14 @@ set -e

 OPTIND=1

-registry="registry.prehensile-tales.com"
+# For default registry.
+if [ ! -e config.sh ]; then
+  echo "No config.sh, copying default values from config.sh.in."
+  cp config.sh.in config.sh
+fi
+source ./config.sh
+
+registry="${REGISTRY}"
 username=""
 password=""
 godot_version=""
--- a/config.sh.in
+++ b/config.sh.in
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+# Configuration file for user-specific details.
+# This file is gitignore'd and will be sourced by build scripts.
+
+# Registry for build containers.
+# The default registry is the one used for official Godot builds.
+# Note that some of its images are private and only accessible to selected
+# contributors.
+# You can build your own registry with scripts at
+# https://github.com/godotengine/build-containers
+export REGISTRY="registry.prehensile-tales.com"
+
+# Set up your own signing keystore and relevant details below.
+# If you do not fill all SIGN_* fields, signing will be skipped.
+
+# Path to pkcs12 archive.
+export SIGN_KEYSTORE=""
+
+# Password for the private key.
+export SIGN_PASSWORD=""
+
+# Name and URL of the signed application.
+# Use your own when making a thirdparty build.
+export SIGN_NAME=""
+export SIGN_URL=""