75 lines
3.2 KiB
Bash
Executable File
75 lines
3.2 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# tauri.conf.json — updater artifacts / pubkey (키 있을 때만 활성화)
|
|
set -euo pipefail
|
|
|
|
ROOT="$(cd "$(dirname "$0")/.." && pwd)"
|
|
CONF="$ROOT/desktop/src-tauri/tauri.conf.json"
|
|
KEY_PATH="${TAURI_SIGNER_KEY:-$HOME/.tauri/goldenchart.key}"
|
|
PUB_PATH="${TAURI_SIGNER_PUB:-$ROOT/desktop/updater.pub}"
|
|
|
|
# 공개키는 private key 없이도 앱에 포함해야 자동 업데이트 검증 가능
|
|
if [[ -f "$PUB_PATH" && -x "$ROOT/scripts/patch-tauri-updater-pubkey.sh" ]]; then
|
|
"$ROOT/scripts/patch-tauri-updater-pubkey.sh"
|
|
fi
|
|
|
|
enable="false"
|
|
if [[ -f "$KEY_PATH" && -f "$PUB_PATH" ]]; then
|
|
enable="true"
|
|
fi
|
|
|
|
node -e "
|
|
const fs = require('fs');
|
|
const confPath = process.argv[1];
|
|
const enable = process.argv[2] === 'true';
|
|
const conf = JSON.parse(fs.readFileSync(confPath, 'utf8'));
|
|
conf.bundle = conf.bundle || {};
|
|
conf.bundle.createUpdaterArtifacts = enable;
|
|
conf.plugins = conf.plugins || {};
|
|
conf.plugins.updater = conf.plugins.updater || {};
|
|
conf.plugins.updater.endpoints = (conf.plugins.updater.endpoints || [])
|
|
.map((u) => String(u)
|
|
.replace(/^http:\\/\\/exdev\\.co\\.kr\\//, 'https://stock.exdev.co.kr/')
|
|
.replace(/^https:\\/\\/exdev\\.co\\.kr\\//, 'https://stock.exdev.co.kr/'));
|
|
if (!conf.plugins.updater.endpoints.length) {
|
|
conf.plugins.updater.endpoints = ['https://stock.exdev.co.kr/desktop/updates/latest.json'];
|
|
}
|
|
if (!conf.plugins.updater.pubkey) {
|
|
conf.plugins.updater.pubkey = 'REPLACE_WITH_TAURI_SIGNER_PUBKEY';
|
|
}
|
|
fs.writeFileSync(confPath, JSON.stringify(conf, null, 2) + '\n');
|
|
console.log('[prepare-tauri-build] createUpdaterArtifacts=' + enable);
|
|
" "$CONF" "$enable"
|
|
|
|
if [[ "$enable" == "true" ]]; then
|
|
export TAURI_SIGNING_PRIVATE_KEY="$(tr -d '\n\r' < "$KEY_PATH")"
|
|
export TAURI_SIGNING_PRIVATE_KEY_PASSWORD="${TAURI_SIGNING_PRIVATE_KEY_PASSWORD-}"
|
|
echo "[prepare-tauri-build] updater signing enabled"
|
|
else
|
|
unset TAURI_SIGNING_PRIVATE_KEY 2>/dev/null || true
|
|
echo "[prepare-tauri-build] updater signing skipped (no private key at $KEY_PATH)"
|
|
fi
|
|
|
|
# 빌드된 앱이 자동 업데이트 가능한지 pubkey 확인
|
|
PUBKEY_CHECK="$(node -e "
|
|
const c=require(process.argv[1]);
|
|
const k=c.plugins?.updater?.pubkey||'';
|
|
process.exit(k && k!=='REPLACE_WITH_TAURI_SIGNER_PUBKEY' ? 0 : 1);
|
|
" "$CONF" 2>/dev/null && echo ok || echo fail)"
|
|
if [[ "$PUBKEY_CHECK" != "ok" ]]; then
|
|
echo "[prepare-tauri-build] ERROR: updater pubkey 미설정 — desktop/updater.pub 확인 후 patch-tauri-updater-pubkey.sh 실행" >&2
|
|
echo " 이 상태로 빌드하면 앱 내 자동 업데이트가 동작하지 않습니다." >&2
|
|
exit 1
|
|
fi
|
|
|
|
# macOS: ad-hoc codesign by default (Apple Silicon requires signing).
|
|
# Override with Developer ID for production: export APPLE_SIGNING_IDENTITY="Developer ID Application: ..."
|
|
# Notarization (optional): APPLE_ID, APPLE_PASSWORD, APPLE_TEAM_ID or APPLE_API_KEY*
|
|
if [[ "$(uname -s)" == "Darwin" ]]; then
|
|
: "${APPLE_SIGNING_IDENTITY:=-}"
|
|
export APPLE_SIGNING_IDENTITY
|
|
echo "[prepare-tauri-build] APPLE_SIGNING_IDENTITY=${APPLE_SIGNING_IDENTITY}"
|
|
if [[ -n "${APPLE_ID:-}" && -n "${APPLE_TEAM_ID:-}" ]]; then
|
|
echo "[prepare-tauri-build] Apple notarization env detected — tauri will notarize if credentials are valid"
|
|
fi
|
|
fi
|