tauri-cli 2.10.1

Command line interface for building Tauri apps
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102

// Copyright 2019-2024 Tauri Programme within The Commons Conservancy
// SPDX-License-Identifier: Apache-2.0
// SPDX-License-Identifier: MIT

use std::path::{Path, PathBuf};

use crate::{
  error::Context,
  helpers::updater_signature::{secret_key, sign_file},
  Result,
};
use base64::Engine;
use clap::Parser;
use tauri_utils::display_path;

#[derive(Debug, Parser)]
#[clap(about = "Sign a file")]
pub struct Options {
  /// Load the private key from a string
  #[clap(
    short = 'k',
    long,
    conflicts_with("private_key_path"),
    env = "TAURI_SIGNING_PRIVATE_KEY"
  )]
  private_key: Option<String>,
  /// Load the private key from a file
  #[clap(
    short = 'f',
    long,
    conflicts_with("private_key"),
    env = "TAURI_SIGNING_PRIVATE_KEY_PATH"
  )]
  private_key_path: Option<PathBuf>,
  /// Set private key password when signing
  #[clap(short, long, env = "TAURI_SIGNING_PRIVATE_KEY_PASSWORD")]
  password: Option<String>,
  /// Sign the specified file
  file: PathBuf,
}

// Backwards compatibility with old env vars
// TODO: remove in v3.0
fn backward_env_vars(mut options: Options) -> Options {
  let get_env = |old, new| {
    if let Ok(old_value) = std::env::var(old) {
      println!(
      "\x1b[33mWarning: The environment variable '{old}' is deprecated. Please use '{new}' instead.\x1b[0m",
    );
      Some(old_value)
    } else {
      None
    }
  };

  options.private_key = options
    .private_key
    .or_else(|| get_env("TAURI_PRIVATE_KEY", "TAURI_SIGNING_PRIVATE_KEY"));

  options.private_key_path = options.private_key_path.or_else(|| {
    get_env("TAURI_PRIVATE_KEY_PATH", "TAURI_SIGNING_PRIVATE_KEY_PATH").map(PathBuf::from)
  });

  options.password = options.password.or_else(|| {
    get_env(
      "TAURI_PRIVATE_KEY_PASSWORD",
      "TAURI_SIGNING_PRIVATE_KEY_PASSWORD",
    )
  });
  options
}

pub fn command(mut options: Options) -> Result<()> {
  options = backward_env_vars(options);

  options.private_key = if let Some(private_key) = options.private_key_path {
    Some(std::fs::read_to_string(Path::new(&private_key)).expect("Unable to extract private key"))
  } else {
    options.private_key
  };
  let private_key = if let Some(pk) = options.private_key {
    pk
  } else {
    crate::error::bail!("Key generation aborted: Unable to find the private key");
  };

  if options.password.is_none() {
    println!("Signing without password.");
  }

  let (manifest_dir, signature) =
    sign_file(&secret_key(private_key, options.password)?, options.file)
      .with_context(|| "failed to sign file")?;

  println!(
           "\nYour file was signed successfully, You can find the signature here:\n{}\n\nPublic signature:\n{}\n\nMake sure to include this into the signature field of your update server.",
           display_path(manifest_dir),
           base64::engine::general_purpose::STANDARD.encode(signature.to_string())
         );

  Ok(())
}