Yehowshua/ZIm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ZIm/script/lib/blob-store.ps1
张小白 df57754baf
windows: Publish nightly (#24800) 
The installer, uninstaller, and the Zed binary files are all signed
using Microsoft’s newly launched Trusted Signing service. For
demonstration purposes, I have used my own account for the signing
process.

For more information about Trusted Signing, you can refer to the
following links:
- [Microsoft Security Blog: Trusted Signing is in Public
Preview](https://techcommunity.microsoft.com/blog/microsoft-security-blog/trusted-signing-is-in-public-preview/4103457)
- [Overview of Azure Trusted
Signing](https://learn.microsoft.com/en-us/azure/trusted-signing/overview)

**TODO:**

- [x] `InnoSetup` script to setup an installer
- [x] Signing process
- [x] `Open with Zed` in right click context menu (by using sparse
package)
- [x] Integrate with `cli`
  - [x] Implement `cli` (#25412)
  - [x] Pack `cli.exe` into installer
- [x] Implement auto updating (#25734)
  - [x] Pack autoupdater helper into installer
- [x] Implement dock menus
  - [x] Add `Recent Documents` entries (#26369)
  - [x] Make `zed.exe` aware of sigle instance (#25412)
  - [x] Properly handle dock menu events (#26010)
- [x] Handle `zed://***` uri

**Materials needed:**

- [ ] Icons
  - [ ] App icon for all channels (#9571)
- [ ] Associated file icons, at minimum a default icon
([example](https://github.com/microsoft/vscode/tree/main/resources/win32))
  - [ ] Logos for installer wizard
  - [ ] Icons for appx
- [x] Code signing
- [x] Secrets: AZURE_TENANT_ID, AZURE_CLIENT_ID, AZURE_CLIENT_SECRET,
ACCOUNT_NAME, CERT_PROFILE_NAME
- [x] Other constants: ENDPOINT, Identity Signature (i.e. `CN=Junkui
Zhang, O=Junkui Zhang, L=Wuhan, S=Hubei, C=CN`)





![屏幕截图 2025-02-13
205132](https://github.com/user-attachments/assets/925ec5b2-c8f4-4f0e-8666-26e30278eb3d)



https://github.com/user-attachments/assets/4f1092b4-90fc-4a47-a868-8f2f1a5d8ad8



Release Notes:

- N/A

---------

Co-authored-by: Kate <kate@zed.dev>
Co-authored-by: localcc <work@localcc.cc>
Co-authored-by: Peter Tripp <peter@zed.dev>
Co-authored-by: Max Brunsfeld <maxbrunsfeld@gmail.com>
2025-07-09 08:57:03 +08:00

68 lines
2.3 KiB
PowerShell
Raw Permalink Blame History

function UploadToBlobStoreWithACL {
param (
[string]$BucketName,
[string]$FileToUpload,
[string]$BlobStoreKey,
[string]$ACL
)
# Format date to match AWS requirements
$Date = (Get-Date).ToUniversalTime().ToString("r")
# Note: Original script had a bug where it overrode the ACL parameter
# I'm keeping the same behavior for compatibility
$ACL = "public-read"
$ContentType = "application/octet-stream"
$StorageClass = "STANDARD"
# Create string to sign (AWS S3 compatible format)
$StringToSign = "PUT`n`n${ContentType}`n${Date}`nx-amz-acl:${ACL}`nx-amz-storage-class:${StorageClass}`n/${BucketName}/${BlobStoreKey}"
# Generate HMAC-SHA1 signature
$HMACSHA1 = New-Object System.Security.Cryptography.HMACSHA1
$HMACSHA1.Key = [System.Text.Encoding]::UTF8.GetBytes($env:DIGITALOCEAN_SPACES_SECRET_KEY)
$Signature = [System.Convert]::ToBase64String($HMACSHA1.ComputeHash([System.Text.Encoding]::UTF8.GetBytes($StringToSign)))
# Upload file using Invoke-WebRequest (equivalent to curl)
$Headers = @{
"Host" = "${BucketName}.nyc3.digitaloceanspaces.com"
"Date" = $Date
"Content-Type" = $ContentType
"x-amz-storage-class" = $StorageClass
"x-amz-acl" = $ACL
"Authorization" = "AWS ${env:DIGITALOCEAN_SPACES_ACCESS_KEY}:$Signature"
}
$Uri = "https://${BucketName}.nyc3.digitaloceanspaces.com/${BlobStoreKey}"
# Read file content
$FileContent = Get-Content $FileToUpload -Raw -AsByteStream
try {
Invoke-WebRequest -Uri $Uri -Method PUT -Headers $Headers -Body $FileContent -ContentType $ContentType -Verbose
Write-Host "Successfully uploaded $FileToUpload to $Uri" -ForegroundColor Green
}
catch {
Write-Error "Failed to upload file: $_"
throw $_
}
}
function UploadToBlobStorePublic {
param (
[string]$BucketName,
[string]$FileToUpload,
[string]$BlobStoreKey
)
UploadToBlobStoreWithACL -BucketName $BucketName -FileToUpload $FileToUpload -BlobStoreKey $BlobStoreKey -ACL "public-read"
}
function UploadToBlobStore {
param (
[string]$BucketName,
[string]$FileToUpload,
[string]$BlobStoreKey
)
UploadToBlobStoreWithACL -BucketName $BucketName -FileToUpload $FileToUpload -BlobStoreKey $BlobStoreKey -ACL "private"
}
Reference in a new issue View git blame Copy permalink