diff --git a/apple-bundle/Cargo.toml b/apple-bundle/Cargo.toml index 3d07250d9..7c741c905 100644 --- a/apple-bundle/Cargo.toml +++ b/apple-bundle/Cargo.toml @@ -10,11 +10,11 @@ homepage = "https://github.com/indygreg/PyOxidizer" repository = "https://github.com/indygreg/PyOxidizer.git" readme = "README.md" -[dependencies] +[target.'cfg(target_vender="apple")'.dependencies] anyhow = "1.0" plist = "1.2" walkdir = "2.3" -[dependencies.tugger-file-manifest] +[target.'cfg(target_vender="apple")'.dependencies.tugger-file-manifest] version = "0.5.0-pre" path = "../tugger-file-manifest" diff --git a/pyoxidizer/Cargo.toml b/pyoxidizer/Cargo.toml index d5df39dda..b84d4b99c 100644 --- a/pyoxidizer/Cargo.toml +++ b/pyoxidizer/Cargo.toml @@ -73,7 +73,7 @@ path = "../python-packed-resources" version = "0.5.0-pre" path = "../starlark-dialect-build-targets" -[dependencies.tugger-apple] +[target.'cfg(target_vendor="apple")'.dependencies.tugger-apple] version = "0.4.0-pre" path = "../tugger-apple" @@ -101,7 +101,7 @@ path = "../tugger-licensing" version = "0.4.0-pre" path = "../tugger-rust-toolchain" -[dependencies.tugger-windows] +[target.'cfg(target_os="windows")'.dependencies.tugger-windows] version = "0.6.0-pre" path = "../tugger-windows" diff --git a/pyoxidizer/src/environment.rs b/pyoxidizer/src/environment.rs index 72f45192e..f5a03e059 100644 --- a/pyoxidizer/src/environment.rs +++ b/pyoxidizer/src/environment.rs @@ -16,10 +16,13 @@ use { path::{Path, PathBuf}, sync::{Arc, RwLock}, }, - tugger_apple::{find_command_line_tools_sdks, find_default_developer_sdks, AppleSdk}, tugger_rust_toolchain::install_rust_toolchain, }; +#[cfg(target_os = "macos")] +use tugger_apple::{find_command_line_tools_sdks, find_default_developer_sdks, AppleSdk}; + + /// Version string of PyOxidizer's crate from its Cargo.toml. const PYOXIDIZER_CRATE_VERSION: &str = env!("CARGO_PKG_VERSION"); @@ -426,6 +429,7 @@ impl Environment { } /// Attempt to resolve an appropriate Apple SDK to use given settings. + #[cfg(target_os = "macos")] pub fn resolve_apple_sdk( &self, logger: &slog::Logger, @@ -486,6 +490,7 @@ pub struct RustEnvironment { /// Given an Apple `platform`, locate an Apple SDK that is of least /// `minimum_version` and supports targeting `deployment_target`, which is likely /// an OS version string. +#[cfg(target_os = "macos")] pub fn resolve_apple_sdk( logger: &slog::Logger, platform: &str, diff --git a/pyoxidizer/src/project_building.rs b/pyoxidizer/src/project_building.rs index 6143eaddf..ad69e2ede 100644 --- a/pyoxidizer/src/project_building.rs +++ b/pyoxidizer/src/project_building.rs @@ -161,6 +161,7 @@ impl BuildEnvironment { // Here, we validate that the local SDK being used is >= the version used // by the Python distribution. // TODO validate minimum Clang/linker version as well. + #[cfg(target_os = "macos")] if target_triple.contains("-apple-") { let sdk_info = apple_sdk_info.ok_or_else(|| { anyhow!("targeting Apple platform but Apple SDK info not available") diff --git a/pyoxidizer/src/py_packaging/libpython.rs b/pyoxidizer/src/py_packaging/libpython.rs index 9ddb844d0..c168b0eb3 100644 --- a/pyoxidizer/src/py_packaging/libpython.rs +++ b/pyoxidizer/src/py_packaging/libpython.rs @@ -120,6 +120,7 @@ pub fn link_libpython( // between it and what we want. For example, if we're building for aarch64 but the default // SDK is a 10.15 SDK that doesn't support ARM. We attempt to mitigate this by resolving // a compatible Apple SDK and pointing the compiler invocation at it via compiler flags. + #[cfg(target_os = "macos")] if target_triple.contains("-apple-") { let sdk_info = apple_sdk_info.ok_or_else(|| { anyhow!("Apple SDK info should be defined when targeting Apple platforms") diff --git a/text-stub-library/Cargo.toml b/text-stub-library/Cargo.toml index 43027eac9..e411c6678 100644 --- a/text-stub-library/Cargo.toml +++ b/text-stub-library/Cargo.toml @@ -20,6 +20,6 @@ rand = "0.8" rayon = "1.5" walkdir = "2.3" -[dev-dependencies.tugger-apple] +[target.'cfg(target_vender="apple")'.dev-dependencies.tugger-apple] version = "0.4.0-pre" path = "../tugger-apple" diff --git a/tugger-apple-codesign/Cargo.toml b/tugger-apple-codesign/Cargo.toml index b076cd3d2..8439810d5 100644 --- a/tugger-apple-codesign/Cargo.toml +++ b/tugger-apple-codesign/Cargo.toml @@ -14,7 +14,7 @@ readme = "README.md" name = "rcodesign" path = "src/main.rs" -[dependencies] +[target.'cfg(target_vender="apple")'.dependencies] anyhow = "1.0" base64 = "0.13" bcder = "0.6" @@ -37,7 +37,7 @@ slog-term = "2.8" thiserror = "1.0" yasna = "0.3" -[dependencies.apple-bundle] +[target.'cfg(target_vender="apple")'.dependencies.apple-bundle] path = "../apple-bundle" version = "0.5.0-pre" @@ -45,7 +45,7 @@ version = "0.5.0-pre" path = "../cryptographic-message-syntax" version = "0.4.0-pre" -[dependencies.tugger-apple] +[target.'cfg(target_vender="apple")'.dependencies.tugger-apple] path = "../tugger-apple" version = "0.4.0-pre" diff --git a/tugger-apple/Cargo.toml b/tugger-apple/Cargo.toml index a1cc687ec..ea12ddb1d 100644 --- a/tugger-apple/Cargo.toml +++ b/tugger-apple/Cargo.toml @@ -10,7 +10,7 @@ homepage = "https://github.com/indygreg/PyOxidizer" repository = "https://github.com/indygreg/PyOxidizer.git" readme = "README.md" -[dependencies] +[target.'cfg(target_vender="apple")'.dependencies] anyhow = "1.0" duct = "0.13" goblin = "0.4" diff --git a/tugger-code-signing/Cargo.toml b/tugger-code-signing/Cargo.toml index 92df9b690..b0607cc98 100644 --- a/tugger-code-signing/Cargo.toml +++ b/tugger-code-signing/Cargo.toml @@ -21,7 +21,7 @@ tempfile = "3.2" thiserror = "1.0" yasna = "0.3" -[dependencies.apple-bundle] +[target.'cfg(target_vender="apple")'.dependencies.apple-bundle] version = "0.5.0-pre" path = "../apple-bundle" @@ -29,7 +29,7 @@ path = "../apple-bundle" version = "0.4.0-pre" path = "../cryptographic-message-syntax" -[dependencies.tugger-apple-codesign] +[target.'cfg(target_vender="apple")'.dependencies.tugger-apple-codesign] version = "0.5.0-pre" path = "../tugger-apple-codesign" @@ -37,7 +37,7 @@ path = "../tugger-apple-codesign" version = "0.5.0-pre" path = "../tugger-file-manifest" -[dependencies.tugger-windows-codesign] +[target.'cfg(target_os="windows")'.dependencies.tugger-windows-codesign] version = "0.4.0-pre" path = "../tugger-windows-codesign" diff --git a/tugger-code-signing/src/lib.rs b/tugger-code-signing/src/lib.rs index 14188b839..d2f541882 100644 --- a/tugger-code-signing/src/lib.rs +++ b/tugger-code-signing/src/lib.rs @@ -74,7 +74,6 @@ use { sync::Arc, }, thiserror::Error, - tugger_apple_codesign::{AppleCodesignError, MachOSigner}, tugger_file_manifest::{File, FileData, FileEntry}, tugger_windows_codesign::{ CodeSigningCertificate, FileBasedCodeSigningCertificate, SystemStore, @@ -82,6 +81,8 @@ use { x509_certificate::{CapturedX509Certificate, InMemorySigningKeyPair, X509CertificateError}, yasna::ASN1Error, }; +#[cfg(target_vendor = "apple")] +use tugger_apple_codesign::{AppleCodesignError, MachOSigner}; /// URL of Apple's time-stamp protocol server. pub const APPLE_TIMESTAMP_URL: &str = "http://timestamp.apple.com/ts01"; @@ -125,16 +126,19 @@ pub enum SigningError { #[error("certificate not usable: {0}")] CertificateNotUsable(String), - + + #[cfg(target_os = "macos")] #[error("error resolving certificate chain: {0}")] MacOsCertificateChainResolveFailure(AppleCodesignError), #[error("path {0} is not signable")] PathNotSignable(PathBuf), + #[cfg(target_os = "macos")] #[error("error signing mach-o binary: {0}")] MachOSigningError(AppleCodesignError), + #[cfg(target_os = "macos")] #[error("error signing Apple bundle: {0}")] AppleBundleSigningError(AppleCodesignError), @@ -338,12 +342,15 @@ pub enum Signable { /// /// We have to obtain the Mach-O data as part of evaluating whether it is /// signable. So we keep a reference to it to avoid a re-read later. + #[cfg(target_os = "macos")] MachOFile(PathBuf, Vec), /// Signable Mach-O data. + #[cfg(target_os = "macos")] MachOData(Vec), /// An Apple bundle, persisted on the filesystem as a directory. + #[cfg(target_os = "macos")] AppleBundle(PathBuf), } @@ -369,6 +376,7 @@ impl Signable { SigningMethod::Memory, ] } + #[cfg(target_os = "macos")] Self::MachOFile(_, _) => { // tugger-apple-codesign does all of these easily. vec![ @@ -377,10 +385,12 @@ impl Signable { SigningMethod::Memory, ] } + #[cfg(target_os = "macos")] Self::MachOData(_) => { // tugger-apple-codesign does all of these easily. vec![SigningMethod::NewFile, SigningMethod::Memory] } + #[cfg(target_os = "macos")] Self::AppleBundle(_) => { // tugger-apple-codesign can sign in place or to a new directory. vec![SigningMethod::InPlaceDirectory, SigningMethod::NewDirectory] @@ -394,21 +404,37 @@ impl Signable { } /// Obtain the filesystem path of the signable entity, if it is backed by a file. + #[cfg(target_os = "windows")] pub fn source_file(&self) -> Option<&Path> { match self { Self::WindowsFile(p) => Some(p.as_path()), + Self::WindowsData(_) => None, + } + } + /// Obtain the filesystem path of the signable entity, if it is backed by a file. + #[cfg(target_os = "macos")] + pub fn source_file(&self) -> Option<&Path> { + match self { Self::MachOFile(p, _) => Some(p.as_path()), - Self::WindowsData(_) | Self::MachOData(_) | Self::AppleBundle(_) => None, + Self::MachOData(_) + | Self::AppleBundle(_) + => None, } } /// Obtain the filesystem path of the signable directory, if it is backed by a directory. + #[cfg(target_os = "windows")] pub fn source_directory(&self) -> Option<&Path> { match self { - Self::AppleBundle(p) => Some(p.as_path()), Self::WindowsFile(_) - | Self::WindowsData(_) - | Self::MachOFile(_, _) + | Self::WindowsData(_) => None, + } + } + #[cfg(target_os = "macos")] + pub fn source_directory(&self) -> Option<&Path> { + match self { + Self::AppleBundle(p) => Some(p.as_path()), + Self::MachOFile(_, _) | Self::MachOData(_) => None, } } @@ -496,6 +522,7 @@ pub enum Signability { Unsignable, /// The entity is a Mach-O binary that cannot be signed. + #[cfg(target_os = "macos")] UnsignableMachoError(AppleCodesignError), /// The entity is signable, but not from this platform. Details of the @@ -509,6 +536,7 @@ pub enum Signability { /// /// Returns `Err` if we could not fully test the path. This includes /// I/O failures. +#[cfg(target_os = "windows")] pub fn path_signable(path: impl AsRef) -> Result { let path = path.as_ref(); @@ -529,10 +557,18 @@ pub fn path_signable(path: impl AsRef) -> Result {} Err(e) => return Err(SigningError::SignableTestError(format!("{:?}", e))), - } + }} - let data = std::fs::read(path)?; + Ok(Signability::Unsignable) +} + +#[cfg(target_os = "macos")] +pub fn path_signable(path: impl AsRef) -> Result { + let path = path.as_ref(); + if path.is_file() { + let data = std::fs::read(path)?; + if goblin::mach::Mach::parse(&data).is_ok() { // Try to construct a signer to see if the binary is compatible. return Ok(match MachOSigner::new(&data) { @@ -564,7 +600,7 @@ pub fn data_signable(data: &[u8]) -> Result { )) }; } - + #[cfg(target_os = "macos")] if goblin::mach::Mach::parse(&data).is_ok() { // Try to construct a signer to see if the binary is compatible. return Ok(match MachOSigner::new(&data) { @@ -623,6 +659,7 @@ impl SigningCertificate { /// This is like [Self::from_pfx_data] except the certificate is referenced by path /// instead of persisted into memory. However, we do read the certificate data /// as part of constructing the instance to verify the certificate is well-formed. + #[cfg(target_os = "macos")] pub fn from_pfx_file(path: impl AsRef, password: &str) -> Result { let data = std::fs::read(path.as_ref())?; @@ -647,6 +684,7 @@ impl SigningCertificate { /// The contents of the file require a password to decrypt. However, if no /// password was provided to create the data, this password may be the /// empty string. + #[cfg(target_os = "macos")] pub fn from_pfx_data(data: &[u8], password: &str) -> Result { let (cert, key) = tugger_apple_codesign::parse_pfx_data(data, password) .map_err(|e| SigningError::PfxRead(format!("{:?}", e)))?; @@ -722,11 +760,13 @@ impl SigningCertificate { /// A callback for influencing the creation of [tugger_apple_codesign.SigngingSettings] /// instances for a given [Signable]. +#[cfg(target_os = "macos")] pub type AppleSigningSettingsFn = fn(&Signable, &mut tugger_apple_codesign::SigningSettings) -> Result<(), anyhow::Error>; /// A callback for influencing the creation of [tugger_windows_codesign::SigntoolSign] /// instances for a given [Signable]. +#[cfg(target_os = "windows")] pub type WindowsSignerFn = fn(&Signable, &mut tugger_windows_codesign::SigntoolSign) -> Result<(), anyhow::Error>; @@ -749,10 +789,12 @@ pub struct Signer { /// Optional function to influence creation of [tugger_apple_codesign::SigningSettings] /// used for signing Apple signables. + #[cfg(target_os = "macos")] apple_signing_settings_fn: Option>, /// Optional function to influence creation of [tugger_windows_codesign::SigntoolSign] /// used for signing Windows signables. + #[cfg(target_os = "windows")] windows_signer_fn: Option>, } @@ -769,7 +811,9 @@ impl Signer { signing_certificate, certificate_chain: vec![], time_stamp_url: None, + #[cfg(target_os = "macos")] apple_signing_settings_fn: None, + #[cfg(target_os = "windows")] windows_signer_fn: None, } } @@ -904,11 +948,13 @@ impl Signer { } /// Set a callback function to be called to influence settings for signing individual Apple signables. + #[cfg(target_os = "macos")] pub fn apple_settings_callback(&mut self, cb: AppleSigningSettingsFn) { self.apple_signing_settings_fn = Some(Arc::new(cb)); } /// Set a callback function to be called to influence settings for signing individual Windows signables. + #[cfg(target_os = "windows")] pub fn windows_settings_callback(&mut self, cb: WindowsSignerFn) { self.windows_signer_fn = Some(Arc::new(cb)); } @@ -983,10 +1029,12 @@ pub struct SignableSigner<'a> { /// Optional function to influence creation of [tugger_apple_codesign::SigningSettings] /// used for signing Apple signables. + #[cfg(target_os = "macos")] apple_signing_settings_fn: Option>, /// Optional function to influence creation of [tugger_windows_codesign::SigntoolSign] /// used for signing Windows signables. + #[cfg(target_os = "windows")] windows_signer_fn: Option>, } @@ -1001,7 +1049,9 @@ impl<'a> SignableSigner<'a> { signable, certificate_chain, time_stamp_url, + #[cfg(target_os = "macos")] apple_signing_settings_fn: signer.apple_signing_settings_fn.clone(), + #[cfg(target_os = "windows")] windows_signer_fn: signer.windows_signer_fn.clone(), } } @@ -1012,16 +1062,24 @@ impl<'a> SignableSigner<'a> { } /// Obtain a [SigningDestination] that is the same as the input. + #[cfg(target_os = "windows")] + pub fn in_place_destination(&self) -> SigningDestination { + match &self.signable { + Signable::WindowsFile(path) => SigningDestination::File(path.clone()), + Signable::WindowsData(_) => SigningDestination::Memory, + } + } + #[cfg(target_os = "macos")] pub fn in_place_destination(&self) -> SigningDestination { match &self.signable { - Signable::WindowsFile(path) => SigningDestination::File(path.clone()), Signable::MachOFile(path, _) => SigningDestination::File(path.clone()), Signable::AppleBundle(path) => SigningDestination::Directory(path.clone()), - Signable::WindowsData(_) | Signable::MachOData(_) => SigningDestination::Memory, + Signable::MachOData(_) => SigningDestination::Memory, } } /// Obtain a [tugger_apple_codesign::SigningSettings] from this instance. + #[cfg(target_os = "macos")] pub fn as_apple_signing_settings( &self, ) -> Result, SigningError> { @@ -1042,6 +1100,7 @@ impl<'a> SignableSigner<'a> { }; // Automatically register Apple CA certificates for convenience. + #[cfg(target_os = "macos")] settings.chain_apple_certificates(); for cert in &self.certificate_chain { @@ -1057,7 +1116,7 @@ impl<'a> SignableSigner<'a> { .set_time_stamp_url(APPLE_TIMESTAMP_URL) .expect("shouldn't have failed for constant URL"); } - + #[cfg(target_os = "macos")] if let Some(cb) = &self.apple_signing_settings_fn { cb(&self.signable, &mut settings).map_err(SigningError::SettingsCallback)?; } @@ -1066,6 +1125,7 @@ impl<'a> SignableSigner<'a> { } /// Obtain a [tugger_windows_codesign::SigntoolSign] from this instance. + #[cfg(target_os = "windows")] pub fn as_windows_signer(&self) -> Result { let cert = self .signing_certificate @@ -1234,18 +1294,20 @@ impl<'a> SignableSigner<'a> { } } } + #[cfg(target_os = "macos")] Signable::MachOData(macho_data) => { warn!( logger, "signing Mach-O binary from in-memory data of size {} bytes", macho_data.len() ); + #[cfg(target_os = "macos")] let settings = self.as_apple_signing_settings()?; - + #[cfg(target_os = "macos")] let signer = tugger_apple_codesign::MachOSigner::new(&macho_data) .map_err(SigningError::MachOSigningError)?; - let mut dest = Vec::::with_capacity(macho_data.len() + 2_usize.pow(17)); + #[cfg(target_os = "macos")] signer .write_signed_binary(&settings, &mut dest) .map_err(SigningError::MachOSigningError)?; @@ -1269,15 +1331,17 @@ impl<'a> SignableSigner<'a> { } } } + #[cfg(target_os = "macos")] Signable::MachOFile(source_file, macho_data) => { let settings = self.as_apple_signing_settings()?; warn!(logger, "signing {}", source_file.display()); - + #[cfg(target_os = "macos")] let signer = tugger_apple_codesign::MachOSigner::new(&macho_data) .map_err(SigningError::MachOSigningError)?; let mut dest = Vec::::with_capacity(macho_data.len() + 2_usize.pow(17)); + #[cfg(target_os = "macos")] signer .write_signed_binary(&settings, &mut dest) .map_err(SigningError::MachOSigningError)?; @@ -1301,6 +1365,7 @@ impl<'a> SignableSigner<'a> { } } } + #[cfg(target_os = "macos")] Signable::AppleBundle(source_dir) => { let settings = self.as_apple_signing_settings()?; @@ -1354,10 +1419,12 @@ impl<'a> SignableSigner<'a> { SigningDestination::Directory(_) => false, }, // tugger-apple-codesign does everything in memory and doesn't need files. + #[cfg(target_os = "macos")] Signable::MachOData(_) | Signable::MachOFile(_, _) => false, // But, when we are sending output to the filesystem and the output isn't // the input, we go through a temporary directory to prevent writing // bad results to the output directory. + #[cfg(target_os = "macos")] Signable::AppleBundle(source_dir) => match destination { SigningDestination::Directory(dest_dir) => source_dir != dest_dir, SigningDestination::Memory | SigningDestination::File(_) => false, diff --git a/tugger-windows-codesign/Cargo.toml b/tugger-windows-codesign/Cargo.toml index 91aae3ba4..45fa7e722 100644 --- a/tugger-windows-codesign/Cargo.toml +++ b/tugger-windows-codesign/Cargo.toml @@ -23,7 +23,7 @@ yasna = "0.3" version = "0.5.0-pre" path = "../tugger-common" -[dependencies.tugger-windows] +[target.'cfg(target_os="windows")'.dependencies.tugger-windows] version = "0.6.0-pre" path = "../tugger-windows" diff --git a/tugger/Cargo.toml b/tugger/Cargo.toml index 2fbbb8f0e..cafa753ad 100644 --- a/tugger/Cargo.toml +++ b/tugger/Cargo.toml @@ -27,7 +27,7 @@ tempfile = "3.2" time = "0.2" walkdir = "2" -[dependencies.apple-bundle] +[target.'cfg(target_vender="apple")'.dependencies.apple-bundle] version = "0.5.0-pre" path = "../apple-bundle" @@ -39,7 +39,7 @@ path = "../python-packaging" version = "0.5.0-pre" path = "../starlark-dialect-build-targets" -[dependencies.tugger-apple] +[target.'cfg(target_vender="apple")'.dependencies.tugger-apple] version = "0.4.0-pre" path = "../tugger-apple" @@ -55,7 +55,7 @@ path = "../tugger-common" version = "0.6.0-pre" path = "../tugger-snapcraft" -[dependencies.tugger-windows] +[target.'cfg(target_os="windows")'.dependencies.tugger-windows] version = "0.6.0-pre" path = "../tugger-windows" @@ -71,11 +71,11 @@ path = "../tugger-file-manifest" chrono = "0.4" tempfile = "3.2" -[dev-dependencies.tugger-apple-codesign] +[target.'cfg(target_vender="apple")'.dev-dependencies.tugger-apple-codesign] version = "0.5.0-pre" path = "../tugger-apple-codesign" -[dev-dependencies.tugger-windows-codesign] +[target.'cfg(target_os="windows")'.dev-dependencies.tugger-windows-codesign] version = "0.4.0-pre" path = "../tugger-windows-codesign" diff --git a/tugger/src/starlark/code_signing.rs b/tugger/src/starlark/code_signing.rs index 7ac3bf50a..14c001a79 100644 --- a/tugger/src/starlark/code_signing.rs +++ b/tugger/src/starlark/code_signing.rs @@ -129,6 +129,7 @@ impl CodeSignerValue { // Starlark methods. impl CodeSignerValue { + #[cfg(target_os = "macos")] fn from_pfx_file(path: String, password: String) -> ValueResult { let pfx_data = std::fs::read(&path).map_err(|e| { ValueError::Runtime(RuntimeError { @@ -590,6 +591,46 @@ pub fn handle_file_manifest_signable_events( Ok(new_manifest) } +starlark_module! { code_signing_module => + code_signer_from_windows_store_sha1_thumbprint(thumbprint: String, store: String = "my".to_string()) { + CodeSignerValue::from_windows_store_sha1_thumbprint(thumbprint, store) + } + + code_signer_from_windows_store_subject(subject: String, store: String = "my".to_string()) { + CodeSignerValue::from_windows_store_subject(subject, store) + } + + code_signer_from_windows_store_auto() { + CodeSignerValue::from_windows_store_auto() + } + + CodeSigner.activate(env env, this) { + let this = this.downcast_ref::().unwrap(); + this.activate(env) + } + + CodeSigner.chain_issuer_certificates_pem_file(this, path: String) { + let this = this.downcast_ref::().unwrap(); + this.chain_issuer_certificates_pem_file(path) + } + + CodeSigner.chain_issuer_certificates_macos_keychain(this) { + let this = this.downcast_ref::().unwrap(); + this.chain_issuer_certificates_macos_keychain() + } + + CodeSigner.set_time_stamp_server(this, url: String) { + let this = this.downcast_ref::().unwrap(); + this.set_time_stamp_server(url) + } + + CodeSigner.set_signing_callback(this, func) { + let mut this = this.downcast_mut::().unwrap().unwrap(); + this.set_signing_callback(func) + } +} + +#[cfg(target_os = "macos")] starlark_module! { code_signing_module => code_signer_from_pfx_file(path: String, password: String) { CodeSignerValue::from_pfx_file(path, password) @@ -737,6 +778,7 @@ mod tests { } #[test] + #[cfg(target_os = "macos")] fn code_signer_from_pfx_file() -> Result<()> { let mut env = env_with_pfx_signer()?; diff --git a/tugger/src/starlark/mod.rs b/tugger/src/starlark/mod.rs index dccf4364b..c8858ef92 100644 --- a/tugger/src/starlark/mod.rs +++ b/tugger/src/starlark/mod.rs @@ -7,12 +7,13 @@ The `starlark` module and related sub-modules define the [Starlark](https://github.com/bazelbuild/starlark) dialect used by Tugger. */ - +#[cfg(target_os = "macos")] pub mod apple_universal_binary; pub mod code_signing; pub mod file_content; pub mod file_manifest; pub mod file_resource; +#[cfg(target_os = "macos")] pub mod macos_application_bundle_builder; pub mod python_wheel_builder; pub mod snapcraft; @@ -127,11 +128,13 @@ pub fn register_starlark_dialect( env: &mut Environment, type_values: &mut TypeValues, ) -> Result<(), EnvironmentError> { + #[cfg(target_os = "macos")] apple_universal_binary::apple_universal_binary_module(env, type_values); code_signing::code_signing_module(env, type_values); file_content::file_content_module(env, type_values); file_manifest::file_manifest_module(env, type_values); file_resource::file_resource_module(env, type_values); + #[cfg(target_os = "macos")] macos_application_bundle_builder::macos_application_bundle_builder_module(env, type_values); python_wheel_builder::python_wheel_builder_module(env, type_values); snapcraft::snapcraft_module(env, type_values);