vstockwell/wraith
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 67 Wiki Activity

fix: skip Tauri bundler, build NSIS installer manually
Some checks failed
Build & Sign Wraith / Build Windows + Sign (push) Failing after 2m34s
Details

Browse Source 
Tauri's bundled makensis can't run under SYSTEM account.
Use --no-bundle, then build installer with system NSIS
directly — same pattern as the old Go pipeline.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Vantz Stockwell 2026-03-18 00:47:16 -04:00
parent 8ed99a4919
commit 5910e7a849
2 changed files with 78 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

108
.gitea/workflows/build-release.yml
View File

@ -78,12 +78,65 @@ jobs:
env: env:
TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }} TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }} TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
TAURI_NSIS_PATH: C:\Program Files (x86)\NSIS
run: | run: |
$env:Path = "$env:EXTRA_PATH;$env:Path" $env:Path = "$env:EXTRA_PATH;$env:Path"
cargo tauri build cargo tauri build --no-bundle
Write-Host "=== Build output ===" Write-Host "=== Build output ==="
Get-ChildItem -Recurse src-tauri\target\release\bundle\nsis\*.exe Get-ChildItem src-tauri\target\release\Wraith.exe
- name: Build NSIS installer
shell: powershell
run: |
$env:Path = "$env:EXTRA_PATH;$env:Path"
$version = "${{ steps.version.outputs.version }}"
# Stage files
New-Item -ItemType Directory -Force -Path dist-pkg | Out-Null
Copy-Item src-tauri\target\release\Wraith.exe dist-pkg\
Copy-Item src-tauri\icons\icon.ico dist-pkg\wraith.ico -ErrorAction SilentlyContinue
# Write NSIS script
@"
!include "MUI2.nsh"
Name "Wraith"
OutFile "Wraith_${version}_x64-setup.exe"
InstallDir "`$PROGRAMFILES64\Wraith"
RequestExecutionLevel admin
!insertmacro MUI_PAGE_DIRECTORY
!insertmacro MUI_PAGE_INSTFILES
!insertmacro MUI_LANGUAGE "English"
Section "Install"
SetOutPath "`$INSTDIR"
File "Wraith.exe"
File "wraith.ico"
CreateDirectory "`$SMPROGRAMS\Wraith"
CreateShortcut "`$SMPROGRAMS\Wraith\Wraith.lnk" "`$INSTDIR\Wraith.exe" "" "`$INSTDIR\wraith.ico"
CreateShortcut "`$DESKTOP\Wraith.lnk" "`$INSTDIR\Wraith.exe" "" "`$INSTDIR\wraith.ico"
WriteUninstaller "`$INSTDIR\uninstall.exe"
WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\Wraith" "DisplayName" "Wraith"
WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\Wraith" "UninstallString" "`$INSTDIR\uninstall.exe"
WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\Wraith" "DisplayVersion" "${version}"
WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\Wraith" "Publisher" "Vigilance Cyber"
SectionEnd
Section "Uninstall"
Delete "`$INSTDIR\Wraith.exe"
Delete "`$INSTDIR\wraith.ico"
Delete "`$INSTDIR\uninstall.exe"
RMDir "`$INSTDIR"
Delete "`$SMPROGRAMS\Wraith\Wraith.lnk"
RMDir "`$SMPROGRAMS\Wraith"
Delete "`$DESKTOP\Wraith.lnk"
DeleteRegKey HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\Wraith"
SectionEnd
"@ | Out-File -FilePath dist-pkg\installer.nsi -Encoding ascii
# Build installer
Push-Location dist-pkg
makensis installer.nsi
Pop-Location
Move-Item "dist-pkg\Wraith_${version}_x64-setup.exe" .
Write-Host "=== Installer built ==="
Get-ChildItem "Wraith_${version}_x64-setup.exe"
- name: Download jsign - name: Download jsign
shell: powershell shell: powershell
@ -109,26 +162,29 @@ jobs:
shell: powershell shell: powershell
run: | run: |
$env:Path = "$env:EXTRA_PATH;$env:Path" $env:Path = "$env:EXTRA_PATH;$env:Path"
$version = "${{ steps.version.outputs.version }}"
Write-Host "=== Signing Wraith binaries ===" Write-Host "=== Signing Wraith binaries ==="
$installers = Get-ChildItem -Recurse src-tauri\target\release\bundle\nsis\*.exe $binaries = @("src-tauri\target\release\Wraith.exe", "Wraith_${version}_x64-setup.exe")
foreach ($binary in $installers) { foreach ($path in $binaries) {
Write-Host "Signing: $($binary.FullName)" if (Test-Path $path) {
java -jar jsign.jar ` Write-Host "Signing: $path"
--storetype AZUREKEYVAULT ` java -jar jsign.jar `
--keystore "${{ secrets.AZURE_KEY_VAULT_URL }}" ` --storetype AZUREKEYVAULT `
--storepass "${{ steps.azure-token.outputs.token }}" ` --keystore "${{ secrets.AZURE_KEY_VAULT_URL }}" `
--alias "${{ secrets.AZURE_CERT_NAME }}" ` --storepass "${{ steps.azure-token.outputs.token }}" `
--tsaurl http://timestamp.digicert.com ` --alias "${{ secrets.AZURE_CERT_NAME }}" `
--tsmode RFC3161 ` --tsaurl http://timestamp.digicert.com `
$binary.FullName --tsmode RFC3161 `
Write-Host "Signed: $($binary.Name)" $path
Write-Host "Signed: $path"
}
} }
- name: Create version.json - name: Create version.json
shell: powershell shell: powershell
run: | run: |
$version = "${{ steps.version.outputs.version }}" $version = "${{ steps.version.outputs.version }}"
$installer = (Get-ChildItem -Recurse src-tauri\target\release\bundle\nsis\*.exe | Select-Object -First 1) $installer = Get-Item "Wraith_${version}_x64-setup.exe"
$hash = (Get-FileHash $installer.FullName -Algorithm SHA256).Hash.ToLower() $hash = (Get-FileHash $installer.FullName -Algorithm SHA256).Hash.ToLower()
$json = @{ $json = @{
version = $version version = $version
@ -152,27 +208,17 @@ jobs:
Write-Host "=== Uploading Wraith v$version ===" Write-Host "=== Uploading Wraith v$version ==="
$installers = Get-ChildItem -Recurse src-tauri\target\release\bundle\nsis\*.exe $installer = "Wraith_${version}_x64-setup.exe"
foreach ($file in $installers) { Write-Host "Uploading: $installer"
Write-Host "Uploading: $($file.Name)" Invoke-RestMethod -Uri "$giteaUrl/api/packages/vstockwell/generic/wraith/$version/$installer" `
Invoke-RestMethod -Uri "$giteaUrl/api/packages/vstockwell/generic/wraith/$version/$($file.Name)" ` -Method PUT -Headers $headers -ContentType "application/octet-stream" `
-Method PUT -Headers $headers -ContentType "application/octet-stream" ` -InFile $installer
-InFile $file.FullName
}
Write-Host "Uploading: version.json" Write-Host "Uploading: version.json"
Invoke-RestMethod -Uri "$giteaUrl/api/packages/vstockwell/generic/wraith/$version/version.json" ` Invoke-RestMethod -Uri "$giteaUrl/api/packages/vstockwell/generic/wraith/$version/version.json" `
-Method PUT -Headers $headers -ContentType "application/octet-stream" ` -Method PUT -Headers $headers -ContentType "application/octet-stream" `
-InFile version.json -InFile version.json
$sigs = Get-ChildItem -Recurse src-tauri\target\release\bundle\nsis\*.sig -ErrorAction SilentlyContinue
foreach ($sig in $sigs) {
Write-Host "Uploading: $($sig.Name)"
Invoke-RestMethod -Uri "$giteaUrl/api/packages/vstockwell/generic/wraith/$version/$($sig.Name)" `
-Method PUT -Headers $headers -ContentType "application/octet-stream" `
-InFile $sig.FullName
}
Write-Host "=== Upload complete ===" Write-Host "=== Upload complete ==="
- name: Create Gitea Release - name: Create Gitea Release

2
src-tauri/tauri.conf.json
View File

@ -26,7 +26,7 @@
}, },
"bundle": { "bundle": {
"active": true, "active": true,
"targets": ["nsis"], "targets": [],
"icon": [ "icon": [
"icons/32x32.png", "icons/32x32.png",
"icons/128x128.png", "icons/128x128.png",