cmbasnett/bdk-blender
0
0
Fork 0
forked from blender/blender
Code Pull Requests Activity
v2.93.18
bdk-blender/build_files/buildbot
History
Joerg Mueller d33339ebf4 Audaspace: add support for PulseAudio on Linux 
This adds PulseAudio as audio backend on Linux.
PulseAudio is the main audio engine used on most,
if not all, Linux distributions today.

Ref T86590
2021-03-16 23:21:45 +01:00
..
codesign Codesign: Allo non-zero exit code for signtool on Windows 2020-12-01 17:16:48 +01:00
config Audaspace: add support for PulseAudio on Linux 2021-03-16 23:21:45 +01:00
buildbot_utils.py Buildbot: Fixed crash when building RC builds 2021-01-25 11:53:35 +01:00
codesign_server_linux.py Initial implementation of code signing routines 2019-11-13 09:24:41 +01:00
codesign_server_macos.py Codesign: Add codesign for macOS worker 2020-02-03 17:03:51 +01:00
codesign_server_windows.bat Initial implementation of code signing routines 2019-11-13 09:24:41 +01:00
codesign_server_windows.py Codesign: Add codesign for macOS worker 2020-02-03 17:03:51 +01:00
README.md Buildbot: Cleanup, remove unused script and change naming 2020-06-17 17:39:17 +02:00
worker_bundle_dmg.py Fix buildbot macOS packaging error after recent changes 2020-08-04 17:13:09 +02:00
worker_codesign.cmake Buildbot: Cleanup, remove unused script and change naming 2020-06-17 17:39:17 +02:00
worker_codesign.py Buildbot: Cleanup, remove unused script and change naming 2020-06-17 17:39:17 +02:00
worker_compile.py Cycles: upgrade to OptiX SDK version 7.1 on buildbot 2021-01-12 11:51:42 +01:00
worker_pack.py Cleanup: pep8 (indentation, spacing, long lines) 2020-10-02 11:59:16 +10:00
worker_test.py Cleanup: pep8 (indentation, spacing, long lines) 2020-10-02 11:59:16 +10:00
worker_update.py Buildbot: Cleanup, remove unused script and change naming 2020-06-17 17:39:17 +02:00

README.md

Blender Buildbot

Code signing

Code signing is done as part of INSTALL target, which makes it possible to sign files which are aimed into a bundle and coming from a non-signed source (such as libraries SVN).

This is achieved by specifying worker_codesign.cmake as a post-install script run by CMake. This CMake script simply involves an utility script written in Python which takes care of an actual signing.

Configuration

Client configuration doesn't need anything special, other than variable SHARED_STORAGE_DIR pointing to a location which is watched by a server. This is done in config_builder.py file and is stored in Git (which makes it possible to have almost zero-configuration buildbot machines).

Server configuration requires copying config_server_template.py under the name of config_server.py and tweaking values, which are platform-specific.

Windows configuration

There are two things which are needed on Windows in order to have code signing to work:

  • TIMESTAMP_AUTHORITY_URL which is most likely set http://timestamp.digicert.com
  • CERTIFICATE_FILEPATH which is a full file path to a PKCS #12 key (.pfx).

Tips

Self-signed certificate on Windows

It is easiest to test configuration using self-signed certificate.

The certificate manipulation utilities are coming with Windows SDK. Unfortunately, they are not added to PATH. Here is an example of how to make sure they are easily available:

set PATH=C:\Program Files (x86)\Windows Kits\10\App Certification Kit;%PATH%
set PATH=C:\Program Files (x86)\Windows Kits\10\bin\10.0.18362.0\x64;%PATH%

Generate CA:

makecert -r -pe -n "CN=Blender Test CA" -ss CA -sr CurrentUser -a sha256 ^
         -cy authority -sky signature -sv BlenderTestCA.pvk BlenderTestCA.cer

Import the generated CA:

certutil -user -addstore Root BlenderTestCA.cer

Create self-signed certificate and pack it into PKCS #12:

makecert -pe -n "CN=Blender Test SPC" -a sha256 -cy end ^
         -sky signature ^
         -ic BlenderTestCA.cer -iv BlenderTestCA.pvk ^
         -sv BlenderTestSPC.pvk BlenderTestSPC.cer

pvk2pfx -pvk BlenderTestSPC.pvk -spc BlenderTestSPC.cer -pfx BlenderTestSPC.pfx