You can create builds for all platforms by running:
yarn build
Note: This will not work on Windows machines, you will need to manually delete the dist/
directory and run:
yarn build:windows
The build process copies assets from the public/
directory into build/
via react-scripts
, electron-builder
picks up assets from the build/
directory to bundle into native applications.
By default, Stethoscope builds will not notarize your application. If you would like notarized builds, follow the instructions below:
-
Register as an Apple developer
-
Purchase a code-signing certificate and download the PFX bundle
-
Install your code signing certificate to the Mac certificate store
-
Do one of the following: a. Generate an app-specific password for the Apple ID that will be used to notarize the app. (so you don’t have use your regular password!) b. Generate a
jwt
from Apple -
Add the following environment variables by running:
export APP_BUNDLE_ID="com.example-company.stethoscope-local" // if using apple id username/password export APPLE_ID="my-apple-id-email@example.com" export APPLE_ID_PASS="The app-specific password" // if using a jwt export APPLE_API_KEY='myapikey' export APPLE_API_ISSUER='myissuer' // optional export ASC_PROVIDER='myascprovider'
-
Sign and notarize the app by running:
yarn build:mac
More info about notarizing is available from Apple at https://developer.apple.com/documentation/xcode/notarizing_macos_software_before_distribution/customizing_the_notarization_workflow
- Obtain a Microsoft Authenticode code-signing certificate (we use digicert)
- Export the private and public key as a
p12
file - Use
openssl
to convert p12 topvk
andspc
files
openssl pkcs12 -in $P12_FILE -nocerts -nodes -out temp-rsa.pem
openssl rsa -in temp-rsa.pem -outform PVK -pvk-strong -out windows-code-cert.pvk
openssl pkcs12 -in $P12_FILE -nokeys -nodes -out temp-cert.pem
openssl crl2pkcs7 -nocrl -certfile temp-cert.pem -outform DER -out windows-code-cert.spc
- If you are on Mac - install
mono
, if you don't have it already
brew install mono
- Build the windows executable and sign
yarn build:windows
signcode -$ commercial -a sha1 -t http://timestamp.digicert.com -i $MAIN_URL -spc $SPC_FILE.spc -v $PVK_FILE.pvk -n \"Stethoscope Installer\" \"dist/Stethoscope Setup $npm_package_version.exe\"
You can manually change values in package.json
and src/config.json
before each build.
Or you can set the following environment variables before build to overwrite the files automatically.
All environment variables are optional and if not present it will use the default values.
export APP_NAME=Stethoscope-My-Company
export APP_PUBLISH_URL="https://some-other-server.example.com/stethoscope/"
export APP_VERSION_SUFFIX="-my-company.1"
export APP_BUNDLE_ID=com.example.com.stethoscope-local
export APP_HELP_SLACK_LINK="slack://channel?team=<my-team>&id=<channel-id>"
export APP_HELP_EMAIL=support@example.com
export APP_ALLOW_PRERELEASE_UPDATES=true
NOTE: You will need to codesign Mac and Windows builds for automatic updates to work on either platform
There are quite a few options in the electron-builder
docs for automatic updates and we suggest you pick one that is best suited for your organization - autotmatic update documentation.
We use S3 internally as a generic file server and manually deploy the assets (though electron-builder can be configured to push builds to S3), the setup process is essentially:
- Create a public S3 bucket
- Ensure that
build.publish
is pointed to your S3 bucket inpackage.json
"publish": [
{
"provider": "generic",
"url": "https://s3-us-west-2.amazonaws.com/your-public-s3-bucket/"
}
]
- Build and sign app(s)
- Upload signed build artifacts (
dist/*.{dmg,exe,blockmap,yml,zip}
) to S3
Once that is in place, the app's "Check for updates" link in the menu will download new versions and prompt the user to restart.