Best practice for setting codesigning env variables
See original GitHub issueI’m struggling setting the various code-signing environment variables (CSC_LINK
, CSC_NAME
etc.) on Mac OSX.
My Issue is that env variables set via npm
scripts don’t seem to be picked up by electron-builder
. Here’s how my npm
script looks like:
export CSC_LINK=mylink && export CSC_KEY_PASSWORD=mypwd && build -w --x64
Note that while this doesn’t work, if I set the variables via the terminal everything works correctly.
I’m guessing this is because the electron-builder
code is being executed in a different process where env variables aren’t available anymore, but I’m not sure. I basically have 2 questions:
- should this work, ie is this the right way to set env variables in terms of best practices?
- if yes, is there a way we can ensure that env variables set via
npm
scripts get picked up byelectron-builder
?
Issue Analytics
- State:
- Created 7 years ago
- Comments:9 (3 by maintainers)
Top Results From Across the Web
Setting Up Code Signing for iOS Projects
This document describes the guidelines for setting up code signing for your iOS ... in the Match setup step to the CircleCI project's...
Read more >How To Manage Environment Variables?
What would be your top 3 tips on how to avoid these struggles? First, minimize the use of default values. If you identify...
Read more >Configuring code signing for AWS Lambda
Code signing checks every code deployment and verifies that the function code package is signed by a trusted source.
Read more >Code Signing Guide for Teams
A new approach to code signing. A best practices guide on how to manage certificates and provisioning profiles in your development team.
Read more >The Ultimate Programming Best Practices Guide
Methods like refactoring in test-driven development, extractions, and renaming variables. 1. Follow a Coding Standard. Do you want to create clean, readable, ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
In the npm script
Le jeudi 9 juin 2016, Muhammad Z. Mousa notifications@github.com a écrit :
To be clear — you use normal OS — OS X, not ugly Windows, so, for security reasons on development machine keychain is preferred way to store certs. No files, no env — it is all not secured (on CI env is secured because it is one-time isolated container).