Comments on jpackage (JEP 343)
Alexey Semenyuk
alexey.semenyuk at oracle.com
Wed Oct 2 17:14:12 UTC 2019
On 10/2/2019 12:33 PM, Sverre Moe wrote:
> ons. 2. okt. 2019 kl. 16:07 skrev Alexey Semenyuk
> <alexey.semenyuk at oracle.com <mailto:alexey.semenyuk at oracle.com>>:
>
> Hi Sverre,
>
> Thank you for doing this research. I don't think we should complicate
> jpackage by adding signing steps in it.
> However we can add a call to custom script after msi is
> constructed but
> before it get embedded in exe installer.
> This script can sign msi.
>
> We already support call of custom script from resource dir before
> building msi. Just need to add another call.
>
> - Alexey
>
> I can certainly use the custom application-post-image.wsf to sign the
> application image executable. However I don't think it would be easy
> considering that this executable is left read-only by jpackage.
I didn't mean to sign application image executable. This opportunity is
already available.
I meant we can add to jpackage functionality to call custom script after
msi is created but before it get embedded in exe installer.
Exe installer produced by jpackage is just a container for msi
installer. Before msi will be put in the container there will be an
opportunity to modify (sign) the msi.
Currently the steps to create exe installer are:
1.1 Create app image
1.2 Call application-post-image.wsf if available
2. Create msi from app image
3. Create exe from msi
It will be changed to:
1.1 Create app image
1.2 Call application-post-image.wsf if available
2.1 Create msi from app image
2.2 Call application-post-msi.wsf if available
3. Create exe from msi
- Alexey
>
> When it comes to signing the MSI and EXE installers, that can be done
> after running jpackage with a Gradle Exec task.
>
> /Sverre
More information about the core-libs-dev
mailing list