From 0728e9c712586c4ce06c100901f20cb0bb9e8a0e Mon Sep 17 00:00:00 2001
From: Thanos Doukoudakis <thanos.doukoudakis@isode.com>
Date: Tue, 15 Aug 2017 14:51:00 +0100
Subject: Force a build to stop if signing of the packages fails.

This patch will make the build attempt to sign the package 3 times. If
none of the attempts are successful, the build will stop and flag the
error.

Test-Information:

Tested packaging on Windows 10 (Qt 5.7), when the package signing succeeds
(signed installer package), fails (build stops) or not required (unsigned
installer package).

Change-Id: Idf1f708dda50e67e54866ca598cc5160e4ea76eb

diff --git a/Swift/QtUI/SConscript b/Swift/QtUI/SConscript
index ff97b42..112a66e 100644
--- a/Swift/QtUI/SConscript
+++ b/Swift/QtUI/SConscript
@@ -57,7 +57,7 @@ myenv.Tool("textfile", toolpath = ["#/BuildTools/SCons/Tools"])
 qt4modules = ['QtCore', 'QtWebKit', 'QtGui']
 if myenv["qt5"] :
     qt_version = '5'
-    # QtSvg is required so the image format plugin for SVG images is installed 
+    # QtSvg is required so the image format plugin for SVG images is installed
     # correctly by Qt's deployment tools.
     qt4modules += ['QtWidgets', 'QtWebKitWidgets', 'QtMultimedia', 'QtSvg']
     if env["PLATFORM"] != "win32" and env["PLATFORM"] != "darwin" :
@@ -494,7 +494,18 @@ if env["PLATFORM"] == "win32" :
             lightTask = myenv.WiX_Light('#/Packages/Swift/Swift-' + myenv["SWIFT_VERSION"] + '.msi', ['..\\Packaging\\WiX\\gen_files.wixobj','..\\Packaging\\WiX\\Swift.wixobj'])
             if myenv.get("SIGNTOOL_KEY_PFX", None) and myenv.get("SIGNTOOL_TIMESTAMP_URL", None) :
                 def signToolAction(target = None, source = None, env = None):
-                    env.Execute('signtool.exe sign /fd SHA256 /f "${SIGNTOOL_KEY_PFX}" /t "${SIGNTOOL_TIMESTAMP_URL}" ' + str(target[0]))
+                    signresult = 0
+                    for x in range (1, 4) :
+                        print "Attemping to sign the packages [%s]" % x
+                        signresult = env.Execute('signtool.exe sign /fd SHA256 /f "${SIGNTOOL_KEY_PFX}" /t "${SIGNTOOL_TIMESTAMP_URL}" ' + str(target[0]))
+                        if signresult != 1 :
+                            break
+                    #If all 3 attemps to sign the package failed, stop the build.
+                    if signresult == 1 :
+                        print "Error: The build has failed to sign the installer package"
+                        Exit(1)
+                    if signresult == 2 :
+                        print "Signing was completed with warnings."
 
                 myenv.AddPostAction(lightTask, signToolAction)
 
-- 
cgit v0.10.2-6-g49f6