heyimalex/github_desktop_ps_sign.py

## github_desktop_ps_sign.py
#!/usr/bin/env python

# This script signs github for desktop powershell scripts.
#
# Powershell scripts are locked down here (via sysadmin decree), but the GitHub
# Desktop app uses powershell scripts when you right click > "Open in Git
# Shell". This is pretty much a requirement since the application can only
# handle fairly simple git operations.
#
# In order for these scripts to work they need to be signed. I don't remember
# the process for getting a code signing certificate but I think it's
# roughly:
#
# - run mmc.exe
# - Add the Certificate snap in
# - Right click Personal > All Tasks > Request New Certificate
# - Follow the wizard, creating a code signing certificate
#
# The last step is to sign the powershell scripts. This probably needs to be
# done every time GitHub Desktop updates, so I wrote this script to make it
# easy. Just run this and it'll print out a command for you to manually run in
# powershell.

import sys
import os
import ntpath

print '\nFinding path to github install folder...'
local_app_data = os.getenv('LOCALAPPDATA')
github_path = ntpath.join(local_app_data, 'GitHub')
if (not os.path.isdir(github_path)):
  print 'unable to locate GitHub directory at {}'.format(github_path)
  print 'you may need to modify this script :('
  sys.exit(1)
else:
  print '  {}'.format(github_path)

def find_all_powershell_scripts():
  for root, directories, filenames in os.walk(github_path):
    for filename in filenames:
      fullpath = ntpath.join(root, filename).replace('/', '\\')
      if fullpath.endswith('.ps1') or fullpath.endswith('.psm1'):
        print '  {}'.format(fullpath)
        yield fullpath

print '\nFinding paths to all powershell scripts...'
scripts = list(find_all_powershell_scripts())

print '\nCopy and paste the following command into powershell:\n'

# Powershell takes multiple string arguments as a list delimited by commas.
scripts_string = ','.join(scripts)

print ' '.join([
  '$cert=(dir cert:currentuser\my\ -CodeSigningCert);',
  'Set-AuthenticodeSignature {} $cert;'.format(scripts_string)
])
	#!/usr/bin/env python

	# This script signs github for desktop powershell scripts.
	#
	# Powershell scripts are locked down here (via sysadmin decree), but the GitHub
	# Desktop app uses powershell scripts when you right click > "Open in Git
	# Shell". This is pretty much a requirement since the application can only
	# handle fairly simple git operations.
	#
	# In order for these scripts to work they need to be signed. I don't remember
	# the process for getting a code signing certificate but I think it's
	# roughly:
	#
	# - run mmc.exe
	# - Add the Certificate snap in
	# - Right click Personal > All Tasks > Request New Certificate
	# - Follow the wizard, creating a code signing certificate
	#
	# The last step is to sign the powershell scripts. This probably needs to be
	# done every time GitHub Desktop updates, so I wrote this script to make it
	# easy. Just run this and it'll print out a command for you to manually run in
	# powershell.

	import sys
	import os
	import ntpath

	print '\nFinding path to github install folder...'
	local_app_data = os.getenv('LOCALAPPDATA')
	github_path = ntpath.join(local_app_data, 'GitHub')
	if (not os.path.isdir(github_path)):
	print 'unable to locate GitHub directory at {}'.format(github_path)
	print 'you may need to modify this script :('
	sys.exit(1)
	else:
	print ' {}'.format(github_path)

	def find_all_powershell_scripts():
	for root, directories, filenames in os.walk(github_path):
	for filename in filenames:
	fullpath = ntpath.join(root, filename).replace('/', '\\')
	if fullpath.endswith('.ps1') or fullpath.endswith('.psm1'):
	print ' {}'.format(fullpath)
	yield fullpath

	print '\nFinding paths to all powershell scripts...'
	scripts = list(find_all_powershell_scripts())

	print '\nCopy and paste the following command into powershell:\n'

	# Powershell takes multiple string arguments as a list delimited by commas.
	scripts_string = ','.join(scripts)

	print ' '.join([
	'$cert=(dir cert:currentuser\my\ -CodeSigningCert);',
	'Set-AuthenticodeSignature {} $cert;'.format(scripts_string)
	])