update build.ts

2026-02-09 01:27:21 +08:00
parent a610bd371d
commit e61b21f000
2 changed files with 20 additions and 13 deletions
--- a/single-scripts/build.ts
+++ b/single-scripts/build.ts
@@ -1,7 +1,7 @@
 #!/usr/bin/env runts -- --allow-all

 import {
-    execCommandAndStdout,
+    execCommand,
    execCommandShell,
    existsPath,
    log,
@@ -148,15 +148,22 @@ async function buildFile(file: string, flags: any) {
    if (flags["skip-sign"]) {
        log.warn(`Skip signature for file: ${bundleFile}`);
    } else {
-        const signScriptUserPin = await execCommandAndStdout("keyring.rs", [
+        const signScriptUserPinOutput = await execCommand("keyring.rs", [
            "-gRU",
-            "yubikey4white:user-pin",
-        ]);
-        const ret = await execCommandShell("script-sign.rs", [
-            "--pin",
-            signScriptUserPin,
-            bundleFile,
+            "yubikey:script-sign",
        ]);
+        const scriptSignArgs: string[] = [];
+        if (signScriptUserPinOutput.code !== 0) {
+            log.warn(`Read script sign PIN failed: `, signScriptUserPinOutput);
+        } else {
+            scriptSignArgs.push("--pin");
+            scriptSignArgs.push(
+                signScriptUserPinOutput.getStdoutAsStringThenTrim(),
+            );
+        }
+        scriptSignArgs.push(bundleFile);
+
+        const ret = await execCommandShell("script-sign.rs", scriptSignArgs);
        if (ret !== 0) {
            log.error(`Sign script: ${bundleFile} failed, ret code: ${ret}`);
            return;
@@ -168,5 +175,5 @@ async function buildFile(file: string, flags: any) {

 await main();

-// @SCRIPT-SIGNATURE-V1: yk-r1.ES256.20260209T010454+08:00.MEYCIQCyqK8SqFbxJqCu1fEP
-// IAOM2DklduDdgQ3i//kMBKfUQAIhAPq5xxr5jGvJ6YdpoLr9t95b+JTmSZ+gJq4kEH3XrRLm
+// @SCRIPT-SIGNATURE-V1: yk-r1.ES256.20260209T012700+08:00.MEUCIGGCDSJvi+URM4KdfZrW
+// q04x43Wf4KDFnpuRUJVJp97GAiEAyoTJKX/S7K1/1czB3U6+bKurCgxcG/09AXJSSHSTSo0=