Comfy-Org · robinjhuang · Aug 19, 2024 · Aug 19, 2024 · Aug 19, 2024 · Aug 19, 2024
@@ -8,41 +8,80 @@ jobs:
   build-windows:
     runs-on: windows-latest
     steps:
+      - name: Enable Long Name
+        shell: pwsh
+        run: New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\FileSystem" -Name "LongPathsEnabled" -Value 1 -PropertyType DWORD -Force
+      - run: git config --system core.longpaths true
+      - name: Set up certificate 
+        run: | 
+          echo "${{ secrets.DIGICERT_AUTHENTICATION_CERTIFICATE_BASE64 }}" | base64 --decode > /d/Certificate_pkcs12.p12 
+        shell: bash 
       - name: Github checkout
         uses: actions/checkout@v4
       - name: Use Node.js
         uses: actions/setup-node@v4
         with:
           node-version: 20
-      - run: npm i
+      - run: yarn install
+      - name: Mod
+        shell: powershell 
+        run: |
+          (Get-Content node_modules\@electron\windows-sign\dist\cjs\sign-with-signtool.js) -replace [Regex]::Escape('await execute({ ...internalOptions, hash: "sha1'), [Regex]::Escape('//await execute({ ...internalOptions, hash: "sha1') | Out-File -encoding ASCII node_modules\@electron\windows-sign\dist\cjs\sign-with-signtool.js
+          (Get-Content node_modules\@electron\windows-sign\dist\esm\sign-with-signtool.js) -replace [Regex]::Escape('await execute({ ...internalOptions, hash: "sha1'), [Regex]::Escape('//await execute({ ...internalOptions, hash: "sha1') | Out-File -encoding ASCII node_modules\@electron\windows-sign\dist\esm\sign-with-signtool.js
+          gc node_modules\@electron\windows-sign\dist\esm\sign-with-signtool.js
+      - name: Set variables 
+        id: variables 
+        run: | 
+          echo "{version}={${GITHUB_REF#refs/tags/v}}" >> $GITHUB_OUTPUT
+          echo "SM_HOST=${{ secrets.DIGICERT_HOST_ENVIRONMET }}" >> "$GITHUB_ENV" 
+          echo "SM_API_KEY=${{ secrets.DIGICERT_API_KEY }}" >> "$GITHUB_ENV" 
+          echo "SM_CLIENT_CERT_FILE=D:\\Certificate_pkcs12.p12" >> "$GITHUB_ENV" 
+          echo "SM_CLIENT_CERT_PASSWORD=${{ secrets.DIGICERT_AUTHENTICATION_CERTIFICATE_PASSWORD }}" >> "$GITHUB_ENV"
+          echo "C:\Program Files (x86)\Windows Kits\10\App Certification Kit" >> $GITHUB_PATH
+          echo "C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools" >> $GITHUB_PATH
+          echo "C:\Program Files\DigiCert\DigiCert Keylocker Tools" >> $GITHUB_PATH
+        shell: bash
+      - name: Download Keylocker Software
+        run: |
+          curl -X GET https://one.digicert.com/signingmanager/api-ui/v1/releases/Keylockertools-windows-x64.msi/download -H "x-api-key:%SM_API_KEY%" -o Keylockertools-windows-x64.msi
+        shell: cmd
+      - name: Install and Sync Cert Software      
+        run: |
+          msiexec /i Keylockertools-windows-x64.msi /passive
+          smksp_registrar.exe list 
+          smctl.exe keypair ls
+          C:\Windows\System32\certutil.exe -csp "DigiCert Signing Manager KSP" -key -user 
+          smksp_cert_sync.exe
+        shell: cmd
       - name: Download and prepare ComfyUI
         run: |
           curl -L -o comfyui-win.7z https://github.com/Comfy-Org/python-dependencies/releases/download/embedded-windows-deps-cu11.8-py11.9-5/ComfyUI_windows_portable.7z
-          ls
-          7z -x comfyui-win.7z -oAssets/UI/ComfyUI/
-          rm -rf comfyui-win.7z
+          7z x comfyui-win.7z -odist/
+          move dist/ComfyUI_windows_portable/ComfyUI assets/UI/
+          move dist/ComfyUI_windows_portable/python_embedded assets/UI/
+          cd assets/UI/ComfyUI && ls 
       - name: Make app
+        shell: powershell
         env:
+          DIGICERT_FINGERPRINT: ${{ secrets.DIGICERT_FINGERPRINT }}
           DEBUG: electron-forge:*
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: npm run publish --dry-run
-      # Windows Code Sign: 
-      #- name: Sign files with Trusted Signing
-      #    uses: azure/[email protected]
-      #    with:
-      #      azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }}
-      #      azure-client-id: ${{ secrets.AZURE_CLIENT_ID }}
-      #      azure-client-secret: ${{ secrets.AZURE_CLIENT_SECRET }}
-      #      endpoint: https://eus.codesigning.azure.net/
-      #      trusted-signing-account-name: vscx-codesigning
-      #      certificate-profile-name: vscx-certificate-profile
-      #      files-folder: ${{ github.workspace }}\out\
-      #      files-folder-filter: exe,dll
-      #      file-digest: SHA256
-      #      timestamp-rfc3161: http://timestamp.acs.microsoft.com
-      #      timestamp-digest: SHA256
+        run: npm run publish
+      - name: Signing using Signtool
+        env:
+          SM_HOST: ${{ secrets.DIGICERT_HOST_ENVIRONMET }}
+          SM_CLIENT_CERT_FILE : D:\\Certificate_pkcs12.p12
+        run: |
+          signtool.exe sign /sha1 ${{ secrets.DIGICERT_FINGERPRINT }} /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 "out/ComfyUI-win32-x64/ComfyUI.exe"
+      - name: Print SignLogs
+        if: always()
+        shell: powershell
+        run: cd $HOME ; gc .signingmanager\logs\smksp.log
+      - name: verify signing
+        run:
+          signtool verify out/ComfyUI-win32-x64/ComfyUI.exe
       - name: publish app
         env:
           DEBUG: electron-forge:*
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: npm run publish --from-dry-run
+        run: npm run publish -- --from-dry-run
@@ -0,0 +1,2 @@
+.\resources\UI\python_embedded\python.exe -s .//resources//UI//ComfyUI//main.py --cpu --windows-standalone-build
+pause
@@ -11,6 +11,13 @@ import { FuseV1Options, FuseVersion } from '@electron/fuses';
 const config: ForgeConfig = {
   packagerConfig: {
     asar: true,
+    windowsSign: {debug:true,
+      hookFunction: (filePath) => {
+        if (filePath.endsWith(".dll")) return;
+        require("child_process").execSync(`signtool.exe sign /sha1 ${process.env.DIGICERT_FINGERPRINT} /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 ${filePath}`)
+      },
+      signWithParams: `/csp \"DigiCert Signing Manager KSP\" /kc key_889133389 /sha1 ${process.env.DIGICERT_FINGERPRINT}`
+    },
     osxSign: {
       optionsForFile: (filepath) => {
         return { entitlements: './assets/entitlements.mac.plist' };
@@ -34,8 +41,7 @@ const config: ForgeConfig = {
     },
   },
   makers: [
-    new MakerSquirrel({}),
-    new MakerZIP({}, ['darwin']),
+    new MakerZIP({}, ['darwin', 'win32']),
     new MakerRpm({}),
     new MakerDeb({}),
   ],
@@ -76,7 +82,7 @@ const config: ForgeConfig = {
   publishers: [
     {
       name: '@electron-forge/publisher-github',
-      platforms: ['darwin'],
+      platforms: ['darwin', 'win32'],
       config: {
         repository: {
           owner: 'comfy-org',

@@ -2,12 +2,12 @@
 <html>
   <head>
     <meta charset="UTF-8" />
-    <title>Hello World!</title>
+    <title>Comfy UI</title>
 
   </head>
   <body>
-    <h1>💖 Hello World!</h1>
-    <p>Welcome to your Electron application.</p>
-    <script type="module" src="/src/renderer.ts"></script>
+    <div id="root"></div>
+    <script type="module" src="/src/renderer.tsx"></script>
+
   </body>
 </html>
@@ -1,7 +1,7 @@
 {
   "name": "comfyui-electron",
   "productName": "ComfyUI",
-  "version": "1.0.0",
+  "version": "0.0.1",
   "description": "The best modular GUI to run AI diffusion models.",
   "main": ".vite/build/main.js",
   "scripts": {
@@ -24,7 +24,11 @@
     "@electron-forge/plugin-vite": "^7.4.0",
     "@electron-forge/publisher-github": "^7.4.0",
     "@electron/fuses": "^1.8.0",
+    "@electron/notarize": "^2.4.0",
+    "@electron/windows-sign": "^1.1.3",
     "@types/adm-zip": "^0.5.5",
+    "@types/react": "^18.3.4",
+    "@types/react-dom": "^18.3.0",
     "@typescript-eslint/eslint-plugin": "^5.0.0",
     "@typescript-eslint/parser": "^5.0.0",
     "electron": "31.3.1",
@@ -41,9 +45,10 @@
   },
   "license": "GPL",
   "dependencies": {
-    "@electron/notarize": "^2.4.0",
     "adm-zip": "^0.5.15",
     "axios": "^1.7.3",
-    "electron-squirrel-startup": "^1.0.1"
+    "electron-squirrel-startup": "^1.0.1",
+    "react": "^18.3.1",
+    "react-dom": "^18.3.1"
   }
 }
@@ -4,4 +4,5 @@ body {
   margin: auto;
   max-width: 38rem;
   padding: 2rem;
+  background-color: #474747;
 }
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		.\resources\UI\python_embedded\python.exe -s .//resources//UI//ComfyUI//main.py --cpu --windows-standalone-build
		pause