From 0b036bc90e3aaef3daa6483f365851100f1b6c98 Mon Sep 17 00:00:00 2001
From: e3ndr <33337309+e3ndr@users.noreply.github.com>
Date: Wed, 4 Dec 2024 09:47:50 -0600
Subject: [PATCH] To be removed.

Thanks microsoft.
---
 .github/workflows/maven.yml | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 415d26c..b696f0a 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -6,6 +6,9 @@ on:
   pull_request:
     branches: ["main"]
 
+permissions:
+  id-token: write
+  contents: read
 jobs:
   build_windows:
     runs-on: windows-latest
@@ -30,6 +33,39 @@ jobs:
         uses: joncloud/makensis-action@v4.1
         with:
           script-file: "Installer.nsi"
+          
+      - name: 🔐 Azure login
+        uses: azure/login@v1
+        with:
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+      - name: ✍️ Sign files with Trusted Signing
+        uses: azure/trusted-signing-action@v0.5.0
+        with:
+          # azure-username: ${{ secrets.AZURE_USERNAME }}
+          # azure-password: ${{ secrets.AZURE_PASSWORD }}
+          azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          azure-client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          azure-client-secret: ${{ secrets.AZURE_CLIENT_SECRET }}
+          endpoint: https://eus.codesigning.azure.net/
+          trusted-signing-account-name: vscx-codesigning
+          certificate-profile-name: vscx-certificate-profile
+          files-folder: dist/Casterlabs-Caffeinated-Setup.exe
+          file-digest: SHA256
+          timestamp-rfc3161: http://timestamp.acs.microsoft.com
+          timestamp-digest: SHA256
+          exclude-environment-credential: true
+          exclude-workload-identity-credential: true
+          exclude-managed-identity-credential: true
+          exclude-shared-token-cache-credential: true
+          exclude-visual-studio-credential: true
+          exclude-visual-studio-code-credential: true
+          exclude-azure-cli-credential: false
+          exclude-azure-powershell-credential: true
+          exclude-azure-developer-cli-credential: true
+          exclude-interactive-browser-credential: true
 
       - name: 🆙 Upload the Windows artifact (x86_64)
         uses: actions/upload-artifact@v3