Skip to content

Commit

Permalink
ATOR-179 Sign windows binaries
Browse files Browse the repository at this point in the history
  • Loading branch information
floodcode committed Jul 25, 2024
1 parent 8aff684 commit 042ea9b
Showing 1 changed file with 22 additions and 2 deletions.
24 changes: 22 additions & 2 deletions .github/workflows/build-packages.yml
Original file line number Diff line number Diff line change
Expand Up @@ -418,6 +418,26 @@ jobs:
name: anon-${{ env.PKG_ENV }}-windows-amd64
path: package/

sign-windows-64-binary:
runs-on: windows-latest
needs: build-windows-64-binary
steps:
- name: Download raw artifacts
uses: actions/download-artifact@v4
with:
name: anon-${{ env.PKG_ENV }}-windows-amd64
path: build/
- name: Sign
run: |
dotnet tool install --global AzureSignTool
AzureSignTool sign -kvu "${{ secrets.AZURE_KEY_VAULT_URI }}" -kvi "${{ secrets.AZURE_CLIENT_ID }}" -kvt "${{ secrets.AZURE_TENANT_ID }}" -kvs "${{ secrets.AZURE_CLIENT_SECRET }}" -kvc ${{ secrets.AZURE_CERT_NAME }} -tr http://timestamp.digicert.com -v "build/anon.exe"
AzureSignTool sign -kvu "${{ secrets.AZURE_KEY_VAULT_URI }}" -kvi "${{ secrets.AZURE_CLIENT_ID }}" -kvt "${{ secrets.AZURE_TENANT_ID }}" -kvs "${{ secrets.AZURE_CLIENT_SECRET }}" -kvc ${{ secrets.AZURE_CERT_NAME }} -tr http://timestamp.digicert.com -v "build/anon-gencert.exe"
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: anon-${{ env.PKG_ENV }}-windows-signed-amd64
path: build/

#
# Release
#
Expand Down Expand Up @@ -465,7 +485,7 @@ jobs:
release-github:
runs-on: ubuntu-latest
needs: [build-deb-package, build-macos-binary, build-windows-64-binary]
needs: [build-deb-package, build-macos-binary, sign-windows-64-binary]
if: startsWith(github.ref, 'refs/tags/')
steps:
- name: Download raw artifacts
Expand All @@ -484,7 +504,7 @@ jobs:
zip -j release-artifacts/anon-${{ env.PKG_ENV }}-linux-arm64.zip raw-artifacts/anon-${{ env.PKG_ENV }}-linux-arm64/*
zip -j release-artifacts/anon-${{ env.PKG_ENV }}-macos-amd64.zip raw-artifacts/anon-${{ env.PKG_ENV }}-macos-amd64/*
zip -j release-artifacts/anon-${{ env.PKG_ENV }}-macos-arm64.zip raw-artifacts/anon-${{ env.PKG_ENV }}-macos-arm64/*
zip -j release-artifacts/anon-${{ env.PKG_ENV }}-windows-amd64.zip raw-artifacts/anon-${{ env.PKG_ENV }}-windows-amd64/*
zip -j release-artifacts/anon-${{ env.PKG_ENV }}-windows-signed-amd64.zip raw-artifacts/anon-${{ env.PKG_ENV }}-windows-signed-amd64/*
ls -la -R release-artifacts/
- name: Checkout Repository
uses: actions/checkout@v4
Expand Down

0 comments on commit 042ea9b

Please sign in to comment.