produced signed artifacts without suffixes

.github/workflows/build.yml

@@ -75,16 +75,16 @@ env:
       artifacts:
         - path: '*Windows_64bit.exe'
           name: Windows_X86-64_interactive_installer
-        - path: '*Windows_64bit_signed.exe'
-          name: Windows_X86-64_interactive_installer_signed
+        - path: '*Windows_64bit_unsigned.exe'
+          name: Windows_X86-64_interactive_installer_unsigned
         - path: '*Windows_64bit.msi'
           name: Windows_X86-64_MSI
-        - path: '*Windows_64bit_signed.msi'
-          name: Windows_X86-64_MSI_signed
+        - path: '*Windows_64bit_unsigned.msi'
+          name: Windows_X86-64_MSI_unsigned
         - path: '*Windows_64bit.zip'
           name: Windows_X86-64_zip
-        - path: '*Windows_64bit_signed.zip'
-          name: Windows_X86-64_zip_signed
+        - path: '*Windows_64bit_unsigned.zip'
+          name: Windows_X86-64_zip_unsigned
     - config:
         name: Linux
         runs-on: ubuntu-latest
@@ -446,22 +446,24 @@ jobs:
             FILENAME=$(basename "$ARTIFACT")
             BASE_NAME="${FILENAME%.*}"
             EXTENSION="${FILENAME##*.}"
+            # Remove '_unsigned' from the base name if it exists
+            SIGNED_BASE_NAME="${BASE_NAME/_unsigned/}"
             
             # Sign and rename EXE and MSI files
             if [[ "$EXTENSION" == "exe" || "$EXTENSION" == "msi" ]]; then
               echo "Signing $ARTIFACT"
               "${{ env.SIGNTOOL_PATH }}" sign -d "Arduino IDE" -f ${{ env.INSTALLER_CERT_WINDOWS_CER }} -csp "eToken Base Cryptographic Provider" -k "[{{${{ env.CERT_PASSWORD }}}}]=${{ env.CONTAINER_NAME }}" -fd sha256 -tr http://timestamp.digicert.com -td SHA256 -v "$ARTIFACT"
-              SIGNED_ARTIFACT_PATH="${{ env.BUILD_ARTIFACTS_PATH }}/${BASE_NAME}_signed.${EXTENSION}"
+              SIGNED_ARTIFACT_PATH="${{ env.BUILD_ARTIFACTS_PATH }}/${SIGNED_BASE_NAME}.${EXTENSION}"
               mv "$ARTIFACT" "$SIGNED_ARTIFACT_PATH"
               echo "Renamed $ARTIFACT to $SIGNED_ARTIFACT_PATH"
             fi
             
-            # Unzip, Sign, and Rezip ZIP file with new name
+            # Unzip, Sign, and Rezip ZIP file without '_unsigned' in the name
             if [[ "$EXTENSION" == "zip" ]]; then
               TEMP_DIR=$(mktemp -d)
               unzip "$ARTIFACT" -d "$TEMP_DIR"
               find "$TEMP_DIR" -type f -name '*.exe' -exec "${{ env.SIGNTOOL_PATH }}" sign -d "Arduino IDE" -f ${{ env.INSTALLER_CERT_WINDOWS_CER }} -csp "eToken Base Cryptographic Provider" -k "[{{${{ env.CERT_PASSWORD }}}}]=${{ env.CONTAINER_NAME }}" -fd sha256 -tr http://timestamp.digicert.com -td SHA256 -v {} \;
-              SIGNED_ARTIFACT_PATH="${{ env.BUILD_ARTIFACTS_PATH }}/${BASE_NAME}_signed.zip"
+              SIGNED_ARTIFACT_PATH="${{ env.BUILD_ARTIFACTS_PATH }}/${SIGNED_BASE_NAME}.${EXTENSION}"
               pushd "$TEMP_DIR"
               zip -r "$SIGNED_ARTIFACT_PATH" .
               popd
@@ -473,21 +475,21 @@ jobs:
       - name: Upload signed EXE
         uses: actions/upload-artifact@v3
         with:
-          name: Windows_X86-64_interactive_installer_signed
-          path: ${{ env.BUILD_ARTIFACTS_PATH }}/*_signed.exe
+          name: Windows_X86-64_interactive_installer
+          path: ${{ env.BUILD_ARTIFACTS_PATH }}/*Windows_64bit.exe
 
       - name: Upload signed MSI
         uses: actions/upload-artifact@v3
         with:
-          name: Windows_X86-64_MSI_signed
-          path: ${{ env.BUILD_ARTIFACTS_PATH }}/*_signed.msi
+          name: Windows_X86-64_MSI
+          path: ${{ env.BUILD_ARTIFACTS_PATH }}/*Windows_64bit.msi
 
 
       - name: Upload signed ZIP
         uses: actions/upload-artifact@v3
         with:
-          name: Windows_X86-64_interactive_installer_signed
-          path: ${{ env.BUILD_ARTIFACTS_PATH }}/*_signed.zip
+          name: Windows_X86-64_zip
+          path: ${{ env.BUILD_ARTIFACTS_PATH }}/*Windows_64bit.zip
 
         # This step is needed because the self hosted runner does not delete files automatically
       - name: Clean up artifacts

electron-app/scripts/package.js

@@ -100,7 +100,7 @@ async function getArtifactName(version) {
   switch (platform) {
     case 'win32': {
       if (arch === 'x64') {
-        return `${name}_${version}_Windows_64bit.\$\{ext}`;
+        return `${name}_${version}_Windows_64bit_unsigned.\$\{ext}`;
       }
       throw new Error(`Unsupported platform, arch: ${platform}, ${arch}`);
     }