From ad14fe70e5d782093d072855adc5c708f3fc860f Mon Sep 17 00:00:00 2001 From: Sondre Solbakken Date: Tue, 5 Sep 2023 09:05:27 +0200 Subject: [PATCH 1/7] Rename and do a base run --- .github/workflows/run-action.yaml | 47 +++++++++++++++---------------- 1 file changed, 23 insertions(+), 24 deletions(-) diff --git a/.github/workflows/run-action.yaml b/.github/workflows/run-action.yaml index fdd61285..c0d0bd39 100644 --- a/.github/workflows/run-action.yaml +++ b/.github/workflows/run-action.yaml @@ -1,11 +1,11 @@ name: run-action on: + pull_request: push: branches: - main - "releases/*" -# Run this action only once on a single runner. Multiple consecutive runs on the same runner could cause issues. jobs: run-action: runs-on: windows-2022 @@ -14,7 +14,7 @@ jobs: - name: Checkout code uses: actions/checkout@v3 - - name: Run the action for a single binary + - name: First run env: CERTIFICATE_HOST: ${{ secrets.CODE_SIGNING_CERT_HOST }} CERTIFICATE_HOST_API_KEY: ${{ secrets.CODE_SIGNING_CERT_HOST_API_KEY }} @@ -25,17 +25,16 @@ jobs: with: path-to-binary: 'test\test.dll' -# - name: Run the action for multiple binaries in a directory -# env: -# CERTIFICATE_HOST: ${{ secrets.CODE_SIGNING_CERT_HOST }} -# CERTIFICATE_HOST_API_KEY: ${{ secrets.CODE_SIGNING_CERT_HOST_API_KEY }} -# CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} -# CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} -# CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} -# uses: cognitedata/code-sign-action/@v2 -# with: -# path-to-binary: 'test' - + - name: Second run + env: + CERTIFICATE_HOST: ${{ secrets.CODE_SIGNING_CERT_HOST }} + CERTIFICATE_HOST_API_KEY: ${{ secrets.CODE_SIGNING_CERT_HOST_API_KEY }} + CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} + CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} + CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} + uses: cognitedata/code-sign-action/@v2 + with: + path-to-binary: 'test\test.dll' run-action-linux: runs-on: ubuntu-22.04 @@ -44,7 +43,7 @@ jobs: - name: Checkout code uses: actions/checkout@v3 - - name: Run the action for a single binary + - name: First run env: CERTIFICATE_HOST: ${{ secrets.CODE_SIGNING_CERT_HOST }} CERTIFICATE_HOST_API_KEY: ${{ secrets.CODE_SIGNING_CERT_HOST_API_KEY }} @@ -55,13 +54,13 @@ jobs: with: path-to-binary: "test/test.dll" -# - name: Run the action for multiple binaries in a directory -# env: -# CERTIFICATE_HOST: ${{ secrets.CODE_SIGNING_CERT_HOST }} -# CERTIFICATE_HOST_API_KEY: ${{ secrets.CODE_SIGNING_CERT_HOST_API_KEY }} -# CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} -# CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} -# CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} -# uses: cognitedata/code-sign-action/@v2 -# with: -# path-to-binary: "test" + - name: Second run + env: + CERTIFICATE_HOST: ${{ secrets.CODE_SIGNING_CERT_HOST }} + CERTIFICATE_HOST_API_KEY: ${{ secrets.CODE_SIGNING_CERT_HOST_API_KEY }} + CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} + CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} + CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} + uses: cognitedata/code-sign-action/@v2 + with: + path-to-binary: "test/test.dll" From c0c20191ee599bbe715e4dbe15718763235887cb Mon Sep 17 00:00:00 2001 From: Sondre Solbakken Date: Tue, 5 Sep 2023 09:07:01 +0200 Subject: [PATCH 2/7] Don't run in CD --- .github/workflows/run-action.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/run-action.yaml b/.github/workflows/run-action.yaml index c0d0bd39..f97f7b8c 100644 --- a/.github/workflows/run-action.yaml +++ b/.github/workflows/run-action.yaml @@ -9,7 +9,6 @@ on: jobs: run-action: runs-on: windows-2022 - environment: CD steps: - name: Checkout code uses: actions/checkout@v3 @@ -38,7 +37,6 @@ jobs: run-action-linux: runs-on: ubuntu-22.04 - environment: CD steps: - name: Checkout code uses: actions/checkout@v3 From 0649b34e9effa77ed0bd8351af8fdf7eb31ac094 Mon Sep 17 00:00:00 2001 From: Sondre Solbakken Date: Tue, 5 Sep 2023 09:33:56 +0200 Subject: [PATCH 3/7] Create new version --- .github/workflows/run-action.yaml | 10 +++++----- action.yaml | 10 +++++++++- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/.github/workflows/run-action.yaml b/.github/workflows/run-action.yaml index f97f7b8c..bb76eb49 100644 --- a/.github/workflows/run-action.yaml +++ b/.github/workflows/run-action.yaml @@ -7,7 +7,7 @@ on: - "releases/*" jobs: - run-action: + run-action-windows: runs-on: windows-2022 steps: - name: Checkout code @@ -20,7 +20,7 @@ jobs: CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} - uses: cognitedata/code-sign-action/@v2 + uses: cognitedata/code-sign-action/@v3.1 with: path-to-binary: 'test\test.dll' @@ -31,7 +31,7 @@ jobs: CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} - uses: cognitedata/code-sign-action/@v2 + uses: cognitedata/code-sign-action/@v3.1 with: path-to-binary: 'test\test.dll' @@ -48,7 +48,7 @@ jobs: CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} - uses: cognitedata/code-sign-action/@v2 + uses: cognitedata/code-sign-action/@v3.1 with: path-to-binary: "test/test.dll" @@ -59,6 +59,6 @@ jobs: CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} - uses: cognitedata/code-sign-action/@v2 + uses: cognitedata/code-sign-action/@v3.1 with: path-to-binary: "test/test.dll" diff --git a/action.yaml b/action.yaml index 255d0887..d5ef4a27 100644 --- a/action.yaml +++ b/action.yaml @@ -43,6 +43,7 @@ runs: SM_API_KEY: ${{ env.SM_API_KEY }} SM_CLIENT_CERT_PASSWORD: ${{ env.SM_CLIENT_CERT_PASSWORD }} SM_CLIENT_CERT_FILE: ${{ env.SM_CLIENT_CERT_FILE }} + if: ${{ !contains(env.DEPS_INSTALLED, 'TRUE') }} - name: Sign with smctl Windows env: @@ -66,7 +67,6 @@ runs: if: runner.os == 'Windows' shell: powershell - - name: Sign with smctl Linux run: | curl -fSslL https://github.com/ebourg/jsign/releases/download/3.1/jsign_3.1_all.deb -o jsign_3.1_all.deb @@ -78,3 +78,11 @@ runs: done if: runner.os == 'Linux' shell: bash + + - name: Set dependency envar + id: dep-var + run: | + echo "${{ env.DEPS_INSTALLED }}" + echo "DEPS_INSTALLED=TRUE" >> "$GITHUB_ENV" + echo "${{ env.DEPS_INSTALLED }}" + shell: bash From 662b10150a2e1cd7ef76b32c7540b048795b890c Mon Sep 17 00:00:00 2001 From: Sondre Solbakken Date: Tue, 5 Sep 2023 11:18:52 +0200 Subject: [PATCH 4/7] Try not adding cert twice --- .github/workflows/run-action.yaml | 8 ++++---- action.yaml | 10 ++++------ 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/.github/workflows/run-action.yaml b/.github/workflows/run-action.yaml index bb76eb49..eb7de1b6 100644 --- a/.github/workflows/run-action.yaml +++ b/.github/workflows/run-action.yaml @@ -20,7 +20,7 @@ jobs: CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} - uses: cognitedata/code-sign-action/@v3.1 + uses: cognitedata/code-sign-action/@v3.4 with: path-to-binary: 'test\test.dll' @@ -31,7 +31,7 @@ jobs: CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} - uses: cognitedata/code-sign-action/@v3.1 + uses: cognitedata/code-sign-action/@v3.4 with: path-to-binary: 'test\test.dll' @@ -48,7 +48,7 @@ jobs: CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} - uses: cognitedata/code-sign-action/@v3.1 + uses: cognitedata/code-sign-action/@v3.4 with: path-to-binary: "test/test.dll" @@ -59,6 +59,6 @@ jobs: CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} - uses: cognitedata/code-sign-action/@v3.1 + uses: cognitedata/code-sign-action/@v3.4 with: path-to-binary: "test/test.dll" diff --git a/action.yaml b/action.yaml index d5ef4a27..7ccf87d6 100644 --- a/action.yaml +++ b/action.yaml @@ -10,13 +10,13 @@ runs: - name: Setup Certificate Windows run: | echo "${{env.CLIENT_CERTIFICATE }}" | base64 --decode > /d/cognite_code_signing_github_actions.p12 - if: runner.os == 'Windows' + if: ${{ runner.os == 'Windows' && (!contains(env.DEPS_INSTALLED, 'TRUE')) }} shell: bash - name: Setup Certificate Linux run: | echo "${{env.CLIENT_CERTIFICATE }}" | base64 --decode | sudo install -D /dev/stdin /d/cognite_code_signing_github_actions.p12 - if: runner.os == 'Linux' + if: ${{ runner.os == 'Linux' && (!contains(env.DEPS_INSTALLED, 'TRUE')) }} shell: bash - name: Set variables @@ -79,10 +79,8 @@ runs: if: runner.os == 'Linux' shell: bash - - name: Set dependency envar - id: dep-var + - name: Mark dependencies as installed + id: dependency-variable run: | - echo "${{ env.DEPS_INSTALLED }}" echo "DEPS_INSTALLED=TRUE" >> "$GITHUB_ENV" - echo "${{ env.DEPS_INSTALLED }}" shell: bash From 74092bbb745ac2032ddb266f1b18c1c960c3ac6e Mon Sep 17 00:00:00 2001 From: Sondre Solbakken Date: Tue, 5 Sep 2023 11:26:37 +0200 Subject: [PATCH 5/7] Avoid doing everything twice --- .github/workflows/run-action.yaml | 8 ++++---- action.yaml | 9 ++++++++- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/.github/workflows/run-action.yaml b/.github/workflows/run-action.yaml index eb7de1b6..1472d6af 100644 --- a/.github/workflows/run-action.yaml +++ b/.github/workflows/run-action.yaml @@ -20,7 +20,7 @@ jobs: CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} - uses: cognitedata/code-sign-action/@v3.4 + uses: cognitedata/code-sign-action/@v3.5 with: path-to-binary: 'test\test.dll' @@ -31,7 +31,7 @@ jobs: CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} - uses: cognitedata/code-sign-action/@v3.4 + uses: cognitedata/code-sign-action/@v3.5 with: path-to-binary: 'test\test.dll' @@ -48,7 +48,7 @@ jobs: CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} - uses: cognitedata/code-sign-action/@v3.4 + uses: cognitedata/code-sign-action/@v3.5 with: path-to-binary: "test/test.dll" @@ -59,6 +59,6 @@ jobs: CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} - uses: cognitedata/code-sign-action/@v3.4 + uses: cognitedata/code-sign-action/@v3.5 with: path-to-binary: "test/test.dll" diff --git a/action.yaml b/action.yaml index 7ccf87d6..2fb2b6c7 100644 --- a/action.yaml +++ b/action.yaml @@ -35,6 +35,7 @@ runs: echo "PKCS11_CONFIG=/tmp/DigiCert One Signing Manager Tools/smtools-linux-x64/pkcs11properties.cfg" >> "$GITHUB_ENV" echo "/tmp/DigiCert One Signing Manager Tools/smtools-linux-x64" >> $GITHUB_PATH fi + if: ${{ !contains(env.DEPS_INSTALLED, 'TRUE') }} shell: bash - name: Code signing with Secure Software Manager @@ -67,10 +68,15 @@ runs: if: runner.os == 'Windows' shell: powershell - - name: Sign with smctl Linux + - name: Install Jsign for Linux run: | curl -fSslL https://github.com/ebourg/jsign/releases/download/3.1/jsign_3.1_all.deb -o jsign_3.1_all.deb sudo dpkg --install jsign_3.1_all.deb + if: ${{ runner.os == 'Linux' && (!contains(env.DEPS_INSTALLED, 'TRUE')) }} + shell: bash + + - name: Sign with smctl Linux + run: | file_path="${{ inputs.path-to-binary }}" for f in $(find $file_path -type f); do echo $f @@ -83,4 +89,5 @@ runs: id: dependency-variable run: | echo "DEPS_INSTALLED=TRUE" >> "$GITHUB_ENV" + if: ${{ !contains(env.DEPS_INSTALLED, 'TRUE') }} shell: bash From b35cc3b38d9713ac4887e8ec61c96cd4fbe237fa Mon Sep 17 00:00:00 2001 From: Sondre Solbakken Date: Tue, 5 Sep 2023 11:39:26 +0200 Subject: [PATCH 6/7] run for multiple in dir --- .github/workflows/run-action.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/run-action.yaml b/.github/workflows/run-action.yaml index 1472d6af..84b9162e 100644 --- a/.github/workflows/run-action.yaml +++ b/.github/workflows/run-action.yaml @@ -24,7 +24,7 @@ jobs: with: path-to-binary: 'test\test.dll' - - name: Second run + - name: Second run for multiple binaries in a directory env: CERTIFICATE_HOST: ${{ secrets.CODE_SIGNING_CERT_HOST }} CERTIFICATE_HOST_API_KEY: ${{ secrets.CODE_SIGNING_CERT_HOST_API_KEY }} @@ -33,7 +33,7 @@ jobs: CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} uses: cognitedata/code-sign-action/@v3.5 with: - path-to-binary: 'test\test.dll' + path-to-binary: "test" run-action-linux: runs-on: ubuntu-22.04 @@ -52,7 +52,7 @@ jobs: with: path-to-binary: "test/test.dll" - - name: Second run + - name: Run the action for multiple binaries in a directory env: CERTIFICATE_HOST: ${{ secrets.CODE_SIGNING_CERT_HOST }} CERTIFICATE_HOST_API_KEY: ${{ secrets.CODE_SIGNING_CERT_HOST_API_KEY }} @@ -61,4 +61,4 @@ jobs: CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} uses: cognitedata/code-sign-action/@v3.5 with: - path-to-binary: "test/test.dll" + path-to-binary: "test" From a372379809dcd6680fb62c0c1792c741425dd89e Mon Sep 17 00:00:00 2001 From: Sondre Solbakken Date: Tue, 5 Sep 2023 13:00:02 +0200 Subject: [PATCH 7/7] Clean up names --- .github/workflows/run-action.yaml | 19 ++++++++++--------- action.yaml | 10 +++++----- 2 files changed, 15 insertions(+), 14 deletions(-) diff --git a/.github/workflows/run-action.yaml b/.github/workflows/run-action.yaml index 84b9162e..6cafaf9b 100644 --- a/.github/workflows/run-action.yaml +++ b/.github/workflows/run-action.yaml @@ -1,6 +1,5 @@ name: run-action on: - pull_request: push: branches: - main @@ -9,56 +8,58 @@ on: jobs: run-action-windows: runs-on: windows-2022 + environment: CD steps: - name: Checkout code uses: actions/checkout@v3 - - name: First run + - name: Sign single file env: CERTIFICATE_HOST: ${{ secrets.CODE_SIGNING_CERT_HOST }} CERTIFICATE_HOST_API_KEY: ${{ secrets.CODE_SIGNING_CERT_HOST_API_KEY }} CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} - uses: cognitedata/code-sign-action/@v3.5 + uses: cognitedata/code-sign-action/@v2 with: path-to-binary: 'test\test.dll' - - name: Second run for multiple binaries in a directory + - name: Sign multiple files in a directory env: CERTIFICATE_HOST: ${{ secrets.CODE_SIGNING_CERT_HOST }} CERTIFICATE_HOST_API_KEY: ${{ secrets.CODE_SIGNING_CERT_HOST_API_KEY }} CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} - uses: cognitedata/code-sign-action/@v3.5 + uses: cognitedata/code-sign-action/@v2 with: path-to-binary: "test" run-action-linux: runs-on: ubuntu-22.04 + environment: CD steps: - name: Checkout code uses: actions/checkout@v3 - - name: First run + - name: Sign single file env: CERTIFICATE_HOST: ${{ secrets.CODE_SIGNING_CERT_HOST }} CERTIFICATE_HOST_API_KEY: ${{ secrets.CODE_SIGNING_CERT_HOST_API_KEY }} CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} - uses: cognitedata/code-sign-action/@v3.5 + uses: cognitedata/code-sign-action/@v2 with: path-to-binary: "test/test.dll" - - name: Run the action for multiple binaries in a directory + - name: Sign multiple files in a directory env: CERTIFICATE_HOST: ${{ secrets.CODE_SIGNING_CERT_HOST }} CERTIFICATE_HOST_API_KEY: ${{ secrets.CODE_SIGNING_CERT_HOST_API_KEY }} CERTIFICATE_SHA1_HASH: ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} CLIENT_CERTIFICATE: ${{ secrets.CODE_SIGNING_CLIENT_CERT }} CLIENT_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGNING_CLIENT_CERT_PASSWORD }} - uses: cognitedata/code-sign-action/@v3.5 + uses: cognitedata/code-sign-action/@v2 with: path-to-binary: "test" diff --git a/action.yaml b/action.yaml index 2fb2b6c7..1cfafd51 100644 --- a/action.yaml +++ b/action.yaml @@ -1,5 +1,5 @@ -name: "Sign binary" -description: "Sign a binary using a code signing certificate" +name: "Sign file" +description: "Sign a file using a code signing certificate" inputs: path-to-binary: description: "The folder that contains the files to sign" @@ -19,7 +19,7 @@ runs: if: ${{ runner.os == 'Linux' && (!contains(env.DEPS_INSTALLED, 'TRUE')) }} shell: bash - - name: Set variables + - name: Set required variables id: variables run: | echo "SM_HOST=${{ env.CERTIFICATE_HOST }}" >> "$GITHUB_ENV" @@ -38,7 +38,7 @@ runs: if: ${{ !contains(env.DEPS_INSTALLED, 'TRUE') }} shell: bash - - name: Code signing with Secure Software Manager + - name: Configure Digicert Secure Software Manager uses: digicert/ssm-code-signing@v0.0.2 env: SM_API_KEY: ${{ env.SM_API_KEY }} @@ -68,7 +68,7 @@ runs: if: runner.os == 'Windows' shell: powershell - - name: Install Jsign for Linux + - name: Install Jsign for Linux signing run: | curl -fSslL https://github.com/ebourg/jsign/releases/download/3.1/jsign_3.1_all.deb -o jsign_3.1_all.deb sudo dpkg --install jsign_3.1_all.deb