extern/starship
1
0
Fork 0
mirror of https://github.com/starship/starship.git synced 2024-11-07 08:54:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat(release): codesign windows release binaries (#6273)

Browse Source
This commit is contained in:
David Knaack 2024-10-13 22:22:12 +02:00 committed by GitHub
parent d6814be0ba
commit fcc697b9b3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 15 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
.github/workflows/release.yml vendored
View File

@ -138,18 +138,15 @@ jobs:
- name: Sign | Sign [Windows] - name: Sign | Sign [Windows]
continue-on-error: true continue-on-error: true
if: matrix.os == 'windows-latest' if: matrix.os == 'windows-latest'
uses: signpath/github-action-submit-signing-request@v0.4 uses: signpath/github-action-submit-signing-request@v1
with: with:
api-token: '${{ secrets.SIGNPATH_API_TOKEN }}' api-token: '${{ secrets.SIGNPATH_API_TOKEN }}'
organization-id: '${{ vars.SIGNPATH_ORGANIZATION_ID }}' organization-id: '${{ vars.SIGNPATH_ORGANIZATION_ID }}'
project-slug: 'starship' project-slug: 'starship'
signing-policy-slug: 'test-signing'
github-artifact-id: '${{ steps.unsigned-artifacts.outputs.artifact-id }}' github-artifact-id: '${{ steps.unsigned-artifacts.outputs.artifact-id }}'
wait-for-completion: false signing-policy-slug: 'release-signing'
# TODO use release-signing certificate: wait-for-completion: true
# signing-policy-slug: 'release-signing' output-artifact-directory: 'target/${{ matrix.target }}/release'
# wait-for-completion: true
# output-artifact-directory: 'target/${{ matrix.target }}/release'
- name: Post Build | Prepare artifacts [Windows] - name: Post Build | Prepare artifacts [Windows]
if: matrix.os == 'windows-latest' if: matrix.os == 'windows-latest'

2
.github/workflows/workflow.yml vendored
View File

@ -233,7 +233,7 @@ jobs:
target/debug/starship-x86_64-pc-windows-msvc.msi target/debug/starship-x86_64-pc-windows-msvc.msi
- name: Sign | Sign [Windows] - name: Sign | Sign [Windows]
uses: signpath/github-action-submit-signing-request@v0.4 uses: signpath/github-action-submit-signing-request@v1
continue-on-error: true continue-on-error: true
if: matrix.os == 'windows-latest' && matrix.rust == 'stable' && github.event_name == 'push' && github.repository == 'starship/starship' if: matrix.os == 'windows-latest' && matrix.rust == 'stable' && github.event_name == 'push' && github.repository == 'starship/starship'
with: with:

11
README.md
View File

@ -433,7 +433,16 @@ Please check out these previous works that helped inspire the creation of starsh
Support this project by [becoming a sponsor](https://github.com/sponsors/starship). Your name or logo will show up here with a link to your website. Support this project by [becoming a sponsor](https://github.com/sponsors/starship). Your name or logo will show up here with a link to your website.
- Free code signing provided by [SignPath.io], certificate by [SignPath Foundation] ## 🔒 Code Signing Policy
Free code signing provided by [SignPath.io], certificate by [SignPath Foundation].
Code Signing Roles:
- Reviewers: [Astronauts](https://github.com/orgs/starship/teams/astronauts)
- Approvers and Authors: [Mission Control](https://github.com/orgs/starship/teams/mission-control)
This program will not transfer any information to other networked systems unless specifically requested by the user or the person installing or operating it.
<p align="center"> <p align="center">
<br> <br>