kunthawat/moreminimore-vibe
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Try #6: windows code signing

Browse Source
This commit is contained in:
Will Chen
2025-04-29 21:30:25 -07:00
parent c7bd5b4817
commit c6b8f77448
2 changed files with 5 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/release.yml vendored
View File

@@ -57,14 +57,10 @@ jobs:
- name: Code signing with Software Trust Manager
if: contains(matrix.os.name, 'windows')
uses: digicert/ssm-code-signing@v1.0.0
- name: Sync certificate (Windows)
if: contains(matrix.os.name, 'windows')
run: |
smctl windows certsync --keypair-alias=${{ secrets.DIGICERT_KEYPAIR_ALIAS }}
shell: bash
# Publish (all platforms)
- name: Publish app
env:
DIGICERT_KEYPAIR_ALIAS: ${{ secrets.DIGICERT_KEYPAIR_ALIAS }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
APPLE_ID: ${{ secrets.APPLE_ID }}

20
forge.config.ts
View File

@@ -40,20 +40,6 @@ const ignore = (file: string) => {
return true;
};
console.log("process.env.SM_CLIENT_CERT_FILE", process.env.SM_CLIENT_CERT_FILE);
console.log(
"process.env.SM_CLIENT_CERT_FILE - resolved path",
path.resolve(process.env.SM_CLIENT_CERT_FILE!)
);
console.log(
"process.env.SM_CLIENT_CERT_FILE - resolved path - exists",
fs.existsSync(path.resolve(process.env.SM_CLIENT_CERT_FILE!))
);
console.log(
"process.env.SM_CLIENT_CERT_PASSWORD - length",
process.env.SM_CLIENT_CERT_PASSWORD?.length
);
const config: ForgeConfig = {
packagerConfig: {
protocols: [
@@ -83,8 +69,10 @@ const config: ForgeConfig = {
makers: [
new MakerSquirrel({
windowsSign: {
certificateFile: process.env.SM_CLIENT_CERT_FILE,
certificatePassword: process.env.SM_CLIENT_CERT_PASSWORD,
signWithParams: `/csp "DigiCert Signing Manager KSP" /kc ${process.env.DIGICERT_KEYPAIR_ALIAS} /f ${process.env.SM_CLIENT_CERT_FILE} /tr http://timestamp.digicert.com /td SHA256 /fd SHA256`,
// certificateFile: process.env.SM_CLIENT_CERT_FILE,
// certificatePassword: process.env.SM_CLIENT_CERT_PASSWORD,
// signToolPath:
// "C:\\Program Files\\DigiCert\\DigiCert Keylocker Tools\\smctl.exe",
// signWithParams: `/sha1 ${process.env.SM_CODE_SIGNING_CERT_SHA1_HASH} /tr http://timestamp.digicert.com /td SHA256 /fd SHA256`,