nikrozman/element-desktop
1
0
Fork 0
Code Issues Pull Requests 1 Actions 2 Packages Projects Releases Activity

Assert release & nightly builds are signed, notarised & accessible before deployment (#559)

Browse Source
This commit is contained in:
Michael Telatynski
2023-03-06 08:56:49 +00:00
committed by GitHub
parent 383793640d
commit 126d2c336b
3 changed files with 36 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
.github/workflows/build_windows.yaml vendored
View File

@@ -31,6 +31,8 @@ jobs:
build:
runs-on: windows-latest
environment: ${{ inputs.sign && 'packages.element.io' || '' }}
env:
SIGNTOOL_PATH: "C:/Program Files (x86)/Windows Kits/10/bin/10.0.22000.0/x86/signtool.exe"
steps:
- uses: kanga333/variable-mapper@master
id: config
@@ -154,8 +156,13 @@ jobs:
run: |
yarn ts-node scripts/generate-builder-config.ts ${{ steps.nightly.outputs.config-args }} ${{ steps.esigner.outputs.config-args }}
yarn build --publish never -w --config electron-builder.json ${{ steps.config.outputs.build-args }}
env:
SIGNTOOL_PATH: "C:/Program Files (x86)/Windows Kits/10/bin/10.0.22000.0/x86/signtool.exe"
- name: Check app was signed successfully
if: inputs.sign != ''
# XXX: UPDATE THIS BEFORE WHEN GOING LIVE
continue-on-error: true
run: |
. "$env:SIGNTOOL_PATH" verify /pa (get-item ./dist/squirrel-windows*/*.exe)
- name: Prepare artifacts for deployment
if: inputs.deploy-mode