Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/dlemstra/code-sign-action

Action that signs libraries with a code signing certificate.
https://github.com/dlemstra/code-sign-action

hacktoberfest

Last synced: about 2 months ago
JSON representation

Action that signs libraries with a code signing certificate.

Host: GitHub
URL: https://github.com/dlemstra/code-sign-action
Owner: dlemstra
License: other
Created: 2019-10-19T20:56:46.000Z (almost 5 years ago)
Default Branch: main
Last Pushed: 2024-06-17T07:17:10.000Z (3 months ago)
Last Synced: 2024-07-18T15:29:01.951Z (2 months ago)
Topics: hacktoberfest
Language: TypeScript
Homepage:
Size: 237 KB
Stars: 31
Watchers: 2
Forks: 68
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Code sign a file

This action signs `.nupkg` files and files that are supported by `signtool.exe` with a code signing certificate. This action only works on Windows build agents, and that means it will only run on `windows-2019`, `windows-2022` or `windows-latest`.

## Inputs

### `certificate`

**Required** The base64 encoded certificate.

This can created by converting your pfx file to a base64 encoded string with the following command

```
certutil -encode .\ssCertInfo.pfx .\ssCertInfo.base64.txt
```

Once you run the command, you will need to ensure that the data is saved in your secret as seen here

```
-----BEGIN CERTIFICATE-----
5VYbl04ksEja358dNhGyHscDAiPI07mM9TwzLgvMv+72lHbgOZC57QgTTVOSVIzM
fqku3P2y4EP4rXa3efxRtV9U0Iedxn0gYz7qHszBUCVnb/nUMtnHNd9HWtzgizpr
qmi7jMBMup/eOpXKibt7OzGB2zATBgkqhkiG9w0BCRUxBgQEAQAAADBdBgkrBgEE
AYI3EQExUB5OAE0AaQBjAHIAbwBzAG8AZgB0ACAAUwB0AHIAbwBuAGcAIABDAHIA
DQEMAQMwDgQIg6csl1GYzT4CAgfQgIIO6AdED63pjLYWhE4khARlh33Mwe2GT7np
f5ZayfFO6DeLuc9Zczf41sJR94xSLKzDpvQHpWHiNabP8srad2TEzg8XQrSOgN+Q
vaCuBEErpQ9BjQICB9A=
-----END CERTIFICATE-----
```

You may find the secrets page by navigating to `Settings > Secrets > Actions` on your current repo.

### `password`

**Optional** The password to use when opening the PFX file.

### `folder`

**Optional** The folder that contains the files to sign.

### `recursive`

**Optional** Recursively search for supported files in the specified folder.

### `files`

**Optional** The paths to the files to sign.

### `description`

**Optional** The description of the signed content, only available for signtool (same as /d for signtool).

## Example usage

```
runs-on: windows-latest
steps:
uses: dlemstra/code-sign-action@v1
with:
certificate: '${{ secrets.CERTIFICATE }}'
password: '${{ secrets.CERTIFICATE_PASSWORD }}'
folder: 'files'
recursive: true
files: |
file1
file2
description: 'TestName'
```