Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/dlemstra/code-sign-action
Action that signs libraries with a code signing certificate.
https://github.com/dlemstra/code-sign-action
hacktoberfest
Last synced: about 2 months ago
JSON representation
Action that signs libraries with a code signing certificate.
- Host: GitHub
- URL: https://github.com/dlemstra/code-sign-action
- Owner: dlemstra
- License: other
- Created: 2019-10-19T20:56:46.000Z (almost 5 years ago)
- Default Branch: main
- Last Pushed: 2024-06-17T07:17:10.000Z (3 months ago)
- Last Synced: 2024-07-18T15:29:01.951Z (2 months ago)
- Topics: hacktoberfest
- Language: TypeScript
- Homepage:
- Size: 237 KB
- Stars: 31
- Watchers: 2
- Forks: 68
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Code sign a file
This action signs `.nupkg` files and files that are supported by `signtool.exe` with a code signing certificate. This action only works on Windows build agents, and that means it will only run on `windows-2019`, `windows-2022` or `windows-latest`.
## Inputs
### `certificate`
**Required** The base64 encoded certificate.
This can created by converting your pfx file to a base64 encoded string with the following command
```
certutil -encode .\ssCertInfo.pfx .\ssCertInfo.base64.txt
```Once you run the command, you will need to ensure that the data is saved in your secret as seen here
```
-----BEGIN CERTIFICATE-----
5VYbl04ksEja358dNhGyHscDAiPI07mM9TwzLgvMv+72lHbgOZC57QgTTVOSVIzM
fqku3P2y4EP4rXa3efxRtV9U0Iedxn0gYz7qHszBUCVnb/nUMtnHNd9HWtzgizpr
qmi7jMBMup/eOpXKibt7OzGB2zATBgkqhkiG9w0BCRUxBgQEAQAAADBdBgkrBgEE
AYI3EQExUB5OAE0AaQBjAHIAbwBzAG8AZgB0ACAAUwB0AHIAbwBuAGcAIABDAHIA
DQEMAQMwDgQIg6csl1GYzT4CAgfQgIIO6AdED63pjLYWhE4khARlh33Mwe2GT7np
f5ZayfFO6DeLuc9Zczf41sJR94xSLKzDpvQHpWHiNabP8srad2TEzg8XQrSOgN+Q
vaCuBEErpQ9BjQICB9A=
-----END CERTIFICATE-----
```You may find the secrets page by navigating to `Settings > Secrets > Actions` on your current repo.
### `password`
**Optional** The password to use when opening the PFX file.
### `folder`
**Optional** The folder that contains the files to sign.
### `recursive`
**Optional** Recursively search for supported files in the specified folder.
### `files`
**Optional** The paths to the files to sign.
### `description`
**Optional** The description of the signed content, only available for signtool (same as /d for signtool).
## Example usage
```
runs-on: windows-latest
steps:
uses: dlemstra/code-sign-action@v1
with:
certificate: '${{ secrets.CERTIFICATE }}'
password: '${{ secrets.CERTIFICATE_PASSWORD }}'
folder: 'files'
recursive: true
files: |
file1
file2
description: 'TestName'
```