Skip to content

feat: add a release workflow#52

Merged
AaronAtDuo merged 11 commits intomainfrom
wsaxon/fix-signing
Apr 17, 2025
Merged

feat: add a release workflow#52
AaronAtDuo merged 11 commits intomainfrom
wsaxon/fix-signing

Conversation

@saxonww
Copy link
Contributor

@saxonww saxonww commented Apr 16, 2025
edited
Loading

Description

This PR adds a package and sign workflow. It uses jsign to enable signing with an HSM-controlled key.

Motivation and Context

Our current signing certificate was generated from a private key itself generated in an HSM. It is not easy to use dotnet sign or dotnet nuget sign with the HSM-backed key.

Similarly, our internal CI is moving from GitLab to GitHub Actions. It is not possible for a public repository to pull workflows or actions from a private one, so we have to implement this part of our release process locally.

How Has This Been Tested?

We validated that signing works by temporarily having a PR sign (and discard) a .nupkg.

Types of Changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

@saxonww saxonww had a problem deploying to authenticode-signing April 16, 2025 16:45 — with GitHub Actions Failure
@saxonww saxonww had a problem deploying to authenticode-signing April 16, 2025 16:49 — with GitHub Actions Failure
@saxonww saxonww had a problem deploying to authenticode-signing April 16, 2025 16:55 — with GitHub Actions Failure
@saxonww saxonww had a problem deploying to authenticode-signing April 16, 2025 16:59 — with GitHub Actions Error
@saxonww saxonww had a problem deploying to authenticode-signing April 16, 2025 17:03 — with GitHub Actions Failure
@saxonww saxonww had a problem deploying to authenticode-signing April 16, 2025 17:18 — with GitHub Actions Failure
@saxonww saxonww had a problem deploying to authenticode-signing April 16, 2025 17:26 — with GitHub Actions Failure
@saxonww saxonww had a problem deploying to authenticode-signing April 16, 2025 17:31 — with GitHub Actions Failure
@saxonww saxonww temporarily deployed to authenticode-signing April 16, 2025 17:47 — with GitHub Actions Inactive
@AaronAtDuo AaronAtDuo marked this pull request as ready for review April 17, 2025 14:30
@AaronAtDuo AaronAtDuo merged commit 9727af9 into main Apr 17, 2025
3 checks passed
@AaronAtDuo AaronAtDuo deleted the wsaxon/fix-signing branch April 17, 2025 14:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AaronAtDuo AaronAtDuo AaronAtDuo approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@saxonww @AaronAtDuo