|
|
|
|
@ -404,15 +404,31 @@ jobs:
@@ -404,15 +404,31 @@ jobs:
|
|
|
|
|
- name: Install Node dependencies |
|
|
|
|
run: npm install |
|
|
|
|
|
|
|
|
|
- name: Login to Azure |
|
|
|
|
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0 |
|
|
|
|
with: |
|
|
|
|
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} |
|
|
|
|
|
|
|
|
|
- name: Retrieve secrets |
|
|
|
|
id: retrieve-secrets |
|
|
|
|
uses: bitwarden/gh-actions/get-keyvault-secrets@main |
|
|
|
|
with: |
|
|
|
|
keyvault: "bitwarden-ci" |
|
|
|
|
secrets: "code-signing-vault-url, |
|
|
|
|
code-signing-client-id, |
|
|
|
|
code-signing-tenant-id, |
|
|
|
|
code-signing-client-secret, |
|
|
|
|
code-signing-cert-name" |
|
|
|
|
|
|
|
|
|
- name: Build & Sign |
|
|
|
|
run: npm run dist:win |
|
|
|
|
env: |
|
|
|
|
ELECTRON_BUILDER_SIGN: 1 |
|
|
|
|
SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} |
|
|
|
|
SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} |
|
|
|
|
SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} |
|
|
|
|
SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} |
|
|
|
|
SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} |
|
|
|
|
SIGNING_VAULT_URL: ${{ steps.retrieve-secrets.outputs.code-signing-vault-url }} |
|
|
|
|
SIGNING_CLIENT_ID: ${{ steps.retrieve-secrets.outputs.code-signing-client-id }} |
|
|
|
|
SIGNING_TENANT_ID: ${{ steps.retrieve-secrets.outputs.code-signing-tenant-id }} |
|
|
|
|
SIGNING_CLIENT_SECRET: ${{ steps.retrieve-secrets.outputs.code-signing-client-secret }} |
|
|
|
|
SIGNING_CERT_NAME: ${{ steps.retrieve-secrets.outputs.code-signing-cert-name }} |
|
|
|
|
|
|
|
|
|
- name: Upload Portable Executable to GitHub |
|
|
|
|
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 |
|
|
|
|
|
Andy Pixley
8 months ago
committed by
GitHub