Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

use eToken for signing #950

Merged
merged 7 commits into from
May 16, 2024
Merged

use eToken for signing #950

merged 7 commits into from
May 16, 2024

Conversation

umbynos
Copy link
Contributor

@umbynos umbynos commented May 10, 2024
edited
Loading

Please check if the PR fulfills these requirements

  • The PR has no duplicates (please search among the Pull Requests
    before creating one)
  • Tests for the changes have been added (for bug fixes / features)
  • What kind of change does this PR introduce?

Infra change

  • What is the current behavior?

The certificate used to sign windows binaries is expiring, and the provider no longer ships a digital one.

  • What is the new behavior?

We have setup a local runner used to sign. I created a job specifically for this and removed code-signing from the package step, because this requires a local windows runner, while the package one runs on ubuntu container.

  • Does this PR introduce a breaking change?

no

  • Other information:

TODO:

  • Remove INSTALLER_CERT_WINDOWS_PFX and use INSTALLER_CERT_WINDOWS_CER
  • Replace INSTALLER_CERT_WINDOWS_PASSWORD
  • Add INSTALLER_CERT_WINDOWS_CONTAINER

@umbynos umbynos added type: enhancement Proposed improvement topic: infrastructure Related to project infrastructure labels May 10, 2024
@umbynos umbynos self-assigned this May 10, 2024
MatteoPologruto
MatteoPologruto approved these changes May 13, 2024
View reviewed changes
Copy link
Contributor

@MatteoPologruto MatteoPologruto left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@umbynos
Copy link
Contributor Author

umbynos commented May 15, 2024
edited
Loading

I've adapted check-certificates.yml too in order to correctly validate the new Windows certificate. This needs to be mirrored to the assets repo
Test release can be found here and run here
image

@umbynos umbynos mentioned this pull request May 15, 2024
Merged
2 tasks
@umbynos umbynos merged commit fc0a137 into main May 16, 2024
27 checks passed
@umbynos umbynos deleted the sign-locally branch May 16, 2024 09:29
@umbynos umbynos mentioned this pull request May 16, 2024
Merged
@davegarthsimpson davegarthsimpson mentioned this pull request Jun 10, 2024
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alessio-perugini alessio-perugini alessio-perugini approved these changes

@Xayton Xayton Xayton approved these changes

@MatteoPologruto MatteoPologruto Awaiting requested review from MatteoPologruto

Assignees

@umbynos umbynos

Labels
topic: infrastructure Related to project infrastructure type: enhancement Proposed improvement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@umbynos @alessio-perugini @Xayton @MatteoPologruto