Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Assert release & nightly builds are signed, notarised & accessible before deployment #559

Merged
merged 21 commits into from
Mar 6, 2023
Merged

Assert release & nightly builds are signed, notarised & accessible before deployment #559

merged 21 commits into from
Mar 6, 2023

Conversation

t3chguy
Copy link
Member

@t3chguy t3chguy commented Mar 2, 2023
edited by github-actions bot
Loading

The windows codesign check is failing atm due to using sandbox certificates

This change is marked as an internal change (Task), so will not be included in the changelog.

@t3chguy t3chguy added the T-Task Tasks for the team like planning label Mar 2, 2023
@t3chguy t3chguy temporarily deployed to packages.element.io March 2, 2023 12:06 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 2, 2023 12:33 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 2, 2023 12:34 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 2, 2023 12:34 — with GitHub Actions Inactive
@t3chguy t3chguy changed the title Assert macOS builds are signed & notarised before deployment Assert release & nightly builds are signed, notarised & accessible before deployment Mar 2, 2023
@t3chguy t3chguy temporarily deployed to packages.element.io March 2, 2023 12:45 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 2, 2023 13:14 — with GitHub Actions Inactive
Base automatically changed from t3chguy/protect-reprepro to develop March 2, 2023 16:54
@t3chguy t3chguy temporarily deployed to packages.element.io March 3, 2023 13:07 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 3, 2023 13:31 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 3, 2023 13:33 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 3, 2023 13:33 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 3, 2023 13:33 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 3, 2023 13:47 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 3, 2023 14:05 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 3, 2023 14:06 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 3, 2023 14:06 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 3, 2023 14:06 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 3, 2023 14:21 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 3, 2023 14:29 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 3, 2023 14:30 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 3, 2023 14:30 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 3, 2023 14:30 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 3, 2023 14:41 — with GitHub Actions Inactive
@t3chguy t3chguy temporarily deployed to packages.element.io March 3, 2023 14:42 — with GitHub Actions Inactive
@t3chguy t3chguy marked this pull request as ready for review March 3, 2023 14:49
@t3chguy t3chguy requested a review from a team as a code owner March 3, 2023 14:49
@t3chguy t3chguy requested a review from germain-gg March 3, 2023 14:49
germain-gg
germain-gg approved these changes Mar 6, 2023
View reviewed changes
Copy link
Contributor

@germain-gg germain-gg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's update the bits that needs changing, otherwise that looks good to me!

.github/workflows/build_and_deploy.yaml Outdated Show resolved Hide resolved
.github/workflows/build_windows.yaml
Comment on lines +162 to +165
# XXX: UPDATE THIS BEFORE WHEN GOING LIVE
continue-on-error: true
run: |
. "$env:SIGNTOOL_PATH" verify /pa (get-item ./dist/squirrel-windows*/*.exe)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To update too

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We're not going live when this merges, we're still using the SSL.com sandbox environment so this check will fail until we finish procurement and get access to the production environment

@t3chguy t3chguy merged commit 126d2c3 into develop Mar 6, 2023
@t3chguy t3chguy deleted the t3chguy/assert-signing branch March 6, 2023 08:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@germain-gg germain-gg germain-gg approved these changes

Assignees
No one assigned
Labels
T-Task Tasks for the team like planning
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@t3chguy @germain-gg