diff options
| author | Brendan Allan <[email protected]> | 2026-02-12 18:46:56 +0800 |
|---|---|---|
| committer | GitHub <[email protected]> | 2026-02-12 18:46:56 +0800 |
| commit | 0eaeb4588e0d44023a2e89c2ed516dbfe68c0e43 (patch) | |
| tree | e228d1f3b496e6614d9c8992e6ec008be45eb2e1 /.github | |
| parent | 1413d77b1ff36ed030c179b3bc59dc6a9b9679b3 (diff) | |
| download | opencode-0eaeb4588e0d44023a2e89c2ed516dbfe68c0e43.tar.gz opencode-0eaeb4588e0d44023a2e89c2ed516dbfe68c0e43.zip | |
Testing SignPath Integration (#13308)
Diffstat (limited to '.github')
| -rw-r--r-- | .github/workflows/sign-cli.yml | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/.github/workflows/sign-cli.yml b/.github/workflows/sign-cli.yml new file mode 100644 index 000000000..d9d61fd80 --- /dev/null +++ b/.github/workflows/sign-cli.yml @@ -0,0 +1,54 @@ +name: sign-cli + +on: + push: + branches: + - brendan/desktop-signpath + workflow_dispatch: + +permissions: + contents: read + actions: read + +jobs: + sign-cli: + runs-on: blacksmith-4vcpu-ubuntu-2404 + if: github.repository == 'anomalyco/opencode' + steps: + - uses: actions/checkout@v3 + with: + fetch-tags: true + + - uses: ./.github/actions/setup-bun + + - name: Build + run: | + ./packages/opencode/script/build.ts + + - name: Upload unsigned Windows CLI + id: upload_unsigned_windows_cli + uses: actions/upload-artifact@v4 + with: + name: unsigned-opencode-windows-cli + path: packages/opencode/dist/opencode-windows-x64/bin/opencode.exe + if-no-files-found: error + + - name: Submit SignPath signing request + id: submit_signpath_signing_request + uses: signpath/github-action-submit-signing-request@v1 + with: + api-token: ${{ secrets.SIGNPATH_API_KEY }} + organization-id: ${{ secrets.SIGNPATH_ORGANIZATION_ID }} + project-slug: ${{ secrets.SIGNPATH_PROJECT_SLUG }} + signing-policy-slug: ${{ secrets.SIGNPATH_SIGNING_POLICY_SLUG }} + artifact-configuration-slug: ${{ secrets.SIGNPATH_ARTIFACT_CONFIGURATION_SLUG }} + github-artifact-id: ${{ steps.upload_unsigned_windows_cli.outputs.artifact-id }} + wait-for-completion: true + output-artifact-directory: signed-opencode-cli + + - name: Upload signed Windows CLI + uses: actions/upload-artifact@v4 + with: + name: signed-opencode-windows-cli + path: signed-opencode-cli/*.exe + if-no-files-found: error |