Try Windows test signing with SignPath (#1811)

* Try Windows test signing with SignPath * Signing should only be after merge Signed-off-by: Geoff Hutchison <[email protected]> --------- Signed-off-by: Geoff Hutchison <[email protected]>
OpenChemistry · Nov 23, 2024 · 370f2fa · 370f2fa
1 parent 5989254
commit 370f2fa
Showing 1 changed file with 24 additions and 4 deletions.
diff --git a/.github/workflows/build_cmake.yml b/.github/workflows/build_cmake.yml
@@ -283,6 +283,7 @@ jobs:
         [[ ! "${GITHUB_REF}" =~ "tags" ]] && export SNAPSHOT_DATE=`date -j "+%d-%m-%y"`
         cpack ${{ matrix.config.cpack_flags }}
       working-directory: ${{ runner.workspace }}/build/avogadroapp
+      continue-on-error: true
       env:
         P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
         CODESIGN_IDENTITY: ${{ secrets.CODESIGN_ID }}
@@ -328,17 +329,36 @@ jobs:
         CODESIGN_IDENTITY: ${{ secrets.CODESIGN_ID }}
       continue-on-error: true
 
-    - name: Setup tmate session
-      if: ${{ failure() }}
-      uses: mxschmitt/action-tmate@v3
-
     - name: Upload
       if: matrix.config.artifact != 0
+      id: upload-artifact
       uses: actions/upload-artifact@v4
       with:
         path: ${{ runner.workspace }}/build/avogadroapp/Avogadro*.*
         name: ${{ matrix.config.artifact }}
 
+    - name: Sign Windows artifact
+      if: matrix.config.os == 'windows-latest' && github.ref == 'refs/heads/master'
+      uses: signpath/github-action-submit-signing-request@v1
+      with:
+        api-token: '${{ secrets.SIGNPATH_API_TOKEN }}'
+        organization-id: 'Avogadro Project [OSS]'
+        project-slug: 'avogadrolibs'
+        signing-policy-slug: 'test-signing'
+        github-artifact-id: '${{ steps.upload-artifact.outputs.artifact-id }}'
+        wait-for-completion: true
+        output-artifact-directory: '${{ runner.workspace }}/build/avogadroapp'
+
+    - name: Notarize Mac DMG
+      if: matrix.config.os == 'windows-latest' && github.ref == 'refs/heads/master'
+      run: |
+        ls -la ./
+      working-directory: ${{ runner.workspace }}/build/avogadroapp
+
+    - name: Setup tmate session
+      if: failure()
+      uses: mxschmitt/action-tmate@v3
+
     - name: Cleanup
       if: ${{ always() }} # To ensure this step runs even when earlier steps fail
       shell: bash