@@ -925,50 +925,51 @@ jobs:
925925 --target ${{ matrix.target }} \
926926 --version ${{ needs.bump-version.outputs.new_version }}
927927
928- - name : Setup Jsign
929- if : contains(matrix.target, 'windows')
930- id : jsign
931- uses : ./.github/actions/setup-jsign
932-
933- - name : Install JRE for Jsign
934- if : contains(matrix.target, 'windows')
935- run : |
936- sudo apt-get update
937- sudo apt-get install -y default-jre-headless
938-
939- - name : Azure CLI login
940- if : contains(matrix.target, 'windows') && env.AZURE_ENDPOINT != ''
941- uses : azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2
942- with :
943- creds : ' {"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
944- allow-no-subscriptions : true
945- env :
946- AZURE_ENDPOINT : ${{ secrets.AZURE_ENDPOINT }}
947-
948- - name : Sign Windows artifacts with Azure Trusted Signing
949- if : contains(matrix.target, 'windows') && env.AZURE_ENDPOINT != ''
950- env :
951- AZURE_ENDPOINT : ${{ secrets.AZURE_ENDPOINT }}
952- AZURE_CODE_SIGNING_NAME : ${{ secrets.AZURE_CODE_SIGNING_NAME }}
953- AZURE_CERT_PROFILE_NAME : ${{ secrets.AZURE_CERT_PROFILE_NAME }}
954- run : |
955- TOKEN=$(az account get-access-token --resource https://codesigning.azure.net --query accessToken -o tsv)
956-
957- # Extract hostname from endpoint URL
958- KEYSTORE=$(echo "$AZURE_ENDPOINT" | sed 's|https\?://||;s|/.*||')
959-
960- # Sign all exe and msi files in the bundle directory
961- find target/${{ matrix.target }}/release/bundle -type f \( -name "*.exe" -o -name "*.msi" \) | while read file; do
962- echo "Signing: $file"
963- java -jar "${{ steps.jsign.outputs.jar-path }}" \
964- --storetype TRUSTEDSIGNING \
965- --keystore "$KEYSTORE" \
966- --storepass "$TOKEN" \
967- --alias "${AZURE_CODE_SIGNING_NAME}/${AZURE_CERT_PROFILE_NAME}" \
968- --tsaurl http://timestamp.acs.microsoft.com \
969- --tsmode RFC3161 \
970- "$file"
971- done
928+ # TODO: Re-enable Windows code signing once Azure Trusted Signing 403 is resolved
929+ # - name: Setup Jsign
930+ # if: contains(matrix.target, 'windows')
931+ # id: jsign
932+ # uses: ./.github/actions/setup-jsign
933+ #
934+ # - name: Install JRE for Jsign
935+ # if: contains(matrix.target, 'windows')
936+ # run: |
937+ # sudo apt-get update
938+ # sudo apt-get install -y default-jre-headless
939+ #
940+ # - name: Azure CLI login
941+ # if: contains(matrix.target, 'windows') && env.AZURE_ENDPOINT != ''
942+ # uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2
943+ # with:
944+ # creds: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
945+ # allow-no-subscriptions: true
946+ # env:
947+ # AZURE_ENDPOINT: ${{ secrets.AZURE_ENDPOINT }}
948+ #
949+ # - name: Sign Windows artifacts with Azure Trusted Signing
950+ # if: contains(matrix.target, 'windows') && env.AZURE_ENDPOINT != ''
951+ # env:
952+ # AZURE_ENDPOINT: ${{ secrets.AZURE_ENDPOINT }}
953+ # AZURE_CODE_SIGNING_NAME: ${{ secrets.AZURE_CODE_SIGNING_NAME }}
954+ # AZURE_CERT_PROFILE_NAME: ${{ secrets.AZURE_CERT_PROFILE_NAME }}
955+ # run: |
956+ # TOKEN=$(az account get-access-token --resource https://codesigning.azure.net --query accessToken -o tsv)
957+ #
958+ # # Extract hostname from endpoint URL
959+ # KEYSTORE=$(echo "$AZURE_ENDPOINT" | sed 's|https\?://||;s|/.*||')
960+ #
961+ # # Sign all exe and msi files in the bundle directory
962+ # find target/${{ matrix.target }}/release/bundle -type f \( -name "*.exe" -o -name "*.msi" \) | while read file; do
963+ # echo "Signing: $file"
964+ # java -jar "${{ steps.jsign.outputs.jar-path }}" \
965+ # --storetype TRUSTEDSIGNING \
966+ # --keystore "$KEYSTORE" \
967+ # --storepass "$TOKEN" \
968+ # --alias "${AZURE_CODE_SIGNING_NAME}/${AZURE_CERT_PROFILE_NAME}" \
969+ # --tsaurl http://timestamp.acs.microsoft.com \
970+ # --tsmode RFC3161 \
971+ # "$file"
972+ # done
972973
973974 - name : Collect updater artifacts and installers
974975 run : |
0 commit comments