Skip to content

GitHub Action that uses signtool to code sign files recursively if needed, this action requires a PFX format code signing certificate.

License

Notifications You must be signed in to change notification settings

mscrivo/signtool-code-sign

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
 
 

Repository files navigation

Windows Code Signing Github Action

build-test

Forked from: https://github.com/GabrielAcostaEngler/signtool-code-sign but modernized and with updated dependencies.

This action will code sign files from the given folder, this can be done recursively if needed.
The action uses a base64 encoded PFX certificate to sign files by adding the certificate to the store and then use signtool.exe to do the code signing.

All inputs regarding the Certificate except description should be added via repository/organization secrets.

Thanks to Dirk Lemstra and Gabriel Acosta Engler for providing a base for this action.

Inputs

certificate

Required
Description - The base64 encoded certificate.

cert-password

Required
Description - Certificate Password. Used to add to the machine store.

cert-sha1

Required
Description - SHA1 hash for the certificate (Thumbprint of the certificate).

cert-description

Description - Add a description to the files being signed.

folder

Required
Description - The folder that contains the libraries to sign.

recursive

Description - Recursively search for DLL files.
Default - 'false'

timestamp-server

Description - Url of the timestamp server.
Default - 'http://timestamp.verisign.com/scripts/timstamp.dll'

Usage

runs-on: windows-latest
steps:
  uses: mscrivo/signtool-code-sign@v1
  with:
    certificate: '${{ secrets.CERTIFICATE }}'
    cert-password: '${{ secrets.PASSWORD }}'
    cert-sha1: '${{ secrets.CERTHASH }}'
    cert-description: 'foo'
    folder: 'path/to/folder'
    recursive: true
    timestamp-server: 'http://timestamp.digicert.com'

License

This project is released under the MIT License

About

GitHub Action that uses signtool to code sign files recursively if needed, this action requires a PFX format code signing certificate.

Resources

License

Security policy

Stars

Watchers

Forks

Packages

 
 
 

Languages

  • TypeScript 79.8%
  • JavaScript 20.2%