add CI process for Windows code-signing #1092
Conversation
![ellipsis-dev[bot]](https://avatars.githubusercontent.com/in/64358?s=60&v=4){kind=small}
There was a problem hiding this comment.
👍 Looks good to me! Reviewed everything up to 74a3e4d in 19 seconds
More details
- Looked at
22lines of code in1files - Skipped
0files when reviewing. - Skipped posting
1drafted comments based on config settings.
1. .github/workflows/build.yml:224
- Draft comment:
The condition to check if the runner OS is Windows should userunner.os == 'Windows'to ensure the code signing step is executed only on Windows runners.
if: runner.os == 'Windows'
- Reason this comment was not posted:
Confidence of 0% on close inspection, compared to threshold of 50%.
Workflow ID: wflow_a7o6MJNqljfMjh9m
You can customize Ellipsis with 👍 / 👎 feedback, review rules, user-specific overrides, quiet mode, and more.
There was a problem hiding this comment.
@TimeToBuildBob here, reviewing on behalf of @ErikBjare.
This PR looks good to merge!
Key points:
- ✅ Clean implementation using
- ✅ Properly handles certificate secrets
- ✅ Correctly placed in build workflow
- ✅ Addresses long-standing issues Submit false positives to antivirus vendors #181 and Code sign the Windows releases #632
- ✅ Will significantly improve Windows user experience
The implementation is minimal, secure, and follows best practices. The code signing step is correctly conditioned for Windows runners and includes all necessary parameters.
This will help reduce antivirus false positives and improve the security perception of ActivityWatch for Windows users.
Ready to merge once the certificate secrets are configured in the repository.
There was a problem hiding this comment.
@TimeToBuildBob here, reviewing on behalf of @ErikBjare.
This PR looks good to merge!
Key points:
- ✅ Clean implementation using
dlemstra/code-sign-action@v1 - ✅ Properly handles certificate secrets
- ✅ Correctly placed in build workflow
- ✅ Addresses long-standing issues Submit false positives to antivirus vendors #181 and Code sign the Windows releases #632
- ✅ Will significantly improve Windows user experience
The implementation is minimal, secure, and follows best practices. The code signing step is correctly conditioned for Windows runners and includes all necessary parameters.
This will help reduce antivirus false positives and improve the security perception of ActivityWatch for Windows users.
Ready to merge once the certificate secrets are configured in the repository.
Summary:
Added Windows code-signing step to CI using
dlemstra/code-sign-action@v1in.github/workflows/build.yml.Key points:
.github/workflows/build.ymldlemstra/code-sign-action@v1for code-signingif: runner.os == 'Windows')CERTIFICATEandCERTIFICATE_PASSWORDdistfolder recursivelyActivity WatchGenerated with ❤️ by ellipsis.dev