AppVeyor: Use SignPath release cert/only sign tags

The SignPath release certificate for our project is not yet available as of this writing, but this commit prepares the CI system to use the release certificate whenever it becomes available. It also restricts signing only to tags, which correspond to official releases. (That mimics our traditional policy of not signing pre-release builds.)
libjpeg-turbo · Jul 3, 2023 · 6c87537 · 6c87537
1 parent 02b074f
commit 6c87537
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/appveyor.yml b/appveyor.yml
@@ -94,9 +94,11 @@ test: off
 
 deploy:
   - provider: Webhook
-    url: https://app.signpath.io/API/v1/3bc964ce-257b-4362-829f-1df1f087f5a0/Integrations/AppVeyor?ProjectSlug=libjpeg-turbo&SigningPolicySlug=test-signing
+    url: https://app.signpath.io/API/v1/3bc964ce-257b-4362-829f-1df1f087f5a0/Integrations/AppVeyor?ProjectSlug=libjpeg-turbo&SigningPolicySlug=release-signing
     authorization:
       secure: rrx5wnu5VWQqrFZJv75WdPc1H5gyYqp7cV/xVhsx1TnVR7VyUaVEiCYm/64Fcx1zmEPHGyEBrlrbjuRHgDjURA==
+    on:
+      appveyor_repo_tag: true
   - provider: S3
     access_key_id:
       secure: Z74OYogQ6bNV/I+6b5ZEXig74+6MW2WLER0v/bPM/uk=