ci: add winget releaser workflow #637
Conversation
Could we get that done in the CI by using the PAT from GH actions and specifying it's permissions? |
|
Sidenote, ZenBrowser.Zen also exists, I don't know if we can do something about there now being 2 IDs for the browser. |
No, you can't. The PAT is used to make a commit and create a PR from an external repo.
|
There was a problem hiding this comment.
Issue: #37 (comment):
In a couple of days, I'll receive a mail with a physical key and I'll need to figure out how to use it
@mauro-balades How can you automate signing builds with a physical key?
I can't, I'll have to sign it and reupload
The workflow will pick up on the "unsigned" binary before you reupload it. Physical keys are incompatible with CI's. Perhaps you should have gone with the "Cloud" solution with Certum or Azure Trusted Signing from Microsoft.
As a workaround, maybe the workflow should create a draft release first and then publish it altogether once you've signed the binaries?
|
Would using |
|
How would we sign it though? My license key is physical |
|
The action would only run when you publish a release, so you'd still be able to sign your stuff |
|
I just want to get everything signed and working before expanding to more windows sites... But this will be merged |
This action automatically generates manifests for Winget Community Repository (microsoft/winget-pkgs) and submits them.
The Zen Browser package is being added to Winget (microsoft/winget-pkgs#168940, microsoft/winget-pkgs#168942), and this workflow will be used to update it.
Before merging this:
${{ secrets.DEPLOY_KEY }}token has thepublic_repopermission:If you want to see an example of a PR created using this action, see microsoft/winget-pkgs/pulls (Pull request has been created with WinGet Releaser).