github.com/ungtb10d/cli/v2@v2.0.0-20221110210412-98537dd9d6a1/script/sign-windows-executable.sh (about) 1 #!/bin/bash 2 set -e 3 4 EXE="$1" 5 6 if [ -z "$CERT_FILE" ]; then 7 echo "skipping Windows code-signing; CERT_FILE not set" >&2 8 exit 0 9 fi 10 11 if [ ! -f "$CERT_FILE" ]; then 12 echo "error Windows code-signing; file '$CERT_FILE' not found" >&2 13 exit 1 14 fi 15 16 if [ -z "$CERT_PASSWORD" ]; then 17 echo "error Windows code-signing; no value for CERT_PASSWORD" >&2 18 exit 1 19 fi 20 21 osslsigncode sign -n "GitHub CLI" -t http://timestamp.digicert.com \ 22 -pkcs12 "$CERT_FILE" -readpass <(printf "%s" "$CERT_PASSWORD") -h sha256 \ 23 -in "$EXE" -out "$EXE"~ 24 25 mv "$EXE"~ "$EXE"