Support AZURE_TRUSTED_SIGNING_ACCOUNT_NAME, AZURE_CERTIFICATE_PROFILE_NAME#13
Conversation
There was a problem hiding this comment.
Pull request overview
This PR adds support for specifying Azure Trusted Signing account name and certificate profile name via environment variables (AZURE_TRUSTED_SIGNING_ACCOUNT_NAME and AZURE_CERTIFICATE_PROFILE_NAME), addressing the use case where users want to store these values as GitHub secrets rather than in their public repository's tauri.conf.json file.
Key changes:
- Added environment variable support for account and certificate profile arguments using clap's
envattribute - Updated documentation comment from "Code Signing Account name" to "Trusted Signing Account name"
- Added documentation in README for the new environment variables
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| src/main.rs | Added env attributes to account and certificate arguments to enable environment variable configuration; updated comment terminology to "Trusted Signing" |
| READMe.md | Documented the new environment variables and their corresponding CLI flags |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
|
Thanks! |
|
Hello, we've been successfully using this patch in a couple of our apps. A new release would be appreciated. No rush obviously, we can continue to point to ref. |
|
Published a release |
First of all, thank you for this project, it's a huge help for our Tauri app distribution.
Following https://v2.tauri.app/distribute/sign/windows/#modify-your-tauriconfjson-file, we're setting:
{ "bundle": { "windows": { "signCommand": "trusted-signing-cli -e https://wus2.codesigning.azure.net -a MyAccount -c MyProfile -d MyApp %1" } } }While the account name (-a) and profile name (-c) values are scoped to the azure account, on principle we'd rather not disclose those in a public GitHub repo so we want to use GitHub secrets for these. Unfortunately,
does not work because env vars are not expanded.
does not work either because %1 is not being interpolated.
An existing workaround is to use a wrapper script, e.g.:
however I'd rather avoid an external file and instead only maintain the workflow file, release.yml, and tauri.conf.json.