constructor icon indicating copy to clipboard operation
constructor copied to clipboard

Published 20 hours ago verified publisher icon conda

Support AzureSignTool

Open marcoesters opened this issue 11 months ago • 1 comments

Checklist

  • [X] I added a descriptive title
  • [X] I searched open requests and couldn't find a duplicate

What is the idea?

AzureSignTool is another tool that can be used to sign binaries. It uses a vault to obtain the certificate instead of using a certificate file.

constructor should extend its support to different signing tools and also support key-vault signature processes.

Why is this needed?

Using vaults to sign binaries is going to be more and more important. AzureSignTool uses a vault without files, so signing installers is not possible with this

As of now, constructor uses signtool.exe and local files to sign binaries, so AzureSignTool or other file-less signature tools will not work.

What should happen?

  • Expanding construct.yaml to allow for vaults to sign packages.
  • Allow for other tools to sign binaries, starting with AzureSignTool.

Additional Context

No response

marcoesters avatar Mar 25 '24 20:03 marcoesters