Build and sign .exe #5

Workflow file for this run

	name: Build and sign .exe

	on:
	workflow_dispatch

	jobs:
	build:
	name: Build .exe
	runs-on: windows-latest
	permissions:
	contents: write
	steps:
	- uses: actions/checkout@v4
	- name: Set up Python
	uses: actions/setup-python@v5
	with:
	python-version: "3.13"
	- name: Install dependencies
	run: python -m pip install --upgrade pip
	- name: Install Open Pectus Engine Manager
	run: pip install -e ".[development]"
	- name: Build .exe
	run: \|
	pyinstaller pyinstaller.spec
	cd dist
	move "Open Pectus Engine Manager.exe" ../
	- name: Install DigiCert Client tools from Github Custom Actions marketplace
	uses: digicert/ssm-code-signing@v1.0.0
	- name: Set up certificate
	run: \|
	echo "${{ secrets.SM_CLIENT_CERT_FILE_B64 }}" \| base64 --decode > /d/Certificate_pkcs12.p12
	shell: bash
	- name: Set variables
	run: \|
	echo "SM_HOST=${{ secrets.SM_HOST }}" >> "$GITHUB_ENV"
	echo "SM_API_KEY=${{ secrets.SM_API_KEY }}" >> "$GITHUB_ENV"
	echo "SM_CLIENT_CERT_FILE=D:\\Certificate_pkcs12.p12" >> "$GITHUB_ENV"
	echo "SM_CLIENT_CERT_PASSWORD=${{ secrets.SM_CLIENT_CERT_PASSWORD }}" >> "$GITHUB_ENV"
	shell: bash
	- name: Signing using keypair alias
	run: \|
	smctl sign --keypair-alias key_1229360753 --input "Open Pectus Engine Manager.exe" --config-file C:\Users\RUNNER~1\AppData\Local\Temp\smtools-windows-x64\pkcs11properties.cfg
	shell: cmd
	- uses: ncipollo/release-action@v1
	with:
	artifacts: "Open Pectus Engine Manager.exe"
	tag: release
	body: "Download and run `Open Pectus Engine Manager.exe`."
	allowUpdates: true
	makeLatest: true
	omitBodyDuringUpdate: true
	removeArtifacts: true
	replacesArtifacts: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Build and sign .exe #5

Workflow file

Build and sign .exe #5

Uh oh!

Workflow file for this run