Feature Request: Add files-recurse-limit Parameter to Control Recursive Signing

[mamogh]

I’d like to suggest adding a files-recurse-limit parameter. Since the signing service incurs costs per signature, allowing users to set a limit (e.g., 200 files) on recursive signing operations would help prevent unexpected large bills. This feature would enable better cost management by restricting the number of files processed, ensuring that signing actions remain within budget.

uses: Azure/trusted-signing-action
with:
  files-recurse-limit: 200
  # or
  files-limit: 200

Maybe just a files-limit. Would be nice if i could see in the log how many signings i have used or remaining.

[japarson]

Hi @mamogh, the only issue I see with this request is that it could result in files not being signed that you want signed. I'd like to understand your perspective a little better. If you're concerned about too many files being signed, would you consider using any of the inputs available to you that allow you to specify exactly which files you want signed?

[mamogh]

Hi

I have a good estimate of my file count, and having a files-recurse-limit would help prevent accidentally signing thousands of files due to misconfiguration. Logging any skipped files is sufficient for my needs, and monitoring Azure usage can be quite complex. This limit would help me manage costs effectively without having to specify each file individually.

Thanks for considering this feature!