Closed marcoesters closed 2 months ago
Supporting AzureSignTool
is a two-pronged project:
signing_certificate
is a file name. It can be overloaded to accept vault
as a magic keyword or we create a new key.AzureSignTool
uses different arguments. If we want to future-proof this, we may want to create a class that can be expanded to add other tools in the future.
Checklist
What is the idea?
AzureSignTool is another tool that can be used to sign binaries. It uses a vault to obtain the certificate instead of using a certificate file.
constructor
should extend its support to different signing tools and also support key-vault signature processes.Why is this needed?
Using vaults to sign binaries is going to be more and more important.
AzureSignTool
uses a vault without files, so signing installers is not possible with thisAs of now,
constructor
usessigntool.exe
and local files to sign binaries, soAzureSignTool
or other file-less signature tools will not work.What should happen?
construct.yaml
to allow for vaults to sign packages.AzureSignTool
.Additional Context
No response