Skip to content

Releases: digicert/code-signing-software-trust-action

v1.0.1

06 Jan 07:31
@anshuman-mor anshuman-mor
v1.0.1
cb50224
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.0.1 Latest
Marketplace
Latest
Marketplace

Description
Fixes MSI installation failures in the GitHub Action when the product is already installed in a different location (applicable for Self-hosted Windows runner). The action now automatically handles existing installations and improves reliability in non-interactive CI/CD environments.

Upgrade steps

  • Upgrade to this version to apply the fixes

Breaking changes

  • None

New features

  • None

Bug fixes

  • Fixed MSI reinstallation failures by automatically uninstalling existing installations before reinstalling (resolves DOSTM-8717)
  • Fixed CI/CD pipeline blocking caused by interactive registry prompts by adding the /f flag to all reg add commands (fixes #11)

Performance improvements

  • Optimized MSI installation by removing registry and WMIC queries
  • Improved fail-fast behavior with clearer error handling

Other changes

  • Refactored MSI installation logic for more reliable error handling
  • Added detailed MSI log output to improve troubleshooting
Assets 2
Loading

New GitHub Actions for code signing with DigiCert® Software Trust Manager

13 Nov 11:40
@anshuman-mor anshuman-mor
v1.0.0
9b30180
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
New GitHub Actions for code signing with DigiCert® Software Trust Manager
Marketplace
Marketplace

Overview

code-signing-software-trust-action enables secure, automated code signing directly within your GitHub workflows. This integration provides a seamless way to incorporate trusted signing into your DevOps pipelines, ensuring the authenticity and integrity of your released software.

Using a keypair-based signing workflow, developers can sign binaries across Windows, Linux, and macOS with strong security controls and full platform compatibility. This action automatically installs and configures Software Trust client tools, allowing quick setup for both GitHub-hosted and self-hosted runners.

Additionally, this action supports simple signing, a streamlined process that eliminates the need for third-party tools or libraries, delivering fast, consistent, and efficient code signing across environments.

Key features

Simple signing mode

A streamlined signing workflow designed to simplify configuration and improve performance:

  • Sign code without relying on third-party tools
  • A unified, consistent signing experience across Windows, Linux, and macOS
  • Delivers faster signing by removing library overhead and reducing unnecessary API calls
  • Built to support DigiCert's long-term direction as legacy signing methods are deprecated

Bulk signing mode

An efficient option for teams that need to sign large sets of artifacts:

  • Sign multiple files in a single operation, dramatically improving throughput
  • Reduces network round-trip calls, improving performance in high-volume CI/CD pipelines
  • Contact DigiCert Sales to activate bulk signing

Optimized installation

Enhancements designed to speed installation, reduce redundant downloads, and ensure accurate tool updates:

  • Faster, consistent downloads of required signing tools
  • Automatically checks CDN-hosted checksums to detect and download new tool versions
  • Supports GitHub's caching service across both hosted and self-hosted runners
Loading