admin/cc-switch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(ci): standardize Tauri signing key variable and update pubkey

Browse Source 
- Update CI workflow to use TAURI_SIGNING_PRIVATE_KEY consistently
- Simplify key handling logic and add password support
- Update pubkey in tauri.conf.json to match new signing key
This commit is contained in:
Jason
2025-09-09 22:26:37 +08:00
parent a95f974787
commit 74d4b42936
2 changed files with 10 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
.github/workflows/release.yml vendored
View File

@@ -87,13 +87,13 @@ jobs:
shell: bash shell: bash
run: | run: |
# 调试:检查 Secret 是否存在 # 调试:检查 Secret 是否存在
if [ -z "${{ secrets.TAURI_PRIVATE_KEY }}" ]; then if [ -z "${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}" ]; then
echo "❌ TAURI_PRIVATE_KEY Secret 为空或不存在" >&2 echo "❌ TAURI_SIGNING_PRIVATE_KEY Secret 为空或不存在" >&2
echo "请检查 GitHub 仓库 Settings > Secrets and variables > Actions" >&2 echo "请检查 GitHub 仓库 Settings > Secrets and variables > Actions" >&2
exit 1 exit 1
fi fi
RAW="${{ secrets.TAURI_PRIVATE_KEY }}" RAW="${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}"
# 目标:提供正确的私钥“文件路径”给 Tauri CLI避免内容解码歧义 # 目标:提供正确的私钥“文件路径”给 Tauri CLI避免内容解码歧义
KEY_PATH="$RUNNER_TEMP/tauri_signing.key" KEY_PATH="$RUNNER_TEMP/tauri_signing.key"
# 情况 1原始两行文本第一行以 "untrusted comment:" 开头) # 情况 1原始两行文本第一行以 "untrusted comment:" 开头)
@@ -113,15 +113,17 @@ jobs:
printf '%s\n%s\n' "untrusted comment: tauri signing key" "$ONE" > "$KEY_PATH" printf '%s\n%s\n' "untrusted comment: tauri signing key" "$ONE" > "$KEY_PATH"
echo "✅ 使用一行 Base64 私钥,已构造两行文件" echo "✅ 使用一行 Base64 私钥,已构造两行文件"
else else
echo "❌ TAURI_PRIVATE_KEY 格式无法识别:既不是两行原文,也不是其 base64亦非一行 base64" >&2 echo "❌ TAURI_SIGNING_PRIVATE_KEY 格式无法识别:既不是两行原文,也不是其 base64亦非一行 base64" >&2
echo "密钥前10个字符: $(echo "$RAW" | head -c 10)..." >&2 echo "密钥前10个字符: $(echo "$RAW" | head -c 10)..." >&2
exit 1 exit 1
fi fi
fi fi
fi fi
# 仅导出“路径”供 CLI 使用,避免误读为内容 # 仅导出“路径”供 CLI 使用Tauri 支持“内容或路径”)
echo "TAURI_PRIVATE_KEY_PATH=$KEY_PATH" >> $GITHUB_ENV echo "TAURI_SIGNING_PRIVATE_KEY=$KEY_PATH" >> $GITHUB_ENV
echo "TAURI_SIGNING_PRIVATE_KEY_PATH=$KEY_PATH" >> $GITHUB_ENV if [ -n "${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}" ]; then
echo "TAURI_SIGNING_PRIVATE_KEY_PASSWORD=${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}" >> $GITHUB_ENV
fi
echo "✅ Tauri signing key prepared" echo "✅ Tauri signing key prepared"
- name: Build Tauri App (macOS) - name: Build Tauri App (macOS)

2
src-tauri/tauri.conf.json
View File

@@ -42,7 +42,7 @@
, ,
"plugins": { "plugins": {
"updater": { "updater": {
"pubkey": "RWQrfsDuoYVMiAZTIXmxysD1OTMhVzeirvQ2xU78mhvobMthsQaQyr3m", "pubkey": "dW50cnVzdGVkIGNvbW1lbnQ6IG1pbmlzaWduIHB1YmxpYyBrZXk6IEM4MDI4QzlBNTczOTI4RTMKUldUaktEbFhtb3dDeUM5US9kT0FmdGR5Ti9vQzcwa2dTMlpibDVDUmQ2M0VGTzVOWnd0SGpFVlEK",
"endpoints": [ "endpoints": [
"https://github.com/jasonyoung/cc-switch/releases/latest/download/latest.json" "https://github.com/jasonyoung/cc-switch/releases/latest/download/latest.json"
] ]