From 0377974074270177c7755bb6f412d8d04d594c5a Mon Sep 17 00:00:00 2001
From: Eugene <inbox@null.page>
Date: Thu, 19 Dec 2024 01:27:36 +0100
Subject: [PATCH] .

---
 .github/workflows/build.yml | 6 +++---
 scripts/build-windows.mjs   | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index ce2c551c..1a434a17 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -314,7 +314,7 @@ jobs:
 
     - name: Code signing with Software Trust Manager
       uses: digicert/ssm-code-signing@v1.0.0
-      if: github.repository == 'Eugeny/tabby' && github.event_name == 'push' && (github.ref == 'refs/heads/signingtest' || startsWith(github.ref, 'refs/tags'))
+      if: github.repository == 'Eugeny/tabby' && github.event_name == 'push' && (github.ref_protected || startsWith(github.ref, 'refs/tags'))
 
     - name: Installing Node
       uses: actions/setup-node@v3.7.0
@@ -351,7 +351,7 @@ jobs:
         $env:WIN_CSC_LINK=$env:CERT_TEMP_PATH
         $env:WIN_CSC_KEY_PASSWORD=$env:SM_CLIENT_CERT_PASSWORD
         node scripts/build-windows.mjs
-      if: github.repository == 'Eugeny/tabby' && github.event_name == 'push' && (github.ref == 'refs/heads/signingtest' || startsWith(github.ref, 'refs/tags'))
+      if: github.repository == 'Eugeny/tabby' && github.event_name == 'push' && (github.ref_protected || startsWith(github.ref, 'refs/tags'))
       env:
         ARCH: ${{matrix.arch}}
         CERT_TEMP_PATH: Certificate_pkcs12.p12
@@ -368,7 +368,7 @@ jobs:
 
     - name: Build packages without signing
       run: node scripts/build-windows.mjs
-      if: "! (github.repository == 'Eugeny/tabby' && github.event_name == 'push' && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags')))"
+      if: "! (github.repository == 'Eugeny/tabby' && github.event_name == 'push' && (github.ref_protected || startsWith(github.ref, 'refs/tags')))"
       env:
         ARCH: ${{matrix.arch}}
 
diff --git a/scripts/build-windows.mjs b/scripts/build-windows.mjs
index 14411e9c..a11a88da 100755
--- a/scripts/build-windows.mjs
+++ b/scripts/build-windows.mjs
@@ -28,7 +28,7 @@ builder({
             certificateSha1: process.env.SM_CODE_SIGNING_CERT_SHA1_HASH,
             publisherName: process.env.SM_PUBLISHER_NAME,
             signingHashAlgorithms: ['sha256'],
-            sign: async function (configuration) {
+            sign: keypair ? async function (configuration) {
                 if (configuration.path) {
                     execSync(
                         `smctl sign --keypair-alias=${keypair} --input "${String(configuration.path)}"`, {
@@ -36,7 +36,7 @@ builder({
                         }
                     )
                 }
-            }
+            } : undefined,
         },
     },