* feat(ci): sign Windows Theseus bins with DigiCert KeyLocker cloud HSM
* perf(ci): speed up Jsign installation
* fix(ci): use absolute path to DigiCert client certificate
This should avoid errors related to Jsign not being able to find it
we've seen on CI.
* fix(ci): trim strange characters out from DigiCert credentials
* ci: another attempt at fixing Jsign errors
* chore: add comment mentioning why `jsign` choco deps are ignored
* tweak: move KeyLocker signing config to CI release Tauri config file
This prevents casual local builds from attempting to use a signing
command they really can't use, improving developer experience.
* tweak(ci/windows): do not waste time and signatures with MSIs
We aren't distributing these anyway. This should reduce the signing
operations required for building the app from 5 (one for the binary,
another for the MSI installer, two for WiX extension DLLs and one for
the NSIS installer) to 2.
* feat(ci): make Windows code signing toggleable, do not sign non-final builds
* chore(ci): tweak `sign-windows-binaries` input wording
* fix(ci): deal with usual Powershell syntax shenanigans
* fix(ci): work around more Powershell syntax shenanigans
Who thought it'd be a good idea to make a comma a synonymous of a space
for separating command line arguments? Why have to characters for the
same thing?
* perf(ci): do not run app build workflow on Labrinth changes
Labrinth is not related to the app at all, so this is just a waste of CI
minutes.
* ci(theseus): enable Windows code signing by default for manual triggers
These are expected to be not that common, so defaulting to what causes
the least human errors when it comes to publishing a release makes most
sense.
b75cfc063b