Application not signed
nlsui opened this issue · comments
Bug description
I am using the game-ci/unity-builder@v4 on github workflows with a personal unity license to build my unity project.
The resulting .exe file is not signed and I'm getting warnings that the publisher is unknown.
How to reproduce
This is the part of the workflow
uses: game-ci/unity-builder@v4
id: build
env:
UNITY_LICENSE: ${{ secrets.UNITY_LICENSE }}
UNITY_EMAIL: ${{ secrets.UNITY_EMAIL }}
UNITY_PASSWORD: ${{ secrets.UNITY_PASSWORD }}
with:
customImage: unityci/editor:${{ matrix.targetImage }}
targetPlatform: ${{ matrix.targetPlatform }}
customParameters: -target ${{ matrix.target }}
buildMethod: BuildScript.Build
I copied my own personal license as described in the docs in secrets.
These are the relevant logs
User *** logged in successfully
[LicensingClient] Channel doesn't exist: "LicenseClient-root"
[Licensing::Module] Successfully launched the LicensingClient (PId: 38)
[SignatureVerifier] Application signature verification not supported on this platform.
[LicensingClient] Handshaking with LicensingClient:
version: 1.10.0-rc.1+0c717dc
Session Id: de5b4c034b5d443ea0456b8218b49027
Machine Id: j6bT3DmylWNQWQ6f3fzOYk3+Xlw=
[Licensing::Module] Successfully connected to LicensingClient on channel: "LicenseClient-root" (connect: 1.30s, validation: 0.07s, handshake: 0.00s)
[Licensing::Module] Connected to LicensingClient (PId: 38, launch time: 0.00, total connection time: 1.37s)
Entitlement-based licensing initiated
[LicensingClient] Successfully updated the access token
[Licensing::Module] Successfully updated the access token ObKfcfbLBuQwK6ya8ncHx_jHV21tuQu1qG36R5eqBo8008f
[LicensingClient] Successfully processed license management request
[Licensing::Module] Successfully activated the entitlement license
[LicensingClient] Successfully queried for the EntitlementGroupsDetails
[LicensingClient] Successfully activated ULF license
[Licensing::Module] Serial number assigned to (masked): "***"
[LicensingClient] Successfully resolved entitlements
Pro License: NO
When trying to open the application windows warns me that their is no publisher
Get-AuthenticodeSignature -FilePath .\StandaloneWindows64.exe
returns Status:NotSigned as well
Expected behavior
The application should be signed
Generally, Unity doesn't sign the .exe, so you would have to sign it yourself.
You could try using this Microsoft SignTool.
But instead of that, it may be better to distribute through a platform like Steam.
Thanks for your help, I thought the license was needed for signature.
Is there no way to integrate the code signing with certificate using GameCI? Users downloading from Itch.io get the same error.
Code signing is arguably not part of building ("ci"), and arguably more part of distribution ("cd").
The unity-builder action therefore isn't really where the code signing should be done.
To help with distribution, GameCI does provide a Steam deploy action, and Steam will handle code signing for you: https://game.ci/docs/github/deployment/steam/
If you want to use other platforms for distribution, you would need to look into that platforms recommended process.
Unfortunately, it doesn't seem like itch provides a good solution: https://itch.io/jam/7drl-challenge-2021/topic/1245681/code-signing