@xor-gate I’ve done some things, but I’m not sure how it really fits with the build setup. We can discuss…
- I added an environment called
signingwhich contains the secrets in question, currently limited to apply only to thedevelopbranch - I added
environment: signingto the relevant jobs in the build setup, you can see my proposed changes in thebuild-signingbranch - I modified the branch protection of
developto require pull requests (though you, as an admin, can ignore this), otherwise it’s a bit too open
However, looking at it, the environment variables pointing to the signing certificate etc are those expected by Syncthing. But we’re not building Syncthing, are we? Is this picked up by the Xcode build stuff? I’m not certain how it works.