Skip to main content

cargo_codesign/config/
mod.rs

1pub mod resolve;
2
3use serde::Deserialize;
4use std::path::PathBuf;
5
6#[derive(Debug, Deserialize, Default)]
7#[serde(deny_unknown_fields)]
8pub struct SignConfig {
9    pub macos: Option<MacosConfig>,
10    pub windows: Option<WindowsConfig>,
11    pub linux: Option<LinuxConfig>,
12    pub update: Option<UpdateConfig>,
13    pub status: Option<StatusConfig>,
14}
15
16// --- macOS ---
17
18#[derive(Debug, Deserialize, PartialEq, Eq)]
19#[serde(rename_all = "kebab-case")]
20pub enum MacosAuth {
21    ApiKey,
22    AppleId,
23}
24
25#[derive(Debug, Deserialize)]
26#[serde(deny_unknown_fields)]
27pub struct MacosConfig {
28    pub identity: Option<String>,
29    pub entitlements: Option<PathBuf>,
30    pub auth: MacosAuth,
31    pub env: MacosEnvConfig,
32}
33
34#[derive(Debug, Deserialize, Default)]
35#[serde(deny_unknown_fields, rename_all = "kebab-case")]
36pub struct MacosEnvConfig {
37    // api-key mode
38    pub certificate: Option<String>,
39    pub certificate_password: Option<String>,
40    pub notarization_key: Option<String>,
41    pub notarization_key_id: Option<String>,
42    pub notarization_issuer: Option<String>,
43    // apple-id mode
44    pub apple_id: Option<String>,
45    pub team_id: Option<String>,
46    pub app_password: Option<String>,
47}
48
49// --- Windows ---
50
51#[derive(Debug, Deserialize)]
52#[serde(deny_unknown_fields, rename_all = "kebab-case")]
53pub struct WindowsConfig {
54    pub timestamp_server: Option<String>,
55    pub env: WindowsEnvConfig,
56}
57
58#[derive(Debug, Deserialize, Default)]
59#[serde(deny_unknown_fields, rename_all = "kebab-case")]
60pub struct WindowsEnvConfig {
61    pub tenant_id: Option<String>,
62    pub client_id: Option<String>,
63    pub client_secret: Option<String>,
64    pub endpoint: Option<String>,
65    pub account_name: Option<String>,
66    pub cert_profile: Option<String>,
67}
68
69// --- Linux ---
70
71#[derive(Debug, Clone, Copy, Deserialize, PartialEq, Eq)]
72#[serde(rename_all = "lowercase")]
73pub enum LinuxMethod {
74    Cosign,
75    Minisign,
76    Gpg,
77}
78
79#[derive(Debug, Deserialize)]
80#[serde(deny_unknown_fields)]
81pub struct LinuxConfig {
82    pub method: LinuxMethod,
83    pub env: LinuxEnvConfig,
84}
85
86#[derive(Debug, Deserialize, Default)]
87#[serde(deny_unknown_fields)]
88pub struct LinuxEnvConfig {
89    pub key: Option<String>,
90}
91
92// --- Update signing ---
93
94#[derive(Debug, Deserialize)]
95#[serde(deny_unknown_fields, rename_all = "kebab-case")]
96pub struct UpdateConfig {
97    pub public_key: Option<PathBuf>,
98    pub env: UpdateEnvConfig,
99}
100
101#[derive(Debug, Deserialize, Default)]
102#[serde(deny_unknown_fields, rename_all = "kebab-case")]
103pub struct UpdateEnvConfig {
104    pub signing_key: Option<String>,
105}
106
107// --- Status ---
108
109#[derive(Debug, Deserialize)]
110#[serde(deny_unknown_fields, rename_all = "kebab-case")]
111pub struct StatusConfig {
112    pub cert_warn_days: Option<u32>,
113    pub cert_error_days: Option<u32>,
114}