1. [x] Create the `signing` environment with branch/tag restrictions and the `SIGNING_KEY` secret 2. [x] Add the `signers` team with Write access to the repo 3. [x] Create org-level rulesets (Protect main, Protect release tags) 4. [x] Initialize the `gh-pages` branch 5. [x] Enable GitHub Pages 6. [x] Create the `sensitive files` label 7. [x] Add the build/sign/publish workflow (adapt build steps for the target distro) 9. [ ] Test: push to a branch (build only), push to main (build + sign), push a tag (build + sign + publish) Reference: https://github.com/cartesi/macports-ports/issues/2
signingenvironment with branch/tag restrictions and theSIGNING_KEYsecretsignersteam with Write access to the repogh-pagesbranchsensitive fileslabelReference: cartesi/macports-ports#2