From 5b7746af79eefb0de3a95f26236a641455adbfa6 Mon Sep 17 00:00:00 2001
From: yhh <359807859@qq.com>
Date: Tue, 16 Dec 2025 15:07:18 +0800
Subject: [PATCH] =?UTF-8?q?fix(ci):=20=E4=BF=AE=E5=A4=8D=20SignPath=20?=
 =?UTF-8?q?=E4=BB=A3=E7=A0=81=E7=AD=BE=E5=90=8D=20artifact=20=E5=8F=82?=
 =?UTF-8?q?=E6=95=B0=E9=94=99=E8=AF=AF?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

SignPath GitHub Action 不支持 github-artifact-name 参数，
改用 github-artifact-id 并通过 GitHub API 获取 artifact ID。

- 移除 download-artifact 步骤（SignPath 直接从 GitHub 获取）
- 添加 get-artifact 步骤通过 API 获取 artifact ID
- 使用 github-artifact-id 替代无效的 github-artifact-name
---
 .github/workflows/release-editor.yml | 29 +++++++++++++++++-----------
 1 file changed, 18 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/release-editor.yml b/.github/workflows/release-editor.yml
index a12c7c1f..fb44d45b 100644
--- a/.github/workflows/release-editor.yml
+++ b/.github/workflows/release-editor.yml
@@ -156,18 +156,25 @@ jobs:
         if: steps.check-signpath.outputs.enabled == 'true'
         uses: actions/checkout@v4
 
-      - name: Download Windows artifact
-        if: steps.check-signpath.outputs.enabled == 'true'
-        uses: actions/download-artifact@v4
-        with:
-          name: windows-unsigned
-          path: ./artifacts
-
-      - name: List artifacts for signing
+      - name: Get artifact ID
         if: steps.check-signpath.outputs.enabled == 'true'
+        id: get-artifact
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
-          echo "Files to be signed:"
-          find ./artifacts -type f \( -name "*.exe" -o -name "*.msi" \) | head -20
+          # 获取 windows-unsigned artifact 的 ID
+          ARTIFACT_ID=$(gh api \
+            -H "Accept: application/vnd.github+json" \
+            "/repos/${{ github.repository }}/actions/runs/${{ github.run_id }}/artifacts" \
+            --jq '.artifacts[] | select(.name == "windows-unsigned") | .id')
+
+          if [ -z "$ARTIFACT_ID" ]; then
+            echo "Error: Could not find artifact 'windows-unsigned'"
+            exit 1
+          fi
+
+          echo "artifact-id=$ARTIFACT_ID" >> $GITHUB_OUTPUT
+          echo "Found artifact ID: $ARTIFACT_ID"
 
       - name: Submit to SignPath for code signing
         if: steps.check-signpath.outputs.enabled == 'true'
@@ -179,7 +186,7 @@ jobs:
           project-slug: 'ecs-framework'
           signing-policy-slug: 'test-signing'
           artifact-configuration-slug: 'default'
-          github-artifact-name: 'windows-unsigned'
+          github-artifact-id: ${{ steps.get-artifact.outputs.artifact-id }}
           wait-for-completion: true
           wait-for-completion-timeout-in-seconds: 600
           output-artifact-directory: './signed'