add signature generation

rename steps

.woodpecker.yml

@@ -8,13 +8,13 @@ pipeline:
       event: [tag, push, pull_request]
       branch: [master, develop, feature/*, fix/*, translations]
 
-  osv_detector:
+  osv-detector:
     image: gitnet.fr/deblan/osv-detector:v0.10
     commands:
       - osv-detector package-lock.json
     failure: ignore
 
-  build_js:
+  build-js:
     image: node:16
     commands:
       - npm run build
@@ -22,7 +22,7 @@ pipeline:
       branch: [master, develop, feature/*, fix/*, translations]
       event: [tag, push, pull_request]
 
-  build_php:
+  build-translations:
     image: deblan/php:8.0
     commands:
       - php bin/generate_l10n.php
@@ -30,7 +30,24 @@ pipeline:
       branch: [master, develop, feature/*, fix/*, translations]
       event: [tag, push, pull_request]
 
-  code_quality:
+  create-signature:
+    image: nextcloud:25
+    secrets: [app_certificate, app_public_certificate]
+    environment:
+      SQLITE_DATABASE: /var/www/data/data.db
+      NEXTCLOUD_ADMIN_USER: admin
+      NEXTCLOUD_ADMIN_PASSWORD: admin
+    commands:
+      - echo "$APP_CERTIFICATE" > "/tmp/side_menu.key"
+      - echo "$APP_PUBLIC_CERTIFICATE" > "/tmp/side_menu.crt"
+      - /usr/src/nextcloud/occ integrity:sign-app
+        --privateKey=/tmp/side_menu.key
+        --certificate=/tmp/side_menu.crt
+        --path=$CI_WORKSPACE
+    when:
+      event: [tag]
+
+  check-code-quality:
     image: sonarsource/sonar-scanner-cli
     secrets: [sonar_token, sonar_host, sonar_project]
     commands:
@@ -45,7 +62,7 @@ pipeline:
     when:
       event: [pull_request]
 
-  package:
+  create-package:
     image: deblan/php:8.0
     volumes:
       - /var/www/html/artifacts:/var/www/html/artifacts
@@ -61,7 +78,7 @@ pipeline:
     when:
       event: [tag]
 
-  release:
+  push-release:
     image: plugins/gitea-release
     volumes:
       - /var/www/html/artifacts:/var/www/html/artifacts