{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreiel2yqecrmktmpvp5jiiwwmh5ufsmtbgie7nhwhgrigge2ztmu75i",
    "uri": "at://did:plc:haakkg7y3xdghcdmprxeexso/app.bsky.feed.post/3mnb4x6pfvqq2"
  },
  "path": "/t/submit-android-apps-to-our-appverifier-database/38125?page=3#post_42",
  "publishedAt": "2026-06-01T20:44:56.000Z",
  "site": "https://discuss.privacyguides.net",
  "tags": [
    "github.com/privacyguides/verified-apps",
    ".github/workflows/create-artifact.yml",
    "0e31bb824",
    "show original",
    "github.com/privacyguides/.github",
    ".github/workflows/sign-artifact.yml",
    "4e59f962b",
    ".github/workflows/new-submission.yml",
    ".github/workflows/publish-release.yml",
    "build signer URI"
  ],
  "textContent": "If you are interested in an update, we now create an artifact via a reusable workflow:\n\ngithub.com/privacyguides/verified-apps\n\n#### .github/workflows/create-artifact.yml\n\n0e31bb824\n\n\n    name: Create data.yml artifact\n\n    on:\n      workflow_call:\n        inputs:\n          ref:\n            description: Git ref to checkout (commit SHA or branch; default is the triggering ref)\n            type: string\n            required: false\n            default: \"\"\n\n    jobs:\n      artifact:\n        runs-on: ubuntu-latest\n        permissions:\n          contents: read\n\n        steps:\n          - name: Checkout repository\n            uses: actions/checkout@v6\n\n\nThis file has been truncated. show original\n\nAnd then attest that artifact with a separate org-wide reusable workflow in a different repo:\n\ngithub.com/privacyguides/.github\n\n#### .github/workflows/sign-artifact.yml\n\n4e59f962b\n\n\n    name: Sign Artifact\n\n    on:\n      workflow_call:\n        inputs:\n          artifact-path:\n            required: true\n            type: string\n            description: \"Path to the artifact to be signed\"\n          artifact-name:\n            required: true\n            type: string\n            description: \"Name of the artifact to download\"\n\n    jobs:\n      sign:\n        runs-on: ubuntu-latest\n        permissions:\n          id-token: write\n          contents: read\n\n\nThis file has been truncated. show original\n\nCalled from\n\ngithub.com/privacyguides/verified-apps\n\n#### .github/workflows/new-submission.yml\n\n0e31bb824\n\n\n\n\n\n\n        1688. uses: privacyguides/.github/.github/workflows/sign-artifact.yml@5c41b37a937aab5e50262f3ab672fc9b9438dbf9\n\n\n        1689. with:\n\n\n        1690.   artifact-name: database\n\n\n        1691.   artifact-path: data.yml\n\n\n\n\n\nAnd\n\ngithub.com/privacyguides/verified-apps\n\n#### .github/workflows/publish-release.yml\n\n0e31bb824\n\n\n\n\n\n\n        21. uses: privacyguides/.github/.github/workflows/sign-artifact.yml@5c41b37a937aab5e50262f3ab672fc9b9438dbf9\n\n\n        22. with:\n\n\n        23.   artifact-name: database\n\n\n        24.   artifact-path: data.yml\n\n\n\n\n\n* * *\n\nSo the build signer URI will always be `https://github.com/privacyguides/.github/.github/workflows/sign-artifact.yml@5c41b37a937aab5e50262f3ab672fc9b9438dbf9`.",
  "title": "Submit Android apps to our AppVerifier database"
}