0.1.3

Added Ubuntu-runner signing support through osslsigncode and PFX secrets.

mrtrust.integration.json

@@ -29,8 +29,35 @@
       ".psd1",
       ".cat"
     ],
-    "preferredCommand": ".\\MrTrust\\MrTrust.exe sign -Path <artifact-path> -CertificateThumbprint A024A89200469F099EC4A172B4F96F6428AFD41B",
-    "ciGuidance": "Run signing only on a trusted Windows release runner or secure local release machine where the private certificate is already installed or supplied through secrets.",
+    "ubuntuRunner": {
+      "supportedExtensions": [
+        ".exe",
+        ".msi",
+        ".dll",
+        ".cat"
+      ],
+      "requiredTool": "osslsigncode",
+      "helperScript": "scripts/Sign-MrTrustProjectLinux.sh",
+      "requiredSecrets": [
+        "MRTRUST_CODESIGN_PFX_BASE64",
+        "MRTRUST_CODESIGN_PFX_PASSWORD"
+      ],
+      "preferredCommand": "bash ./MrTrust/scripts/Sign-MrTrustProjectLinux.sh <artifact-path>"
+    },
+    "windowsRunner": {
+      "supportedExtensions": [
+        ".exe",
+        ".msi",
+        ".dll",
+        ".ps1",
+        ".psm1",
+        ".psd1",
+        ".cat"
+      ],
+      "preferredCommand": ".\\MrTrust\\MrTrust.exe sign -Path <artifact-path> -CertificateThumbprint A024A89200469F099EC4A172B4F96F6428AFD41B"
+    },
+    "preferredCommand": "bash ./MrTrust/scripts/Sign-MrTrustProjectLinux.sh <artifact-path>",
+    "ciGuidance": "On ubuntu-latest runners, sign PE/MSI/CAT artifacts with osslsigncode using a PFX stored in Gitea secrets. Use Windows runners only when signing PowerShell scripts or when Windows certificate store signing is required.",
     "unsignedBehavior": "Unsigned builds should remain unsigned. MrTrust only makes correctly signed MrSphay artifacts validate after the user has installed trust."
   },
   "targetProjectAgentContract": {