Add sample workflow file

Author: scheibling

.github/workflows/sign-in-env-gha-ast.yml

@@ -0,0 +1,58 @@
+name: Build and Package
+
+on:
+  workflow_dispatch:
+    inputs:
+      source_branch:
+        description: 'The source branch or ref to build from'
+        default: 'main'
+        required: true
+      release_name:
+        description: 'The name for the release'
+        required: true
+            
+jobs:
+  release:
+    environment: OSSign
+    runs-on: windows-latest
+    
+    permissions:
+      contents: write
+      
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          repository: 'xyz/xyz'
+          ref: ${{ github.event.inputs.source_branch }}
+          fetch-depth: 1
+
+      - name: Sign files
+        uses: ossign/gha-sign-azuresigntool
+        with:
+          certificateName: ${{ secrets.AST_CERT }}
+          clientId: ${{ secrets.AST_IDENT }}
+          clientSecret: ${{ secrets.AST_SECRET }}
+          hashAlgorithm: ${{ secrets.AST_TD }}
+          tenantId: ${{ secrets.AST_TENANT }}
+          timestampUrl: ${{ secrets.AST_TIMESTAMP }}
+          vaultUrl: ${{ secrets.AST_VAULT }}
+          files: dist/*
+          extensions: msi;exe
+
+      - name: Release
+        uses: softprops/action-gh-release@v2
+        with:
+          files: |
+            dist/*.msi
+            dist/*.exe
+          name: ${{ github.event.inputs.release_name }}
+          tag_name: ${{ github.run_id }}
+          body: |
+            # Signed Release ${{ github.event.inputs.release_name }}
+            
+            These are the distributable files for the signed release of Beaver-Notes ${{ github.event.inputs.release_name }}
+
+            The source code was fetched from https://github.com/xyz/xyz@${{ github.event.inputs.source_branch }}
+            
+