AppVeyor: Use SignPath release cert/only sign tags The SignPath release certificate for our project is not yet available as of this writing, but this commit prepares the CI system to use the release certificate whenever it becomes available. It also restricts signing only to tags, which correspond to official releases. (That mimics our traditional policy of not signing pre-release builds.)

commit: 6c87537f60941f3c265c339fe60d1e31d2a42ccf [log] [tgz]
author: DRC <information@libjpeg-turbo.org> Mon Jul 03 10:25:24 2023 -0400
committer: DRC <information@libjpeg-turbo.org> Mon Jul 03 10:31:35 2023 -0400
tree: a30aec1bbdae5621fa199f04cff15c3bc36a00de
parent: 02b074fd90aa31e3eab3b36353af31b04a409624 [diff]
diff --git a/appveyor.yml b/appveyor.yml
index 2e110cc..a04b4a4 100644
--- a/appveyor.yml
+++ b/appveyor.yml

@@ -94,9 +94,11 @@
 
 deploy:
   - provider: Webhook
-    url: https://app.signpath.io/API/v1/3bc964ce-257b-4362-829f-1df1f087f5a0/Integrations/AppVeyor?ProjectSlug=libjpeg-turbo&SigningPolicySlug=test-signing
+    url: https://app.signpath.io/API/v1/3bc964ce-257b-4362-829f-1df1f087f5a0/Integrations/AppVeyor?ProjectSlug=libjpeg-turbo&SigningPolicySlug=release-signing
     authorization:
       secure: rrx5wnu5VWQqrFZJv75WdPc1H5gyYqp7cV/xVhsx1TnVR7VyUaVEiCYm/64Fcx1zmEPHGyEBrlrbjuRHgDjURA==
+    on:
+      appveyor_repo_tag: true
   - provider: S3
     access_key_id:
       secure: Z74OYogQ6bNV/I+6b5ZEXig74+6MW2WLER0v/bPM/uk=
commit	6c87537f60941f3c265c339fe60d1e31d2a42ccf	[log] [tgz]
author	DRC <information@libjpeg-turbo.org>	Mon Jul 03 10:25:24 2023 -0400
committer	DRC <information@libjpeg-turbo.org>	Mon Jul 03 10:31:35 2023 -0400
tree	a30aec1bbdae5621fa199f04cff15c3bc36a00de
parent	02b074fd90aa31e3eab3b36353af31b04a409624 [diff]