Once your artifact configuration and project is set up, you can submit a signing request by either
- uploading an artifact on the web interface or
- integrating a call to SignPath in your build process
For testing purposes or when you have very infrequent releases, you can chose to simply upload the binary artifact via the web interface. This, however, prevents SignPath from verifying the origin of the artifact.
SignPath provides multiple ways to be integrated into your pipeline. See the documentation for details.