Follow this workflow to prepare custom Unity packages with signatures, using the Unity Package Manager command-line interface (UPM CLI).
UPM CLI is a standalone tool that you can run from a terminal or integrate into a continuous integration (CI) pipeline. It’s useful if you create packages and want to sign them outside of the Unity Editor or without the scripting API, especially in automated environments.
UPM CLI supports the same platforms and architectures as the Unity Editor.
To prepare your packages for distribution by signing them, complete the following tasks:
Before you use UPM CLI, set up your environment as described in UPM CLI prerequisites:
Install the UPM CLI tool on your local computer or CI environment. You need to install the tool only once, then update it each time a newer version is available.
For details, refer to Install Unity Package Manager CLI.
Use the upm pack command to pack a custom package into a signed tarball (.tgz) file that you can distribute or publish. Run this command each time you want to create a signed package.
For details, refer to Pack and sign a package with Unity Package Manager CLI.
Use the upm sign command to sign a Git-based package in place. This command is useful if you want to distribute your package as a Git URL. Run this command before committing your changes to the Git repository if you intend to distribute the package via a Git URL dependency.
For details, refer to Sign a Git-based package with Unity Package Manager CLI.