From 9bddef6a73cb2e7ab6af70c397d02ff575b48ca4 Mon Sep 17 00:00:00 2001 From: Martin Costello Date: Tue, 1 Oct 2024 12:54:53 +0100 Subject: [PATCH 1/2] Update AuthenticodeLint Update to a version targeting .NET 8. --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f7ea7dc12cd..571afb72715 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -258,7 +258,7 @@ jobs: uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: path: AuthenticodeLint - ref: ae44826fdcebaa671b06591ea0b3b47fc946b79c + ref: 90dd05293effe918b149c7f8323540b7730c06d2 repository: martincostello/AuthenticodeLint submodules: recursive From 23e17ac19bf190fdb984e108db408258d17f6f39 Mon Sep 17 00:00:00 2001 From: Martin Costello Date: Tue, 1 Oct 2024 12:56:14 +0100 Subject: [PATCH 2/2] Set env vars for sign Set environment variables for Azure Key Vault to use with future versions of the `sign` tool. --- .github/workflows/build.yml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 571afb72715..b7073230cf9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -193,6 +193,10 @@ jobs: - name: Sign artifacts shell: pwsh + env: + AZURE_CLIENT_ID: ${{ secrets.SIGN_CLI_APPLICATION_ID }} + AZURE_CLIENT_SECRET: ${{ secrets.SIGN_CLI_SECRET }} + AZURE_TENANT_ID: ${{ secrets.SIGN_CLI_TENANT_ID }} run: | ./sign code azure-key-vault ` **/*.nupkg ` @@ -203,9 +207,9 @@ jobs: --description "Polly" ` --description-url "https://github.com/${{ github.repository }}" ` --azure-key-vault-certificate "${{ secrets.SIGN_CLI_CERT_NAME }}" ` - --azure-key-vault-client-id "${{ secrets.SIGN_CLI_APPLICATION_ID }}" ` - --azure-key-vault-client-secret "${{ secrets.SIGN_CLI_SECRET }}" ` - --azure-key-vault-tenant-id "${{ secrets.SIGN_CLI_TENANT_ID }}" ` + --azure-key-vault-client-id ${env:AZURE_CLIENT_ID} ` + --azure-key-vault-client-secret ${env:AZURE_CLIENT_SECRET} ` + --azure-key-vault-tenant-id ${env:AZURE_TENANT_ID} ` --azure-key-vault-url "${{ secrets.SIGN_CLI_VAULT_URI }}" ` --verbosity "${{ runner.debug == '1' && 'Debug' || 'Warning' }}" if ($LASTEXITCODE -ne 0) {