Skip to content

Commit

Permalink
Merge pull request #209 from AzureAD/fix-release-ci
Browse files Browse the repository at this point in the history 
Remove ESRP cert versions
  • Loading branch information
@kyle-rader-msft
kyle-rader-msft authored Feb 23, 2023
2 parents 7b5658a + 66f14c4 commit 95506e1
Showing 1 changed file with 2 additions and 4 deletions.
6 changes: 2 additions & 4 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,15 +102,13 @@ jobs:
AZURE_SUBSCRIPTION: ${{ secrets.AZURE_SUBSCRIPTION }}
AZURE_VAULT: ${{ secrets.AZURE_VAULT }}
ESRP_AAD_CERT_NAME: ${{ secrets.AZURE_VAULT_ESRP_AAD_CERT_NAME }}
ESRP_AAD_CERT_VERSION: ${{ secrets.AZURE_VAULT_ESRP_AAD_CERT_VERSION }}
ESRP_REQ_CERT_NAME: ${{ secrets.AZURE_VAULT_ESRP_REQ_CERT_NAME }}
ESRP_REQ_CERT_VERSION: ${{ secrets.AZURE_VAULT_ESRP_REQ_CERT_VERSION }}
run: |
az keyvault secret download --subscription "$env:AZURE_SUBSCRIPTION" --vault-name "$env:AZURE_VAULT" --name "$env:ESRP_AAD_CERT_NAME" --version "$env:ESRP_AAD_CERT_VERSION" -f cert.pfx
az keyvault secret download --subscription "$env:AZURE_SUBSCRIPTION" --vault-name "$env:AZURE_VAULT" --name "$env:ESRP_AAD_CERT_NAME" -f cert.pfx
certutil -f -importpfx cert.pfx
Remove-Item cert.pfx
az keyvault secret download --subscription "$env:AZURE_SUBSCRIPTION" --vault-name "$env:AZURE_VAULT" --name "$env:ESRP_REQ_CERT_NAME" --version "$env:ESRP_REQ_CERT_VERSION" -f cert.pfx
az keyvault secret download --subscription "$env:AZURE_SUBSCRIPTION" --vault-name "$env:AZURE_VAULT" --name "$env:ESRP_REQ_CERT_NAME" -f cert.pfx
certutil -f -importpfx cert.pfx
Remove-Item cert.pfx
# We download all artifacts and overwrite them with signed files, but only upload ones which we can properly sign.
Expand Down

0 comments on commit 95506e1

Please sign in to comment.