Add secrets and use bash

2025-01-25 00:56:13 -08:00
parent 4f7d51e581
commit 1f3e1c4d6f
2 changed files with 7 additions and 2 deletions
--- a/.github/workflows/prerelease.yml
+++ b/.github/workflows/prerelease.yml
@@ -47,6 +47,11 @@ env:
  GOOGLE_ZONE: us-central1-a
  DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
  IS_PRERELEASE: true
+  AZURE_SIGNING_CLIENT_ID: ${{ secrets.AZURE_SIGNING_CLIENT_ID }}
+  AZURE_SIGNING_CLIENT_SECRET: ${{ secrets.AZURE_SIGNING_CLIENT_SECRET }}
+  AZURE_SIGNING_TENANT_ID: ${{ secrets.AZURE_SIGNING_TENANT_ID }}
+  AZURE_SIGNING_KEY_VAULT_URI: ${{ secrets.AZURE_SIGNING_KEY_VAULT_URI }}
+  SKIP_SIGNING: ${{ secrets.AZURE_SIGNING_CLIENT_ID == '' && secrets.AZURE_SIGNING_CLIENT_SECRET == '' && secrets.AZURE_SIGNING_TENANT_ID == '' && secrets.AZURE_SIGNING_KEY_VAULT_URI == '' }}
 jobs:
  # prerequisites:
  #   runs-on: ubuntu-latest
--- a/4
+++ b/4
@@ -272,7 +272,7 @@ bin/jsign-6.0.jar:

 sign-windows-exe-amd64: GORELEASER_ARCH := amd64_v1
 sign-windows-exe-arm64: GORELEASER_ARCH := arm64
-
+sign-windows-exe-%: SHELL:=/bin/bash
 sign-windows-exe-%: bin/jsign-6.0.jar
 	@# Only sign windows binary if fully configured.
 	@# Test variables set by joining with | between and looking for || showing at least one variable is empty.
@@ -284,7 +284,7 @@ sign-windows-exe-%: bin/jsign-6.0.jar
 			echo "To rebuild with signing delete the unsigned windows exe file and rebuild with the fixed configuration"; \
 			if [[ "${CI}" == "true" ]]; then exit 1; fi; \
 		else \
-			file=dist/pulumi-docker-build_windows_${GORELEASER_ARCH}/pulumi-resource-docker-build.exe; \
+			file=dist/build-provider-sign-windows_windows_${GORELEASER_ARCH}/pulumi-resource-docker-build.exe; \
 			mv $${file} $${file}.unsigned; \
 			az login --service-principal \
 				--username "${AZURE_SIGNING_CLIENT_ID}" \