From 09bd04c4206bab230aff0cee54e25a2d6c01228f Mon Sep 17 00:00:00 2001 From: Lessley Date: Fri, 19 Apr 2024 13:52:02 -0600 Subject: [PATCH] release: capture nuget signing cert NuGet requires that signed packages have a matching registered signing certificate [1]. Update release workflow to capture this certificate from the Sign CLI tool and upload it as a release artifact. 1: https://learn.microsoft.com/en-us/nuget/create-packages/sign-a-package#register-the-certificate-on-nugetorg --- .github/workflows/release.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4cdda4e4a..28858d7c1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -464,13 +464,18 @@ jobs: -u "https://github.com/git-ecosystem/git-credential-manager" ` -acst $env:ACST ` -acsi $env:ACSI ` - -acss $env:ACSS + -acss $env:ACSS ` + -acsc nuget-signing-certificate.cer + + mv nupkg/* . - - name: Publish signed package + - name: Publish signed package and certificate uses: actions/upload-artifact@v4 with: name: dotnet-tool-sign - path: nupkg/*.nupkg + path: | + *.nupkg + *.cer # ================================ # Validate