From a4765a88508ae797dbf6432e8bc4c9be691454fb Mon Sep 17 00:00:00 2001 From: Ben Rockwood Date: Tue, 22 Aug 2023 18:37:56 -0700 Subject: [PATCH] Use a temp directory for the auth cert Signed-off-by: Ben Rockwood --- .github/workflows/goreleaser.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml index eb72bcbe06..fb46bc4c01 100644 --- a/.github/workflows/goreleaser.yml +++ b/.github/workflows/goreleaser.yml @@ -63,11 +63,15 @@ jobs: - name: Configure DigiCert Signing Variables shell: bash run: | - echo "${{ secrets.SM_CLIENT_CERT_FILE_B64 }}" | base64 --decode > Certificate_pkcs12.p12 - echo "SM_HOST=${{ secrets.SM_HOST }}" >> "$GITHUB_ENV" - echo "SM_API_KEY=${{ secrets.SM_API_KEY }}" >> "$GITHUB_ENV" - echo "SM_CLIENT_CERT_FILE=Certificate_pkcs12.p12" >> "$GITHUB_ENV" + # CertLocker Authentication Certifiate + CERT_PATH="$(mktemp -t cert.XXX)" + echo "${{ secrets.SM_CLIENT_CERT_FILE_B64 }}" | base64 --decode > ${CERT_PATH}/Certificate_pkcs12.p12 + echo "SM_CLIENT_CERT_FILE=${CERT_PATH}/Certificate_pkcs12.p12" >> "$GITHUB_ENV" echo "SM_CLIENT_CERT_PASSWORD=${{ secrets.SM_CLIENT_CERT_PASSWORD }}" >> "$GITHUB_ENV" + # CertLocker API Key & Host + echo "SM_API_KEY=${{ secrets.SM_API_KEY }}" >> "$GITHUB_ENV" + echo "SM_HOST=${{ secrets.SM_HOST }}" >> "$GITHUB_ENV" + # DigiCert CertLocker Code Signing Certificate echo "SM_CODE_SIGNING_CERT_SHA1_HASH=${{ secrets.SM_CODE_SIGNING_CERT_SHA1_HASH }}" >> "$GITHUB_ENV" echo "SM_CERT_ALIAS=${{ secrets.SM_CERT_ALIAS }}" >> "$GITHUB_ENV"