From f6d872a027834bc83ee51d488336de933b703f74 Mon Sep 17 00:00:00 2001
From: Nat Goodspeed <nat@lindenlab.com>
Date: Fri, 13 Oct 2023 15:11:30 -0400
Subject: PIE-1057: Pass sign-pkg-windows@azure the Azure-related secrets.

---
 .github/workflows/build.yaml | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

(limited to '.github/workflows/build.yaml')

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 6c88c2ca5c..daa647f257 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -253,18 +253,14 @@ jobs:
     needs: build
     runs-on: windows
     steps:
-      - name: Decode certificate file
-        shell: bash
-        env:
-          SIGNING_CERT_WINDOWS: ${{ secrets.SIGNING_CERT_WINDOWS }}
-        run: |
-          mkdir -p .cert
-          echo "$SIGNING_CERT_WINDOWS" | base64 --decode > .cert/authenticode-cert.pfx
-
       - name: Sign and package Windows viewer
         uses: secondlife/viewer-build-util/sign-pkg-windows@azure
         with:
-          certificate: .cert/authenticode-cert.pfx
+          vault_uri: "${{ secrets.AZURE_KEY_VAULT_URI }}"
+          cert_name: "${{ secrets.AZURE_CERT_NAME }}"
+          client_id: "${{ secrets.AZURE_CLIENT_ID }}"
+          client_secret: "${{ secrets.AZURE_CLIENT_SECRET }}"
+          tenant_id: "${{ secrets.AZURE_TENANT_ID }}"
 
   sign-and-package-mac:
     needs: build
-- 
cgit v1.2.3