autonomys · DaMandal0rian · Sep 7, 2023 · Aug 26, 2023 · Sep 1, 2023 · Sep 5, 2023
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -144,14 +144,19 @@ jobs:
         continue-on-error: ${{ github.repository_owner != 'subspace' || github.event_name != 'push' || github.ref_type != 'tag' }}
         if: runner.os == 'macOS'
 
+      - name: Install AzureSignTool (Windows)
+        run: dotnet tool install --global AzureSignTool
+        if: runner.os == 'Windows'
+
       - name: Sign Application (Windows)
-        uses: skymatic/code-sign-action@500ce4f8261ca9bd8f85978c1652b34fb511bdf4 # @v2.0.1
-        with:
-          certificate: "${{ secrets.WINDOWS_CERTIFICATE }}"
-          password: "${{ secrets.WINDOWS_CERTIFICATE_PASSWORD }}"
-          certificatesha1: "${{ secrets.WINDOWS_CERTIFICATE_SHA }}"
-          folder: "${{ matrix.build.production_target }}"
-        # Allow code signing to fail on non-release builds and in non-subspace repos (forks)
+        run: |
+          AzureSignTool sign -kvu "${{ secrets.AZURE_KEY_VAULT_URI }}" \
+          -kvi "${{ secrets.AZURE_CLIENT_ID }}" \
+          -kvt "${{ secrets.AZURE_TENANT_ID }}" \
+          -kvs "${{ secrets.AZURE_CLIENT_SECRET }}" \
+          -kvc "${{ secrets.AZURE_CERT_NAME }}" \
+          -tr http://timestamp.digicert.com \
+          -v "${{ matrix.build.production_target }}/pulsar.exe"
         continue-on-error: ${{ github.repository_owner != 'subspace' || github.event_name != 'push' || github.ref_type != 'tag' }}
         if: runner.os == 'Windows'