actions: add env: prefix powershell wants

2026-06-22 15:11:37 +00:00 · 2025-08-27 11:04:09 -04:00
parent 221a18fc51
commit 352f09fad8
1 changed files with 8 additions and 8 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -652,13 +652,13 @@ jobs:
        if: runner.os == 'Windows'
        shell: pwsh
        run: |
-          write-Host "Signing ${gam}...."
+          write-Host "Signing ${env:gam}...."
          # Always explicitely use x64 version os signtool.exe, arm64 version apparently can't
          # see Certum certs since SimplySignDesktop is x64-only today.
-          Start-Process -Wait -NoNewWindow -ErrorAction Continue -FilePath 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0\x64\signtool.exe'  -ArgumentList "sign", "/sha1", "590dc5bb10dfb31dbff38c0e2f9c35ef0f6d0e9e", "/tr", "http://time.certum.pl", "/td", "SHA256", "/fd", "SHA256", "/v", "$gam"
-          write-Host "Verifying signature of ${gam}...."
+          Start-Process -Wait -NoNewWindow -ErrorAction Continue -FilePath 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0\x64\signtool.exe'  -ArgumentList "sign", "/sha1", "590dc5bb10dfb31dbff38c0e2f9c35ef0f6d0e9e", "/tr", "http://time.certum.pl", "/td", "SHA256", "/fd", "SHA256", "/v", "$env:gam"
+          write-Host "Verifying signature of ${env:gam}...."
          # verify signature. If we failed to sign we should fail to verify and die.
-          & 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0\x64\signtool.exe' verify /pa "$gam"
+          & 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0\x64\signtool.exe' verify /pa "$env:gam"

      - name: Configure user and service account auth
        id: configserviceaccount
@@ -724,13 +724,13 @@ jobs:
        if: runner.os == 'Windows'
        shell: pwsh
        run: |
-          write-Host "Signing ${MSI_FILENAME}...."
+          write-Host "Signing ${env:MSI_FILENAME}...."
          # Always explicitely use x64 version os signtool.exe, arm64 version apparently can't
          # see Certum certs since SimplySignDesktop is x64-only today.
-          Start-Process -Wait -NoNewWindow -ErrorAction Continue -FilePath 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0\x64\signtool.exe'  -ArgumentList "sign", "/sha1", "590dc5bb10dfb31dbff38c0e2f9c35ef0f6d0e9e", "/tr", "http://time.certum.pl", "/td", "SHA256", "/fd", "SHA256", "/v", "$MSI_FILENAME"
-          write-Host "Verifying signature of ${MSI_FILENAME}...."
+          Start-Process -Wait -NoNewWindow -ErrorAction Continue -FilePath 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0\x64\signtool.exe'  -ArgumentList "sign", "/sha1", "590dc5bb10dfb31dbff38c0e2f9c35ef0f6d0e9e", "/tr", "http://time.certum.pl", "/td", "SHA256", "/fd", "SHA256", "/v", "$env:MSI_FILENAME"
+          write-Host "Verifying signature of ${env:MSI_FILENAME}...."
          # verify signature. If we failed to sign we should fail to verify and die.
-          & 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0\x64\signtool.exe' verify /pa "$MSI_FILENAME"
+          & 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0\x64\signtool.exe' verify /pa "$env:MSI_FILENAME"

      - name: Attest that gam package files were generated from this Action
        uses: actions/attest-build-provenance@e8998f949152b193b063cb0ec769d69d929409be # 2.4.0