diff --git a/.github/workflows/rust-release-windows.yml b/.github/workflows/rust-release-windows.yml index 0d8cc2969..fc14088ef 100644 --- a/.github/workflows/rust-release-windows.yml +++ b/.github/workflows/rust-release-windows.yml @@ -6,6 +6,19 @@ on: release-lto: required: true type: string + secrets: + AZURE_TRUSTED_SIGNING_CLIENT_ID: + required: true + AZURE_TRUSTED_SIGNING_TENANT_ID: + required: true + AZURE_TRUSTED_SIGNING_SUBSCRIPTION_ID: + required: true + AZURE_TRUSTED_SIGNING_ENDPOINT: + required: true + AZURE_TRUSTED_SIGNING_ACCOUNT_NAME: + required: true + AZURE_TRUSTED_SIGNING_CERTIFICATE_PROFILE_NAME: + required: true # Cargo's libgit2 transport has been flaky when fetching git dependencies with # nested submodules. Prefer the system git CLI across every Cargo invocation. @@ -151,9 +164,6 @@ jobs: - build-windows-binaries name: Build - ${{ matrix.runner }} - ${{ matrix.target }} runs-on: ${{ matrix.runs_on }} - environment: - name: azure-artifact-signing - deployment: false timeout-minutes: 90 permissions: contents: read diff --git a/.github/workflows/rust-release.yml b/.github/workflows/rust-release.yml index 6b0814dae..364fe7890 100644 --- a/.github/workflows/rust-release.yml +++ b/.github/workflows/rust-release.yml @@ -865,6 +865,7 @@ jobs: uses: ./.github/workflows/rust-release-windows.yml with: release-lto: ${{ contains(github.ref_name, '-alpha') && 'thin' || 'fat' }} + secrets: inherit argument-comment-lint-release-assets: if: ${{ github.event_name != 'workflow_dispatch' || inputs.release_mode != 'promote_signed' }}