t-dedah
commented
1 year ago Hi @sudara you can use this az command to fetch a certificate:-
az keyvault certificate show --name <CERT-NAME> --vault-name <VAULT-NAME>
If this command works for you in your terminal then same can be used in your workflow like this:-
on: [push]
name: AzureCLISample
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
- name: Azure Login
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Azure CLI script
uses: azure/CLI@v1
with:
azcliversion: 2.30.0
inlineScript: |
az keyvault certificate show --name <CERT-NAME> --vault-name <VAULT-NAME>This workflow will login for you and the fetch the certificate. Login is necessary as else machine wont have access to your keyvault. Let me know if you still face this issue.
github-actions[bot]
Hi there
The official https://github.com/Azure/get-keyvault-secrets Action was recently deprecated (without cause given), pointing to this Action with the vague instruction "pass a custom script".
This has left a bit of confusion about how best do something like grab a code signing certificate from Azure KSM in GitHub Actions.
An example would be really helpful, if indeed this is the recommended Action to use to interact with Azure Key Vault.