From 45535e659ea8b58101fe9e8adfa6aa273d2bb544 Mon Sep 17 00:00:00 2001
From: Rob Mensching <rob@firegiant.com>
Date: Wed, 19 Mar 2025 16:46:08 -0700
Subject: Formalize official WiX build and update tags in nupkgs

---
 .github/workflows/build.yml | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

(limited to '.github/workflows')

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 36e0583c..78720df2 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -22,6 +22,8 @@ jobs:
     name: Build
     runs-on: windows-2022
     env:
+      RepoOrg: ${{ github.repository_owner }}
+      SignBuild: ${{ github.repository_owner == 'wixtoolset' && startsWith(github.ref, 'refs/tags/v') }}
       WixOfficialBuild: ${{ github.repository_owner == 'wixtoolset' && startsWith(github.ref, 'refs/tags/v') }}
     permissions:
       packages: write
@@ -37,7 +39,7 @@ jobs:
       #   run: ./src/vs_config.cmd
 
       - name: Install sign tool
-        if: ${{ env.WixOfficialBuild == 'true' }}
+        if: ${{ env.SignBuild == 'true' }}
         shell: cmd
         run: dotnet tool install --tool-path build\.tools sign --version 0.9.1-beta.24170.3
 
@@ -54,7 +56,7 @@ jobs:
           reg add "HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\Windows Error Reporting\LocalDumps" /t REG_DWORD /v DumpType /d 1
 
       # - name: 'Az CLI login'
-      #   if: ${{ env.WixOfficialBuild == 'true' }}
+      #   if: ${{ env.SignBuild == 'true' }}
       #   uses: azure/login@v1
       #   with:
       #     allow-no-subscriptions: true
@@ -66,11 +68,11 @@ jobs:
         run: ./src/build_official.cmd
         env:
           RuntimeTestsEnabled: true
-          SigningKeyVaultUri:  ${{ env.WixOfficialBuild == 'true' && secrets.WIX_SIGNING_VAULTURI || '' }}
-          SigningTenantId:  ${{ env.WixOfficialBuild == 'true' && secrets.WIX_SIGNING_TENANTID || '' }}
-          SigningClientId:  ${{ env.WixOfficialBuild == 'true' && secrets.WIX_SIGNING_CLIENTID || '' }}
-          SigningClientSecret:  ${{ env.WixOfficialBuild == 'true' && secrets.WIX_SIGNING_SECRET || '' }}
-          SigningCertName:  ${{ env.WixOfficialBuild == 'true' && secrets.WIX_SIGNING_CERTNAME || '' }}
+          SigningKeyVaultUri:  ${{ env.SignBuild == 'true' && secrets.WIX_SIGNING_VAULTURI || '' }}
+          SigningTenantId:  ${{ env.SignBuild == 'true' && secrets.WIX_SIGNING_TENANTID || '' }}
+          SigningClientId:  ${{ env.SignBuild == 'true' && secrets.WIX_SIGNING_CLIENTID || '' }}
+          SigningClientSecret:  ${{ env.SignBuild == 'true' && secrets.WIX_SIGNING_SECRET || '' }}
+          SigningCertName:  ${{ env.SignBuild == 'true' && secrets.WIX_SIGNING_CERTNAME || '' }}
 
       - name: Validate test results
         shell: cmd
@@ -99,7 +101,7 @@ jobs:
 
       # Do NOT publish logs on `official builds` (version tagged builds) as they may contain secrets in them.
       - name: Save logs
-        if: ${{ env.WixOfficialBuild != 'true' && !cancelled() }}
+        if: ${{ env.SignBuild != 'true' && !cancelled() }}
         uses: actions/upload-artifact@v4
         with:
           name: logs_${{ github.run_id }}
-- 
cgit v1.2.3-55-g6feb