I'm trying to do the equivalent of this command on a Windows GitHub Actions runner:
SignTool sign /fd sha256 /a
/f $certificatePath /p $certificatePwd $Packages_2Sign
This results in the following error on GitHub Actions:
| The term 'SignTool' is not recognized as a name of a cmdlet, function, script file, or executable
| program. Check the spelling of the name, or if a path was included, verify that the path is correct
| and try again.
Looking at the Marketplace on GitHub I don't see anything that can sign appx, only .dll's or .ps1 files. Microsoft recommended tool requires an Azure account: https://learn.microsoft.com/en-us/windows/msix/desktop/cicd-keyvault?source=recommendations#using-azure-signtool-with-github-actions
Tips/suggestions welcome and appreciated!
As a Windows user, what you might understand on day 1 is that no all executable is added to Windows PATH, so merely calling executable by name won't work as the error message indicated.
You can use something like
$signtool = "C:\Program Files (x86)\Microsoft SDKs\ClickOnce\SignTool\signtool.exe"
& $signtool sign /fd sha256 /a /f $certificatePath /p $certificatePwd $Packages_2Sign
in PowerShell instead.
Fully example can be found in this repo.