From 09bd04c4206bab230aff0cee54e25a2d6c01228f Mon Sep 17 00:00:00 2001
From: Lessley <lessleydennington@gmail.com>
Date: Fri, 19 Apr 2024 13:52:02 -0600
Subject: [PATCH] release: capture nuget signing cert

NuGet requires that signed packages have a matching registered signing
certificate [1]. Update release workflow to capture this certificate from the Sign
CLI tool and upload it as a release artifact.

1: https://learn.microsoft.com/en-us/nuget/create-packages/sign-a-package#register-the-certificate-on-nugetorg
---
 .github/workflows/release.yml | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 4cdda4e4a..28858d7c1 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -464,13 +464,18 @@ jobs:
           -u "https://github.com/git-ecosystem/git-credential-manager" `
           -acst $env:ACST `
           -acsi $env:ACSI `
-          -acss $env:ACSS
+          -acss $env:ACSS `
+          -acsc nuget-signing-certificate.cer
+
+        mv nupkg/* .
 
-    - name: Publish signed package
+    - name: Publish signed package and certificate
       uses: actions/upload-artifact@v4
       with:
         name: dotnet-tool-sign
-        path: nupkg/*.nupkg
+        path: |
+          *.nupkg
+          *.cer
 
 # ================================
 #           Validate