Automatically signing PowerShell scripts via GitHub actions

A while ago I had come across this cool blog post (and cool blog in general) on signing PowerShell scripts via GitHub actions. Before that I was signing scripts manually, and I think I was Googling on whether there’s a way to do this via GitHub actions and luckily came across that blog post. Ever since I’ve been using it.

I had modified it a bit to suit my needs – such as have the zip file name be a mix of the repo name, branch name, and so on. Easy to know what is what when I have a bunch of these lying around. Unfortunately, today I ran into an issue wherein I named a branch as “feature/something” and the slash caused and issue in the file name. Wanted to see if there’s a way to remove the branch and came across the find-and-replace strings action. Combined the two and here’s my workflow:

Just putting it here in case it helps anyone else. This one runs on any push to the repo, as long as there’s changes to the .ps1 files in the Runbooks folder. I could have targetted specific branches too, for instance, by modifying this section: