Wrap signing certificate password in single quotes to prevent corruption

per1234 · per1234 · commit 52184a4bbf6c · 2025-11-01T09:25:42.000-07:00
High quality passwords may contain characters with special treatment by the shell (e.g., $).

The previous use of double quotes in the shell command for importing the macOS signing certificate to the runner's
keychain resulted in the password being corrupted, and thus a spurious failure in this case:

```
security: SecKeychainItemImport: The user name or passphrase you entered is not correct.
```
diff --git a/.github/workflows/publish-go-nightly-task.yml b/.github/workflows/publish-go-nightly-task.yml
@@ -140,7 +140,7 @@ jobs:
             -f pkcs12 \
             -A \
             -T /usr/bin/codesign \
-            -P "${{ secrets.INSTALLER_CERT_MAC_PASSWORD }}"
+            -P '${{ secrets.INSTALLER_CERT_MAC_PASSWORD }}'
 
           security set-key-partition-list \
             -S apple-tool:,apple: \
diff --git a/.github/workflows/release-go-task.yml b/.github/workflows/release-go-task.yml
@@ -150,7 +150,7 @@ jobs:
             -f pkcs12 \
             -A \
             -T "/usr/bin/codesign" \
-            -P "${{ secrets.INSTALLER_CERT_MAC_PASSWORD }}"
+            -P '${{ secrets.INSTALLER_CERT_MAC_PASSWORD }}'
 
           security set-key-partition-list \
             -S apple-tool:,apple: \
