From d9b27d9d4fa38239c42d973c501bb9e462f52ac8 Mon Sep 17 00:00:00 2001
From: Tim Hess <tim.hess@broadcom.com>
Date: Fri, 29 May 2026 10:56:19 -0500
Subject: [PATCH] revert workflow changes

---
 .github/workflows/package.yml   | 11 +++--------
 .github/workflows/sonarcube.yml |  4 ++--
 2 files changed, 5 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml
index 91e4dbf21a..39dad17f94 100644
--- a/.github/workflows/package.yml
+++ b/.github/workflows/package.yml
@@ -162,16 +162,13 @@ jobs:
         subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
 
     - name: Sign packages
-      env:
-        AZURE_KEY_VAULT_URL: ${{ secrets.AZURE_KEY_VAULT_URL }}
-        AZURE_SIGN_CERTIFICATE_ID: ${{ secrets.AZURE_SIGN_CERTIFICATE_ID }}
       run: >-
         sign code azure-key-vault '**/*.nupkg'
         --base-directory '${{ github.workspace }}/packages'
         --azure-key-vault-managed-identity true
         --azure-credential-type 'azure-cli'
-        --azure-key-vault-url "$AZURE_KEY_VAULT_URL"
-        --azure-key-vault-certificate "$AZURE_SIGN_CERTIFICATE_ID"
+        --azure-key-vault-url '${{ secrets.AZURE_KEY_VAULT_URL }}'
+        --azure-key-vault-certificate '${{ secrets.AZURE_SIGN_CERTIFICATE_ID }}'
         --publisher-name 'Steeltoe'
         --description 'Steeltoe'
         --description-url 'https://steeltoe.io/'
@@ -252,9 +249,7 @@ jobs:
         path: packages
 
     - name: Push packages to nuget.org
-      env:
-        STEELTOE_NUGET_API_KEY: ${{ secrets.STEELTOE_NUGET_API_KEY }}
-      run: dotnet nuget push '${{ github.workspace }}/packages/*.nupkg' --skip-duplicate --api-key "$STEELTOE_NUGET_API_KEY" --source 'nuget.org'
+      run: dotnet nuget push '${{ github.workspace }}/packages/*.nupkg' --skip-duplicate --api-key '${{ secrets.STEELTOE_NUGET_API_KEY }}' --source 'nuget.org'
 
   open_pr:
     name: Open pull request to bump Steeltoe version after stable release
diff --git a/.github/workflows/sonarcube.yml b/.github/workflows/sonarcube.yml
index 38f397559f..cf7f52bc8c 100644
--- a/.github/workflows/sonarcube.yml
+++ b/.github/workflows/sonarcube.yml
@@ -87,7 +87,7 @@ jobs:
       env:
         SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
       run: >-
-        dotnet sonarscanner begin /k:"SteeltoeOSS_steeltoe" /o:"steeltoeoss" /d:sonar.token="$SONAR_TOKEN"
+        dotnet sonarscanner begin /k:"SteeltoeOSS_steeltoe" /o:"steeltoeoss" /d:sonar.token="${{ secrets.SONAR_TOKEN }}"
         /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.opencover.reportsPaths=**/coverage.opencover.xml
 
     - name: Restore packages
@@ -106,4 +106,4 @@ jobs:
       if: ${{ !cancelled() && steps.sonar_begin.outcome == 'success' }}
       env:
         SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-      run: dotnet sonarscanner end /d:sonar.token="$SONAR_TOKEN"
+      run: dotnet sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}"