diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
index e60c6553b7..0ab5dacd89 100644
--- a/.github/workflows/publish.yaml
+++ b/.github/workflows/publish.yaml
@@ -236,17 +236,27 @@ jobs:
         with:
           name: '${{ needs.build-tauri.outputs.channel }}-${{ matrix.platform }}-${{ github.run_number }}'
           path: release
+      - name: Set file as a variable
+        id: set-path
+        run: |
+          VALUE=$(find release -name "*.msi" -type f -printf '%P\n')
+          echo "::set-output name=msi_file::$VALUE"
       - name: Sign Windows binary
         shell: bash
         run: |
           find release -name "*.msi" -type f -print0 | xargs -0 -n1 -I{} python3 /sign-with-evcodesignd.py "{}"
         env:
           EVCODESIGND_PSK: ${{ secrets.EVCODESIGND_PSK }}
+      - name: Sign our test file
+        uses: thomasdesr/minisign-action@v1
+        with:
+          args: -Sm release/${{ steps.set-path.outputs.msi_file }}
+          minisign_key: ${{ secrets.TAURI_PRIVATE_KEY }}
+          password: ${{ secrets.TAURI_KEY_PASSWORD }}
       - name: Compress signed msi
-        shell: bash
-        run: |
-          apt update && apt install -y zip
-          find release -name "*.msi" -type f -print0 | zip "release/$(find release -name "*.msi" -type f -printf '%P\n').zip" -@
+        uses: montudor/action-zip@v1
+        with:
+          args: zip -qq -r release/${{ steps.set-path.outputs.msi_file }}.zip release/${{ steps.set-path.outputs.msi_file }}
       - name: Upload signed artifacts
         uses: actions/upload-artifact@v4
         with: