Hi Ariel, thanks for your feedback. Your use case is very similar to mine: corporate build servers with jenkins and GitHub Actions. The solution we found is certainly much cheaper than having an HSM on-premise or in the cloud and it is also scalable. When I evaluated the available options, the new Azure Trusted Signing service was not available but next year I will definitely evaluate it, this is the link in case you want to evaluate it too: https://techcommunity.microsoft.com/t5/security-compliance-and-identity/trusted-signing-is-in-public-preview/ba-p/4103457

Nowadays it is preview.

Thanks again!