Update ESRPCodeSigningTask to Version 5; Use WindowsAppSDK-EsrpCodeSigning-Steps.yml From WindowsAppSDKConfig Repository (#4499)
This commit is contained in:
Родитель
09151ae082
Коммит
9ca4c66970
|
@ -34,7 +34,7 @@ steps:
|
||||||
|
|
||||||
- ${{ if eq(parameters.runStaticAnalysis, 'True') }}:
|
- ${{ if eq(parameters.runStaticAnalysis, 'True') }}:
|
||||||
- task: SDLNativeRules@3
|
- task: SDLNativeRules@3
|
||||||
displayName: Run PREfast SDL Native Rules
|
displayName: Run PREfast SDL Native Rules
|
||||||
inputs:
|
inputs:
|
||||||
setupCommandlines: '"C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Common7\Tools\VsMSBuildCmd.bat"'
|
setupCommandlines: '"C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Common7\Tools\VsMSBuildCmd.bat"'
|
||||||
msBuildCommandline: 'msbuild.exe /restore /nologo /nr:false $(Build.SourcesDirectory)\dev\Bootstrap\CS\Microsoft.WindowsAppRuntime.Bootstrap.Net\Microsoft.WindowsAppRuntime.Bootstrap.Net.csproj'
|
msBuildCommandline: 'msbuild.exe /restore /nologo /nr:false $(Build.SourcesDirectory)\dev\Bootstrap\CS\Microsoft.WindowsAppRuntime.Bootstrap.Net\Microsoft.WindowsAppRuntime.Bootstrap.Net.csproj'
|
||||||
|
@ -56,50 +56,16 @@ steps:
|
||||||
failOnAlert: true
|
failOnAlert: true
|
||||||
|
|
||||||
- ${{ if eq(parameters.SignOutput, 'true') }}:
|
- ${{ if eq(parameters.SignOutput, 'true') }}:
|
||||||
- task: EsrpCodeSigning@2
|
- template: AzurePipelinesTemplates/WindowsAppSDK-EsrpCodeSigning-Steps.yml@WindowsAppSDKConfig
|
||||||
inputs:
|
parameters:
|
||||||
ConnectedServiceName: 'Project Reunion ESRP Code Signing Connection'
|
|
||||||
FolderPath: '$(build.SourcesDirectory)\BuildOutput'
|
FolderPath: '$(build.SourcesDirectory)\BuildOutput'
|
||||||
|
UseMinimatch: true
|
||||||
Pattern: |
|
Pattern: |
|
||||||
**/*.winmd
|
**/*.winmd
|
||||||
**/*.dll
|
**/*.dll
|
||||||
**/*.exe
|
**/*.exe
|
||||||
UseMinimatch: true
|
KeyCode: 'CP-230012'
|
||||||
signConfigType: 'inlineSignParams'
|
displayName: 'Authenticode CodeSign Binaries'
|
||||||
inlineOperation: |
|
|
||||||
[
|
|
||||||
{
|
|
||||||
"keyCode": "CP-230012",
|
|
||||||
"operationSetCode": "SigntoolSign",
|
|
||||||
"parameters": [
|
|
||||||
{
|
|
||||||
"parameterName": "OpusName",
|
|
||||||
"parameterValue": "Microsoft"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"parameterName": "OpusInfo",
|
|
||||||
"parameterValue": "http://www.microsoft.com"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"parameterName": "PageHash",
|
|
||||||
"parameterValue": "/NPH"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"parameterName": "FileDigest",
|
|
||||||
"parameterValue": "/fd sha256"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"parameterName": "TimeStamp",
|
|
||||||
"parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"toolName": "signtool.exe",
|
|
||||||
"toolVersion": "6.2.9304.0"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
SessionTimeout: '60'
|
|
||||||
MaxConcurrency: '50'
|
|
||||||
MaxRetryAttempts: '5'
|
|
||||||
|
|
||||||
# Artifacts are uploaded via ob_outputDirectory where the each vPack Push jobs downloads from
|
# Artifacts are uploaded via ob_outputDirectory where the each vPack Push jobs downloads from
|
||||||
# so the CopyFiles below are to move all the vPack files to the right locations
|
# so the CopyFiles below are to move all the vPack files to the right locations
|
||||||
|
|
|
@ -115,50 +115,16 @@ steps:
|
||||||
# continueOnError: true
|
# continueOnError: true
|
||||||
|
|
||||||
- ${{ if eq(parameters.SignOutput, 'true') }}:
|
- ${{ if eq(parameters.SignOutput, 'true') }}:
|
||||||
- task: EsrpCodeSigning@2
|
- template: AzurePipelinesTemplates/WindowsAppSDK-EsrpCodeSigning-Steps.yml@WindowsAppSDKConfig
|
||||||
inputs:
|
parameters:
|
||||||
ConnectedServiceName: 'Project Reunion ESRP Code Signing Connection'
|
|
||||||
FolderPath: '$(build.SourcesDirectory)\BuildOutput'
|
FolderPath: '$(build.SourcesDirectory)\BuildOutput'
|
||||||
|
UseMinimatch: true
|
||||||
Pattern: |
|
Pattern: |
|
||||||
**/*.winmd
|
**/*.winmd
|
||||||
**/*.dll
|
**/*.dll
|
||||||
**/*.exe
|
**/*.exe
|
||||||
UseMinimatch: true
|
KeyCode: 'CP-230012'
|
||||||
signConfigType: 'inlineSignParams'
|
displayName: 'Authenticode CodeSign Binaries'
|
||||||
inlineOperation: |
|
|
||||||
[
|
|
||||||
{
|
|
||||||
"keyCode": "CP-230012",
|
|
||||||
"operationSetCode": "SigntoolSign",
|
|
||||||
"parameters": [
|
|
||||||
{
|
|
||||||
"parameterName": "OpusName",
|
|
||||||
"parameterValue": "Microsoft"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"parameterName": "OpusInfo",
|
|
||||||
"parameterValue": "http://www.microsoft.com"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"parameterName": "PageHash",
|
|
||||||
"parameterValue": "/NPH"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"parameterName": "FileDigest",
|
|
||||||
"parameterValue": "/fd sha256"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"parameterName": "TimeStamp",
|
|
||||||
"parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"toolName": "signtool.exe",
|
|
||||||
"toolVersion": "6.2.9304.0"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
SessionTimeout: '60'
|
|
||||||
MaxConcurrency: '50'
|
|
||||||
MaxRetryAttempts: '5'
|
|
||||||
|
|
||||||
# Artifacts are uploaded via ob_outputDirectory where the each vPack Push jobs downloads from
|
# Artifacts are uploaded via ob_outputDirectory where the each vPack Push jobs downloads from
|
||||||
# so the CopyFiles below are to move all the vPack files to the right locations
|
# so the CopyFiles below are to move all the vPack files to the right locations
|
||||||
|
|
|
@ -31,7 +31,7 @@ steps:
|
||||||
|
|
||||||
- ${{ if eq(parameters.runStaticAnalysis, 'True') }}:
|
- ${{ if eq(parameters.runStaticAnalysis, 'True') }}:
|
||||||
- task: SDLNativeRules@3
|
- task: SDLNativeRules@3
|
||||||
displayName: Run PREfast SDL Native Rules
|
displayName: Run PREfast SDL Native Rules
|
||||||
condition: and(succeeded(), eq(variables['buildPlatform'], 'x64'), eq(variables['buildConfiguration'], 'Release'))
|
condition: and(succeeded(), eq(variables['buildPlatform'], 'x64'), eq(variables['buildConfiguration'], 'Release'))
|
||||||
inputs:
|
inputs:
|
||||||
setupCommandlines: '"C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Common7\Tools\VsMSBuildCmd.bat"'
|
setupCommandlines: '"C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Common7\Tools\VsMSBuildCmd.bat"'
|
||||||
|
@ -68,50 +68,16 @@ steps:
|
||||||
- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
|
- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
|
||||||
|
|
||||||
- ${{ if eq(parameters.SignOutput, 'true') }}:
|
- ${{ if eq(parameters.SignOutput, 'true') }}:
|
||||||
- task: EsrpCodeSigning@2
|
- template: AzurePipelinesTemplates/WindowsAppSDK-EsrpCodeSigning-Steps.yml@WindowsAppSDKConfig
|
||||||
inputs:
|
parameters:
|
||||||
ConnectedServiceName: 'Project Reunion ESRP Code Signing Connection'
|
|
||||||
FolderPath: '$(build.SourcesDirectory)\BuildOutput'
|
FolderPath: '$(build.SourcesDirectory)\BuildOutput'
|
||||||
|
UseMinimatch: true
|
||||||
Pattern: |
|
Pattern: |
|
||||||
**/*.winmd
|
**/*.winmd
|
||||||
**/*.dll
|
**/*.dll
|
||||||
**/*.exe
|
**/*.exe
|
||||||
UseMinimatch: true
|
KeyCode: 'CP-230012'
|
||||||
signConfigType: 'inlineSignParams'
|
displayName: 'Authenticode CodeSign Binaries'
|
||||||
inlineOperation: |
|
|
||||||
[
|
|
||||||
{
|
|
||||||
"keyCode": "CP-230012",
|
|
||||||
"operationSetCode": "SigntoolSign",
|
|
||||||
"parameters": [
|
|
||||||
{
|
|
||||||
"parameterName": "OpusName",
|
|
||||||
"parameterValue": "Microsoft"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"parameterName": "OpusInfo",
|
|
||||||
"parameterValue": "http://www.microsoft.com"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"parameterName": "PageHash",
|
|
||||||
"parameterValue": "/NPH"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"parameterName": "FileDigest",
|
|
||||||
"parameterValue": "/fd sha256"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"parameterName": "TimeStamp",
|
|
||||||
"parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"toolName": "signtool.exe",
|
|
||||||
"toolVersion": "6.2.9304.0"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
SessionTimeout: '60'
|
|
||||||
MaxConcurrency: '50'
|
|
||||||
MaxRetryAttempts: '5'
|
|
||||||
|
|
||||||
- task: CopyFiles@2
|
- task: CopyFiles@2
|
||||||
displayName: MoveToOutputDirectory
|
displayName: MoveToOutputDirectory
|
||||||
|
|
|
@ -193,33 +193,12 @@ stages:
|
||||||
# arguments: -Platform "x64" -Configuration "release" -AzureBuildStep "BuildMock" -OutputDirectory "$(build.artifactStagingDirectory)\FullNuget" -PackageVersion "$(packageVersion)"
|
# arguments: -Platform "x64" -Configuration "release" -AzureBuildStep "BuildMock" -OutputDirectory "$(build.artifactStagingDirectory)\FullNuget" -PackageVersion "$(packageVersion)"
|
||||||
|
|
||||||
- ${{ if eq(parameters.SignOutput, 'true') }}:
|
- ${{ if eq(parameters.SignOutput, 'true') }}:
|
||||||
- task: EsrpCodeSigning@2
|
- template: AzurePipelinesTemplates/WindowsAppSDK-EsrpCodeSigning-Steps.yml@WindowsAppSDKConfig
|
||||||
inputs:
|
parameters:
|
||||||
ConnectedServiceName: 'Project Reunion ESRP Code Signing Connection'
|
|
||||||
FolderPath: $(build.artifactStagingDirectory)\FullNuget
|
FolderPath: $(build.artifactStagingDirectory)\FullNuget
|
||||||
Pattern: 'Microsoft.WindowsAppSDK.Foundation*.nupkg'
|
Pattern: 'Microsoft.WindowsAppSDK.Foundation*.nupkg'
|
||||||
|
KeyCode: 'CP-401405'
|
||||||
UseMinimatch: true
|
UseMinimatch: true
|
||||||
signConfigType: 'inlineSignParams'
|
|
||||||
inlineOperation: |
|
|
||||||
[
|
|
||||||
{
|
|
||||||
"KeyCode" : "CP-401405",
|
|
||||||
"OperationCode" : "NuGetSign",
|
|
||||||
"Parameters" : {},
|
|
||||||
"ToolName" : "sign",
|
|
||||||
"ToolVersion" : "1.0"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"KeyCode" : "CP-401405",
|
|
||||||
"OperationCode" : "NuGetVerify",
|
|
||||||
"Parameters" : {},
|
|
||||||
"ToolName" : "sign",
|
|
||||||
"ToolVersion" : "1.0"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
SessionTimeout: '60'
|
|
||||||
MaxConcurrency: '50'
|
|
||||||
MaxRetryAttempts: '5'
|
|
||||||
|
|
||||||
- task: CopyFiles@2
|
- task: CopyFiles@2
|
||||||
displayName: MoveToOutputDirectory
|
displayName: MoveToOutputDirectory
|
||||||
|
|
Загрузка…
Ссылка в новой задаче