Update ESRPCodeSigningTask to Version 5; Use WindowsAppSDK-EsrpCodeSigning-Steps.yml From WindowsAppSDKConfig Repository (#4499)

This commit is contained in:
Kyaw Thant 2024-06-19 17:12:41 -07:00 коммит произвёл GitHub
Родитель 09151ae082
Коммит 9ca4c66970
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: B5690EEEBB952194
4 изменённых файлов: 20 добавлений и 143 удалений

Просмотреть файл

@ -56,50 +56,16 @@ steps:
failOnAlert: true
- ${{ if eq(parameters.SignOutput, 'true') }}:
- task: EsrpCodeSigning@2
inputs:
ConnectedServiceName: 'Project Reunion ESRP Code Signing Connection'
- template: AzurePipelinesTemplates/WindowsAppSDK-EsrpCodeSigning-Steps.yml@WindowsAppSDKConfig
parameters:
FolderPath: '$(build.SourcesDirectory)\BuildOutput'
UseMinimatch: true
Pattern: |
**/*.winmd
**/*.dll
**/*.exe
UseMinimatch: true
signConfigType: 'inlineSignParams'
inlineOperation: |
[
{
"keyCode": "CP-230012",
"operationSetCode": "SigntoolSign",
"parameters": [
{
"parameterName": "OpusName",
"parameterValue": "Microsoft"
},
{
"parameterName": "OpusInfo",
"parameterValue": "http://www.microsoft.com"
},
{
"parameterName": "PageHash",
"parameterValue": "/NPH"
},
{
"parameterName": "FileDigest",
"parameterValue": "/fd sha256"
},
{
"parameterName": "TimeStamp",
"parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
}
],
"toolName": "signtool.exe",
"toolVersion": "6.2.9304.0"
}
]
SessionTimeout: '60'
MaxConcurrency: '50'
MaxRetryAttempts: '5'
KeyCode: 'CP-230012'
displayName: 'Authenticode CodeSign Binaries'
# Artifacts are uploaded via ob_outputDirectory where the each vPack Push jobs downloads from
# so the CopyFiles below are to move all the vPack files to the right locations

Просмотреть файл

@ -115,50 +115,16 @@ steps:
# continueOnError: true
- ${{ if eq(parameters.SignOutput, 'true') }}:
- task: EsrpCodeSigning@2
inputs:
ConnectedServiceName: 'Project Reunion ESRP Code Signing Connection'
- template: AzurePipelinesTemplates/WindowsAppSDK-EsrpCodeSigning-Steps.yml@WindowsAppSDKConfig
parameters:
FolderPath: '$(build.SourcesDirectory)\BuildOutput'
UseMinimatch: true
Pattern: |
**/*.winmd
**/*.dll
**/*.exe
UseMinimatch: true
signConfigType: 'inlineSignParams'
inlineOperation: |
[
{
"keyCode": "CP-230012",
"operationSetCode": "SigntoolSign",
"parameters": [
{
"parameterName": "OpusName",
"parameterValue": "Microsoft"
},
{
"parameterName": "OpusInfo",
"parameterValue": "http://www.microsoft.com"
},
{
"parameterName": "PageHash",
"parameterValue": "/NPH"
},
{
"parameterName": "FileDigest",
"parameterValue": "/fd sha256"
},
{
"parameterName": "TimeStamp",
"parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
}
],
"toolName": "signtool.exe",
"toolVersion": "6.2.9304.0"
}
]
SessionTimeout: '60'
MaxConcurrency: '50'
MaxRetryAttempts: '5'
KeyCode: 'CP-230012'
displayName: 'Authenticode CodeSign Binaries'
# Artifacts are uploaded via ob_outputDirectory where the each vPack Push jobs downloads from
# so the CopyFiles below are to move all the vPack files to the right locations

Просмотреть файл

@ -68,50 +68,16 @@ steps:
- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
- ${{ if eq(parameters.SignOutput, 'true') }}:
- task: EsrpCodeSigning@2
inputs:
ConnectedServiceName: 'Project Reunion ESRP Code Signing Connection'
- template: AzurePipelinesTemplates/WindowsAppSDK-EsrpCodeSigning-Steps.yml@WindowsAppSDKConfig
parameters:
FolderPath: '$(build.SourcesDirectory)\BuildOutput'
UseMinimatch: true
Pattern: |
**/*.winmd
**/*.dll
**/*.exe
UseMinimatch: true
signConfigType: 'inlineSignParams'
inlineOperation: |
[
{
"keyCode": "CP-230012",
"operationSetCode": "SigntoolSign",
"parameters": [
{
"parameterName": "OpusName",
"parameterValue": "Microsoft"
},
{
"parameterName": "OpusInfo",
"parameterValue": "http://www.microsoft.com"
},
{
"parameterName": "PageHash",
"parameterValue": "/NPH"
},
{
"parameterName": "FileDigest",
"parameterValue": "/fd sha256"
},
{
"parameterName": "TimeStamp",
"parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
}
],
"toolName": "signtool.exe",
"toolVersion": "6.2.9304.0"
}
]
SessionTimeout: '60'
MaxConcurrency: '50'
MaxRetryAttempts: '5'
KeyCode: 'CP-230012'
displayName: 'Authenticode CodeSign Binaries'
- task: CopyFiles@2
displayName: MoveToOutputDirectory

Просмотреть файл

@ -193,33 +193,12 @@ stages:
# arguments: -Platform "x64" -Configuration "release" -AzureBuildStep "BuildMock" -OutputDirectory "$(build.artifactStagingDirectory)\FullNuget" -PackageVersion "$(packageVersion)"
- ${{ if eq(parameters.SignOutput, 'true') }}:
- task: EsrpCodeSigning@2
inputs:
ConnectedServiceName: 'Project Reunion ESRP Code Signing Connection'
- template: AzurePipelinesTemplates/WindowsAppSDK-EsrpCodeSigning-Steps.yml@WindowsAppSDKConfig
parameters:
FolderPath: $(build.artifactStagingDirectory)\FullNuget
Pattern: 'Microsoft.WindowsAppSDK.Foundation*.nupkg'
KeyCode: 'CP-401405'
UseMinimatch: true
signConfigType: 'inlineSignParams'
inlineOperation: |
[
{
"KeyCode" : "CP-401405",
"OperationCode" : "NuGetSign",
"Parameters" : {},
"ToolName" : "sign",
"ToolVersion" : "1.0"
},
{
"KeyCode" : "CP-401405",
"OperationCode" : "NuGetVerify",
"Parameters" : {},
"ToolName" : "sign",
"ToolVersion" : "1.0"
}
]
SessionTimeout: '60'
MaxConcurrency: '50'
MaxRetryAttempts: '5'
- task: CopyFiles@2
displayName: MoveToOutputDirectory