Adopt vsix sign in the release pipeline (#1039)

This commit is contained in:
Jinbo Wang 2024-07-29 12:47:20 +08:00 коммит произвёл GitHub
Родитель 959d00ce2e
Коммит 727a70844a
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: B5690EEEBB952194
2 изменённых файлов: 70 добавлений и 4 удалений

Просмотреть файл

@ -78,7 +78,7 @@ extends:
- bash: |
npx json@latest -I -f package.json -e "this.version=this.version.substring(0, this.version.lastIndexOf('.'))+\".$(date -u +'%Y%m%d%H')\""
displayName: Update patch version in package.json
- script: 'npx @vscode/vsce@latest package --pre-release'
- script: 'npx @vscode/vsce@latest package --pre-release -o extension.vsix'
displayName: 'package vsix'
### Copy files for APIScan
- task: CopyFiles@2
@ -99,8 +99,41 @@ extends:
condition: and(succeeded(), ne(variables['DisableAPIScan'], 'true'))
env:
AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId);TenantId=$(ApiScanTenant);AppKey=$(ApiScanSecret)
- script: npx @vscode/vsce@latest generate-manifest -i extension.vsix -o extension.manifest
displayName: 'Generate extension manifest'
- script: cp extension.manifest extension.signature.p7s
displayName: 'Prepare manifest for signing'
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
inputs:
ConnectedServiceName: $(EsrpConnectionServiceName)
AppRegistrationClientId: $(AppRegistrationClientId)
AppRegistrationTenantId: $(AppRegistrationTenantId)
AuthAKVName: $(AuthAKVName)
AuthCertName: $(AuthCertName)
AuthSignCertName: $(AuthSignCertName)
FolderPath: '.'
Pattern: 'extension.signature.p7s'
signConfigType: inlineSignParams
inlineOperation: |
[
{
"keyCode": "CP-401405",
"operationSetCode": "VSCodePublisherSign",
"parameters" : [],
"toolName": "sign",
"toolVersion": "1.0"
}
]
SessionTimeout: 90
MaxConcurrency: 25
MaxRetryAttempts: 5
PendingAnalysisWaitTimeoutMinutes: 5
displayName: 'Sign extension'
- task: CopyFiles@2
displayName: 'Copy Files to: $(Build.ArtifactStagingDirectory)'
inputs:
Contents: '*.vsix'
Contents: |
extension.vsix
extension.manifest
extension.signature.p7s
TargetFolder: '$(Build.ArtifactStagingDirectory)'

Просмотреть файл

@ -75,7 +75,7 @@ extends:
- bash: |
npx json@latest -I -f package.json -e "this.aiKey=\"$(AI_KEY)\""
displayName: Replace AI Key
- script: 'npx @vscode/vsce@latest package'
- script: 'npx @vscode/vsce@latest package -o extension.vsix'
displayName: 'package vsix'
### Copy files for APIScan
- task: CopyFiles@2
@ -96,8 +96,41 @@ extends:
condition: and(succeeded(), ne(variables['DisableAPIScan'], 'true'))
env:
AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId);TenantId=$(ApiScanTenant);AppKey=$(ApiScanSecret)
- script: npx @vscode/vsce@latest generate-manifest -i extension.vsix -o extension.manifest
displayName: 'Generate extension manifest'
- script: cp extension.manifest extension.signature.p7s
displayName: 'Prepare manifest for signing'
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
inputs:
ConnectedServiceName: $(EsrpConnectionServiceName)
AppRegistrationClientId: $(AppRegistrationClientId)
AppRegistrationTenantId: $(AppRegistrationTenantId)
AuthAKVName: $(AuthAKVName)
AuthCertName: $(AuthCertName)
AuthSignCertName: $(AuthSignCertName)
FolderPath: '.'
Pattern: 'extension.signature.p7s'
signConfigType: inlineSignParams
inlineOperation: |
[
{
"keyCode": "CP-401405",
"operationSetCode": "VSCodePublisherSign",
"parameters" : [],
"toolName": "sign",
"toolVersion": "1.0"
}
]
SessionTimeout: 90
MaxConcurrency: 25
MaxRetryAttempts: 5
PendingAnalysisWaitTimeoutMinutes: 5
displayName: 'Sign extension'
- task: CopyFiles@2
displayName: 'Copy Files to: $(Build.ArtifactStagingDirectory)'
inputs:
Contents: '*.vsix'
Contents: |
extension.vsix
extension.manifest
extension.signature.p7s
TargetFolder: '$(Build.ArtifactStagingDirectory)'