Add nuget package signature
This commit is contained in:
Jérôme Laban
Родитель
650f057633
Коммит
d5e86d1502
12
.vsts-ci.yml
12
.vsts-ci.yml
|
|
@ -22,6 +22,18 @@ jobs:
|
|||
OverWrite: false
|
||||
flattenFolders: false
|
||||
|
||||
- task: PowerShell@2
|
||||
displayName: Authenticode Sign Packages
|
||||
inputs:
|
||||
filePath: build/Sign-Package.ps1
|
||||
env:
|
||||
SignClientUser: $(SignClientUser)
|
||||
SignClientSecret: $(SignClientSecret)
|
||||
SignPackageName: "Uno Source Generation Tasks"
|
||||
SignPackageDescription: "Uno Source Generation Tasks"
|
||||
ArtifactDirectory: $(build.artifactstagingdirectory)
|
||||
condition: and(succeeded(), not(eq(variables['build.reason'], 'PullRequest')), not(eq(variables['SignClientSecret'], '')), not(eq(variables['SignClientUser'], '')))
|
||||
|
||||
- task: PublishBuildArtifacts@1
|
||||
inputs:
|
||||
PathtoPublish: $(build.artifactstagingdirectory)
|
||||
|
|
|
|||
|
|
@ -0,0 +1,13 @@
|
|||
{
|
||||
"SignClient": {
|
||||
"AzureAd": {
|
||||
"AADInstance": "https://login.microsoftonline.com/",
|
||||
"ClientId": "8138ef14-0570-432c-8aad-9f73f05297d5",
|
||||
"TenantId": "6d53ef61-b6d1-4150-ae0b-43b90e75e0cd"
|
||||
},
|
||||
"Service": {
|
||||
"Url": "https://nv-signservice.azurewebsites.net",
|
||||
"ResourceId": "https://SignService/715027a2-5a78-4271-9a16-f4502f1706fe"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,22 @@
|
|||
$currentDirectory = split-path $MyInvocation.MyCommand.Definition
|
||||
|
||||
# See if we have the ClientSecret available
|
||||
if ([string]::IsNullOrEmpty($env:SignClientSecret)) {
|
||||
Write-Host "Client Secret not found, not signing packages"
|
||||
return;
|
||||
}
|
||||
|
||||
dotnet tool install --tool-path . SignClient
|
||||
|
||||
# Setup Variables we need to pass into the sign client tool
|
||||
$appSettings = "$currentDirectory\SignClient.json"
|
||||
|
||||
$nupgks = Get-ChildItem $Env:ArtifactDirectory\*.nupkg | Select-Object -ExpandProperty FullName
|
||||
|
||||
foreach ($nupkg in $nupgks) {
|
||||
Write-Host "Submitting $nupkg for signing"
|
||||
.\SignClient 'sign' -c $appSettings -i $nupkg -r $env:SignClientUser -s $env:SignClientSecret -n "$env:SignPackageName" -d "$env:SignPackageDescription" -u "$env:build_repository_uri"
|
||||
Write-Host "Finished signing $nupkg"
|
||||
}
|
||||
|
||||
Write-Host "Sign-package complete"
|
||||
Загрузка…
Ссылка в новой задаче