[CI] Sign the contents of the bundle.zip to be used in xma. (#14970)
This commit is contained in:
Родитель
a27fbdc19f
Коммит
d89dfec8fb
|
@ -47,6 +47,48 @@ steps:
|
|||
displayName: 'Sign .msi'
|
||||
condition: ${{ parameters.condition }}
|
||||
|
||||
- pwsh: |
|
||||
mv $(Build.SourcesDirectory)/package/bundle.zip $(Build.ArtifactStagingDirectory)/not-signed-bundle.zip
|
||||
$bundlePath = "$(Build.ArtifactStagingDirectory)/bundle"
|
||||
unzip $(Build.ArtifactStagingDirectory)/not-signed-bundle.zip -d $bundlePath
|
||||
$patterns = @(
|
||||
"*.iOS.dll",
|
||||
"*.tvOS.dll",
|
||||
"*.Mac.dll", "*.macOS.dll", "*XamMac.dll",
|
||||
"*.MacCatalyst.dll",
|
||||
"*.WatchOS.dll"
|
||||
)
|
||||
$files = @()
|
||||
foreach ($p in $patterns) {
|
||||
$files += Get-ChildItem -Path $bundlePath -Recurse -Filter $p
|
||||
}
|
||||
|
||||
$SignFiles = @()
|
||||
foreach($f in $files) {
|
||||
Write-Host "$($f.FullName)"
|
||||
$SignFiles += @{ "SrcPath"="$($f.FullName)"}
|
||||
}
|
||||
|
||||
$SignFileRecord = @(
|
||||
@{
|
||||
"Certs" = "400";
|
||||
"SignFileList" = $SignFiles;
|
||||
}
|
||||
)
|
||||
|
||||
$SignFileList = @{
|
||||
"SignFileRecordList" = $SignFileRecord
|
||||
}
|
||||
|
||||
# Write the json to a file
|
||||
ConvertTo-Json -InputObject $SignFileList -Depth 100 | Out-File -FilePath $(Build.ArtifactStagingDirectory)/bundle.json -Force
|
||||
dotnet $Env:MBSIGN_APPFOLDER/ddsignfiles.dll /filelist:$(Build.ArtifactStagingDirectory)/bundle.json
|
||||
# rezip and move back
|
||||
ditto -c -k --sequesterRsrc --keepParent $bundlePath bundle.zip
|
||||
mv bundle.zip $(Build.SourcesDirectory)/package/bundle.zip
|
||||
displayName: 'Sign bundle.zip'
|
||||
workingDirectory: $(Build.ArtifactStagingDirectory)
|
||||
|
||||
- template: publish-nugets.yml
|
||||
|
||||
# always upload no matter what, since if we are not signing we need the artifact in the pipeline
|
||||
|
|
Загрузка…
Ссылка в новой задаче