Skip to content

Commit a44f237

Browse files
mjcheethammjcheetham
authored
Merge pull request #1972 from microsoft/esrp
Replace Microbuild with 1ES PT + ESRP
2 parents 7e2fd01 + 6eaea92 commit a44f237

10 files changed

Lines changed: 594 additions & 132 deletions

File tree

.azure-pipelines/esrp/sign.yml

Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,59 @@
1+
# Reusable step template for ESRP code signing via EsrpCodeSigning@6.
2+
#
3+
# Wraps a single signing operation with automatic cleanup of the
4+
# CodeSignSummary-<guid>.md report ESRP CLI drops into the signing
5+
# folder -- otherwise that file is packaged into the installer or
6+
# uploaded as part of the pipeline artifact.
7+
#
8+
parameters:
9+
- name: displayName
10+
type: string
11+
- name: folderPath
12+
type: string
13+
- name: pattern
14+
type: string
15+
- name: inlineOperation
16+
type: string
17+
# ESRP connection parameters (defaults use pipeline variables)
18+
- name: connectedServiceName
19+
type: string
20+
default: $(esrpAppConnectionName)
21+
- name: appRegistrationClientId
22+
type: string
23+
default: $(esrpClientId)
24+
- name: appRegistrationTenantId
25+
type: string
26+
default: $(esrpTenantId)
27+
- name: authAkvName
28+
type: string
29+
default: $(esrpKeyVaultName)
30+
- name: authSignCertName
31+
type: string
32+
default: $(esrpSignReqCertName)
33+
- name: serviceEndpointUrl
34+
type: string
35+
default: $(esrpEndpointUrl)
36+
37+
steps:
38+
- task: EsrpCodeSigning@6
39+
displayName: '${{ parameters.displayName }}'
40+
inputs:
41+
connectedServiceName: '${{ parameters.connectedServiceName }}'
42+
useMSIAuthentication: true
43+
appRegistrationClientId: '${{ parameters.appRegistrationClientId }}'
44+
appRegistrationTenantId: '${{ parameters.appRegistrationTenantId }}'
45+
authAkvName: '${{ parameters.authAkvName }}'
46+
authSignCertName: '${{ parameters.authSignCertName }}'
47+
serviceEndpointUrl: '${{ parameters.serviceEndpointUrl }}'
48+
folderPath: '${{ parameters.folderPath }}'
49+
pattern: '${{ parameters.pattern }}'
50+
useMinimatch: true
51+
signConfigType: inlineSignParams
52+
inlineOperation: ${{ parameters.inlineOperation }}
53+
54+
- task: PowerShell@2
55+
displayName: 'Clean up code signing artifacts (${{ parameters.displayName }})'
56+
inputs:
57+
targetType: inline
58+
script: |
59+
Remove-Item -Force "${{ parameters.folderPath }}\CodeSignSummary-*.md" -ErrorAction SilentlyContinue

0 commit comments

Comments
 (0)