Skip to content
This repository was archived by the owner on May 15, 2025. It is now read-only.

Commit c3bf8fc

Browse files
ricaunmatkoch
ricaun
authored and
matkoch
committed
fix(tools): missing NuGetKeyVaultSignToolTasks (#1485)
1 parent dd017b1 commit c3bf8fc

File tree

1 file changed

+108
-0
lines changed

1 file changed

+108
-0
lines changed

source/Nuke.Common/Tools/NuGetKeyVaultSignTool/NuGetKeyVaultSignTool.json

+108
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,108 @@
1+
{
2+
"$schema": "https://raw.githubusercontent.com/nuke-build/nuke/master/source/Nuke.Tooling.Generator/schema.json",
3+
"name": "NuGetKeyVaultSignTool",
4+
"officialUrl": "https://github.com/novotnyllc/NuGetKeyVaultSignTool",
5+
"help": "NuGet Key Vault Sign Tool is similar to <c>nuget sign</c>, with the major difference being that it uses Azure Key Vault for performing the signing process. Similar usage configuration like <c>AzureSignTool</c>, except is used to sign nuget package.",
6+
"nugetPackageId": "NuGetKeyVaultSignTool",
7+
"packageExecutable": "NuGetKeyVaultSignTool.dll",
8+
"tasks": [
9+
{
10+
"definiteArgument": "sign",
11+
"settingsClass": {
12+
"properties": [
13+
{
14+
"name": "File",
15+
"type": "string",
16+
"format": "{value}",
17+
"help": "Package to sign."
18+
},
19+
{
20+
"name": "KeyVaultUrl",
21+
"type": "string",
22+
"format": "--azure-key-vault-url {value}",
23+
"help": "A fully qualified URL of the key vault with the certificate that will be used for signing. An example value might be <c>https://my-vault.vault.azure.net</c>."
24+
},
25+
{
26+
"name": "KeyVaultClientId",
27+
"type": "string",
28+
"format": "--azure-key-vault-client-id {value}",
29+
"help": "This is the client ID used to authenticate to Azure, which will be used to generate an access token. This parameter is not required if an access token is supplied directly with the <c>--azure-key-vault-accesstoken</c> option. If this parameter is supplied, <c>--azure-key-vault-client-secret</c> and <c>--azure-key-vault-tenant-id</c> must be supplied as well."
30+
},
31+
{
32+
"name": "KeyVaultClientSecret",
33+
"type": "string",
34+
"format": "--azure-key-vault-client-secret {value}",
35+
"secret": true,
36+
"help": "This is the client secret used to authenticate to Azure, which will be used to generate an access token. This parameter is not required if an access token is supplied directly with the <c>--azure-key-vault-accesstoken</c> option or when using managed identities with <c>--azure-key-vault-managed-identity</c>. If this parameter is supplied, <c>--azure-key-vault-client-id</c> and <c>--azure-key-vault-tenant-id</c> must be supplied as well."
37+
},
38+
{
39+
"name": "KeyVaultTenantId",
40+
"type": "string",
41+
"format": "--azure-key-vault-tenant-id {value}",
42+
"help": "This is the tenant id used to authenticate to Azure, which will be used to generate an access token. This parameter is not required if an access token is supplied directly with the <c>--azure-key-vault-accesstoken</c> option or when using managed identities with <c>--azure-key-vault-managed-identity</c>. If this parameter is supplied, <c>--azure-key-vault-client-id</c> and <c>--azure-key-vault-client-secret</c> must be supplied as well."
43+
},
44+
{
45+
"name": "KeyVaultCertificateName",
46+
"type": "string",
47+
"format": "--azure-key-vault-certificate {value}",
48+
"help": "The name of the certificate used to perform the signing operation."
49+
},
50+
{
51+
"name": "KeyVaultAccessToken",
52+
"type": "string",
53+
"format": "--azure-key-vault-accesstoken {value}",
54+
"secret": true,
55+
"help": "An access token used to authenticate to Azure. This can be used instead of the <c>--azure-key-vault-managed-identity</c>, <c>--azure-key-vault-client-id</c> and <c>--azure-key-vault-client-secret</c> options. This is useful if NuGetKeyVaultSignTool is being used as part of another program that is already authenticated and has an access token to Azure."
56+
},
57+
{
58+
"name": "KeyVaultManagedIdentity",
59+
"type": "bool",
60+
"format": "--azure-key-vault-managed-identity",
61+
"help": "Use the ambient Managed Identity to authenticate to Azure. This can be used instead of the <c>--azure-key-vault-accesstoken</c>, <c>--azure-key-vault-client-id</c> and <c>--azure-key-vault-client-secret</c> options. This is useful if NuGetKeyVaultSignTool is being used on a VM/service/CLI that is configured for managed identities to Azure."
62+
},
63+
{
64+
"name": "TimestampRfc3161Url",
65+
"type": "string",
66+
"format": "--timestamp-rfc3161 {value}",
67+
"help": "A URL to an RFC3161 compliant timestamping service. This parameter serves the same purpose as the <c>/tr</c> option in the Windows SDK <c>signtool</c>. This parameter should be used in favor of the <c>--timestamp</c> option. Using this parameter will allow using modern, RFC3161 timestamps which also support timestamp digest algorithms other than SHA1."
68+
},
69+
{
70+
"name": "TimestampDigest",
71+
"type": "NuGetKeyVaultSignToolDigestAlgorithm",
72+
"format": "--timestamp-digest {value}",
73+
"help": "The name of the digest algorithm used for timestamping. This parameter is ignored unless the <c>--timestamp-rfc3161</c> parameter is also supplied. The default value is <c>sha256</c>."
74+
},
75+
{
76+
"name": "FileDigest",
77+
"type": "NuGetKeyVaultSignToolDigestAlgorithm",
78+
"format": "--file-digest {value}",
79+
"help": "The name of the digest algorithm used for hashing the file being signed. The default value is <c>sha256</c>."
80+
},
81+
{
82+
"name": "Force",
83+
"type": "bool",
84+
"format": "--force",
85+
"help": "Overwrites a signature if it exists."
86+
},
87+
{
88+
"name": "Output",
89+
"type": "string",
90+
"format": "--output {value}",
91+
"help": "The output file. If omitted, overwrites input."
92+
}
93+
]
94+
}
95+
}
96+
],
97+
"enumerations": [
98+
{
99+
"name": "NuGetKeyVaultSignToolDigestAlgorithm",
100+
"values": [
101+
"sha1",
102+
"sha256",
103+
"sha384",
104+
"sha512"
105+
]
106+
}
107+
]
108+
}

0 commit comments

Comments
 (0)