test windows signing

dphulkar-msft · Jun 13, 2024 · e461ef0 · e461ef0
1 parent abf7e38
commit e461ef0
Showing 1 changed file with 51 additions and 92 deletions.
diff --git a/release-pipelines.yml b/release-pipelines.yml
@@ -977,73 +977,58 @@ stages:
               wget https://packages.microsoft.com/config/ubuntu/20.04/packages-microsoft-prod.deb 
               sudo dpkg -i packages-microsoft-prod.deb 
               sudo apt install apt-transport-https -y
-              sudo apt install dotnet-sdk-3.1 -y
             displayName: "Update dependencies"
-            
-          
-          # - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
-          #   displayName: 'ESRP CodeSigning azCopy windows'
-          #   inputs:
-          #     ConnectedServiceName: 'PMC ESRP azCopy Signing'
-          #     FolderPath: '$(Build.ArtifactStagingDirectory)/azCopy-windows-temp'
-          #     Pattern: '*.zip, *.exe'
-          #     signConfigType: inlineSignParams
-          #     VerboseLogin: true
-          #     inlineOperation: |
-          #       [
-          #         {
-          #           "KeyCode" : "$(ESRP_AZCOPY_MARINER_KEY_CODE)",
-          #           "OperationCode" : "WindowsSign",
-          #           "Parameters" : {},
-          #           "ToolName" : "sign",
-          #           "ToolVersion" : "1.0"
-          #         }
-          #       ]
-
-          # - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
-          #   displayName: 'Sign Windows exectuable'
-          #   inputs:
-          #     ConnectedServiceName: 'ESRP KeyVault identity'
-          #     AppRegistrationClientId: '77acb45d-e931-4568-9bfc-d0607bdf3759'
-          #     AppRegistrationTenantId: '72f988bf-86f1-41af-91ab-2d7cd011db47'
-          #     AuthAKVName: 'azcopy-esrp-kv'
-          #     AuthCertName: 'azcopy-auth'
-          #     AuthSignCertName: 'azcopy-sign-test'
-          #     FolderPath: '$(Build.ArtifactStagingDirectory)/azCopy-windows-temp'
-          #     Pattern: '*.exe, *.zip'
-          #     signConfigType: inlineSignParams
-          #     inlineOperation: |
-          #       [
-          #         {
-          #           "keyCode": "CP-230012",
-          #           "operationSetCode": "SigntoolSign",
-          #           "parameters": [
-          #             {
-          #               "parameterName": "OpusName",
-          #               "parameterValue": "Microsoft"
-          #             },
-          #             {
-          #               "parameterName": "OpusInfo",
-          #               "parameterValue": "http://www.microsoft.com"
-          #             },
-          #             {
-          #               "parameterName": "PageHash",
-          #               "parameterValue": "/NPH"
-          #             },
-          #             {
-          #               "parameterName": "FileDigest",
-          #               "parameterValue": "/fd sha256"
-          #             },
-          #             {
-          #               "parameterName": "TimeStamp",
-          #               "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
-          #             }
-          #           ],
-          #           "toolName": "signtool.exe",
-          #           "toolVersion": "6.2.9304.0"
-          #         }
-          #       ]
-          #     SessionTimeout: 30
+
+          - task: UseDotNet@2
+            displayName: 'Install .NET Core 6.0 runtime'
+            inputs:
+              packageType: 'runtime'
+              version: '6.0.0'
+
+          - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
+            displayName: 'Sign Windows exectuable'
+            inputs:
+              ConnectedServiceName: 'ESRP KeyVault identity'
+              AppRegistrationClientId: '77acb45d-e931-4568-9bfc-d0607bdf3759'
+              AppRegistrationTenantId: '72f988bf-86f1-41af-91ab-2d7cd011db47'
+              AuthAKVName: 'azcopy-esrp-kv'
+              AuthCertName: 'azcopy-auth'
+              AuthSignCertName: 'azcopy-sign-test'
+              FolderPath: '$(Build.ArtifactStagingDirectory)/azCopy-windows-temp'
+              Pattern: '*.exe, *.zip'
+              signConfigType: inlineSignParams
+              inlineOperation: |
+                [
+                  {
+                    "keyCode": "CP-230012",
+                    "operationSetCode": "SigntoolSign",
+                    "parameters": [
+                      {
+                        "parameterName": "OpusName",
+                        "parameterValue": "Microsoft"
+                      },
+                      {
+                        "parameterName": "OpusInfo",
+                        "parameterValue": "http://www.microsoft.com"
+                      },
+                      {
+                        "parameterName": "PageHash",
+                        "parameterValue": "/NPH"
+                      },
+                      {
+                        "parameterName": "FileDigest",
+                        "parameterValue": "/fd sha256"
+                      },
+                      {
+                        "parameterName": "TimeStamp",
+                        "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
+                      }
+                    ],
+                    "toolName": "signtool.exe",
+                    "toolVersion": "6.2.9304.0"
+                  }
+                ]
+              SessionTimeout: 30
 
 
           # Validate signed images have md5sum changed
@@ -1108,7 +1093,6 @@ stages:
               sudo dpkg -i packages-microsoft-prod.deb 
               sudo apt update 
               sudo apt install apt-transport-https -y
-              # sudo apt install dotnet-sdk-3.1 -y
             displayName: "Update dependencies"
             
           - task: UseDotNet@2
@@ -1117,31 +1101,6 @@ stages:
               packageType: 'runtime'
               version: '6.0.0'
 
-          # - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
-          #   displayName: 'ESRP CodeSigning macOS AzCopy'
-          #   inputs:
-          #     ConnectedServiceName: 'PMC ESRP AzCopy Signing'
-          #     AppRegistrationClientId: '77acb45d-e931-4568-9bfc-d0607bdf3759'
-          #     AppRegistrationTenantId: '72f988bf-86f1-41af-91ab-2d7cd011db47'
-          #     FolderPath: '$(Build.ArtifactStagingDirectory)/azCopy-mac-temp'
-          #     Pattern: 'azcopy_darwin*'
-          #     signConfigType: inlineSignParams
-          #     VerboseLogin: true
-          #     inlineOperation: |
-          #       [
-          #         {
-          #           "KeyCode" : "CP-401337-Apple",
-          #           "OperationCode" : "MacAppDeveloperSign",
-          #           "Parameters":{
-          #                 "Hardening":"--options=runtime"
-          #             },
-          #           "ToolName" : "sign",
-          #           "ToolVersion" : "1.0"
-          #         }
-          #       ]
-
-
-
           - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
             displayName: 'Sign Mac executable'
             inputs: