bitwarden-browser/.az-pipelines/sign-windows-artifacts.yml

trigger: none

pool:
  vmImage: 'windows-latest'

variables:
- group: code-signing-test

steps:
  #- script: |
  #    set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true
  #    dotnet tool install --global AzureSignTool --version 2.0.17
  #  displayName: 'install AzureSignTool'
  
- script: |
    git clone https://github.com/vcsjones/AzureSignTool.git
    dotnet build    
  displayName: 'Install AST'

- script: azuresigntool sign --help
  displayName: 'Debugging AST'

- script: exit 1
  displayName: Premature Exit

- task: DownloadGitHubRelease@0
  inputs:
    connection: joseph-flinn
    userRepository: joseph-flinn/desktop
  displayName: 'git release artifacts'

- bash: |
    GIT_RELEASE_VERSION=$(curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | awk -F '"' '/tag_name/{print $4}' | awk '{print substr($1, 2); }') 
    echo "##vso[task.setvariable variable=git_release_version]$GIT_RELEASE_VERSION"    
  displayName: 'set git_release_version'

- script: |
    ls -alh $(System.ArtifactsDirectory)
    echo GIT_RELEASE_VERSION=$(git_release_version)    
  displayName: 'show artifacts'

- script: |
    azuresigntool sign -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -tr http://timestamp.digicert.com "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32-store.appx" "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64-store.appx"    
  displayName: 'Sign artifacts'

- task: PublishPipelineArtifact@1
  inputs:
    pathToPublish: '$(System.ArtifactsDirectory)/Bitwarden-$(git_release_version)-ia32-store.appx'
    artifactName: 'Bitwarden-$(git_release_version)-ia32-store.appx'

- task: PublishPipelineArtifact@1
  inputs:
    pathToPublish: '$(System.ArtifactsDirectory)/Bitwarden-$(git_release_version)-x64-store.appx'
    artifactName: 'Bitwarden-$(git_release_version)-x64-store.appx'