2020-12-14 22:51:53 +01:00
|
|
|
trigger: none
|
|
|
|
|
|
|
|
pool:
|
|
|
|
vmImage: 'windows-latest'
|
|
|
|
|
2020-12-17 00:16:30 +01:00
|
|
|
variables:
|
|
|
|
- group: code-signing-test
|
|
|
|
|
2020-12-14 22:51:53 +01:00
|
|
|
steps:
|
2020-12-29 17:21:26 +01:00
|
|
|
#- task: DotNetCoreCLI@2
|
|
|
|
# inputs:
|
|
|
|
# command: 'custom'
|
|
|
|
# custom: 'tool'
|
|
|
|
# arguments: 'install --global azuresigntool'
|
|
|
|
# displayName: 'install AzureSignTool'
|
|
|
|
|
|
|
|
- script: |
|
|
|
|
set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true
|
|
|
|
dotnet tool install --global AzureSignTool --version 2.0.17
|
2020-12-29 18:09:45 +01:00
|
|
|
displayName: 'install AzureSignTool'
|
2020-12-16 20:14:06 +01:00
|
|
|
|
2020-12-29 17:21:26 +01:00
|
|
|
- script: AzureSignTool.exe sign --help
|
2020-12-17 00:10:35 +01:00
|
|
|
displayName: 'Debugging AST'
|
|
|
|
|
2020-12-14 22:51:53 +01:00
|
|
|
- task: DownloadGitHubRelease@0
|
|
|
|
inputs:
|
2020-12-14 23:20:39 +01:00
|
|
|
connection: joseph-flinn
|
|
|
|
userRepository: joseph-flinn/desktop
|
2020-12-14 23:38:56 +01:00
|
|
|
displayName: 'git release artifacts'
|
2020-12-14 22:51:53 +01:00
|
|
|
|
2020-12-16 20:50:31 +01:00
|
|
|
- bash: |
|
2020-12-16 22:54:56 +01:00
|
|
|
GIT_RELEASE_VERSION=$(curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | awk -F '"' '/tag_name/{print $4}' | awk '{print substr($1, 2); }')
|
2020-12-16 20:50:31 +01:00
|
|
|
echo "##vso[task.setvariable variable=git_release_version]$GIT_RELEASE_VERSION"
|
2020-12-16 21:04:08 +01:00
|
|
|
displayName: 'set git_release_version'
|
2020-12-16 20:50:31 +01:00
|
|
|
|
2020-12-16 21:24:48 +01:00
|
|
|
- script: |
|
2020-12-16 20:14:06 +01:00
|
|
|
ls -alh $(System.ArtifactsDirectory)
|
2020-12-16 21:10:20 +01:00
|
|
|
echo GIT_RELEASE_VERSION=$(git_release_version)
|
2020-12-16 20:14:06 +01:00
|
|
|
displayName: 'show artifacts'
|
2020-12-14 23:38:56 +01:00
|
|
|
|
2020-12-29 18:15:30 +01:00
|
|
|
- script: AzureSignTool.exe sign --azure-key-vault-url "$(SigningVaultURL)" --azure-key-vault-client-id "$(SigningClientId)" --azure-key-vault-client-secret "$(SigningClientSecret)" --azure-key-vault-tenant-id "$(SigningTenantId)" --azure-key-vault-certificate "$(SigningCertName)" --timestamp-rfc3161 http://timestamp.digicert.com -v "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx"
|
2020-12-28 23:45:10 +01:00
|
|
|
displayName: 'Sign artifacts 32-bit'
|
|
|
|
|
|
|
|
- script: |
|
|
|
|
azuresigntool sign ^
|
|
|
|
-kvu "$(SigningVaultURL)" ^
|
|
|
|
-kvi "$(SigningClientId)" ^
|
|
|
|
-kvs "$(SigningClientSecret)" ^
|
|
|
|
-kvt "$(SigningTenantId)" ^
|
|
|
|
-kvc "$(SigningCertName)" ^
|
|
|
|
-v ^
|
2020-12-28 23:25:20 +01:00
|
|
|
"$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx"
|
2020-12-28 23:45:10 +01:00
|
|
|
displayName: 'Sign artifacts 64-bit'
|
2020-12-16 23:03:54 +01:00
|
|
|
|
2020-12-29 17:21:26 +01:00
|
|
|
- task: CmdLine@2
|
|
|
|
displayName: 'Sign artifact test'
|
|
|
|
inputs:
|
|
|
|
script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx"
|
|
|
|
|
2020-12-16 23:05:15 +01:00
|
|
|
- task: PublishPipelineArtifact@1
|
2020-12-16 23:03:54 +01:00
|
|
|
inputs:
|
|
|
|
pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-ia32.appx'
|
|
|
|
artifactName: 'Bitwarden-$(git_release_version)-ia32.appx'
|
|
|
|
|
2020-12-16 23:05:15 +01:00
|
|
|
- task: PublishPipelineArtifact@1
|
2020-12-16 23:03:54 +01:00
|
|
|
inputs:
|
|
|
|
pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-x64.appx'
|
|
|
|
artifactName: 'Bitwarden-$(git_release_version)-x64.appx'
|