1
0
mirror of https://github.com/bitwarden/desktop.git synced 2024-11-28 12:35:40 +01:00
bitwarden-desktop/.az-pipelines/sign-windows-artifacts.yml

77 lines
2.4 KiB
YAML
Raw Normal View History

2020-12-14 22:51:53 +01:00
trigger: none
pool:
vmImage: 'windows-latest'
2020-12-17 00:16:30 +01:00
variables:
- group: code-signing-test
2020-12-14 22:51:53 +01:00
steps:
2020-12-29 17:21:26 +01:00
#- task: DotNetCoreCLI@2
# inputs:
# command: 'custom'
# custom: 'tool'
# arguments: 'install --global azuresigntool'
# displayName: 'install AzureSignTool'
- script: |
set DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true
dotnet tool install --global AzureSignTool --version 2.0.17
2020-12-16 20:14:06 +01:00
2020-12-29 17:21:26 +01:00
- script: AzureSignTool.exe sign --help
2020-12-17 00:10:35 +01:00
displayName: 'Debugging AST'
2020-12-14 22:51:53 +01:00
- task: DownloadGitHubRelease@0
inputs:
2020-12-14 23:20:39 +01:00
connection: joseph-flinn
userRepository: joseph-flinn/desktop
displayName: 'git release artifacts'
2020-12-14 22:51:53 +01:00
- bash: |
GIT_RELEASE_VERSION=$(curl --silent "https://api.github.com/repos/joseph-flinn/desktop/releases/latest" | awk -F '"' '/tag_name/{print $4}' | awk '{print substr($1, 2); }')
echo "##vso[task.setvariable variable=git_release_version]$GIT_RELEASE_VERSION"
2020-12-16 21:04:08 +01:00
displayName: 'set git_release_version'
2020-12-16 21:24:48 +01:00
- script: |
2020-12-16 20:14:06 +01:00
ls -alh $(System.ArtifactsDirectory)
2020-12-16 21:10:20 +01:00
echo GIT_RELEASE_VERSION=$(git_release_version)
2020-12-16 20:14:06 +01:00
displayName: 'show artifacts'
2020-12-28 21:19:02 +01:00
- script: |
2020-12-29 17:21:26 +01:00
AzureSignTool.exe sign ^
2020-12-28 23:25:20 +01:00
-kvu "$(SigningVaultURL)" ^
-kvi "$(SigningClientId)" ^
-kvs "$(SigningClientSecret)" ^
-kvt "$(SigningTenantId)" ^
-kvc "$(SigningCertName)" ^
2020-12-29 17:21:26 +01:00
-tr http://timestamp.digicert.com ^
2020-12-28 23:25:20 +01:00
-v ^
2020-12-28 23:45:10 +01:00
"$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx"
displayName: 'Sign artifacts 32-bit'
- script: |
azuresigntool sign ^
-kvu "$(SigningVaultURL)" ^
-kvi "$(SigningClientId)" ^
-kvs "$(SigningClientSecret)" ^
-kvt "$(SigningTenantId)" ^
-kvc "$(SigningCertName)" ^
-v ^
2020-12-28 23:25:20 +01:00
"$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-x64.appx"
2020-12-28 23:45:10 +01:00
displayName: 'Sign artifacts 64-bit'
2020-12-16 23:03:54 +01:00
2020-12-29 17:21:26 +01:00
- task: CmdLine@2
displayName: 'Sign artifact test'
inputs:
script: AzureSignTool sign -du "$(SigningURL)" -kvu "$(SigningVaultURL)" -kvi "$(SigningClientId)" -kvs "$(SigningClientSecret)" -kvc "$(SigningCertName)" -v "$(System.ArtifactsDirectory)\Bitwarden-$(git_release_version)-ia32.appx"
2020-12-16 23:05:15 +01:00
- task: PublishPipelineArtifact@1
2020-12-16 23:03:54 +01:00
inputs:
pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-ia32.appx'
artifactName: 'Bitwarden-$(git_release_version)-ia32.appx'
2020-12-16 23:05:15 +01:00
- task: PublishPipelineArtifact@1
2020-12-16 23:03:54 +01:00
inputs:
pathToPublish: '$(System.DefaultWorkingDirectory)/dist/Bitwarden-$(git_release_version)-x64.appx'
artifactName: 'Bitwarden-$(git_release_version)-x64.appx'