Work CI-CD

- Replace sign tool with newest version. - Rework variable declaration to include sing group. ***NO_CI***
nanoframework · Jan 29, 2024 · dd8f80d · dd8f80d
1 parent aae3470
commit dd8f80d
Showing 1 changed file with 25 additions and 17 deletions.
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
@@ -39,11 +39,17 @@ pool:
   vmImage: 'windows-latest'
 
 variables:
-  DOTNET_NOLOGO: true
-  solution: 'nanoFrameworkDeployer.sln'
-  buildPlatform: 'Any CPU'
-  buildConfiguration: 'Release'
-  isTag: $[startsWith(variables['Build.SourceBranch'], 'refs/tags/v')]
+  - group: sign-client-credentials
+  - name: DOTNET_NOLOGO
+    value: true  
+  - name: buildPlatform
+    value: 'Any CPU'  
+  - name: buildConfiguration
+    value: 'Release'
+  - name: solution
+    value: 'nanoFrameworkDeployer.sln'
+  - name: isTag
+    value: $[startsWith(variables['Build.SourceBranch'], 'refs/tags/v')]
 
 steps:
 
@@ -189,7 +195,7 @@ steps:
   inputs:
     command: custom
     custom: tool
-    arguments: install --tool-path . SignClient
+    arguments: install --tool-path . sign --version 0.9.1-beta.23530.1
 
 # update cloud build number (only possible if this is not a PR from a fork)
 - task: PowerShell@2
@@ -252,18 +258,20 @@ steps:
       **\nanoFrameworkDeployer.exe
     TargetFolder: '$(Build.ArtifactStagingDirectory)'
     flattenFolders: true
-  
+
 - pwsh: |
-    .\SignClient "Sign" `
-    --baseDirectory "$(Build.ArtifactStagingDirectory)" `
-    --input "**/*.nupkg" `
-    --config "$(Build.Repository.LocalPath)\config\SignClient.json" `
-    --filelist "$(Build.Repository.LocalPath)\config\filelist.txt" `
-    --user "$(SignClientUser)" `
-    --secret '$(SignClientSecret)' `
-    --name ".NET nanoFramework Deployer" `
-    --description ".NET nanoFramework Deployer" `
-    --descriptionUrl "https://github.com/$env:Build_Repository_Name"
+    .\sign code azure-key-vault `
+    "**/*.nupkg" `
+    --base-directory "$(Build.ArtifactStagingDirectory)" `
+    --file-list "$(Build.Repository.LocalPath)\config\filelist.txt" `
+    --description "$(nugetPackageName)" `
+    --description-url "https://github.com/$env:Build_Repository_Name" `
+    --azure-key-vault-tenant-id "$(SignTenantId)" `
+    --azure-key-vault-client-id "$(SignClientId)" `
+    --azure-key-vault-client-secret "$(SignClientSecret)" `
+    --azure-key-vault-certificate "$(SignKeyVaultCertificate)" `
+    --azure-key-vault-url "$(SignKeyVaultUrl)" `
+    --timestamp-url http://timestamp.digicert.com
   displayName: Sign packages
   continueOnError: true
   condition: >-