Skip to content

Commit f8e1093

Browse files
testforstephentestforstephen
authored
use MicroBuild to sign extension (#1541)
* use MicroBuild to sign extension * remove unnecessary customBuildTags * fix copy command * fix copy command * fix yaml error * fix copy command * fix ls command * remove dir command * fix copy plugin jar * update node to 20.x * fix copy command in windows * use CopyFiles task to copy plugin.jar to server * exclude sources.jar and javadoc.jar from RC * exclude sources.jar and javadoc.jar from server
1 parent 4d30fc1 commit f8e1093

File tree

2 files changed

+52
-93
lines changed

2 files changed

+52
-93
lines changed

.azure-pipelines/nightly.yml

Lines changed: 23 additions & 47 deletions
Original file line numberDiff line numberDiff line change
@@ -19,31 +19,27 @@ resources:
1919
- repository: self
2020
type: git
2121
ref: refs/heads/main
22-
- repository: 1esPipelines
22+
- repository: MicroBuildTemplate
2323
type: git
24-
name: 1ESPipelineTemplates/1ESPipelineTemplates
25-
ref: refs/tags/release
24+
name: 1ESPipelineTemplates/MicroBuildTemplate
2625
trigger: none
2726
extends:
28-
template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines
27+
template: azure-pipelines/MicroBuild.1ES.Official.yml@MicroBuildTemplate
2928
parameters:
3029
pool:
31-
name: 1ES_JavaTooling_Pool
32-
image: 1ES_JavaTooling_Windows_2022
33-
os: windows
34-
sdl:
35-
sourceAnalysisPool:
36-
name: 1ES_JavaTooling_Pool
37-
image: 1ES_JavaTooling_Windows_2022
38-
os: windows
39-
customBuildTags:
40-
- MigrationTooling-mseng-VSJava-13475-Tool
30+
name: MSEngSS-MicroBuild2022-1ES
4131
stages:
4232
- stage: Build
4333
jobs:
4434
- job: Job_1
4535
displayName: VSCode-Java-Debug-Nightly
4636
templateContext:
37+
mb:
38+
signing:
39+
enabled: true
40+
signType: real
41+
zipSources: false
42+
feedSource: 'https://mseng.pkgs.visualstudio.com/DefaultCollection/_packaging/MicroBuildToolset/nuget/v3/index.json'
4743
outputs:
4844
- output: pipelineArtifact
4945
artifactName: vsix
@@ -52,6 +48,10 @@ extends:
5248
steps:
5349
- checkout: self
5450
fetchTags: false
51+
- task: NodeTool@0
52+
displayName: Use Node 20.x
53+
inputs:
54+
versionSpec: 20.x
5555
- task: DownloadBuildArtifacts@1
5656
displayName: Download Build Artifacts
5757
inputs:
@@ -62,14 +62,12 @@ extends:
6262
downloadType: specific
6363
itemPattern: plugin/jars/com.microsoft.java.debug.plugin-*.jar
6464
extractTars: false
65-
- task: CmdLine@2
66-
displayName: cp plugin.jar to server
65+
- task: CopyFiles@2
66+
displayName: 'cp plugin.jar to server'
6767
inputs:
68-
script: |-
69-
mkdir -p server
70-
71-
cp $(System.ArtifactsDirectory)/plugin/jars/com.microsoft.java.debug.plugin-*[!a-zA-Z].jar server/
72-
ls -l server/
68+
SourceFolder: '$(System.ArtifactsDirectory)/plugin/jars'
69+
Contents: 'com.microsoft.java.debug.plugin-*.jar'
70+
TargetFolder: $(Build.SourcesDirectory)/server
7371
- task: Npm@1
7472
displayName: npm install
7573
inputs:
@@ -107,34 +105,12 @@ extends:
107105
AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId);TenantId=$(ApiScanTenant);AppKey=$(ApiScanSecret)
108106
- script: npx @vscode/vsce@latest generate-manifest -i extension.vsix -o extension.manifest
109107
displayName: 'Generate extension manifest'
110-
- script: cp extension.manifest extension.signature.p7s
108+
- script: copy extension.manifest extension.signature.p7s
111109
displayName: 'Prepare manifest for signing'
112-
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
110+
- task: CmdLine@2
111+
displayName: Sign extension
113112
inputs:
114-
ConnectedServiceName: $(ConnectedServiceName)
115-
AppRegistrationClientId: $(AppRegistrationClientId)
116-
AppRegistrationTenantId: $(AppRegistrationTenantId)
117-
AuthAKVName: $(AuthAKVName)
118-
AuthCertName: $(AuthCertName)
119-
AuthSignCertName: $(AuthSignCertName)
120-
FolderPath: '.'
121-
Pattern: 'extension.signature.p7s'
122-
signConfigType: inlineSignParams
123-
inlineOperation: |
124-
[
125-
{
126-
"keyCode": "CP-401405",
127-
"operationSetCode": "VSCodePublisherSign",
128-
"parameters" : [],
129-
"toolName": "sign",
130-
"toolVersion": "1.0"
131-
}
132-
]
133-
SessionTimeout: 90
134-
MaxConcurrency: 25
135-
MaxRetryAttempts: 5
136-
PendingAnalysisWaitTimeoutMinutes: 5
137-
displayName: 'Sign extension'
113+
script: dotnet %MBSIGN_APPFOLDER%/ddsignfiles.dll /file:extension.signature.p7s /certs:4014052
138114
- task: CopyFiles@2
139115
displayName: "Copy Files to: $(Build.ArtifactStagingDirectory)/vsix"
140116
inputs:

.azure-pipelines/rc.yml

Lines changed: 29 additions & 46 deletions
Original file line numberDiff line numberDiff line change
@@ -14,31 +14,27 @@ resources:
1414
- repository: self
1515
type: git
1616
ref: refs/heads/main
17-
- repository: 1esPipelines
17+
- repository: MicroBuildTemplate
1818
type: git
19-
name: 1ESPipelineTemplates/1ESPipelineTemplates
20-
ref: refs/tags/release
19+
name: 1ESPipelineTemplates/MicroBuildTemplate
2120
trigger: none
2221
extends:
23-
template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines
22+
template: azure-pipelines/MicroBuild.1ES.Official.yml@MicroBuildTemplate
2423
parameters:
2524
pool:
26-
name: 1ES_JavaTooling_Pool
27-
image: 1ES_JavaTooling_Windows_2022
28-
os: windows
29-
sdl:
30-
sourceAnalysisPool:
31-
name: 1ES_JavaTooling_Pool
32-
image: 1ES_JavaTooling_Windows_2022
33-
os: windows
34-
customBuildTags:
35-
- MigrationTooling-mseng-VSJava-9157-Tool
25+
name: MSEngSS-MicroBuild2022-1ES
3626
stages:
3727
- stage: Build
3828
jobs:
3929
- job: Job_1
4030
displayName: VSCode-Java-Debug-RC
4131
templateContext:
32+
mb:
33+
signing:
34+
enabled: true
35+
signType: real
36+
zipSources: false
37+
feedSource: 'https://mseng.pkgs.visualstudio.com/DefaultCollection/_packaging/MicroBuildToolset/nuget/v3/index.json'
4238
outputs:
4339
- output: pipelineArtifact
4440
artifactName: vsix
@@ -47,6 +43,10 @@ extends:
4743
steps:
4844
- checkout: self
4945
fetchTags: true
46+
- task: NodeTool@0
47+
displayName: Use Node 20.x
48+
inputs:
49+
versionSpec: 20.x
5050
- task: DownloadBuildArtifacts@1
5151
displayName: Download Build Artifacts
5252
inputs:
@@ -57,14 +57,19 @@ extends:
5757
downloadType: specific
5858
itemPattern: m2/com.microsoft.java.debug.plugin/com.microsoft.java.debug.plugin-*.jar
5959
extractTars: false
60+
- task: CopyFiles@2
61+
displayName: 'cp plugin.jar to server'
62+
inputs:
63+
SourceFolder: '$(System.ArtifactsDirectory)/m2/com.microsoft.java.debug.plugin'
64+
Contents: |
65+
com.microsoft.java.debug.plugin-*.jar
66+
TargetFolder: $(Build.SourcesDirectory)/server
6067
- task: CmdLine@2
61-
displayName: cp plugin.jar to server
68+
displayName: Delete sources.jar and javadoc.jar from server
6269
inputs:
63-
script: |-
64-
mkdir -p server
65-
66-
cp $(System.ArtifactsDirectory)/m2/com.microsoft.java.debug.plugin/com.microsoft.java.debug.plugin-*[!a-zA-Z].jar server/
67-
ls -l server/
70+
script: |
71+
del server\com.microsoft.java.debug.plugin-*-sources.jar
72+
del server\com.microsoft.java.debug.plugin-*-javadoc.jar
6873
- task: Npm@1
6974
displayName: npm install
7075
inputs:
@@ -98,34 +103,12 @@ extends:
98103
AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId);TenantId=$(ApiScanTenant);AppKey=$(ApiScanSecret)
99104
- script: npx @vscode/vsce@latest generate-manifest -i extension.vsix -o extension.manifest
100105
displayName: 'Generate extension manifest'
101-
- script: cp extension.manifest extension.signature.p7s
106+
- script: copy extension.manifest extension.signature.p7s
102107
displayName: 'Prepare manifest for signing'
103-
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
108+
- task: CmdLine@2
109+
displayName: Sign extension
104110
inputs:
105-
ConnectedServiceName: $(ConnectedServiceName)
106-
AppRegistrationClientId: $(AppRegistrationClientId)
107-
AppRegistrationTenantId: $(AppRegistrationTenantId)
108-
AuthAKVName: $(AuthAKVName)
109-
AuthCertName: $(AuthCertName)
110-
AuthSignCertName: $(AuthSignCertName)
111-
FolderPath: '.'
112-
Pattern: 'extension.signature.p7s'
113-
signConfigType: inlineSignParams
114-
inlineOperation: |
115-
[
116-
{
117-
"keyCode": "CP-401405",
118-
"operationSetCode": "VSCodePublisherSign",
119-
"parameters" : [],
120-
"toolName": "sign",
121-
"toolVersion": "1.0"
122-
}
123-
]
124-
SessionTimeout: 90
125-
MaxConcurrency: 25
126-
MaxRetryAttempts: 5
127-
PendingAnalysisWaitTimeoutMinutes: 5
128-
displayName: 'Sign extension'
111+
script: dotnet %MBSIGN_APPFOLDER%/ddsignfiles.dll /file:extension.signature.p7s /certs:4014052
129112
- task: CopyFiles@2
130113
displayName: "Copy Files to: $(Build.ArtifactStagingDirectory)/vsix"
131114
inputs:

0 commit comments

Comments
 (0)