github/msft-calculator
1
0
Fork 0
mirror of https://github.com/microsoft/calculator.git synced 2024-10-18 05:00:21 -07:00
Code Issues Packages Projects Releases Wiki Activity
main
msft-calculator/build/pipelines/templates/release-vpack.yaml
oneonezhang 1feb376108
Use managed identity for ESRP code signing task (#2185) 
* draft: update esrp

* variable

* update
2024-06-12 14:06:40 +08:00

64 lines
2.1 KiB
YAML
Raw Permalink Blame History

# This template contains a job to create a VPack. The VPack is used to preinstall the app in a
# Windows OS build.
jobs:
- job: ReleaseVPack
dependsOn: Package
variables:
skipComponentGovernanceDetection: true
templateContext:
outputs:
- output: pipelineArtifact
displayName: Publish vpack\app artifact with vpack manifest
targetPath: $(XES_VPACKMANIFESTDIRECTORY)\$(XES_VPACKMANIFESTNAME)
artifactName: vpackManifest
sbomEnabled: false
steps:
- checkout: none
- download: current
displayName: Download msixBundleSigned artifact
artifact: msixBundleSigned
- task: CopyFiles@2
displayName: Copy signed MsixBundle to vpack staging folder
inputs:
sourceFolder: $(Pipeline.Workspace)\msixBundleSigned
contents: Microsoft.WindowsCalculator_8wekyb3d8bbwe.msixbundle
targetFolder: $(Pipeline.Workspace)\vpack\msixBundle
- task: UniversalPackages@0
displayName: Download internals package
inputs:
command: download
downloadDirectory: $(Build.SourcesDirectory)
vstsFeed: WindowsInboxApps
vstsFeedPackage: calculator-internals
vstsPackageVersion: 0.0.109
- pwsh: |
$configPath = "$(Build.SourcesDirectory)\Tools\Build\Signing\ESRP-auth.json"
$auth = Get-Content -Raw $configPath | ConvertFrom-Json
$sbomKeyCode = $auth._ExtraContext.SbomKeyCode
echo $sbomKeyCode
echo "##vso[task.setvariable variable=SbomKeyCode]$sbomKeyCode"
displayName: Get SBOM Key Code
- task: PkgESVPack@12
displayName: Create and push vpack for app
env:
SYSTEM_ACCESSTOKEN: $(System.AccessToken)
inputs:
sourceDirectory: $(Pipeline.Workspace)\vpack\msixBundle
description: VPack for the Calculator Application
pushPkgName: calculator.app
version: $(versionMajor).$(versionMinor).$(versionBuild)
owner: paxeeapps
provData: true
taskLogVerbosity: Diagnostic
coseUsageScenario: 'product'
signSbom: true
sbomKeyCode: $(SbomKeyCode)
pathToEsrpAuthJson: '$(Build.SourcesDirectory)\Tools\Build\Signing\ESRP-auth.json'
Reference in New Issue View Git Blame Copy Permalink