From fd4f7521ae519a69ac3409714ebe4387e00f278a Mon Sep 17 00:00:00 2001 From: Maggiekimani1 Date: Fri, 9 Aug 2024 11:23:39 +0300 Subject: [PATCH] Upgrade ESRPCodeSigning tasks --- .azure-pipelines/ci-build.yml | 71 ++++++++++++++++++++--------------- 1 file changed, 41 insertions(+), 30 deletions(-) diff --git a/.azure-pipelines/ci-build.yml b/.azure-pipelines/ci-build.yml index 50407cd50..8a2e7ef18 100644 --- a/.azure-pipelines/ci-build.yml +++ b/.azure-pipelines/ci-build.yml @@ -78,16 +78,18 @@ extends: projects: '$(Build.SourcesDirectory)\Microsoft.OpenApi.sln' arguments: '--configuration $(BuildConfiguration) --no-build' - - task: EsrpCodeSigning@2 - displayName: 'ESRP CodeSigning' + - task: EsrpCodeSigning@5 inputs: - ConnectedServiceName: 'microsoftgraph ESRP CodeSign DLL and NuGet (AKV)' - FolderPath: src - signConfigType: inlineSignParams + ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection' + AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8' + AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2' + AuthAKVName: 'akv-prod-eastus' + AuthCertName: 'ReferenceLibraryPrivateCert' + AuthSignCertName: 'ReferencePackagePublisherCertificate' + FolderPath: '$(Build.SourcesDirectory)\src' + Pattern: '*.dll' UseMinimatch: true - Pattern: | - **\*.exe - **\*.dll + signConfigType: 'inlineSignParams' inlineOperation: | [ { @@ -126,7 +128,10 @@ extends: "toolVersion": "1.0" } ] - SessionTimeout: 20 + SessionTimeout: '20' + MaxConcurrency: '50' + MaxRetryAttempts: '5' + PendingAnalysisWaitTimeoutMinutes: '5' # Pack core lib - pwsh: dotnet pack $(Build.SourcesDirectory)/src/Microsoft.OpenApi/Microsoft.OpenApi.csproj -o $(Build.ArtifactStagingDirectory) --configuration $(BuildConfiguration) --no-build --include-symbols --include-source /p:SymbolPackageFormat=snupkg @@ -140,32 +145,38 @@ extends: - pwsh: dotnet pack $(Build.SourcesDirectory)/src/Microsoft.OpenApi.Hidi/Microsoft.OpenApi.Hidi.csproj -o $(Build.ArtifactStagingDirectory) --configuration $(BuildConfiguration) --no-build --include-symbols --include-source /p:SymbolPackageFormat=snupkg displayName: 'pack Hidi' - - task: EsrpCodeSigning@2 - displayName: 'ESRP CodeSigning Nuget Packages' + - task: EsrpCodeSigning@5 inputs: - ConnectedServiceName: 'microsoftgraph ESRP CodeSign DLL and NuGet (AKV)' + ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection' + AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8' + AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2' + AuthAKVName: 'akv-prod-eastus' + AuthCertName: 'ReferenceLibraryPrivateCert' + AuthSignCertName: 'ReferencePackagePublisherCertificate' FolderPath: '$(Build.ArtifactStagingDirectory)' Pattern: '*.nupkg' - signConfigType: inlineSignParams - UseMinimatch: true + signConfigType: 'inlineSignParams' inlineOperation: | [ - { - "keyCode": "CP-401405", - "operationSetCode": "NuGetSign", - "parameters": [ ], - "toolName": "sign", - "toolVersion": "1.0" - }, - { - "keyCode": "CP-401405", - "operationSetCode": "NuGetVerify", - "parameters": [ ], - "toolName": "sign", - "toolVersion": "1.0" - } - ] - SessionTimeout: 20 + { + "keyCode": "CP-401405", + "operationSetCode": "NuGetSign", + "parameters": [ ], + "toolName": "sign", + "toolVersion": "1.0" + }, + { + "keyCode": "CP-401405", + "operationSetCode": "NuGetVerify", + "parameters": [ ], + "toolName": "sign", + "toolVersion": "1.0" + } + ] + SessionTimeout: '60' + MaxConcurrency: '50' + MaxRetryAttempts: '5' + PendingAnalysisWaitTimeoutMinutes: '5' - task: PowerShell@2 displayName: "Get Hidi's version-number from .csproj"