Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
microsoft
GitHub Repository: microsoft/vscode
 Path: blob/main/build/azure-pipelines/cli/cli-darwin-sign.yml
3520 views
1
parameters:

2
  - name: VSCODE_CLI_ARTIFACTS

3
    type: object

4
    default: []

5


6
steps:

7
  - task: UseDotNet@2

8
    inputs:

9
      version: 6.x

10


11
  - task: EsrpCodeSigning@5

12
    inputs:

13
      UseMSIAuthentication: true

14
      ConnectedServiceName: vscode-esrp

15
      AppRegistrationClientId: $(ESRP_CLIENT_ID)

16
      AppRegistrationTenantId: $(ESRP_TENANT_ID)

17
      AuthAKVName: vscode-esrp

18
      AuthSignCertName: esrp-sign

19
      FolderPath: .

20
      Pattern: noop

21
    displayName: 'Install ESRP Tooling'

22


23
  - ${{ each target in parameters.VSCODE_CLI_ARTIFACTS }}:

24
    - task: DownloadPipelineArtifact@2

25
      displayName: Download ${{ target }}

26
      inputs:

27
        artifact: ${{ target }}

28
        path: $(Build.ArtifactStagingDirectory)/pkg/${{ target }}

29


30
    - task: ExtractFiles@1

31
      displayName: Extract artifact

32
      inputs:

33
        archiveFilePatterns: $(Build.ArtifactStagingDirectory)/pkg/${{ target }}/*.zip

34
        destinationFolder: $(Build.ArtifactStagingDirectory)/sign/${{ target }}

35


36
  - script: node build/azure-pipelines/common/sign $(Agent.RootDirectory)/_tasks/EsrpCodeSigning_*/*/net6.0/esrpcli.dll sign-darwin $(Build.ArtifactStagingDirectory)/pkg "*.zip"

37
    env:

38
      SYSTEM_ACCESSTOKEN: $(System.AccessToken)

39
    displayName:  Codesign

40


41
  - script: node build/azure-pipelines/common/sign $(Agent.RootDirectory)/_tasks/EsrpCodeSigning_*/*/net6.0/esrpcli.dll notarize-darwin $(Build.ArtifactStagingDirectory)/pkg "*.zip"

42
    env:

43
      SYSTEM_ACCESSTOKEN: $(System.AccessToken)

44
    displayName:  Notarize

45


46
  - ${{ each target in parameters.VSCODE_CLI_ARTIFACTS }}:

47
    - script: |

48
        set -e

49
        ASSET_ID=$(echo "${{ target }}" | sed "s/unsigned_//")

50
        mv $(Build.ArtifactStagingDirectory)/pkg/${{ target }}/${{ target }}.zip $(Build.ArtifactStagingDirectory)/pkg/${{ target }}/$ASSET_ID.zip

51
        echo "##vso[task.setvariable variable=ASSET_ID]$ASSET_ID"

52
      displayName: Set asset id variable

53


54
    - template: ../common/publish-artifact.yml@self

55
      parameters:

56
        targetPath: $(Build.ArtifactStagingDirectory)/pkg/${{ target }}/$(ASSET_ID).zip

57
        artifactName: $(ASSET_ID)

58
        displayName: Publish signed artifact with ID $(ASSET_ID)

59
        sbomBuildDropPath: $(Build.ArtifactStagingDirectory)/sign/${{ target }}

60
        sbomPackageName: "VS Code macOS ${{ target }} CLI"

61
        sbomPackageVersion: $(Build.SourceVersion)

62


63