From 0152b650317136826c492cea02cf705d941ede4c Mon Sep 17 00:00:00 2001 From: Jacob Viau Date: Tue, 2 Jul 2024 12:03:09 -0700 Subject: [PATCH] Use sign-files template (#2554) --- .../official/jobs/build-artifacts.yml | 102 ++++-------------- .../steps/build-extension-project.yml | 66 +++--------- 2 files changed, 30 insertions(+), 138 deletions(-) diff --git a/eng/ci/templates/official/jobs/build-artifacts.yml b/eng/ci/templates/official/jobs/build-artifacts.yml index dc1f837d9..4d3915c9b 100644 --- a/eng/ci/templates/official/jobs/build-artifacts.yml +++ b/eng/ci/templates/official/jobs/build-artifacts.yml @@ -33,36 +33,12 @@ jobs: projects: | DotNetWorker.sln - - task: EsrpCodeSigning@2 - displayName: Sign SDK assemblies - inputs: - ConnectedServiceName: ESRP Service-internal - FolderPath: sdk - Pattern: Microsoft.Azure.Functions.Worker.Sdk*.dll - signConfigType: inlineSignParams - inlineOperation: | - [ - { - "KeyCode": "CP-230012", - "OperationCode": "SigntoolSign", - "Parameters": { - "OpusName": "Microsoft", - "OpusInfo": "http://www.microsoft.com", - "FileDigest": "/fd \"SHA256\"", - "PageHash": "/NPH", - "TimeStamp": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256" - }, - "ToolName": "sign", - "ToolVersion": "1.0" - }, - { - "KeyCode": "CP-230012", - "OperationCode": "SigntoolVerify", - "Parameters": {}, - "ToolName": "sign", - "ToolVersion": "1.0" - } - ] + - template: ci/sign-files.yml@eng + parameters: + displayName: Sign SDK assemblies + folderPath: sdk + pattern: Microsoft.Azure.Functions.Worker.Sdk*.dll + signType: dll - task: DeleteFiles@1 displayName: Delete CodeSignSummary files @@ -70,36 +46,12 @@ jobs: sourceFolder: sdk contents: '**/CodeSignSummary-*.md' - - task: EsrpCodeSigning@2 - displayName: Sign DotNetWorker assemblies - inputs: - ConnectedServiceName: ESRP Service-internal - FolderPath: src - Pattern: Microsoft.Azure.Functions.Worker*.dll - signConfigType: inlineSignParams - inlineOperation: | - [ - { - "KeyCode": "CP-230012", - "OperationCode": "SigntoolSign", - "Parameters": { - "OpusName": "Microsoft", - "OpusInfo": "http://www.microsoft.com", - "FileDigest": "/fd \"SHA256\"", - "PageHash": "/NPH", - "TimeStamp": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256" - }, - "ToolName": "sign", - "ToolVersion": "1.0" - }, - { - "KeyCode": "CP-230012", - "OperationCode": "SigntoolVerify", - "Parameters": {}, - "ToolName": "sign", - "ToolVersion": "1.0" - } - ] + - template: ci/sign-files.yml@eng + parameters: + displayName: Sign DotNetWorker assemblies + folderPath: sdk + pattern: Microsoft.Azure.Functions.Worker*.dll + signType: dll - task: DeleteFiles@1 displayName: Delete CodeSignSummary files @@ -125,30 +77,12 @@ jobs: projects: | src/**/DotNetWorker*.csproj - - task: EsrpCodeSigning@2 - displayName: Sign nuget packages - inputs: - ConnectedServiceName: ESRP Service-internal - FolderPath: $(Build.ArtifactStagingDirectory)/NugetPackages - Pattern: Microsoft.Azure.Functions.Worker*.nupkg - signConfigType: inlineSignParams - inlineOperation: | - [ - { - "KeyCode": "CP-401405", - "OperationCode": "NuGetSign", - "Parameters": {}, - "ToolName": "sign", - "ToolVersion": "1.0" - }, - { - "KeyCode": "CP-401405", - "OperationCode": "NuGetVerify", - "Parameters": {}, - "ToolName": "sign", - "ToolVersion": "1.0" - } - ] + - template: ci/sign-files.yml@eng + parameters: + displayName: Sign nuget packages + folderPath: $(Build.ArtifactStagingDirectory)/NugetPackages + pattern: Microsoft.Azure.Functions.Worker*.nupkg + signType: nuget - task: DeleteFiles@1 displayName: Delete CodeSignSummary files diff --git a/eng/ci/templates/steps/build-extension-project.yml b/eng/ci/templates/steps/build-extension-project.yml index 6803f49c8..15a941e80 100644 --- a/eng/ci/templates/steps/build-extension-project.yml +++ b/eng/ci/templates/steps/build-extension-project.yml @@ -13,36 +13,12 @@ steps: projects: | extensions/${{ parameters.ExtensionProjectName }}/**/*.csproj - - task: EsrpCodeSigning@2 - displayName: Sign assemblies - inputs: - ConnectedServiceName: ESRP Service-internal - FolderPath: extensions - Pattern: Microsoft.Azure.Functions.Worker.Extensions*.dll - signConfigType: inlineSignParams - inlineOperation: | - [ - { - "KeyCode": "CP-230012", - "OperationCode": "SigntoolSign", - "Parameters": { - "OpusName": "Microsoft", - "OpusInfo": "http://www.microsoft.com", - "FileDigest": "/fd \"SHA256\"", - "PageHash": "/NPH", - "TimeStamp": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256" - }, - "ToolName": "sign", - "ToolVersion": "1.0" - }, - { - "KeyCode": "CP-230012", - "OperationCode": "SigntoolVerify", - "Parameters": {}, - "ToolName": "sign", - "ToolVersion": "1.0" - } - ] + - template: ci/sign-files.yml@eng + parameters: + displayName: Sign assemblies + folderPath: sdk + pattern: Microsoft.Azure.Functions.Worker.Extensions*.dll + signType: dll - task: DeleteFiles@1 displayName: Delete CodeSignSummary files @@ -59,30 +35,12 @@ steps: projects: | extensions/${{ parameters.ExtensionProjectName }}/**/*.csproj - - task: EsrpCodeSigning@2 - displayName: Sign nuget packages - inputs: - ConnectedServiceName: ESRP Service-internal - FolderPath: $(Build.ArtifactStagingDirectory)/NugetPackages - Pattern: Microsoft.Azure.Functions.Worker.Extensions*.nupkg - signConfigType: inlineSignParams - inlineOperation: | - [ - { - "KeyCode": "CP-401405", - "OperationCode": "NuGetSign", - "Parameters": {}, - "ToolName": "sign", - "ToolVersion": "1.0" - }, - { - "KeyCode": "CP-401405", - "OperationCode": "NuGetVerify", - "Parameters": {}, - "ToolName": "sign", - "ToolVersion": "1.0" - } - ] + - template: ci/sign-files.yml@eng + parameters: + displayName: Sign nuget packages + folderPath: $(Build.ArtifactStagingDirectory)/NugetPackages + pattern: Microsoft.Azure.Functions.Worker.Extensions*.nupkg + signType: nuget - task: DeleteFiles@1 displayName: Delete CodeSignSummary files