Skip to content

Commit

Permalink
build - Add vsix sign steps (#844)
Browse files Browse the repository at this point in the history
  • Loading branch information
@jdneo
jdneo authored Jul 1, 2024
1 parent 2ee3c96 commit 0904e07
Show file tree
Hide file tree
Showing 3 changed files with 77 additions and 14 deletions.
4 changes: 2 additions & 2 deletions .azure-pipelines/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,9 +50,9 @@ extends:
jdkArchitectureOption: x64
jdkSourceOption: PreInstalled
- task: NodeTool@0
displayName: Use Node 16.x
displayName: Use Node 18.x
inputs:
versionSpec: 16.x
versionSpec: 18.x
- task: Npm@1
displayName: npm install
inputs:
Expand Down
46 changes: 38 additions & 8 deletions .azure-pipelines/nightly.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,9 +47,9 @@ extends:
clean: true
fetchTags: true
- task: NodeTool@0
displayName: Use Node 16.x
displayName: Use Node 18.x
inputs:
versionSpec: 16.x
versionSpec: 18.x
- task: JavaToolInstaller@0
displayName: Use Java 17
inputs:
Expand Down Expand Up @@ -110,11 +110,8 @@ extends:
script: |-
node ./scripts/prepare-nightly-build.js
mv ./package.insiders.json ./package.json
- task: Bash@3
displayName: vsce package --pre-release
inputs:
targetType: inline
script: npx @vscode/vsce@latest package --pre-release
- script: npx @vscode/vsce@latest package --pre-release -o extension.vsix
displayName: 'vsce package --pre-release'
### Copy files for APIScan
- task: CopyFiles@2
displayName: "Copy Files for APIScan"
Expand All @@ -134,8 +131,41 @@ extends:
condition: and(succeeded(), ne(variables['DisableAPIScan'], 'true'))
env:
AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId);TenantId=$(ApiScanTenant);AppKey=$(ApiScanSecret)
- script: npx @vscode/vsce@latest generate-manifest -i extension.vsix -o extension.manifest
displayName: 'Generate extension manifest'
- script: cp extension.manifest extension.signature.p7s
displayName: 'Prepare manifest for signing'
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
inputs:
ConnectedServiceName: 'ESRP-Release-Test'
AppRegistrationClientId: '1992ee18-e9d2-42d6-ab20-94dd947a44b6'
AppRegistrationTenantId: '72f988bf-86f1-41af-91ab-2d7cd011db47'
AuthAKVName: 'vscjavaci'
AuthCertName: 'vscjava-esrprelease-auth'
AuthSignCertName: 'VSCJava-CodeSign'
FolderPath: '.'
Pattern: 'extension.signature.p7s'
signConfigType: inlineSignParams
inlineOperation: |
[
{
"keyCode": "CP-401405",
"operationSetCode": "VSCodePublisherSign",
"parameters" : [],
"toolName": "sign",
"toolVersion": "1.0"
}
]
SessionTimeout: 90
MaxConcurrency: 25
MaxRetryAttempts: 5
PendingAnalysisWaitTimeoutMinutes: 5
displayName: 'Sign extension'
- task: CopyFiles@2
displayName: "Copy Files to: $(Build.ArtifactStagingDirectory)"
inputs:
Contents: "*.vsix"
Contents: |
extension.vsix
extension.manifest
extension.signature.p7s
TargetFolder: $(Build.ArtifactStagingDirectory)
41 changes: 37 additions & 4 deletions .azure-pipelines/rc.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,9 +42,9 @@ extends:
clean: true
fetchTags: true
- task: NodeTool@0
displayName: Use Node 16.x
displayName: Use Node 18.x
inputs:
versionSpec: 16.x
versionSpec: 18.x
- task: JavaToolInstaller@0
displayName: Use Java 17
inputs:
Expand Down Expand Up @@ -102,7 +102,7 @@ extends:
displayName: vsce package
inputs:
targetType: inline
script: npx @vscode/vsce@latest package
script: npx @vscode/vsce@latest package -o extension.vsix
### Copy files for APIScan
- task: CopyFiles@2
displayName: "Copy Files for APIScan"
Expand All @@ -122,8 +122,41 @@ extends:
condition: and(succeeded(), ne(variables['DisableAPIScan'], 'true'))
env:
AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId);TenantId=$(ApiScanTenant);AppKey=$(ApiScanSecret)
- script: npx @vscode/vsce@latest generate-manifest -i extension.vsix -o extension.manifest
displayName: 'Generate extension manifest'
- script: cp extension.manifest extension.signature.p7s
displayName: 'Prepare manifest for signing'
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
inputs:
ConnectedServiceName: 'ESRP-Release-Test'
AppRegistrationClientId: '1992ee18-e9d2-42d6-ab20-94dd947a44b6'
AppRegistrationTenantId: '72f988bf-86f1-41af-91ab-2d7cd011db47'
AuthAKVName: 'vscjavaci'
AuthCertName: 'vscjava-esrprelease-auth'
AuthSignCertName: 'VSCJava-CodeSign'
FolderPath: '.'
Pattern: 'extension.signature.p7s'
signConfigType: inlineSignParams
inlineOperation: |
[
{
"keyCode": "CP-401405",
"operationSetCode": "VSCodePublisherSign",
"parameters" : [],
"toolName": "sign",
"toolVersion": "1.0"
}
]
SessionTimeout: 90
MaxConcurrency: 25
MaxRetryAttempts: 5
PendingAnalysisWaitTimeoutMinutes: 5
displayName: 'Sign extension'
- task: CopyFiles@2
displayName: "Copy Files to: $(Build.ArtifactStagingDirectory)"
inputs:
Contents: "*.vsix"
Contents: |
extension.vsix
extension.manifest
extension.signature.p7s
TargetFolder: $(Build.ArtifactStagingDirectory)

0 comments on commit 0904e07

Please sign in to comment.