durabletask/azure-pipelines-release.yml at 61d8fecd783fd707746d74e39f6fa090d2749adb · Azure/durabletask · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
trigger: none
pr: none

pool:
  name: '1ES-Hosted-DurableTaskFramework'
  demands:
    - ImageOverride -equals MMS2022TLS

steps:
# Start by restoring all the dependencies. This needs to be its own task
# from what I can tell. We specifically only target DurableTask.AzureStorage
# and its direct dependencies.
- task: DotNetCoreCLI@2
  displayName: 'Restore nuget dependencies'
  inputs:
    command: restore
    verbosityRestore: Minimal
    projects: |
      src/DurableTask.AzureStorage/DurableTask.AzureStorage.sln

# Build the filtered solution in release mode, specifying the continuous integration flag.
- task: VSBuild@1
  displayName: 'Build (AzureStorage)'
  inputs:
    solution: 'src/DurableTask.AzureStorage/DurableTask.AzureStorage.sln'
    vsVersion: '16.0'
    logFileVerbosity: minimal
    configuration: Release
    msbuildArgs: /p:FileVersionRevision=$(Build.BuildId) /p:ContinuousIntegrationBuild=true

- task: UseDotNet@2
  displayName: 'Use the .NET Core 2.1 SDK (required for build signing)'
  inputs:
    packageType: 'sdk'
    version: '2.1.x'

# Manifest Generator Task
- task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
  displayName: 'Manifest Generator '
  inputs:
    BuildDropPath: '$(System.DefaultWorkingDirectory)'

# Authenticode sign all the DLLs with the Microsoft certificate.
# This appears to be an in-place signing job, which is convenient.
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
  displayName: 'ESRP CodeSigning: Authenticode'
  inputs:
    ConnectedServiceName: 'ESRP Service'
    FolderPath: 'src'
    Pattern: 'DurableTask.*.dll'
    signConfigType: inlineSignParams
    inlineOperation: |
     [
        {
            "KeyCode": "CP-230012",
            "OperationCode": "SigntoolSign",
            "Parameters": {
                "OpusName": "Microsoft",
                "OpusInfo": "http://www.microsoft.com",
                "FileDigest": "/fd \"SHA256\"",
                "PageHash": "/NPH",
                "TimeStamp": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
            },
            "ToolName": "sign",
            "ToolVersion": "1.0"
          },
          {
              "KeyCode": "CP-230012",
              "OperationCode": "SigntoolVerify",
              "Parameters": {},
              "ToolName": "sign",
              "ToolVersion": "1.0"
          }
      ]

# Packaging needs to be a separate step from build.
# This will automatically pick up the signed DLLs.

- task: DotNetCoreCLI@2
  displayName: Generate nuget packages
  inputs:
    command: pack
    verbosityPack: Minimal
    configuration: Release
    nobuild: true
    packDirectory: $(build.artifactStagingDirectory)
    packagesToPack: 'src/DurableTask.AzureStorage/DurableTask.AzureStorage.sln'

# Make the nuget packages available for download in the ADO portal UI
- publish: $(build.artifactStagingDirectory)
  displayName: 'Publish nuget packages to Artifacts'
  artifact: PackageOutput