-
Notifications
You must be signed in to change notification settings - Fork 0
/
azure-pipelines.yml
95 lines (93 loc) · 3.43 KB
/
azure-pipelines.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
pool:
vmImage: 'windows-2022'
variables:
- group: 'powershell-config'
- group: 'github-config'
steps:
- checkout: self
persistCredentials: true
- task: SSMClientToolsSetup@1
displayName: 'Setup DigiCert Tools'
inputs:
APIKey: '$(SM_API_KEY)'
- task: DownloadSecureFile@1
displayName: 'Download Client Authentication Certificate'
name: SM_CLIENT_CERT_FILE
inputs:
secureFile: ClientCert.p12
- task: PowerShell@2
displayName: 'Prepare Code Signing'
inputs:
targetType: 'inline'
script: |
$env:PATH += ';C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64;C:\Program Files\DigiCert\DigiCert Keylocker Tools'
$env:SM_LOG_OUTPUT = 'console'
smctl credentials save $(SM_API_KEY) $(SM_CLIENT_CERT_PASSWORD)
smksp_cert_sync.exe
failOnStderr: true
pwsh: true
- task: PowerShell@2
displayName: 'Get Version Number'
inputs:
filePath: 'azure-gitversion.ps1'
failOnStderr: true
pwsh: true
- task: PowerShell@2
displayName: 'Update Module Version'
inputs:
targetType: 'inline'
script: |
Update-ModuleManifest -Path $(Build.SourcesDirectory)/src/PsUntis/PsUntis.psd1 -ModuleVersion $(MajorVersion).$(MinorVersion).$(PatchVersion)
pwsh: true
- task: PowerShell@2
displayName: 'Sign Module'
inputs:
targetType: 'inline'
script: |
$env:PATH += ';C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64;C:\Program Files\DigiCert\DigiCert Keylocker Tools'
$env:SM_HOST = '$(SM_HOST)'
$env:SM_CLIENT_CERT_FILE = '$(SM_CLIENT_CERT_FILE.secureFilePath)'
$env:SM_LOG_OUTPUT = 'console'
signtool.exe sign /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 /sha1 $(SM_CERT_FINGERPRINT) $(Build.SourcesDirectory)/src/PsUntis/PsUntis.psm1
signtool.exe sign /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 /sha1 $(SM_CERT_FINGERPRINT) $(Build.SourcesDirectory)/src/PsUntis/PsUntis.psd1
failOnStderr: true
pwsh: true
- task: PowerShell@2
displayName: 'Create Catalog'
inputs:
targetType: 'inline'
script: |
New-FileCatalog -Path $(Build.SourcesDirectory)/src/PsUntis -CatalogFilePath $(Build.SourcesDirectory)/src/PsUntis/PsUntis.cat -CatalogVersion 2.0
pwsh: true
- task: PowerShell@2
displayName: 'Sign Catalog'
inputs:
targetType: 'inline'
script: |
$env:PATH += ';C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64;C:\Program Files\DigiCert\DigiCert Keylocker Tools'
$env:SM_HOST = '$(SM_HOST)'
$env:SM_CLIENT_CERT_FILE = '$(SM_CLIENT_CERT_FILE.secureFilePath)'
$env:SM_LOG_OUTPUT = 'console'
signtool.exe sign /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 /sha1 $(SM_CERT_FINGERPRINT) $(Build.SourcesDirectory)/src/PsUntis/PsUntis.cat
failOnStderr: true
pwsh: true
- task: PowerShell@2
displayName: 'Publish to PS Gallery'
condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/main'))
inputs:
targetType: 'inline'
script: |
Publish-Module -Path $(Build.SourcesDirectory)/src/PsUntis -NuGetApiKey $(NuGetApiKey)
pwsh: true
- task: PowerShell@2
displayName: 'Push to GitHub'
condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/main'))
inputs:
targetType: 'inline'
script: |
git remote add github https://$(PAT)@github.com/enbrea/psuntis.git
git fetch github
git checkout .
git push github HEAD:main
git push --tags github HEAD:main
pwsh: true