azure-pipelines.yml

trigger:
- master
- rel/*

pr:
- master
- rel/*

variables: 
  BuildConfiguration: Release
  DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true

stages:
- stage: Build
  jobs:
  - job: Build
    pool:
      vmImage: windows-latest

    steps:
    - task: UseDotNet@2
      inputs:
        version: 3.1.x
        
    - task: UseDotNet@2
      inputs:
        version: 2.1.x
        packageType: runtime

    - task: DotNetCoreCLI@2  
      inputs:
        command: custom
        custom: tool
        arguments: install --tool-path . nbgv
      displayName: Install NBGV tool

    - script: nbgv cloud
      displayName: Set Version
 
    - task: DotNetCoreCLI@2
      inputs:
        command: pack
        packagesToPack: RSAKeyVaultProvider/RSAKeyVaultProvider.csproj
        configuration: $(BuildConfiguration)
        packDirectory: $(Build.ArtifactStagingDirectory)\Packages
        verbosityPack: Minimal
      displayName: Pack
  
    - task: DotNetCoreCLI@2
      inputs:
        command: test
        projects: .\RSAKeyVaultProvider.Tests\RSAKeyVaultProvider.Tests.csproj
        arguments: -c $(BuildConfiguration) --collect:"Code Coverage" -s $(System.DefaultWorkingDirectory)/CodeCoverage.runsettings /p:DebugType=portable
      displayName: Run Tests
      
    - publish: $(Build.ArtifactStagingDirectory)\Packages
      displayName: Publish build packages
      artifact: BuildPackages

    - publish: config
      displayName: Publish signing config
      artifact: config      
  
- stage: CodeSign
  condition: and(succeeded('Build'), not(eq(variables['build.reason'], 'PullRequest')))
  jobs:
  - deployment: CodeSign
    displayName: Code Signing
    pool:
      vmImage: windows-latest    
    environment: Code Sign - CI
    variables:
    - group: Sign Client Credentials
    strategy:
      runOnce:
        deploy:
          steps: 
          - task: DotNetCoreCLI@2
            inputs:
              command: custom
              custom: tool
              arguments: install --tool-path . SignClient
            displayName: Install SignTool tool

          - pwsh: |
              .\SignClient "Sign" `
              --baseDirectory "$(Pipeline.Workspace)\BuildPackages" `
              --input "**/*.nupkg" `
              --config "$(Pipeline.Workspace)\config\signclient.json" `
              --user "$(SignClientUser)" `
              --secret "$(SignClientSecret)" `
              --name "RSAKeyVaultProvider" `
              --description "RSAKeyVaultProvider" `
              --descriptionUrl "https://github.com/novotnyllc/RSAKeyVaultProvider"
            displayName: Sign packages
              
          - publish: $(Pipeline.Workspace)/BuildPackages
            displayName: Publish Signed Packages
            artifact: SignedPackages