1- name : Release- $(Date:yyyyMMdd)$(Rev:.r)
1+ name : $(Date:yyyyMMdd)$(Rev:.r)
22trigger : none
33pr : none
44
@@ -15,18 +15,168 @@ parameters:
1515 default : false
1616 displayName : ' Enable ESRP code signing'
1717
18+ #
19+ # 1ES Pipeline Templates do not allow using a matrix strategy so we create
20+ # a YAML object parameter with and foreach to create jobs for each entry.
21+ #
22+ - name : windows_matrix
23+ type : object
24+ default :
25+ - id : windows_x64
26+ jobName : ' Windows (x86)'
27+ runtime : windows-x86
28+ pool : GitClient-1ESHostedPool-intel-pc
29+ image : win-x86_64-ado1es
30+ os : windows
31+
32+ variables :
33+ - name : ' esrpConnectionName'
34+ value : ' ESRP-1ESGitClient'
35+ - name : ' esrpEndpointUrl'
36+ value : ' https://api.esrp.microsoft.com/api/v2'
37+ - name : ' esrpClientId'
38+ value : ' TODO'
39+ - name : ' esrpTenantId'
40+ value : ' TODO'
41+ - name : ' esrpAuthAkvName'
42+ value : ' TODO'
43+ - name : ' esrpAuthCertName'
44+ value : ' TODO'
45+ - name : ' esrpAuthSignCertName'
46+ value : ' TODO'
47+
1848extends :
1949 template : v1/1ES.Official.PipelineTemplate.yml@1ESPipelines
2050 parameters :
51+ sdl :
52+ # SDL source analysis tasks only run on Windows images
53+ sourceAnalysisPool :
54+ name : GitClient-1ESHostedPool-intel-pc
55+ image : win-x86_64-ado1es
56+ os : windows
2157 stages :
22- - stage : windows
23- displayName : ' Windows '
58+ - stage : build
59+ displayName : ' Build and Sign '
2460 jobs :
25- - job : win_x86_build
26- displayName : ' Windows Build and Sign (x86)'
27- pool :
28- name : GitClient-1ESHostedPool-intel-pc
29- image : win-x86_64-ado1es
30- os : windows
31- steps :
32- - checkout : self
61+ #
62+ # Windows build jobs
63+ #
64+ - ${{ each dim in parameters.windows_matrix }} :
65+ - job : ${{ dim.id }}
66+ displayName : ${{ dim.jobName }}
67+ pool :
68+ name : ${{ dim.pool }}
69+ image : ${{ dim.image }}
70+ os : ${{ dim.os }}
71+ templateContext :
72+ outputs :
73+ - output : pipelineArtifact
74+ targetPath : ' $(Build.ArtifactStagingDirectory)\payload'
75+ artifactName : ' ${{ dim.runtime }}_payload'
76+ - output : pipelineArtifact
77+ targetPath : ' $(Build.ArtifactStagingDirectory)\symbols'
78+ artifactName : ' ${{ dim.runtime }}_symbols'
79+ - output : pipelineArtifact
80+ targetPath : ' $(Build.ArtifactStagingDirectory)\installers'
81+ artifactName : ' ${{ dim.runtime }}_installers'
82+ steps :
83+ - checkout : self
84+ - task : UseDotNet@2
85+ displayName : ' Use .NET 8 SDK'
86+ inputs :
87+ packageType : sdk
88+ version : ' 8.x'
89+ - task : PowerShell@2
90+ displayName : ' Build payload'
91+ inputs :
92+ targetType : filePath
93+ filePath : ' .\src\windows\Installer.Windows\layout.ps1'
94+ arguments : |
95+ -Configuration Release `
96+ -Output $(Build.ArtifactStagingDirectory)\payload `
97+ -SymbolOutput $(Build.ArtifactStagingDirectory)\symbols
98+ # - task: EsrpCodeSigning@5
99+ # condition: and(succeeded(), eq('${{ parameters.esrp }}', true))
100+ # displayName: 'Sign payload'
101+ # inputs:
102+ # connectedServiceName: '$(esrpConnectionName)'
103+ # appRegistrationClientId: '$(esrpClientId)'
104+ # appRegistrationTenantId: '$(esrpTenantId)'
105+ # authAkvName: '$(esrpAuthAkvName)'
106+ # authCertName: '$(esrpAuthCertName)'
107+ # authSignCertName: '$(esrpAuthSignCertName)'
108+ # serviceEndpointUrl: '$(esrpEndpointUrl)'
109+ # folderPath: '$(Build.ArtifactStagingDirectory)\payload'
110+ # pattern: '**\*.exe;**\*.dll'
111+ # signConfigType: inlineSignParams
112+ # inlineOperation: |
113+ # [
114+ # {
115+ # "keyCode": "TODO",
116+ # "operationCode": "SigntoolSign"
117+ # "parameters": {
118+ # "OpusName": "Microsoft",
119+ # "OpusInfo": "http://microsoft.com",
120+ # "FileDigest": "/fd \"SHA256\"",
121+ # "PageHash": "/NPH",
122+ # "Timestamp": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
123+ # },
124+ # "toolName": "sign",
125+ # "toolVersion": "1.0"
126+ # },
127+ # {
128+ # "keyCode": "TODO",
129+ # "operationCode": "SigntoolVerify",
130+ # "parameters": {},
131+ # "toolName": "sign",
132+ # "toolVersion": "1.0"
133+ # }
134+ # ]
135+ - task : PowerShell@2
136+ displayName : ' Build installers'
137+ inputs :
138+ targetType : inline
139+ script : |
140+ dotnet build '.\src\windows\Installer.Windows\Installer.Windows.csproj' `
141+ --configuration Release `
142+ --no-dependencies `
143+ -p:NoLayout=true `
144+ -p:PayloadPath="$(Build.ArtifactStagingDirectory)\payload" `
145+ -p:OutputPath="$(Build.ArtifactStagingDirectory)\installers"
146+ # - task: EsrpCodeSigning@5
147+ # condition: and(succeeded(), eq('${{ parameters.esrp }}', true))
148+ # displayName: 'Sign installers'
149+ # inputs:
150+ # connectedServiceName: '$(esrpConnectionName)'
151+ # appRegistrationClientId: '$(esrpClientId)'
152+ # appRegistrationTenantId: '$(esrpTenantId)'
153+ # authAkvName: '$(esrpAuthAkvName)'
154+ # authCertName: '$(esrpAuthCertName)'
155+ # authSignCertName: '$(esrpAuthSignCertName)'
156+ # serviceEndpointUrl: '$(esrpEndpointUrl)'
157+ # folderPath: '$(Build.ArtifactStagingDirectory)\installers'
158+ # pattern: '**\*.exe'
159+ # signConfigType: inlineSignParams
160+ # inlineOperation: |
161+ # [
162+ # {
163+ # "keyCode": "TODO",
164+ # "operationCode": "SigntoolSign"
165+ # "parameters": {
166+ # "OpusName": "Microsoft",
167+ # "OpusInfo": "http://microsoft.com",
168+ # "FileDigest": "/fd \"SHA256\"",
169+ # "PageHash": "/NPH",
170+ # "Timestamp": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
171+ # },
172+ # "toolName": "sign",
173+ # "toolVersion": "1.0"
174+ # },
175+ # {
176+ # "keyCode": "TODO",
177+ # "operationCode": "SigntoolVerify",
178+ # "parameters": {},
179+ # "toolName": "sign",
180+ # "toolVersion": "1.0"
181+ # }
182+ # ]
0 commit comments