@@ -8,19 +8,32 @@ parameters:
88 - name : " pattern"
99 default : " *.dll,*.exe"
1010 - name : " useMinimatch"
11- default : " false"
11+ type : boolean
12+ default : false
1213 - name : " signingService"
1314 default : " pwshSigning"
1415 - name : " shouldSign"
1516 default : " auto"
17+ - name : OutputMode
18+ type : string
19+ default : Default
20+ values :
21+ - Default
22+ - AlwaysCopy
23+ - NeverCopy
24+ - CopyIfSigned
1625 - name : " alwaysCopy"
17- default : " False"
26+ type : boolean
27+ default : False
1828 - name : " useCustomEsrpJson"
19- default : " false"
29+ type : boolean
30+ default : false
2031 - name : " verifySignature"
21- default : " false"
32+ type : boolean
33+ default : false
2234 - name : " pageHash"
23- default : " true"
35+ type : boolean
36+ default : true
2437 - name : " displayName"
2538 default : " ESRP Signing"
2639
3952 Write-Verbose -Verbose "signingService = '${{ parameters.signingService }}'"
4053 Write-Verbose -Verbose "shouldSign = '${{ parameters.shouldSign }}'"
4154 Write-Verbose -Verbose "alwaysCopy = '${{ parameters.alwaysCopy }}'"
55+ Write-Verbose -Verbose "outputMode = '${env:OUTPUT_MODE}'"
4256 Write-Verbose -Verbose "useCustomEsrpJson = '${{ parameters.useCustomEsrpJson }}'"
4357 Write-Verbose -Verbose "verifySignature = '${{ parameters.verifySignature }}'"
4458 Write-Verbose -Verbose "pageHash = '${{ parameters.pageHash }}'"
@@ -48,11 +62,44 @@ steps:
4862 throw "Only one of useCustomEsrpJson and certificateId must be set!"
4963 }
5064
51- $vstsCommandString = "vso[task.setvariable variable=ESRP_TEMPLATE_CERT_ID]${{ parameters.certificateId }}"
65+ $certId = '${{ parameters.certificateId }}'
66+
67+ $vstsCommandString = "vso[task.setvariable variable=ESRP_TEMPLATE_CERT_ID]$certId"
68+ Write-Verbose -Message ("sending " + $vstsCommandString) -Verbose
69+ Write-Host "##$vstsCommandString"
70+
71+ [string] $VariableName = "EsrpJson"
72+ $vstsCommandString = "vso[task.setvariable variable=$VariableName][]"
73+ Write-Verbose -Message ("sending " + $vstsCommandString) -Verbose
74+ Write-Host "##$vstsCommandString"
75+
76+ $usePgp = $certId -like '*pgp'
77+ $vstsCommandString = "vso[task.setvariable variable=ESRP_TEMPLATE_USE_PGP]$usePgp"
5278 Write-Verbose -Message ("sending " + $vstsCommandString) -Verbose
5379 Write-Host "##$vstsCommandString"
5480
81+ if($env:ALWAYS_COPY -ne 'False') {
82+ Write-Warning "AlwaysCopy is replaced by OutputMode!"
83+ }
84+
85+ if($env:OUTPUT_MODE -ne 'Default' -and $env:ALWAYS_COPY -ne 'False' ) {
86+ throw "Only one of OutputMode and AlwaysCopy can be set!"
87+ } elseif ($env:ALWAYS_COPY -ne 'False') {
88+ $effectiveOutputMode = 'AlwaysCopy'
89+ } elseif ($env:OUTPUT_MODE -ne 'Default') {
90+ $effectiveOutputMode = $env:OUTPUT_MODE
91+ } else {
92+ # Default
93+ $effectiveOutputMode = 'CopyIfSigned'
94+ }
95+
96+ $vstsCommandString = "vso[task.setvariable variable=ESRP_TEMPLATE_COPY_MODE]$effectiveOutputMode"
97+ Write-Verbose -Message ("sending " + $vstsCommandString) -Verbose
98+ Write-Host "##$vstsCommandString"
5599displayName : ${{ parameters.displayName }} - Log parameters
100+ env :
101+ ALWAYS_COPY : ${{ parameters.alwaysCopy }}
102+ OUTPUT_MODE : ${{ parameters.OutputMode }}
56103
57104- pwsh : |
58105 if ('${{ parameters.shouldSign }}' -eq 'auto') {
@@ -117,20 +164,33 @@ steps:
117164 displayName : ${{ parameters.displayName }}
118165
119166- pwsh : |
167+ if(${env:EsrpJson} -eq '[]') {
168+ throw "No Json generated, exiting! Update template to support ${{ parameters.certificateId }}"
169+ }
120170 Write-Verbose -Verbose "EsrpJson = '${env:EsrpJson}'"
121171displayName : ${{ parameters.displayName }} - Log Json
122172
123173- pwsh : |
124174 Write-Verbose "BUILD_OUTPUT_PATH- ${{ parameters.buildOutputPath }}" -Verbose
125175 Write-Verbose "SIGNED_OUTPUT_PATH- ${{ parameters.signOutputPath }}" -Verbose
176+ $mode = $env:ESRP_TEMPLATE_COPY_MODE
177+
126178 if(!(Test-Path '${{ parameters.signOutputPath }}'))
127179 {
180+ if($mode -eq 'NeverCopy') {
181+ throw "Output path does not exist and copy mode is NeverCopy, exiting!"
182+ }
128183 Write-Verbose "Creating SIGNED_OUTPUT_PATH- ${{ parameters.signOutputPath }}" -Verbose
129184 $null = New-Item -Path '${{ parameters.signOutputPath }}' -ItemType Directory -force
130185 }
131- Copy-Item -Path ${{ parameters.buildOutputPath }}\* -Dest ${{ parameters.signOutputPath }}\ -Recurse -Force -Verbose
132- displayName : ${{ parameters.displayName }} - Copy unsigned files to signed output directory
133- condition : and(succeeded(), or(eq(variables['ESRP_TEMPLATE_SHOULD_SIGN'], 'True'),ne('${{ parameters.alwaysCopy }}', 'False')))
186+
187+ if($mode -eq 'AlwaysCopy' -or ($mode -eq 'CopyIfSigned' -and $env:ESRP_TEMPLATE_SHOULD_SIGN -eq $true)) {
188+ Write-Verbose "Copying files to SIGNED_OUTPUT_PATH- ${{ parameters.signOutputPath }} because mode is $mode" -Verbose
189+ Copy-Item -Path ${{ parameters.buildOutputPath }}\* -Dest ${{ parameters.signOutputPath }}\ -Recurse -Force -Verbose
190+ } else {
191+ Write-Verbose "Not copying files to SIGNED_OUTPUT_PATH- ${{ parameters.signOutputPath }} because mode is $mode" -Verbose
192+ }
193+ displayName : ${{ parameters.displayName }} - Prepare signed output directory
134194 timeoutInMinutes : 10
135195
136196- task : SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
@@ -142,7 +202,8 @@ steps:
142202 inlineOperation : $(EsrpJson)
143203 Pattern : ${{ parameters.pattern }}
144204 UseMinimatch : ${{ parameters.useMinimatch }}
145- condition : and(succeeded(), eq(variables['ESRP_TEMPLATE_SHOULD_SIGN'], 'True'))
205+ condition : |
206+ and(succeeded(), eq(variables['ESRP_TEMPLATE_SHOULD_SIGN'], 'True'))
146207timeoutInMinutes : 30
147208
148209- pwsh : |
0 commit comments