From 6e5e484e2485bd5e9cc8c72c77745058a713bf83 Mon Sep 17 00:00:00 2001
From: Bert <bert.k@hotmail.com>
Date: Mon, 22 Jan 2024 16:51:40 +0100
Subject: [PATCH 1/5] sign binaries and nuget packages

---
 Documentation/ReleasePlan.md | 64 ++++++++++++++++++++++++++----------
 1 file changed, 46 insertions(+), 18 deletions(-)

diff --git a/Documentation/ReleasePlan.md b/Documentation/ReleasePlan.md
index ca65a9e54..d4c006944 100644
--- a/Documentation/ReleasePlan.md
+++ b/Documentation/ReleasePlan.md
@@ -85,26 +85,54 @@ This is the steps to release new packages to nuget.org
 
     Do a PR and merge to master.
 
-2. Clone repo, **remember to build packages from master and not from your fork or metadata links will point to your forked repo.** . Run `git log -5` from repo root to verify last commit.
+1. Clone repo, **remember to build packages from master and not from your fork or metadata links will point to your forked repo.** . Run `git log -5` from repo root to verify last commit.
+
+1. From new cloned, aligned and versions updated repo root run build command
+
+  ```shell
+  dotnet build -c release /p:TF_BUILD=true /p:PublicRelease=true
+  ...
+  coverlet.core -> C:\GitHub\coverlet\artifacts\bin\coverlet.core\release_netstandard2.0\coverlet.core.dll
+  coverlet.core -> C:\GitHub\coverlet\artifacts\bin\coverlet.core\release_net6.0\coverlet.core.dll
+  coverlet.collector -> C:\GitHub\coverlet\artifacts\bin\coverlet.collector\release_netstandard2.0\coverlet.collector.dll
+  coverlet.collector -> C:\GitHub\coverlet\artifacts\bin\coverlet.collector\release_net6.0\coverlet.collector.dll
+  coverlet.msbuild.tasks -> C:\GitHub\coverlet\artifacts\bin\coverlet.msbuild.tasks\release_netstandard2.0\coverlet.msbuild.tasks.dll
+  coverlet.msbuild.tasks -> C:\GitHub\coverlet\artifacts\bin\coverlet.msbuild.tasks\release_net6.0\coverlet.msbuild.tasks.dll
+  coverlet.console -> C:\GitHub\coverlet\artifacts\bin\coverlet.console\release\coverlet.console.dll
+  coverlet.console -> C:\GitHub\coverlet\artifacts\bin\coverlet.console\release\coverlet.console.exe
+  ...
+  ```
+
+1. Sign binary files for nuget packages
+
+```shell
+> AzureSignTool.exe sign --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --timestamp-digest sha256 `
+>> --azure-key-vault-url KEYVAULT-URL `
+>> --azure-key-vault-client-id CLIENT-ID `
+>> --azure-key-vault-tenant-id TENANT-ID `
+>> --azure-key-vault-client-secret KEYVAULT-SECRET `
+>> --azure-key-vault-certificate CERT-FRIENDLY-NAME `
+>> artifacts\bin\coverlet.console\release\coverlet.console.dll `
+>> artifacts\bin\coverlet.console\release\coverlet.console.exe `
+>> artifacts\bin\coverlet.core\release_net6.0\coverlet.core.dll `
+>> artifacts\bin\coverlet.core\release_netstandard2.0\coverlet.core.dll `
+>> artifacts\bin\coverlet.collector\release_net6.0\coverlet.collector.dll `
+>> artifacts\bin\coverlet.collector\release_netstandard2.0\coverlet.collector.dll `
+>> artifacts\bin\coverlet.msbuild.tasks\release_net6.0\coverlet.msbuild.tasks.dll `
+>> artifacts\bin\coverlet.msbuild.tasks\release_netstandard2.0\coverlet.msbuild.tasks.dll
+```
 
-3. From new cloned, aligned and versions updated repo root run pack command
+1. Run pack command for signed binaries
 
-    ```shell
-    dotnet pack -c release /p:TF_BUILD=true /p:PublicRelease=true
-    ...
-    coverlet.console -> D:\git\coverlet\src\coverlet.console\bin\Release\net6.0\coverlet.console.dll
-    coverlet.console -> D:\git\coverlet\src\coverlet.console\bin\Release\net6.0\publish\
-    Successfully created package 'D:\git\coverlet\bin\Release\Packages\coverlet.collector.6.0.1-preview.6.g918cd179e0.nupkg'.
-    Successfully created package 'D:\git\coverlet\bin\Release\Packages\coverlet.collector.6.0.1-preview.6.g918cd179e0.snupkg'.
-    Successfully created package 'D:\git\coverlet\bin\Release\Packages\coverlet.msbuild.6.0.1-preview.6.g918cd179e0.nupkg'.
-    Successfully created package 'D:\git\coverlet\bin\Release\Packages\coverlet.msbuild.6.0.1-preview.6.g918cd179e0.snupkg'.
-    Successfully created package 'D:\git\coverlet\bin\Release\Packages\coverlet.console.6.0.1-preview.6.g918cd179e0.nupkg'.
-    Successfully created package 'D:\git\coverlet\bin\Release\Packages\coverlet.console.6.0.1-preview.6.g918cd179e0.snupkg'.
-    ```
+```shell
+  dotnet pack --no-build -c release /p:TF_BUILD=true /p:PublicRelease=true src\coverlet.console
+  dotnet pack --no-build -c release /p:TF_BUILD=true /p:PublicRelease=true src\coverlet.collector
+  dotnet pack -c release /p:TF_BUILD=true /p:PublicRelease=true src\coverlet.msbuild.tasks
+```
 
-4. Sign the packages using NuGetKeyVaultSignTool <https://www.nuget.org/packages/NuGetKeyVaultSignTool>
+1. Sign the packages using NuGetKeyVaultSignTool <https://www.nuget.org/packages/NuGetKeyVaultSignTool>
 
-    ```
+    ```shell
     ❯ NuGetKeyVaultSignTool sign **/*.nupkg --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --timestamp-digest sha256 `
     >> --azure-key-vault-url KEYVAULT-URL `
     >> --azure-key-vault-client-id CLIENT-ID `
@@ -113,9 +141,9 @@ This is the steps to release new packages to nuget.org
     >> --azure-key-vault-certificate CERT-FRIENDLY-NAME
     ```
 
-5. Upload *.nupkg files to Nuget.org site. **Check all metadata(url links, deterministic build etc...) before "Submit"**
+1. Upload *.nupkg files to Nuget.org site. **Check all metadata(url links, deterministic build etc...) before "Submit"**
 
-6. **On your fork**:
+1. **On your fork**:
     * Align to master
     * Bump version by one (fix part) and re-add `-preview.{height}`
     * Create release on repo <https://github.com/coverlet-coverage/coverlet/releases>

From 6d69b363d6c750f9d36c653568706000bbaa1161 Mon Sep 17 00:00:00 2001
From: Bert <bert.k@hotmail.com>
Date: Tue, 23 Jan 2024 09:55:38 +0100
Subject: [PATCH 2/5] fix coverlet.msbuild.tasks.csproj (remove
 PackBuildOutputs DependensOnTargets)

---
 Documentation/ReleasePlan.md                             | 4 ++--
 src/coverlet.msbuild.tasks/coverlet.msbuild.tasks.csproj | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Documentation/ReleasePlan.md b/Documentation/ReleasePlan.md
index d4c006944..b42dcbd78 100644
--- a/Documentation/ReleasePlan.md
+++ b/Documentation/ReleasePlan.md
@@ -103,7 +103,7 @@ This is the steps to release new packages to nuget.org
   ...
   ```
 
-1. Sign binary files for nuget packages
+1. Sign binary files for nuget packages using AzureSignTool <https://www.nuget.org/packages/AzureSignTool>
 
 ```shell
 > AzureSignTool.exe sign --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --timestamp-digest sha256 `
@@ -127,7 +127,7 @@ This is the steps to release new packages to nuget.org
 ```shell
   dotnet pack --no-build -c release /p:TF_BUILD=true /p:PublicRelease=true src\coverlet.console
   dotnet pack --no-build -c release /p:TF_BUILD=true /p:PublicRelease=true src\coverlet.collector
-  dotnet pack -c release /p:TF_BUILD=true /p:PublicRelease=true src\coverlet.msbuild.tasks
+  dotnet pack --no-build -c release /p:TF_BUILD=true /p:PublicRelease=true src\coverlet.msbuild.tasks
 ```
 
 1. Sign the packages using NuGetKeyVaultSignTool <https://www.nuget.org/packages/NuGetKeyVaultSignTool>
diff --git a/src/coverlet.msbuild.tasks/coverlet.msbuild.tasks.csproj b/src/coverlet.msbuild.tasks/coverlet.msbuild.tasks.csproj
index b09de92d4..07c991a4d 100644
--- a/src/coverlet.msbuild.tasks/coverlet.msbuild.tasks.csproj
+++ b/src/coverlet.msbuild.tasks/coverlet.msbuild.tasks.csproj
@@ -67,7 +67,7 @@
     </None>
   </ItemGroup>
 
-  <Target Name="PackBuildOutputs" DependsOnTargets="ResolveProjectReferences;SatelliteDllsProjectOutputGroup;DebugSymbolsProjectOutputGroup;SatelliteDllsProjectOutputGroupDependencies;ResolveAssemblyReferences">
+  <Target Name="PackBuildOutputs">
     <ItemGroup>
       <TfmSpecificPackageFile Include="$(TargetPath)" PackagePath="tasks\$(TargetFramework)" />
       <TfmSpecificPackageFile Include="$(ProjectDepsFilePath)" PackagePath="tasks\$(TargetFramework)" />

From 7ba9fe8e3205148093505e367339a96b451dc965 Mon Sep 17 00:00:00 2001
From: Bert <bert.k@hotmail.com>
Date: Tue, 23 Jan 2024 10:36:03 +0100
Subject: [PATCH 3/5] use "sign code azure-key-vault ..."

---
 Documentation/ReleasePlan.md | 50 +++++++++++-------------------------
 1 file changed, 15 insertions(+), 35 deletions(-)

diff --git a/Documentation/ReleasePlan.md b/Documentation/ReleasePlan.md
index b42dcbd78..dac46ca0d 100644
--- a/Documentation/ReleasePlan.md
+++ b/Documentation/ReleasePlan.md
@@ -90,7 +90,7 @@ This is the steps to release new packages to nuget.org
 1. From new cloned, aligned and versions updated repo root run build command
 
   ```shell
-  dotnet build -c release /p:TF_BUILD=true /p:PublicRelease=true
+  dotnet pack -c release /p:TF_BUILD=true /p:PublicRelease=true
   ...
   coverlet.core -> C:\GitHub\coverlet\artifacts\bin\coverlet.core\release_netstandard2.0\coverlet.core.dll
   coverlet.core -> C:\GitHub\coverlet\artifacts\bin\coverlet.core\release_net6.0\coverlet.core.dll
@@ -101,46 +101,26 @@ This is the steps to release new packages to nuget.org
   coverlet.console -> C:\GitHub\coverlet\artifacts\bin\coverlet.console\release\coverlet.console.dll
   coverlet.console -> C:\GitHub\coverlet\artifacts\bin\coverlet.console\release\coverlet.console.exe
   ...
+  Successfully created package 'C:\GitHub\coverlet\artifacts\package\release\coverlet.msbuild.6.0.1.nupkg'.
+  Successfully created package 'C:\GitHub\coverlet\artifacts\package\release\coverlet.msbuild.6.0.1.snupkg'.
+  Successfully created package 'C:\GitHub\coverlet\artifacts\package\release\coverlet.collector.6.0.1.nupkg'.
+  Successfully created package 'C:\GitHub\coverlet\artifacts\package\release\coverlet.collector.6.0.1.snupkg'.
+  Successfully created package 'C:\GitHub\coverlet\artifacts\package\release\coverlet.console.6.0.1.nupkg'.
+  Successfully created package 'C:\GitHub\coverlet\artifacts\package\release\coverlet.console.6.0.1.snupkg'.
+  ...
   ```
 
-1. Sign binary files for nuget packages using AzureSignTool <https://www.nuget.org/packages/AzureSignTool>
-
-```shell
-> AzureSignTool.exe sign --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --timestamp-digest sha256 `
->> --azure-key-vault-url KEYVAULT-URL `
->> --azure-key-vault-client-id CLIENT-ID `
->> --azure-key-vault-tenant-id TENANT-ID `
->> --azure-key-vault-client-secret KEYVAULT-SECRET `
->> --azure-key-vault-certificate CERT-FRIENDLY-NAME `
->> artifacts\bin\coverlet.console\release\coverlet.console.dll `
->> artifacts\bin\coverlet.console\release\coverlet.console.exe `
->> artifacts\bin\coverlet.core\release_net6.0\coverlet.core.dll `
->> artifacts\bin\coverlet.core\release_netstandard2.0\coverlet.core.dll `
->> artifacts\bin\coverlet.collector\release_net6.0\coverlet.collector.dll `
->> artifacts\bin\coverlet.collector\release_netstandard2.0\coverlet.collector.dll `
->> artifacts\bin\coverlet.msbuild.tasks\release_net6.0\coverlet.msbuild.tasks.dll `
->> artifacts\bin\coverlet.msbuild.tasks\release_netstandard2.0\coverlet.msbuild.tasks.dll
-```
-
-1. Run pack command for signed binaries
+1. Sign nuget packages using sign <https://github.com/dotnet/sign>
 
 ```shell
-  dotnet pack --no-build -c release /p:TF_BUILD=true /p:PublicRelease=true src\coverlet.console
-  dotnet pack --no-build -c release /p:TF_BUILD=true /p:PublicRelease=true src\coverlet.collector
-  dotnet pack --no-build -c release /p:TF_BUILD=true /p:PublicRelease=true src\coverlet.msbuild.tasks
+> sign code azure-key-vault **/*.nupkg --base-directory [ROOT-DIRECTORY]\artifacts\package\release\ --file-digest sha256 --description Coverlet --description-url https://github.com/coverlet-coverage/coverlet
+>> --azure-key-vault-url [KEYVAULT-URL]
+>> --azure-key-vault-client-id [CLIENT-ID]
+>> --azure-key-vault-tenant-id [TENANT-ID]
+>> --azure-key-vault-client-secret [KEYVAULT-SECRET]
+>> --azure-key-vault-certificate [CERT-FRIENDLY-NAME]
 ```
 
-1. Sign the packages using NuGetKeyVaultSignTool <https://www.nuget.org/packages/NuGetKeyVaultSignTool>
-
-    ```shell
-    ❯ NuGetKeyVaultSignTool sign **/*.nupkg --file-digest sha256 --timestamp-rfc3161 http://timestamp.digicert.com --timestamp-digest sha256 `
-    >> --azure-key-vault-url KEYVAULT-URL `
-    >> --azure-key-vault-client-id CLIENT-ID `
-    >> --azure-key-vault-tenant-id TENANT-ID `
-    >> --azure-key-vault-client-secret KEYVAULT-SECRET `
-    >> --azure-key-vault-certificate CERT-FRIENDLY-NAME
-    ```
-
 1. Upload *.nupkg files to Nuget.org site. **Check all metadata(url links, deterministic build etc...) before "Submit"**
 
 1. **On your fork**:

From a48e9af2ec6f7bc950c9d639f65cd420996e4124 Mon Sep 17 00:00:00 2001
From: Bert <bert.k@hotmail.com>
Date: Tue, 23 Jan 2024 10:42:07 +0100
Subject: [PATCH 4/5] update URL

---
 Documentation/ReleasePlan.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Documentation/ReleasePlan.md b/Documentation/ReleasePlan.md
index dac46ca0d..991787551 100644
--- a/Documentation/ReleasePlan.md
+++ b/Documentation/ReleasePlan.md
@@ -110,7 +110,7 @@ This is the steps to release new packages to nuget.org
   ...
   ```
 
-1. Sign nuget packages using sign <https://github.com/dotnet/sign>
+1. Sign nuget packages using sign <https://www.nuget.org/packages/sign>
 
 ```shell
 > sign code azure-key-vault **/*.nupkg --base-directory [ROOT-DIRECTORY]\artifacts\package\release\ --file-digest sha256 --description Coverlet --description-url https://github.com/coverlet-coverage/coverlet

From 0acab6ae1b6880ae4c0db030c02de7c37fd76706 Mon Sep 17 00:00:00 2001
From: Bert <bert.k@hotmail.com>
Date: Tue, 23 Jan 2024 15:12:57 +0100
Subject: [PATCH 5/5] use powershell syntax for multiline command

---
 Documentation/ReleasePlan.md | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/Documentation/ReleasePlan.md b/Documentation/ReleasePlan.md
index 991787551..742b7d34b 100644
--- a/Documentation/ReleasePlan.md
+++ b/Documentation/ReleasePlan.md
@@ -112,13 +112,13 @@ This is the steps to release new packages to nuget.org
 
 1. Sign nuget packages using sign <https://www.nuget.org/packages/sign>
 
-```shell
-> sign code azure-key-vault **/*.nupkg --base-directory [ROOT-DIRECTORY]\artifacts\package\release\ --file-digest sha256 --description Coverlet --description-url https://github.com/coverlet-coverage/coverlet
->> --azure-key-vault-url [KEYVAULT-URL]
->> --azure-key-vault-client-id [CLIENT-ID]
->> --azure-key-vault-tenant-id [TENANT-ID]
->> --azure-key-vault-client-secret [KEYVAULT-SECRET]
->> --azure-key-vault-certificate [CERT-FRIENDLY-NAME]
+```powershell
+sign code azure-key-vault **/*.nupkg --base-directory [ROOT-DIRECTORY]\artifacts\package\release\ --file-digest sha256 --description Coverlet --description-url https://github.com/coverlet-coverage/coverlet `
+ --azure-key-vault-url [KEYVAULT-URL] `
+ --azure-key-vault-client-id [CLIENT-ID] `
+ --azure-key-vault-tenant-id [TENANT-ID] `
+ --azure-key-vault-client-secret [KEYVAULT-SECRET] `
+ --azure-key-vault-certificate [CERT-FRIENDLY-NAME]
 ```
 
 1. Upload *.nupkg files to Nuget.org site. **Check all metadata(url links, deterministic build etc...) before "Submit"**