-
-
Notifications
You must be signed in to change notification settings - Fork 9
/
class-lib-publish.yml
97 lines (90 loc) · 3.27 KB
/
class-lib-publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
# Copyright (c) .NET Foundation and Contributors
# See LICENSE file in the project root for full license information.
parameters:
- name: baseBranch
type: string
default: 'refs/heads/main'
steps:
- task: DotNetCoreCLI@2
displayName: Install Sign Client CLI
condition: >-
and(
succeeded(),
eq(variables['StartReleaseCandidate'], false),
not(startsWith(variables['Build.SourceBranch'], 'refs/tags/v'))
)
inputs:
command: custom
custom: tool
arguments: install --tool-path . sign --version 0.9.1-beta.23530.1
- pwsh: |
.\sign code azure-key-vault `
"**/*.nupkg" `
--base-directory "$(Build.ArtifactStagingDirectory)" `
--description "$(nugetPackageName)" `
--description-url "https://github.com/$env:Build_Repository_Name" `
--azure-key-vault-tenant-id "$(SignTenantId)" `
--azure-key-vault-client-id "$(SignClientId)" `
--azure-key-vault-client-secret "$(SignClientSecret)" `
--azure-key-vault-certificate "$(SignKeyVaultCertificate)" `
--azure-key-vault-url "$(SignKeyVaultUrl)" `
--timestamp-url http://timestamp.digicert.com
displayName: Sign packages
continueOnError: true
condition: >-
and(
succeeded(),
eq(variables['StartReleaseCandidate'], false),
not(startsWith(variables['Build.SourceBranch'], 'refs/tags/v'))
)
# publish artifacts
- task: PublishPipelineArtifact@1
inputs:
targetPath: '$(Build.ArtifactStagingDirectory)'
artifactName: deployables
artifactType: pipeline
condition: >-
and(
succeeded(),
eq(variables['StartReleaseCandidate'], false),
not(startsWith(variables['Build.SourceBranch'], 'refs/tags/v'))
)
displayName: Publish deployables artifacts
# push NuGet packages to Azure Artifacts feed (always happens except on PR builds)
- task: NuGetCommand@2
condition: >-
and(
succeeded(),
eq(variables['System.PullRequest.PullRequestId'], ''),
not(startsWith(variables['Build.SourceBranch'], 'refs/pull/')),
eq(variables['StartReleaseCandidate'], false),
not(startsWith(variables['Build.SourceBranch'], 'refs/tags/v')),
startsWith(variables['Build.SourceBranch'], '${{ parameters.baseBranch }}')
)
continueOnError: true
displayName: Push NuGet packages to Azure Artifacts
inputs:
command: push
nuGetFeedType: external
packagesToPush: '$(Build.ArtifactStagingDirectory)/*.nupkg'
publishFeedCredentials: 'AzureArtifacts-$(System.TeamProject)'
allowPackageConflicts: true
# push NuGet class lib package to NuGet (happens when building against main branch - or other specified in the parameter))
- task: NuGetCommand@2
condition: >-
and(
succeeded(),
eq(variables['System.PullRequest.PullRequestId'], ''),
not(startsWith(variables['Build.SourceBranch'], 'refs/pull/')),
eq(variables['StartReleaseCandidate'], false),
not(startsWith(variables['Build.SourceBranch'], 'refs/tags/v')),
startsWith(variables['Build.SourceBranch'], '${{ parameters.baseBranch }}')
)
continueOnError: true
displayName: Push NuGet packages to NuGet
inputs:
command: push
nuGetFeedType: external
allowPackageConflicts: true
packagesToPush: '$(Build.ArtifactStagingDirectory)/*.nupkg'
publishFeedCredentials: 'NuGet-$(System.TeamProject)'