diff --git a/pipelines/ci-build.yml b/pipelines/ci-build.yml index a2b9395f327..a76420a81fe 100644 --- a/pipelines/ci-build.yml +++ b/pipelines/ci-build.yml @@ -112,16 +112,22 @@ extends: arguments: '--configuration $(BuildConfiguration) --no-build --verbosity normal' - task: PowerShell@2 displayName: 'Validate updated version' + condition: and(contains(variables['build.sourceBranch'], 'refs/heads/master'), succeeded()) inputs: targetType: filePath filePath: '$(Build.SourcesDirectory)\scripts\ValidateUpdatedNugetVersion.ps1' arguments: '-packageName "Microsoft.Graph.Beta" -projectPath "$(Build.SourcesDirectory)\src\Microsoft.Graph\Microsoft.Graph.Beta.csproj"' pwsh: true enabled: true - - task: EsrpCodeSigning@3 + - task: EsrpCodeSigning@5 displayName: 'ESRP DLL Strong Name (Microsoft.Graph.Beta)' inputs: - ConnectedServiceName: 'microsoftgraph ESRP CodeSign DLL and NuGet (AKV)' + ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection' + AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8' + AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2' + AuthAKVName: 'akv-prod-eastus' + AuthCertName: 'ReferenceLibraryPrivateCert' + AuthSignCertName: 'ReferencePackagePublisherCertificate' FolderPath: src/Microsoft.Graph/bin/release Pattern: Microsoft.Graph.Beta.dll signConfigType: inlineSignParams @@ -143,10 +149,18 @@ extends: } ] SessionTimeout: 20 - - task: EsrpCodeSigning@3 + MaxConcurrency: 50 + MaxRetryAttempts: 5 + PendingAnalysisWaitTimeoutMinutes: 5 + - task: EsrpCodeSigning@5 displayName: 'ESRP DLL CodeSigning (Microsoft.Graph.Beta)' inputs: - ConnectedServiceName: 'microsoftgraph ESRP CodeSign DLL and NuGet (AKV)' + ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection' + AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8' + AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2' + AuthAKVName: 'akv-prod-eastus' + AuthCertName: 'ReferenceLibraryPrivateCert' + AuthSignCertName: 'ReferencePackagePublisherCertificate' FolderPath: src/Microsoft.Graph/bin/release Pattern: Microsoft.Graph.Beta.dll signConfigType: inlineSignParams @@ -189,16 +203,24 @@ extends: } ] SessionTimeout: 20 + MaxConcurrency: 50 + MaxRetryAttempts: 5 + PendingAnalysisWaitTimeoutMinutes: 5 # arguments are not parsed in DotNetCoreCLI@2 task for `pack` command, that's why we have a custom pack command here - powershell: | dotnet pack $env:BUILD_SOURCESDIRECTORY/src/Microsoft.Graph/Microsoft.Graph.Beta.csproj /p:IncludeSymbols=true /p:SymbolPackageFormat=snupkg --no-build --output $env:BUILD_ARTIFACTSTAGINGDIRECTORY --configuration $env:BUILD_CONFIGURATION env: BUILD_CONFIGURATION: $(BuildConfiguration) displayName: 'dotnet pack' - - task: EsrpCodeSigning@3 + - task: EsrpCodeSigning@5 displayName: 'ESRP NuGet CodeSigning' inputs: - ConnectedServiceName: 'microsoftgraph ESRP CodeSign DLL and NuGet (AKV)' + ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection' + AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8' + AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2' + AuthAKVName: 'akv-prod-eastus' + AuthCertName: 'ReferenceLibraryPrivateCert' + AuthSignCertName: 'ReferencePackagePublisherCertificate' FolderPath: '$(Build.ArtifactStagingDirectory)' Pattern: '*nupkg' signConfigType: inlineSignParams @@ -220,6 +242,9 @@ extends: } ] SessionTimeout: 20 + MaxConcurrency: 50 + MaxRetryAttempts: 5 + PendingAnalysisWaitTimeoutMinutes: 5 - task: CopyFiles@2 displayName: 'Copy release scripts to artifact staging directory' inputs: