azure-pipelines.yml

pool:
  name: '1ES-Hosted-AzFunc'
  demands:
    - ImageOverride -equals MMS2019TLS
    - vstest

steps:
- task: UseDotNet@2
  displayName: 'Use .NET Core sdk 2.1.526'
  inputs:
    version: 2.1.526

- task: DotNetCoreCLI@2
  displayName: 'dotnet build'
  inputs:
    projects: '**/*.csproj'
    arguments: '-c $(BuildConfiguration) -p:CommitHash=$(Build.SourceVersion);VersionSuffix=$(VersionSuffix)'

- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
  displayName: 'ESRP CodeSigning: Authenticode'
  inputs:
    ConnectedServiceName: 'ESRP Service'
    FolderPath: 'src/EventGridExtension/bin/$(BuildConfiguration)/'
    Pattern: Microsoft.Azure.WebJobs.Extensions.EventGrid.dll
    signConfigType: inlineSignParams
    inlineOperation: |
     [    
         {
           "KeyCode": "CP-230012",
           "OperationCode": "SigntoolSign",
           "Parameters": {
             "OpusName": "Microsoft",
             "OpusInfo": "http://www.microsoft.com",
             "FileDigest": "/fd \"SHA256\"",
             "PageHash": "/NPH",
             "TimeStamp": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
           },
           "ToolName": "sign",
           "ToolVersion": "1.0"
         },
         {
           "KeyCode": "CP-230012",
           "OperationCode": "SigntoolVerify",
           "Parameters": {},
           "ToolName": "sign",
           "ToolVersion": "1.0"
         }
     ]
  condition: and(succeeded(), startsWith(variables['SignArtifacts'], 'true'))

- task: DotNetCoreCLI@2
  displayName: 'dotnet pack'
  inputs:
    command: pack
    packagesToPack: 'src/**/*.csproj'
    packDirectory: '$(Build.BinariesDirectory)'
    nobuild: true
    buildProperties: 'VersionSuffix=$(VersionSuffix)'
    verbosityPack: Normal

- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
  displayName: 'ESRP CodeSigning: Nupkg'
  inputs:
    ConnectedServiceName: 'ESRP Service'
    FolderPath: '$(Build.BinariesDirectory)'
    Pattern: '*.nupkg'
    signConfigType: inlineSignParams
    inlineOperation: |
     [
         {
           "KeyCode": "CP-401405",
           "OperationCode": "NuGetSign",
           "Parameters": {},
           "ToolName": "sign",
           "ToolVersion": "1.0"
         },
         {
           "KeyCode": "CP-401405",
           "OperationCode": "NuGetVerify",
           "Parameters": {},
           "ToolName": "sign",
           "ToolVersion": "1.0"
         }
     ]
  condition: and(succeeded(), startsWith(variables['SignArtifacts'], 'true'))

- task: DotNetCoreCLI@2
  inputs:
    command: test
    projects: 'test/**/*.csproj'
    arguments: '--configuration $(buildConfiguration)'

- task: CopyFiles@2
  displayName: 'Copy Files to: $(Build.ArtifactStagingDirectory)'
  inputs:
    SourceFolder: '$(Build.BinariesDirectory)'
    Contents: '*.nupkg'
    TargetFolder: '$(Build.ArtifactStagingDirectory)'
    CleanTargetFolder: true

- task: ManifestGeneratorTask@0
  displayName: 'Generate SBOM'
  inputs:
    BuildDropPath: '$(Build.ArtifactStagingDirectory)'
    Verbosity: "Information"

- task: PublishPipelineArtifact@0
  displayName: 'Publish Pipeline Artifact'
  inputs:
    targetPath: '$(Build.ArtifactStagingDirectory)'