From cee24165e559b0d4dc548ca784bf5e948eeef2df Mon Sep 17 00:00:00 2001
From: Patrick Hallisey <pahallis@microsoft.com>
Date: Tue, 7 May 2024 14:41:08 -0700
Subject: [PATCH] Upgrade to a version ESRP Release that supports federated
 auth (#29612)

EsrpRelease@6 required a custom service connection that held an aad app
secret in its configuration. The latest version, EsrpRelease@7, uses a
standard ARM service connection, moving most of the configuration
settings (KeyVaultName, AuthCertName ...) from the custom connection
into the task itself.
---
 eng/pipelines/templates/steps/npm-release-task.yml | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/eng/pipelines/templates/steps/npm-release-task.yml b/eng/pipelines/templates/steps/npm-release-task.yml
index af94cc8eecec..6c9668a3791c 100644
--- a/eng/pipelines/templates/steps/npm-release-task.yml
+++ b/eng/pipelines/templates/steps/npm-release-task.yml
@@ -9,10 +9,14 @@ parameters:
 steps:
   - template: /eng/common/pipelines/templates/steps/set-default-branch.yml
   - ${{ if eq(parameters.Registry, 'https://registry.npmjs.org/') }}:
-      - task: EsrpRelease@6
+      - task: EsrpRelease@7
         inputs:
           displayName: 'Publish ${{parameters.Artifact.name}} to ESRP'
-          ConnectedServiceName: 'ESRP Release Service'
+          ConnectedServiceName: 'Azure SDK Engineering System'
+          ClientId: '5f81938c-2544-4f1f-9251-dd9de5b8a81b'
+          KeyVaultName: 'AzureSDKEngKeyVault'
+          AuthCertName: 'azure-sdk-esrp-release-auth-certificate'
+          SignCertName: 'azure-sdk-esrp-release-sign-certificate'
           Intent: 'PackageDistribution'
           ContentType: 'npm'
           FolderLocation: ${{parameters.PathToArtifacts}}