PowerShell · TravisEz13 · Nov 11, 2020 · Nov 6, 2020 · Nov 7, 2020 · Nov 8, 2020
@@ -14,7 +14,7 @@ jobs:
   condition: succeeded()
   dependsOn: ${{ parameters.parentJob }}
   pool:
-    name: Package ES Standard Build
+    vmImage: windows-latest
   variables:
     - name: BuildConfiguration
       value: ${{ parameters.BuildConfiguration }}
@@ -39,19 +39,6 @@ jobs:
     parameters:
       ReleaseTagVar: $(ReleaseTagVar)
 
-  - task: PkgESSetupBuild@10
-    displayName: 'Initialize build'
-    env:
-      SYSTEM_ACCESSTOKEN: $(System.AccessToken)
-    inputs:
-      useDfs: false
-      productName: PowerShellCore
-      branchVersion: true
-      disableWorkspace: true
-      disableBuildTools: true
-      disableNugetPack: true
-    condition: and(succeeded(), eq(variables['SHOULD_SIGN'], 'true'))
-
   - powershell: |
       $pkgFilter = if ( '$(Architecture)' -eq 'arm' ) {
         "arm32"
@@ -113,8 +100,8 @@ jobs:
       $null = New-Item -ItemType Directory -Path $signedFilesDirectory -Force
 
       $itemsToCopyWithRecurse = @(
-      "$($fullSymbolsFolder)\*.ps1"
-      "$($fullSymbolsFolder)\Microsoft.PowerShell*.dll"
+        "$($fullSymbolsFolder)\*.ps1"
+        "$($fullSymbolsFolder)\Microsoft.PowerShell*.dll"
       )
 
       $itemsToCopy = @{
@@ -125,6 +112,11 @@ jobs:
         "$($fullSymbolsFolder)\Modules\Microsoft.PowerShell.Diagnostics\Diagnostics.format.ps1xml" = "Modules\Microsoft.PowerShell.Diagnostics"
         "$($fullSymbolsFolder)\Modules\Microsoft.PowerShell.Diagnostics\Event.format.ps1xml" = "Modules\Microsoft.PowerShell.Diagnostics"
         "$($fullSymbolsFolder)\Modules\Microsoft.PowerShell.Diagnostics\GetEvent.types.ps1xml" = "Modules\Microsoft.PowerShell.Diagnostics"
+        "$($fullSymbolsFolder)\Modules\Microsoft.PowerShell.Diagnostics\Microsoft.PowerShell.Diagnostics.psd1" = "Modules\Microsoft.PowerShell.Diagnostics"
+        "$($fullSymbolsFolder)\Modules\Microsoft.PowerShell.Host\Microsoft.PowerShell.Host.psd1" = "Modules\Microsoft.PowerShell.Host"
+        "$($fullSymbolsFolder)\Modules\Microsoft.PowerShell.Management\Microsoft.PowerShell.Management.psd1" = "Modules\Microsoft.PowerShell.Management"
+        "$($fullSymbolsFolder)\Modules\Microsoft.PowerShell.Security\Microsoft.PowerShell.Security.psd1" = "Modules\Microsoft.PowerShell.Security"
+        "$($fullSymbolsFolder)\Modules\Microsoft.PowerShell.Utility\Microsoft.PowerShell.Utility.psd1" = "Modules\Microsoft.PowerShell.Utility"
         "$($fullSymbolsFolder)\Modules\Microsoft.WSMan.Management\Microsoft.WSMan.Management.psd1" = "Modules\Microsoft.WSMan.Management"
         "$($fullSymbolsFolder)\Modules\Microsoft.WSMan.Management\WSMan.format.ps1xml" = "Modules\Microsoft.WSMan.Management"
         "$($fullSymbolsFolder)\Modules\PSDiagnostics\PSDiagnostics.ps?1" = "Modules\PSDiagnostics"
@@ -159,6 +151,7 @@ jobs:
           **\*.psm1
           **\*.ps1xml
           **\*.ps1
+          **\*.exe
         useMinimatch: true
 
   - pwsh: |
@@ -171,29 +164,40 @@ jobs:
       $dlls = Get-ChildItem $BuildPath\*.dll -Recurse
       $signatures = $dlls | Get-AuthenticodeSignature
       $missingSignatures = $signatures | Where-Object { $_.status -eq 'notsigned'}| select-object -ExpandProperty Path
-      & "${env:REPOROOT}/tools/releaseBuild/generatePackgeSigning.ps1" -ThirdPartyFiles $missingSignatures -path "$(System.ArtifactsDirectory)\thirtdparty.xml"
-    displayName: Create ThirdParty Signing Xml
-    condition: and(succeeded(), eq(variables['SHOULD_SIGN'], 'true'))
 
-  - task: PkgESCodeSign@10
-    displayName: 'CodeSign ThirdParty $(Architecture)'
-    env:
-      SYSTEM_ACCESSTOKEN: $(System.AccessToken)
-    inputs:
-      signConfigXml: '$(System.ArtifactsDirectory)\thirtdparty.xml'
-      inPathRoot: '$(System.ArtifactsDirectory)\$(SymbolsFolder)'
-      outPathRoot: '$(System.ArtifactsDirectory)\signedThirdParty'
+      Write-Verbose -verbose "to be signed:`r`n $($missingSignatures | Out-String)"
+
+      $filesToSignDirectory = "$(System.ArtifactsDirectory)\thirdPartyToBeSigned"
+      $null = New-Item -ItemType Directory -Path $filesToSignDirectory -Force
+
+      $signedFilesDirectory = "$(System.ArtifactsDirectory)\thirdPartySigned"
+      $null = New-Item -ItemType Directory -Path $signedFilesDirectory -Force
+
+      $missingSignatures | ForEach-Object {
+        Copy-Item -Path $_ -Destination $filesToSignDirectory
+      }
+
+    displayName: Create ThirdParty Signing Folder
     condition: and(succeeded(), eq(variables['SHOULD_SIGN'], 'true'))
 
+  - template: EsrpSign.yml@ComplianceRepo
+    parameters:
+        buildOutputPath: $(System.ArtifactsDirectory)\thirdPartyToBeSigned
+        signOutputPath: $(System.ArtifactsDirectory)\thirdPartySigned
+        certificateId: "CP-231522"
+        pattern: |
+          **\*.dll
+        useMinimatch: true
+
   - powershell: |
-      Get-ChildItem '$(System.ArtifactsDirectory)\signedThirdParty\*'
+      Get-ChildItem '$(System.ArtifactsDirectory)\thirdPartySigned\*'
     displayName: Captrue ThirdParty Signed files
     condition: and(succeeded(), eq(variables['SHOULD_SIGN'], 'true'))
 
   - powershell: |
       Import-Module $(PowerShellRoot)/build.psm1 -Force
       Import-Module $(PowerShellRoot)/tools/packaging -Force
-      $signedFilesPath = '$(System.ArtifactsDirectory)\signedThirdParty\'
+      $signedFilesPath = '$(System.ArtifactsDirectory)\thirdPartySigned'
       $BuildPath = '$(System.ArtifactsDirectory)\$(SymbolsFolder)'
 
       Update-PSSignedBuildFolder -BuildPath $BuildPath -SignedFilesPath $SignedFilesPath