diff --git a/EsrpSign.yml b/EsrpSign.yml index 1773f97..10699b7 100644 --- a/EsrpSign.yml +++ b/EsrpSign.yml @@ -76,6 +76,17 @@ steps: pageHash: ${{ parameters.pageHash }} displayName: ${{ parameters.displayName }} +- ${{ if eq(parameters.certificateId , 'CP-460906') }}: + - template: template-compliance/authenticode-sign.yml + parameters: + buildOutputPath: ${{ parameters.buildOutputPath }} + signOutputPath: ${{ parameters.signOutputPath }} + pattern: ${{ parameters.pattern }} + certificateId: ${{ parameters.certificateId }} + verifySignature: ${{ parameters.verifySignature }} + pageHash: ${{ parameters.pageHash }} + displayName: ${{ parameters.displayName }} + - ${{ if eq(parameters.certificateId , 'CP-231522') }}: - template: template-compliance/authenticode-sign.yml parameters: diff --git a/README.md b/README.md index 232ccc1..7bd046e 100644 --- a/README.md +++ b/README.md @@ -45,7 +45,8 @@ The following sample shows how the templates can be included in your release YAM 1. Call the template from this repo in your yaml file and specify the values for the parameters. ```yaml - - template: assembly-module-compliance.yml@ComplianceRepo + - template: assembly-module-compliance.yml@C + - omplianceRepo parameters: # binskim AnalyzeTarget: '$(Pipeline.Workspace)/*.dll' @@ -196,6 +197,25 @@ For full features see: https://github.com/isaacs/minimatch#features useMinimatch: true ``` +### ESRP Authenticode preview certificate + +This example signs `dll` and `psm1` files recursively and `psd1` files in the root of the `buildOutputPath`, using minimatch. + +For full features see: https://github.com/isaacs/minimatch#features + +```yaml + - template: EsrpSign.yml@ComplianceRepo + parameters: + buildOutputPath: $(signSrcPath) + signOutputPath: $(signOutPath) + certificateId: "CP-460906" + pattern: | + **\*.dll + *.psd1 + **\*.psm1 + useMinimatch: true +``` + ### ESRP RPM example This example signs `dll` `psd1` and `psm1` files recursively, using minimatch.