From 534d2a516d485ee0f48158e4990acd0ceda36f83 Mon Sep 17 00:00:00 2001
From: Aditya Patwardhan <adityap@microsoft.com>
Date: Thu, 10 Jun 2021 14:20:30 -0700
Subject: [PATCH] Enable using preview certificate

---
 EsrpSign.yml | 11 +++++++++++
 README.md    | 22 +++++++++++++++++++++-
 2 files changed, 32 insertions(+), 1 deletion(-)

diff --git a/EsrpSign.yml b/EsrpSign.yml
index 1773f97..10699b7 100644
--- a/EsrpSign.yml
+++ b/EsrpSign.yml
@@ -76,6 +76,17 @@ steps:
       pageHash: ${{ parameters.pageHash }}
       displayName: ${{ parameters.displayName }}
 
+- ${{ if eq(parameters.certificateId , 'CP-460906') }}:
+  - template: template-compliance/authenticode-sign.yml
+    parameters:
+      buildOutputPath: ${{ parameters.buildOutputPath }}
+      signOutputPath: ${{ parameters.signOutputPath }}
+      pattern: ${{ parameters.pattern }}
+      certificateId: ${{ parameters.certificateId }}
+      verifySignature: ${{ parameters.verifySignature }}
+      pageHash: ${{ parameters.pageHash }}
+      displayName: ${{ parameters.displayName }}
+
 - ${{ if eq(parameters.certificateId , 'CP-231522') }}:
   - template: template-compliance/authenticode-sign.yml
     parameters:
diff --git a/README.md b/README.md
index 232ccc1..7bd046e 100644
--- a/README.md
+++ b/README.md
@@ -45,7 +45,8 @@ The following sample shows how the templates can be included in your release YAM
 1. Call the template from this repo in your yaml file and specify the values for the parameters.
 
     ```yaml
-    - template: assembly-module-compliance.yml@ComplianceRepo
+    - template: assembly-module-compliance.yml@C
+    - omplianceRepo
         parameters:
             # binskim
             AnalyzeTarget: '$(Pipeline.Workspace)/*.dll'
@@ -196,6 +197,25 @@ For full features see:  https://github.com/isaacs/minimatch#features
         useMinimatch: true
 ```
 
+### ESRP Authenticode preview certificate
+
+This example signs `dll` and `psm1` files recursively and `psd1` files in the root of the `buildOutputPath`, using minimatch.
+
+For full features see:  https://github.com/isaacs/minimatch#features
+
+```yaml
+  - template: EsrpSign.yml@ComplianceRepo
+      parameters:
+        buildOutputPath: $(signSrcPath)
+        signOutputPath: $(signOutPath)
+        certificateId: "CP-460906"
+        pattern: |
+          **\*.dll
+          *.psd1
+          **\*.psm1
+        useMinimatch: true
+```
+
 ### ESRP RPM example
 
 This example signs `dll` `psd1` and `psm1` files recursively, using minimatch.