From 7729490cf1fc565a79acd4c4bc76464c4e82c50c Mon Sep 17 00:00:00 2001
From: Irvine Sunday <irochand@microsoft.com>
Date: Mon, 12 Aug 2024 12:58:08 +0300
Subject: [PATCH 1/3] Update ESRP CodeSigning tasks

---
 .azure-pipelines/ci-build.yml | 32 +++++++++++++++++++++++++-------
 1 file changed, 25 insertions(+), 7 deletions(-)

diff --git a/.azure-pipelines/ci-build.yml b/.azure-pipelines/ci-build.yml
index d0823cf6..203ba6cd 100644
--- a/.azure-pipelines/ci-build.yml
+++ b/.azure-pipelines/ci-build.yml
@@ -81,11 +81,18 @@ extends:
               projects: '$(Build.SourcesDirectory)\Microsoft.OpenApi.OData.sln'
               arguments: '--configuration $(BuildConfiguration) --no-build'
 
-          - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@3
+          - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
             displayName: 'ESRP CodeSigning'
             inputs:
-              ConnectedServiceName: 'microsoftgraph ESRP CodeSign DLL and NuGet (AKV)'
-              FolderPath: src
+              ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection'
+              FolderPath: '$(Build.SourcesDirectory)\src'
+              AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8'
+              AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2'
+              AuthAKVName: 'akv-prod-eastus'
+              AuthCertName: 'ReferenceLibraryPrivateCert'
+              AuthSignCertName: 'ReferencePackagePublisherCertificate'              
+              Pattern: '*.dll'
+              UseMinimatch: true
               signConfigType: inlineSignParams
               inlineOperation: |
                 [
@@ -125,7 +132,10 @@ extends:
                         "toolVersion": "1.0"
                     }
                 ]
-              SessionTimeout: 20
+              SessionTimeout: '20'
+              MaxConcurrency: '50'
+              MaxRetryAttempts: '5'
+              PendingAnalysisWaitTimeoutMinutes: '5'
 
           # Pack
           - task: DotNetCoreCLI@2
@@ -143,11 +153,16 @@ extends:
               filePath: $(System.DefaultWorkingDirectory)\scripts\ValidateProjectVersionUpdated.ps1
               pwsh: true
 
-          - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@3
+          - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
             displayName: 'ESRP CodeSigning Nuget Packages'
             inputs:
-              ConnectedServiceName: 'microsoftgraph ESRP CodeSign DLL and NuGet (AKV)'
+              ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection'
               FolderPath: '$(Build.ArtifactStagingDirectory)'
+              AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8'
+              AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2'
+              AuthAKVName: 'akv-prod-eastus'
+              AuthCertName: 'ReferenceLibraryPrivateCert'
+              AuthSignCertName: 'ReferencePackagePublisherCertificate'              
               Pattern: '*.nupkg'
               signConfigType: inlineSignParams
               inlineOperation: |
@@ -167,7 +182,10 @@ extends:
                         "toolVersion": "1.0"
                     }
                 ]
-              SessionTimeout: 20
+              SessionTimeout: '60'
+              MaxConcurrency: '50'
+              MaxRetryAttempts: '5'
+              PendingAnalysisWaitTimeoutMinutes: '5'
 
     - stage: deploy
       condition: and(contains(variables['build.sourceBranch'], 'refs/heads/master'), succeeded())

From 0b37b56dc9d5c860521b45368673a4dce88337cc Mon Sep 17 00:00:00 2001
From: Irvine Sunday <irochand@microsoft.com>
Date: Thu, 15 Aug 2024 14:03:51 +0300
Subject: [PATCH 2/3] Add .exe pattern

---
 .azure-pipelines/ci-build.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.azure-pipelines/ci-build.yml b/.azure-pipelines/ci-build.yml
index 203ba6cd..a90f24ce 100644
--- a/.azure-pipelines/ci-build.yml
+++ b/.azure-pipelines/ci-build.yml
@@ -91,7 +91,7 @@ extends:
               AuthAKVName: 'akv-prod-eastus'
               AuthCertName: 'ReferenceLibraryPrivateCert'
               AuthSignCertName: 'ReferencePackagePublisherCertificate'              
-              Pattern: '*.dll'
+              Pattern: '*.dll, *.exe'
               UseMinimatch: true
               signConfigType: inlineSignParams
               inlineOperation: |

From 58d16d5b859915d48499462a4846a88a82f3f35b Mon Sep 17 00:00:00 2001
From: Irvine Sunday <irochand@microsoft.com>
Date: Thu, 15 Aug 2024 14:59:06 +0300
Subject: [PATCH 3/3] Update directory source

---
 .azure-pipelines/ci-build.yml | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/.azure-pipelines/ci-build.yml b/.azure-pipelines/ci-build.yml
index a90f24ce..fcb45559 100644
--- a/.azure-pipelines/ci-build.yml
+++ b/.azure-pipelines/ci-build.yml
@@ -85,14 +85,12 @@ extends:
             displayName: 'ESRP CodeSigning'
             inputs:
               ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection'
-              FolderPath: '$(Build.SourcesDirectory)\src'
+              FolderPath: 'src'
               AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8'
               AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2'
               AuthAKVName: 'akv-prod-eastus'
               AuthCertName: 'ReferenceLibraryPrivateCert'
-              AuthSignCertName: 'ReferencePackagePublisherCertificate'              
-              Pattern: '*.dll, *.exe'
-              UseMinimatch: true
+              AuthSignCertName: 'ReferencePackagePublisherCertificate'
               signConfigType: inlineSignParams
               inlineOperation: |
                 [