Calamari.Build.Signing.SignAndTimestampBinaries C# (CSharp) Метод

Документация по классу Signing Показать файл Открыть проект

SignAndTimestampBinaries() публичный статический Метод

public static SignAndTimestampBinaries ( string outputDirectory, string? azureKeyVaultUrl, string? azureKeyVaultAppId, string? azureKeyVaultAppSecret, string? azureKeyVaultTenantId, string? azureKeyVaultCertificateName, string? signingCertificatePath, string? signingCertificatePassword ) : void
outputDirectory string
azureKeyVaultUrl string?
azureKeyVaultAppId string?
azureKeyVaultAppSecret string?
azureKeyVaultTenantId string?
azureKeyVaultCertificateName string?
signingCertificatePath string?
signingCertificatePassword string?
Результат void 
        public static void SignAndTimestampBinaries(
            string outputDirectory,
            string? azureKeyVaultUrl,
            string? azureKeyVaultAppId,
            string? azureKeyVaultAppSecret,
            string? azureKeyVaultTenantId,
            string? azureKeyVaultCertificateName,
            string? signingCertificatePath,
            string? signingCertificatePassword)
        {
            Log.Information("Signing binaries in {OutputDirectory}", outputDirectory);

            // check that any unsigned libraries, that Octopus Deploy authors, get
            // signed to play nice with security scanning tools
            // refer: https://octopusdeploy.slack.com/archives/C0K9DNQG5/p1551655877004400
            // decision re: no signing everything: https://octopusdeploy.slack.com/archives/C0K9DNQG5/p1557938890227100
            var unsignedExecutablesAndLibraries = GetFilesFromDirectory(outputDirectory,
                                                                        "Calamari*.exe",
                                                                        "Calamari*.dll",
                                                                        "Octo*.exe",
                                                                        "Octo*.dll")
                                                  .Where(f => !HasAuthenticodeSignature(f))
                                                  .ToArray();

            if (unsignedExecutablesAndLibraries.IsEmpty())
            {
                Log.Information("No unsigned binaries to sign in {OutputDirectory}", outputDirectory);
                return;
            }

            if (azureKeyVaultUrl.IsNullOrEmpty() &&
                azureKeyVaultAppId.IsNullOrEmpty() &&
                azureKeyVaultAppSecret.IsNullOrEmpty() &&
                azureKeyVaultTenantId.IsNullOrEmpty() &&
                azureKeyVaultCertificateName.IsNullOrEmpty())
            {
                if (signingCertificatePath.IsNullOrEmpty() ||
                    signingCertificatePassword.IsNullOrEmpty())
                    throw new InvalidOperationException("Either Azure Key Vault or Signing " +
                        "Certificate Parameters must be set");

                if (!OperatingSystem.IsWindows())
                    throw new InvalidOperationException("Non-windows builds must either leave binaries " +
                        "unsigned or sign using the AzureSignTool");

                Log.Information("Signing files using signtool and the self-signed development code signing certificate");
                SignFilesWithSignTool(
                    unsignedExecutablesAndLibraries,
                    signingCertificatePath!,
                    signingCertificatePassword!);
            }
            else
            {
                Log.Information("Signing files using azuresigntool and the production code signing certificate");
                SignFilesWithAzureSignTool(
                    unsignedExecutablesAndLibraries,
                    azureKeyVaultUrl!,
                    azureKeyVaultAppId!,
                    azureKeyVaultAppSecret!,
                    azureKeyVaultTenantId!,
                    azureKeyVaultCertificateName!);
            }
        }
Signing
GetFilesFromDirectory
HasAuthenticodeSignature
SignAndTimestampBinaries
SignFilesWithAzureSignTool
SignFilesWithSignTool
TrySignTaskWithEachTimestampUrlUntilSuccess