os/windows/sign_azure.ps1

   1 # Signing script for Azure Code Signing
   2 # Arguments: sign_azure.ps1 path_to_sign
   3 #
   4 # Environment variables must be set up before use:
   5 #
   6 # AZURE_TENANT_ID
   7 # AZURE_CLIENT_ID
   8 # AZURE_CLIENT_SECRET
   9 # AZURE_CODESIGN_ACCOUNT_NAME
  10 # AZURE_CODESIGN_ENDPOINT
  11 # AZURE_CODESIGN_PROFILE_NAME
  12
  13 Param
  14 (
  15     # Files folder
  16     [Parameter(Mandatory=$true, Position=0)]
  17     $FilesFolder
  18 )
  19
  20 if (!$Env:AZURE_CODESIGN_ENDPOINT -or !$Env:AZURE_CODESIGN_ACCOUNT_NAME -or !$Env:AZURE_CODESIGN_PROFILE_NAME -or
  21         !$Env:AZURE_TENANT_ID -or !$Env:AZURE_CLIENT_ID -or !$Env:AZURE_CLIENT_SECRET)
  22 {
  23         "Code signing variables not found; most likely running in a fork. Skipping signing."
  24         exit
  25 }
  26
  27 Install-Module -Name AzureCodeSigning -Scope CurrentUser -RequiredVersion 0.3.0 -Force -Repository PSGallery
  28
  29 $params = @{}
  30
  31 $params["Endpoint"] = $Env:AZURE_CODESIGN_ENDPOINT
  32 $params["CodeSigningAccountName"] = $Env:AZURE_CODESIGN_ACCOUNT_NAME
  33 $params["CertificateProfileName"] = $Env:AZURE_CODESIGN_PROFILE_NAME
  34 $params["FilesFolder"] = $FilesFolder
  35 $params["FilesFolderFilter"] = "exe"
  36 $params["FileDigest"] = "SHA256"
  37 $params["TimestampRfc3161"] = "http://timestamp.acs.microsoft.com"
  38 $params["TimestampDigest"] = "SHA256"
  39
  40 Invoke-AzureCodeSigning @params