azure-pipelines.yml

variables:
  - name: semanticVersion
    value: '1.0.0'
  - name: isPrerelease
    value: ${{ true }}

trigger:
  branches:
    include:
    - master
    - release/*
  tags:
    include:
    - '*'
  paths:
    exclude:
      - README.md

pool:
  vmImage: windows-latest

stages:
  - stage: Build
    jobs:
    - job: Build_Code
      displayName: 'Build .NET project'
      variables:
      - name: solution
        value: '**/*.sln'
      - name: buildPlatform
        value: 'Any CPU'
      - name: buildConfiguration
        value: 'Release'
      - name: codeSigningCertFileName
        value: 'OneIdentityCodeSigning.pfx'
      - name: signingToolPath
        value: 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.18362.0\x64'
      pool:
       vmImage: windows-latest

      steps:
      # - task: PowerShell@2
      #   inputs:
      #     targetType: filePath
      #     filePath: $(System.DefaultWorkingDirectory)\versionnumber.ps1
      #     arguments: $(Build.SourcesDirectory) $(semanticVersion) $(Build.BuildId) $$(isPrerelease)
      #   displayName: 'Setting build version'

      - task: Bash@3
        inputs:
          targetType: 'inline'
          script: 'env | sort'
        displayName: 'Display environment variables'

      - task: NuGetToolInstaller@1
        displayName: 'Install NuGet tools'

      - task: NuGetCommand@2
        inputs:
          restoreSolution: '$(solution)'
        displayName: 'Restore NuGet packages'

      # - task: AzureKeyVault@1
      #   inputs:
      #     azureSubscription: 'Azure.Infrastructure.CodeSigning'
      #     KeyVaultName: 'CodeSigningCertificates'
      #     SecretsFilter: '*'
      #   displayName: 'Get code signing certificate from Azure Key Vault'
      #   condition: and(succeeded(), eq(variables.isReleaseBranch, true))

      # - powershell: |
      #     $kvSecretBytes = [System.Convert]::FromBase64String("$(OneIdentity-CodeSigning)")
      #     $certCollection = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2Collection
      #     $certCollection.Import($kvSecretBytes,$null,[System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::Exportable)
      #     $protectedCertificateBytes = $certCollection.Export([System.Security.Cryptography.X509Certificates.X509ContentType]::Pkcs12,"$(OneIdentity-CodeSigningCertPassword)")
      #     $certpath = '$(Build.BinariesDirectory)/$(codeSigningCertFileName)'
      #     Write-Verbose -Verbose $certpath
      #     [System.IO.File]::WriteAllBytes($certpath, $protectedCertificateBytes)
      #   displayName: 'Save code signing certificate to PFX file'
      #   condition: and(succeeded(), eq(variables.isReleaseBranch, true))

      - task: VSBuild@1
        inputs:
          solution: '$(solution)'
          # msbuildArgs: '/p:SignFiles=true /p:CertificatePassword=$(OneIdentity-CodeSigningCertPassword) /p:CertificatePath="$(Build.BinariesDirectory)/$(codeSigningCertFileName)"'
          platform: '$(buildPlatform)'
          configuration: '$(buildConfiguration)'
        displayName: 'Build $(solution)'