Skip to content

Commit

Permalink
update esrp params
Browse files Browse the repository at this point in the history
  • Loading branch information
@joaomoreno
joaomoreno committed Nov 22, 2024
1 parent b82ed8d commit bb41bf6
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 2 deletions.
11 changes: 10 additions & 1 deletion build/azure-pipelines/common/sign.js
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

13 changes: 12 additions & 1 deletion build/azure-pipelines/common/sign.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,16 @@ export function main([esrpCliPath, type, folderPath, pattern]: string[]) {
const tmp = new Temp();
process.on('exit', () => tmp.dispose());

const key = crypto.randomBytes(32);
const iv = crypto.randomBytes(16);
const encryptionDetailsPath = tmp.tmpNameSync();
fs.writeFileSync(encryptionDetailsPath, JSON.stringify({ key: key.toString('hex'), iv: iv.toString('hex') }));

const cipher = crypto.createCipheriv('aes-256-cbc', key, iv);
const encryptedToken = cipher.update(process.env['SYSTEM_ACCESSTOKEN']!.trim(), 'utf8', 'hex') + cipher.final('hex');
const encryptedTokenPath = tmp.tmpNameSync();
fs.writeFileSync(encryptedTokenPath, encryptedToken);

const patternPath = tmp.tmpNameSync();
fs.writeFileSync(patternPath, pattern);

Expand All @@ -157,7 +167,8 @@ export function main([esrpCliPath, type, folderPath, pattern]: string[]) {
managedIdentityTenantId: process.env['VSCODE_ESRP_TENANT_ID'],
serviceConnectionId: process.env['VSCODE_ESRP_SERVICE_CONNECTION_ID'],
tempDirectory: os.tmpdir(),
systemAccessToken: process.env['SYSTEM_ACCESSTOKEN']
systemAccessToken: encryptedTokenPath,
encryptionKey: encryptionDetailsPath
};

const args = [
Expand Down

0 comments on commit bb41bf6

Please sign in to comment.