I have successfully implemented the code signing task in a YAML-based pipeline like so:
- task: CodeSigning@2
displayName: 'Sign Artifacts'
inputs:
secureFileId: 'File.pfx'
signCertPassword: 'password'
files: $(Build.StagingDirectory)\**\!(Newtonsoft*|System*|Microsoft*).+(dll|exe)
timeServer: 'http://timestamp.digicert.com'
hashingAlgorithm: 'SHA256'
description: 'Description text'In order to speed up our pre-merge validation builds, I recently added a condition to several of our pack/publish tasks so that they will be skipped when they are not needed. For the code signing task, the condition is implemented like so:
- task: CodeSigning@2
condition: eq(variables.IsPR, 'false')
displayName: 'Sign Artifacts'
inputs:
secureFileId: 'File.pfx'
signCertPassword: 'password'
files: $(Build.StagingDirectory)\**\!(Newtonsoft*|System*|Microsoft*).+(dll|exe)
timeServer: 'http://timestamp.digicert.com'
hashingAlgorithm: 'SHA256'
description: 'Description text'I have also tried using the eq(variables['IsPr'], 'false') syntax for the condition but the result was the same. In either case, when the IsPR variable is true, the task is skipped as expected. But when the IsPR variable is false, the task produces the following error:
2021-05-17T19:00:53.9717474Z Signing file: (Redacted filepath)
2021-05-17T19:00:53.9739929Z [command]C:\DevOps_Agent\_work\_tasks\codesigning_0e0f3bf7-d96c-45d6-aa76-f9afb71fb77e\2.2.0\signtool.exe sign /fd SHA256 /t http://timestamp.digicert.com /f "" /p password /d "Description text" (Redacted filepath)
2021-05-17T19:00:54.0136355Z SignTool Error: File not found: undefined
2021-05-17T19:00:54.0136734Z
2021-05-17T19:00:54.0162483Z
2021-05-17T19:00:54.0532759Z ##[error]Error: The process 'C:\DevOps_Agent\_work\_tasks\codesigning_0e0f3bf7-d96c-45d6-aa76-f9afb71fb77e\2.2.0\signtool.exe' failed with exit code 1
2021-05-17T19:00:54.0646031Z ##[section]Finishing: Sign Artifacts
The /f argument should have the path to the .pfx file, but instead it passes an empty string. If the condition is removed from the code signing task, then it runs successfully as expected.
I have successfully implemented the code signing task in a YAML-based pipeline like so:
In order to speed up our pre-merge validation builds, I recently added a condition to several of our pack/publish tasks so that they will be skipped when they are not needed. For the code signing task, the condition is implemented like so:
I have also tried using the
eq(variables['IsPr'], 'false')syntax for the condition but the result was the same. In either case, when theIsPRvariable istrue, the task is skipped as expected. But when theIsPRvariable isfalse, the task produces the following error:The
/fargument should have the path to the .pfx file, but instead it passes an empty string. If the condition is removed from the code signing task, then it runs successfully as expected.