build.yaml

trigger:
- develop
- rel/*
- feature/*
- bugfix/*

pr:
- develop
- rel/*

stages:
- stage: Build
  jobs:
  - job: Build
    pool:
      vmImage: windows-latest

    variables:
      BuildConfiguration: Release
      DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true

    steps:
    - task: UseDotNet@2
      displayName: 'Use .NET Core SDK 3.1.x'
      inputs:
        version: 5.x
        performMultiLevelLookup: true

    - task: DotNetCoreCLI@2
      inputs:
        command: custom
        custom: tool
        arguments: install --tool-path . nbgv
      displayName: Install NBGV tool

    - script: nbgv cloud
      displayName: Set Version

    - task: MSBuild@1
      displayName: 'Build solution Kerberos.NET.sln'
      inputs:
        solution: Kerberos.NET.sln
        configuration: $(BuildConfiguration)
        msbuildArguments: /restore /p:CreatePackage=true
        maximumCpuCount: true

    - task: DotNetCoreCLI@2
      inputs:
        command: test
        projects: Tests/**/*.csproj
        arguments: -c $(BuildConfiguration) --no-build --no-restore --settings CodeCoverage.runsettings --collect:"XPlat Code Coverage" 
      displayName: Run Unit Tests

    - task: DotNetCoreCLI@2
      inputs:
        command: 'pack'
        packagesToPack: './Bruce/Bruce.csproj'
        nobuild: true
        outputDir: $(Build.ArtifactStagingDirectory)
      displayName: Pack Bruce tool
  
    - task: PublishBuildArtifacts@1
      inputs:
        PathtoPublish: '$(Build.ArtifactStagingDirectory)'
        publishLocation: 'Container'

    - task: DotNetCoreCLI@2
      inputs:
        command: custom
        custom: tool
        arguments: install --tool-path . dotnet-reportgenerator-globaltool
      displayName: Install ReportGenerator tool

    - script: reportgenerator -reports:$(Agent.TempDirectory)/**/coverage.cobertura.xml -targetdir:$(Build.SourcesDirectory)/coverlet/reports -reporttypes:"Cobertura"
      displayName: Create reports

    - task: PublishCodeCoverageResults@1
      displayName: 'Publish code coverage'
      inputs:
        codeCoverageTool: Cobertura
        summaryFileLocation: $(Build.SourcesDirectory)/coverlet/reports/Cobertura.xml

    - task: NuGetAuthenticate@0
      displayName: 'NuGet Authenticate'
    - task: NuGetCommand@2
      displayName: 'NuGet push'
      inputs:
        command: push
        publishVstsFeed: 'Kerberos.NET/kerberos.net'
        allowPackageConflicts: true

    - publish: artifacts
      displayName: Publish build packages
      artifact: BuildPackages

    - publish: config
      displayName: Publish Signing Scripts
      artifact: config

- stage: CodeSign
  # condition: and(succeeded('Build'), not(eq(variables['build.reason'], 'PullRequest')))
  jobs:
  - deployment: CodeSign
    displayName: Code Signing
    pool:
      vmImage: windows-latest    
    environment: Code Sign - Approvals
    variables:
    - group: Sign Client Credentials
    strategy:
      runOnce:
        deploy:
          steps:
          # If you have MSCA: https://aka.ms/mscadocs
          # - task: ms-codeanalysis.vss-microsoft-security-code-analysis-devops.build-task-antimalware.AntiMalware@3
          #   displayName: AntiMalware Scan
          #   inputs:
          #     EnableServices: true
          #     FileDirPath: $(Pipeline.Workspace)\BuildPackages

          - task: DotNetCoreCLI@2
            inputs:
              command: custom
              custom: tool
              arguments: install --tool-path . SignClient
            displayName: Install SignTool tool

          - pwsh: |
              .\SignClient "Sign" `
              --baseDirectory "$(Pipeline.Workspace)\BuildPackages" `
              --input "**/*.nupkg" `
              --config "$(Pipeline.Workspace)\config\SignClient.json" `
              --filelist "$(Pipeline.Workspace)\config\filelist.txt" `
              --user "$(SignClientUser)" `
              --secret '$(SignClientSecret)' `
              --name "Kerberos.NET" `
              --description "Kerberos.NET" `
              --descriptionUrl "https://github.com/dotnet/Kerberos.NET"
            displayName: Sign Kerberos.NET
            
          - pwsh: |
              .\SignClient "Sign" `
              --baseDirectory "$(Pipeline.Workspace)\drop" `
              --input "**/*.nupkg" `
              --config "$(Pipeline.Workspace)\config\SignClient.json" `
              --filelist "$(Pipeline.Workspace)\config\filelist.txt" `
              --user "$(SignClientUser)" `
              --secret '$(SignClientSecret)' `
              --name "Bruce" `
              --description "Commandline client for Kerberos.NET" `
              --descriptionUrl "https://github.com/dotnet/Kerberos.NET"
            displayName: Sign Bruce
              
          - publish: $(Pipeline.Workspace)/BuildPackages
            displayName: Publish Signed Packages
            artifact: SignedPackages
              
          - publish: $(Pipeline.Workspace)/Drop
            displayName: Publish Signed Drop
            artifact: SignedDrop