我有一个自托管的生成代理,用于从VSTS生成.NET 4.7.2应用程序。在我的管道中,我使用Squirrel.Windows构建了一个Installer,除了二进制文件和随后的安装程序签名之外,其他所有程序都运行顺利。
这是打包安装程序的Powershell脚本的一部分:
function Squirrelify{
param(
$AppName,
$BuildConfiguration,
$BinariesDirectory
)
Set-Alias Squirrel '.\imBackend\util\squirrel_tools\Squirrel.exe'
Set-Alias Signtool 'C:\Program Files (x86)\Microsoft SDKs\ClickOnce\SignTool\signtool.exe'
$ReleaseDirectory = "$BinariesDirectory\Releases"
# build paths
$OutputDirectory = "$ReleaseDirectory\DeployPackages\$AppName\" + $BuildInfo.Branch
$BasePath = $BinariesDirectory + "\$AppName\bin\Release"
# create Nuspec file from template
$NugetInfo = (MakeNuspec -ApplicationName $AppName)
# sign binaries
Write-Host Trying to sign binaries in $BasePath
Signtool sign /v /n Dresen /t http://timestamp.digicert.com $BasePath\*.dll $BasePath\*.exe | Write-Host
# pack it
Write-Host Trying to pack Configuration $BuildConfiguration from $NugetInfo.NuspecFileName to $NugetInfo.NupkgFileName into $OutputDirectory BasePath is $BasePath
nuget pack $NugetInfo.NuspecFileName -Version $BuildInfo.SemVer -Properties Configuration="$BuildConfiguration" -OutputDirectory "$OutputDirectory" -BasePath "$BasePath"
###########################
# create squirrel installer
###########################
$SquirrelSourcePackage = "$OutputDirectory\" + $NugetInfo.NupkgFileName
$SquirrelReleaseDirectory = "$ReleaseDirectory\$AppName\" + $BuildInfo.Branch
# releasify
Write-Host "Releasifying $SquirrelSourcePackage -> $SquirrelReleaseDirectory"
Squirrel --releasify $SquirrelSourcePackage --releaseDir $SquirrelReleaseDirectory | Write-Host
# sign installer files
Signtool sign /v /n Dresen /t http://timestamp.digicert.com $SquirrelReleaseDirectory\Setup.exe $SquirrelReleaseDirectory\Setup.msi | Write-Host
}
这是该任务的完整输出:
2018-07-28T11:42:31.8123466Z ##[section]Starting: Create Squirrel Installer
2018-07-28T11:42:31.8127937Z ==============================================================================
2018-07-28T11:42:31.8128218Z Task : PowerShell
2018-07-28T11:42:31.8128330Z Description : Run a PowerShell script on Windows, macOS, or Linux.
2018-07-28T11:42:31.8128453Z Version : 2.136.0
2018-07-28T11:42:31.8128548Z Author : Microsoft Corporation
2018-07-28T11:42:31.8128663Z Help : [More Information](https://go.microsoft.com/fwlink/?LinkID=613736)
2018-07-28T11:42:31.8128785Z ==============================================================================
2018-07-28T11:42:32.9293302Z Generating script.
2018-07-28T11:42:32.9393795Z Formatted command: . 'C:\agent\_work\1\s\imBackend\PostBuildScript.ps1' -BuildConfiguration Release -BinariesDirectory C:\agent\_work\1\a
2018-07-28T11:42:33.0109805Z ##[command]"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoLogo -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -Command ". 'C:\agent\_work\_temp\b93f5747-c0d9-49e9-a079-0deb8ab3bc4a.ps1'"
2018-07-28T11:42:33.9288388Z Updating NugetPackageName Variable for Process
2018-07-28T11:42:33.9318288Z Trying to sign binaries in C:\agent\_work\1\a\WPFDeployTest\bin\Release
2018-07-28T11:42:33.9568860Z The following certificate was selected:
2018-07-28T11:42:33.9569695Z Issued to: Dresen und Grun GbR
2018-07-28T11:42:33.9569859Z
2018-07-28T11:42:33.9570033Z Issued by: thawte SHA256 Code Signing CA - G2
2018-07-28T11:42:33.9570188Z
2018-07-28T11:42:33.9570354Z Expires: Sat Mar 02 23:59:59 2019
2018-07-28T11:42:33.9570484Z
2018-07-28T11:42:33.9570651Z SHA1 hash: 547CDFE07FB478033E0B9F1E9C10FF22AA90E9E3
2018-07-28T11:42:33.9570802Z
2018-07-28T11:42:33.9570924Z
2018-07-28T11:42:33.9571083Z Done Adding Additional Store
2018-07-28T11:42:34.2674054Z Trying to pack Configuration Release from C:\agent\_work\1\s\imBackend\WPFDeployTest.nuspec to WPFDeployTest.1.0.34.nupkg into C:\agent\_work\1\a\Releases\DeployPackages\WPFDeployTest\Stable BasePath is C:\agent\_work\1\a\WPFDeployTest\bin\Release
2018-07-28T11:42:34.7840009Z Attempting to build package from 'WPFDeployTest.nuspec'.
2018-07-28T11:42:35.2935047Z Successfully created package 'C:\agent\_work\1\a\Releases\DeployPackages\WPFDeployTest\Stable\WPFDeployTest.1.0.34.nupkg'.
2018-07-28T11:42:35.3411736Z Releasifying C:\agent\_work\1\a\Releases\DeployPackages\WPFDeployTest\Stable\WPFDeployTest.1.0.34.nupkg -> C:\agent\_work\1\a\Releases\WPFDeployTest\Stable
2018-07-28T11:42:36.9636469Z
2018-07-28T11:42:39.8226626Z The following certificate was selected:
2018-07-28T11:42:39.8227431Z Issued to: Dresen und Grun GbR
2018-07-28T11:42:39.8227599Z
2018-07-28T11:42:39.8227782Z Issued by: thawte SHA256 Code Signing CA - G2
2018-07-28T11:42:39.8227944Z
2018-07-28T11:42:39.8228117Z Expires: Sat Mar 02 23:59:59 2019
2018-07-28T11:42:39.8228251Z
2018-07-28T11:42:39.8228430Z SHA1 hash: 547CDFE07FB478033E0B9F1E9C10FF22AA90E9E3
2018-07-28T11:42:39.8228633Z
2018-07-28T11:42:39.8228760Z
2018-07-28T11:42:39.8228930Z Done Adding Additional Store
2018-07-28T11:42:39.9227507Z PostBuildScript done.
2018-07-28T11:42:40.0272475Z ##[error]PowerShell exited with code '1'.
2018-07-28T11:42:40.0621056Z ##[section]Finishing: Create Squirrel Installer
您可以看到选择了(正确的)证书,然后在“完成添加其他存储”之后,继续进行下一步。
奇怪的是,该脚本以错误代码退出,但是一切都按预期进行了打包,管道完成并且安装程序被升级-但未签名。
当我在Powershell上以“ nt权限/网络服务”用户身份在托管构建代理的服务器上运行完全相同的命令时,该命令将完成而不会出现问题。
PS C:\Windows\system32> Signtool sign /v /n Dresen /t http://timestamp.digicert.com C:\agent\_work\1\a\WPFDeployTest\bin\Release\*.dll C:\agent\_work\1\a\WPFDeployTest\bin\Release\*.exe
The following certificate was selected:
Issued to: Dresen und Grun GbR
Issued by: thawte SHA256 Code Signing CA - G2
Expires: Sat Mar 02 23:59:59 2019
SHA1 hash: 547CDFE07FB478033E0B9F1E9C10FF22AA90E9E3
Done Adding Additional Store
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\CSharpLibrary.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\DeltaCompressionDotNet.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\DeltaCompressionDotNet.MsDelta.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\DeltaCompressionDotNet.PatchApi.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\imLogging.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\imUtilities.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\imUtilitiesNET46.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\log4net.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\Microsoft.Web.Infrastructure.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\Mono.Cecil.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\Mono.Cecil.Mdb.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\Mono.Cecil.Pdb.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\Mono.Cecil.Rocks.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\Newtonsoft.Json.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\NuGet.Squirrel.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\PropertyChanged.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\SharpCompress.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\Splat.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\Squirrel.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\System.Web.Helpers.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\System.Web.Razor.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\System.Web.WebPages.Deployment.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\System.Web.WebPages.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\UpdateManager.dll
Successfully signed: C:\agent\_work\1\a\WPFDeployTest\bin\Release\WPFDeployTest.exe
Number of files successfully Signed: 25
Number of warnings: 0
Number of errors: 0
我偶然发现了许多问题,无法完成这个复杂的构建流程,但是我无法克服。我在这里想念什么?