Merge pull request #2460 from github/azure-pipelines/certificate-sha1

Sign the VSIX

Author: jcansdale

.github/workflows/main.yml

@@ -53,6 +53,10 @@ jobs:
         GitHubVS_ClientId: ${{ secrets.GitHubVS_ClientId }}
         GitHubVS_ClientSecret: ${{ secrets.GitHubVS_ClientSecret }}
 
+    - name: Sign the VSIX
+      if: github.ref == 'refs/heads/master'
+      run: tools/vsixsigntool/vsixsigntool.exe sign /f certificate.pfx /p '${{ secrets.CERTIFICATE_PASSWORD }}' /sha1 9c5a6d389e1454f2ed9ee9419cdf743689709f9c /fd sha256 /tr http://timestamp.digicert.com /td sha256 ${{ env.vsixContainer }}
+      
     - name: Upload VSIX artifact
       uses: actions/upload-artifact@v1
       with:

GitHubVS.sln

@@ -13,6 +13,7 @@ EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Meta", "Meta", "{72036B62-2FA6-4A22-8B33-69F698A18CF1}"
 	ProjectSection(SolutionItems) = preProject
 		.editorconfig = .editorconfig
+		.github\workflows\main.yml = .github\workflows\main.yml
 		README.md = README.md
 		version.json = version.json
 	EndProjectSection

azure-pipelines.yml

@@ -100,12 +100,11 @@ jobs:
     inputs:
       secureFile: certificate.pfx
 
-# Disable VSIX signing
-#  - script: $(vsixsigntool_exe.secureFilePath) sign /f $(certificate_pfx.secureFilePath) /p "$(certificate_password)" /sha1 c4fdf13659f49e57ac14774fdf45053f499f185f /fd sha256 /tr http://timestamp.digicert.com /td sha256 $(ArtifactDirectory)\GitHub.VisualStudio.vsix
-#    displayName: Sign the GitHub for Visual Studio VSIX
-#
-#  - script: $(vsixsigntool_exe.secureFilePath) sign /f $(certificate_pfx.secureFilePath) /p "$(certificate_password)" /sha1 c4fdf13659f49e57ac14774fdf45053f499f185f /fd sha256 /tr http://timestamp.digicert.com /td sha256 $(ArtifactDirectory)\GitHub.VisualStudio.16.vsix
-#    displayName: Sign the GitHub Essentials VSIX
+  - script: $(vsixsigntool_exe.secureFilePath) sign /f $(certificate_pfx.secureFilePath) /p "$(certificate_password)" /sha1 9c5a6d389e1454f2ed9ee9419cdf743689709f9c /fd sha256 /tr http://timestamp.digicert.com /td sha256 $(ArtifactDirectory)\GitHub.VisualStudio.vsix
+    displayName: Sign the GitHub for Visual Studio VSIX
+
+  - script: $(vsixsigntool_exe.secureFilePath) sign /f $(certificate_pfx.secureFilePath) /p "$(certificate_password)" /sha1 9c5a6d389e1454f2ed9ee9419cdf743689709f9c /fd sha256 /tr http://timestamp.digicert.com /td sha256 $(ArtifactDirectory)\GitHub.VisualStudio.16.vsix
+    displayName: Sign the GitHub Essentials VSIX
 
   - task: PublishBuildArtifacts@1
     inputs: