PackNuget签名文件时资源文件没有签名
<Target Name="SignApp" AfterTargets="LogInfo" DependsOnTargets="Build" Condition="'$(TargetPath)' != '' And '$(Configuration)' == 'Release' And $([System.Text.RegularExpressions.Regex]::IsMatch($(DefineConstants), '^(.*;)*PackNuget(;.*)*$'))">
<ItemGroup>
<FilesToSign Include="$(TargetPath)" />
<FilesToSign Include="$(TargetDir)zh\$(AssemblyName).resources.dll" />
<FilesToSign Include="$(TargetDir)en\$(AssemblyName).resources.dll" />
</ItemGroup>
<Exec Command=""$(WoSign)" sign^
/tp $(CaTp)^
/p $(CaKey) /c /dig sha256 /tr http://timestamp.digicert.com^
/file "%(FilesToSign.Identity)""
Condition="Exists('%(FilesToSign.Identity)')" />
</Target>
<Target Name="PackNuget" AfterTargets="SignApp" Condition="'$(TargetPath)' == '' And '$(Configuration)' == 'Release' And $([System.Text.RegularExpressions.Regex]::IsMatch($(DefineConstants), '^(.*;)*PackNuget(;.*)*$'))">
<Message Text="Start to Pack Nuget and Push to Server" Importance="high" />
<PropertyGroup>
<NugetOutDir>$(MSBuildThisFileDirectory)Build\NugetPackage</NugetOutDir>
</PropertyGroup>
<Message Text="Start Pack nuget, MSBuildProjectName: $(MSBuildProjectName)" Importance="high" />
<!-- 调用 PowerShell 脚本获取版本号 -->
<!--BuildNugetFileVersion 需要在环境变量中指定用于生成powershell文件的路径-->
<Exec Command="powershell -NoProfile -ExecutionPolicy Bypass -File $(GetNugetPackageVersion) -IsPre $(IsPreNuget)" ConsoleToMSBuild="true">
<Output TaskParameter="ConsoleOutput" PropertyName="VersionNumber" />
</Exec>
<Message Text="Version Number: $(NugetOutDir),Version: $(VersionNumber)" Importance="high" />
<Exec Command="dotnet pack --output $(NugetOutDir) ^
--no-build --no-restore --configuration $(Configuration) ^
/p:Version=$(VersionNumber) /p:AssemblyVersion=$(VersionNumber)"/>
<Message Text="Try to Delete,Nuget Name: $(AssemblyName), Version: $(VersionNumber) from Nuget Server $(NugetServer)" Importance="high" />
<Message Text="Push: $(NugetOutDir)\$(AssemblyName).$(VersionNumber).nupkg to Nuget Server $(NugetServer)" Importance="high" />
<Exec Command="dotnet nuget push $(NugetOutDir)\$(AssemblyName).$(VersionNumber).nupkg^
--source $(NugetServer) ^
--api-key $(NugetApiKey) --skip-duplicate"
Condition="Exists('$(NugetOutDir)\$(AssemblyName).$(VersionNumber).nupkg')" />
</Target>
这是之前的签名后打包的流程,现象是发布的Nuget资源包发现资源文件没有签名。后经调研不能直接签名TargetPath bin下的文件,需要对obj下的文件进行签名才可以,然后pack的时候会去找obj下的文件,并且为了增加灵活性待签名的资源文件改为动态查找。
<PropertyGroup Condition="'$(Configuration)' == 'Release' ">
<SignAssembly>true</SignAssembly>
<!-- 禁用默认的并行编译,否则CA签名工具因无法多开而报错,从而无法签名完成 -->
<BuildInParallel>false</BuildInParallel>
<AssemblyOriginatorKeyFile>$(Snk)</AssemblyOriginatorKeyFile>
<!--生成WPF临时文件时才为True-->
<_IsWpfTempProject Condition="$(MSBuildProjectName.EndsWith('_wpftmp'))">true</_IsWpfTempProject>
</PropertyGroup>
<!--收集obj下需要签名的文件(包括资源文件)、IsPackable:测试项目下为false-->
<Target Name="CollectFiles" Condition="'$(IsPackable)' == 'true' And $(_IsWpfTempProject)=='' And '$(Configuration)' == 'Release' And $([System.Text.RegularExpressions.Regex]::IsMatch($(DefineConstants), '^(.*;)*SignApp(;.*)*$'))" AfterTargets="CoreCompile" DependsOnTargets="ComputeIntermediateSatelliteAssemblies">
<ItemGroup>
<!--obj下资源文件绝对路径-->
<NeededFiles Include="$(MSBuildProjectDirectory)\%(IntermediateSatelliteAssembliesWithTargetPath.Identity)" Condition="'%(IntermediateSatelliteAssembliesWithTargetPath.Identity)' !='' "></NeededFiles>
<!--obj下主文件绝对路径-->
<NeededFiles Include="$(MSBuildProjectDirectory)\%(IntermediateAssembly.Identity)"></NeededFiles>
</ItemGroup>
<!--输出的obj绝对路径-->
<Message Text="NeededFiles: %(NeededFiles.Identity)" Importance="high"></Message>
</Target>
<!--obj下的文件签名后再拷贝到bin目录下。-->
<Target Name="SignApp" DependsOnTargets="CollectFiles" BeforeTargets="CopyFilesToOutputDirectory" Condition="'$(TargetPath)' != '' And '$(Configuration)' == 'Release' And $([System.Text.RegularExpressions.Regex]::IsMatch($(DefineConstants), '^(.*;)*SignApp(;.*)*$'))">
<Exec Command=""$(WoSign)" sign^
/tp $(CaTp)^
/p $(CaKey) /c /dig sha256 /tr http://timestamp.digicert.com^
/file "%(NeededFiles.Identity)""
Condition="Exists('%(NeededFiles.Identity)')"/>
</Target>
<Target Name="PackNuget" Condition="'$(Configuration)' == 'Release' And $([System.Text.RegularExpressions.Regex]::IsMatch($(DefineConstants), '^(.*;)*PackNuget(;.*)*$'))">
<Message Text="Start to Pack Nuget and Push to Server" Importance="high" />
<PropertyGroup>
<NugetOutDir>$(MSBuildThisFileDirectory)Build\NugetPackage</NugetOutDir>
</PropertyGroup>
<Message Text="Start Pack nuget, MSBuildProjectName: $(MSBuildProjectName)" Importance="high" />
<!-- 调用 PowerShell 脚本获取版本号 -->
<!--BuildNugetFileVersion 需要在环境变量中指定用于生成powershell文件的路径-->
<Exec Command="powershell -NoProfile -ExecutionPolicy Bypass -File $(GetNugetPackageVersion) -IsPre $(IsPreNuget)" ConsoleToMSBuild="true">
<Output TaskParameter="ConsoleOutput" PropertyName="VersionNumber" />
</Exec>
<Message Text="Version Number: $(NugetOutDir),Version: $(VersionNumber)" Importance="high" />
<Exec Command="dotnet pack --output $(NugetOutDir) ^
--no-build --no-restore --configuration $(Configuration) ^
/p:Version=$(VersionNumber) /p:AssemblyVersion=$(VersionNumber)"/>
<Message Text="Try to Delete,Nuget Name: $(AssemblyName), Version: $(VersionNumber) from Nuget Server $(NugetServer)" Importance="high" />
<Message Text="Push: $(NugetOutDir)\$(AssemblyName).$(VersionNumber).nupkg to Nuget Server $(NugetServer)" Importance="high" />
<Exec Command="dotnet nuget push $(NugetOutDir)\$(AssemblyName).$(VersionNumber).nupkg^
--source $(NugetServer) ^
--api-key $(NugetApiKey) --skip-duplicate"
Condition="Exists('$(NugetOutDir)\$(AssemblyName).$(VersionNumber).nupkg')" />
</Target>
这是修改后的签名、发布流程。这里做了一个obj下的文件签名后再拷贝到bin目录下的操作,正常应该pack的时候直接找obj下的,但是不知道为啥有的资源文件会找bin下的,暂时没有找到原因。
浙公网安备 33010602011771号