Automatize a assinatura de código com Jenkins, Azure Key Vault e AzureSignTool
28 de set. de 2025
Automatize a assinatura de código com Jenkins, Azure Key Vault e AzureSignTool
|
VISÃO GERAL: Esta página orienta você pelo processo de configuração de um pipeline de CI/CD usando o Jenkins para automatizar a assinatura de código de executáveis do Windows (.exe) com um Certificado de Assinatura de Código da GlobalSign armazenado no Azure Key Vault. Ao concluir este procedimento, você poderá configurar o Jenkins para automação de CI/CD, integrar o Azure Key Vault com o AzureSignTool e assinar e verificar automaticamente seus executáveis do Windows. Saiba mais sobre o gerenciamento de certificados de assinatura de código e outras perguntas frequentes aqui. |
Pré-requisitos
-
O Jenkins está instalado e acessível
-
Agente de compilação do Windows com o AzureSignTool instalado
-
Uma entidade de serviço com acesso ao Key Vault
-
Repositório GitHub contendo seu código e artefatos de compilação (por exemplo, .exe, .dll)
Diretrizes
Etapa 1: Configure o Webhook do GitHub
-
Acesse seu repositório GitHub.
-
Navegue até Configurações> Webhooks.
-
Clique em Adicionar webhook.
-
Preencha os campos obrigatórios com os detalhes.
|
IMPORTANTE: O endereço IP mostrado na imagem é do servidor Jenkins, que pode ser alterado. Essa configuração aciona uma compilação do Jenkins sempre que o código é enviado para o repositório. |
Etapa 2: Instalar o AzureSignTool
-
Para instalar o Azure Signtool, certifique-se de ter o SDK .NET mais recente instalado, abra o PowerShell do administrador e use o seguinte comando:
dotnet tool install --global AzureSignTool
Etapa 3: atribuir acesso ao Azure Key Vault
-
Acesse o Azure Key Vault > Políticas de acesso.
-
Clique em + Adicionar política de acesso.
-
Defina as seguintes permissões em Permissões de Certificado:
• Obter
• Listar
• Assinar
• Verificar -
Atribua a política ao seu principal de serviço ou registro de aplicativo.
-
Clique em Adicionar > Salvar.
Etapa 4: Configurar o Jenkins
-
Instale os plug-ins necessários:
• Plug-in .NET SDK
• Plug-in GitHub -
Configure a ferramenta .NET SDK:
• Vá para Gerenciar Jenkins > Configuração global da ferramenta.
• Adicione uma nova instalação do .NET SDK e marque “Instalar automaticamente”.
Etapa 5: Crie o pipeline do Jenkins
-
No Jenkins, vá para Painel > Novo item.
-
Digite um nome (por exemplo, CodeSigningPipeline), selecione Pipeline e clique em OK.
-
Em Gatilhos, selecione Gatilho de gancho GitHub para pesquisa GITScm.
Observação: isso garantirá que quaisquer alterações que ocorram no repositório GitHub acionarão a compilação na tarefa do Jenkins. -
Role até a seção Pipeline e, em Definition, selecione Pipeline script.
-
Cole o script declarativo do pipeline abaixo:
pipeline {
agent any
environment {
DOTNET_ROOT = "${tool 'dotnet-sdk'}"
PATH = "${env.DOTNET_ROOT}/bin:${env.PATH}"
WIN_SERVER_IP = "IP_ADDR"
CREDS_ID = "CREDS_ID_VALUE"
}
triggers {
githubPush()
}
stages {
stage('Checkout') {
steps {
checkout([$class: 'GitSCM',
branches: [[name: '*/main']],
userRemoteConfigs: [[
url: 'https://github.com/PrashantGSIN/CodeSigningAutomation.git',
credentialsId: 'CodeSigningAutomation'
]]
])
}
}
stage('Restore') {
steps {
sh 'dotnet restore'
}
}
stage('Build') {
steps {
sh 'dotnet build -c Release'
}
}
stage('Publish') {
steps {
sh 'dotnet publish -c Release -r win-x64 --self-contained true /p:PublishSingleFile=true'
}
}
stage('Archive Executable') {
steps {
archiveArtifacts artifacts: '**/*.exe', fingerprint: true
}
}
stage('Transfer Executable to Windows Server') {
steps {
sshagent(credentials: [CREDS_ID]) {
sh """
scp -o StrictHostKeyChecking=no \
/var/lib/jenkins/workspace/CodeSigningAutomated/bin/Release/net9.0/win-x64/publish/HelloWorldApp.exe \
administrator@${WIN_SERVER_IP}:"C:/Users/Administrator/Desktop/"
"""
}
}
}
stage('Create Signing Script on Windows Server') {
steps {
sshagent(credentials: [CREDS_ID]) {
sh '''
# Create a more robust signing script
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo # Code Signing Script > C:\\Users\\Administrator\\Desktop\\sign.ps1"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo Write-Host 'Setting up environment...' >> C:\\Users\\Administrator\\Desktop\\sign.ps1"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo \\\$env:PATH += ';C:\\Users\\Administrator\\.dotnet\\tools' >> C:\\Users\\Administrator\\Desktop\\sign.ps1"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo Write-Host 'Starting code signing...' >> C:\\Users\\Administrator\\Desktop\\sign.ps1"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo Write-Host 'Using AzureSignTool...' >> C:\\Users\\Administrator\\Desktop\\sign.ps1"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo AzuresignTool sign -kvu 'https://signingcode.vault.azure.net/' -kvc 'CodeSigningHSM' -kvi 'kvi_value' -kvs 'kvs_value' --azure-key-vault-tenant-id 'key_vault_tenant_id' -tr 'http://timestamp.globalsign.com/tsa/advanced' -td sha256 'C:\\Users\\Administrator\\Desktop\\HelloWorldApp.exe' >> C:\\Users\\Administrator\\Desktop\\sign.ps1"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo Write-Host 'Signing process completed.' >> C:\\Users\\Administrator\\Desktop\\sign.ps1"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo Write-Host 'Exit code:' \\\$LASTEXITCODE >> C:\\Users\\Administrator\\Desktop\\sign.ps1"
'''
}
}
}
stage('Sign Executable on Windows Server') {
steps {
sshagent(credentials: [CREDS_ID]) {
sh '''
# Debug: Show the signing script content before execution
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo Signing script content: && type C:\\Users\\Administrator\\Desktop\\sign.ps1"
# Debug: Check if AzureSignTool is available
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -Command \\"Write-Host 'Checking AzureSignTool availability...'; try { \\\$env:PATH += ';C:\\\\Users\\\\Administrator\\\\.dotnet\\\\tools'; AzuresignTool --help | Select-Object -First 5; Write-Host 'AzureSignTool found ✓' } catch { Write-Host 'AzureSignTool not found ✗'; Write-Host 'Error:' \\\$_.Exception.Message }\\""
# Execute the signing script with verbose output
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -ExecutionPolicy Bypass -Command \\"Write-Host 'Starting code signing process...'; \\\$env:PATH += ';C:\\\\Users\\\\Administrator\\\\.dotnet\\\\tools'; Write-Host 'Updated PATH:' \\\$env:PATH; try { & 'C:\\\\Users\\\\Administrator\\\\Desktop\\\\sign.ps1' } catch { Write-Host 'Signing script execution failed:' \\\$_.Exception.Message }\\""
# Alternative: Run signing command directly for debugging
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -ExecutionPolicy Bypass -Command \\"Write-Host 'Attempting direct signing...'; \\\$env:PATH += ';C:\\\\Users\\\\Administrator\\\\.dotnet\\\\tools'; try { AzuresignTool sign -kvu 'https://signingcode.vault.azure.net/' -kvc 'CodeSigningHSM' -kvi '7f9e5afe-8d5a-475e-9447-49d3f02914d9' -kvs 'oir8Q~WJodlbcMvyktSbOMJQs2yiQbs4RXE3QcXq' --azure-key-vault-tenant-id 'caf959d5-9c81-416b-a133-ae88c20d857c' -tr 'http://timestamp.globalsign.com/tsa/advanced' -td sha256 'C:\\\\Users\\\\Administrator\\\\Desktop\\\\HelloWorldApp.exe' } catch { Write-Host 'Direct signing failed:' \\\$_.Exception.Message; Write-Host 'Exit code:' \\\$LASTEXITCODE }\\""
'''
}
}
}
stage('Verify Code Signature') {
steps {
sshagent(credentials: [CREDS_ID]) {
sh '''
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -Command \\"Get-AuthenticodeSignature 'C:\\Users\\Administrator\\Desktop\\HelloWorldApp.exe' | Format-List\\""
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -Command \\"Write-Host 'Certificate Chain Verification:'; \\\$sig = Get-AuthenticodeSignature 'C:\\Users\\Administrator\\Desktop\\HelloWorldApp.exe'; if(\\\$sig.SignerCertificate) { Write-Host 'File is SIGNED'; Write-Host 'Signer:' \\\$sig.SignerCertificate.Subject; Write-Host 'Valid From:' \\\$sig.SignerCertificate.NotBefore; Write-Host 'Valid Until:' \\\$sig.SignerCertificate.NotAfter; if(\\\$sig.TimeStamperCertificate) { Write-Host 'Timestamped: YES' } else { Write-Host 'Timestamped: NO' } } else { Write-Host 'File is NOT SIGNED' }\\""
'''
}
}
}
stage('Deploy Application') {
steps {
sshagent(credentials: [CREDS_ID]) {
sh '''
# Create deployment directory
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "if not exist C:\\\\Apps\\\\HelloWorldApp mkdir C:\\\\Apps\\\\HelloWorldApp"
# Stop existing service if running (ignore errors if service doesn't exist)
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "sc stop HelloWorldApp 2>nul || echo Service not running or doesn't exist"
# Copy signed executable to deployment directory
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "copy C:\\\\Users\\\\Administrator\\\\Desktop\\\\HelloWorldApp.exe C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe /Y"
# Create application configuration file
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo # HelloWorldApp Configuration > C:\\\\Apps\\\\HelloWorldApp\\\\config.txt"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo Deployed on: %date% %time% >> C:\\\\Apps\\\\HelloWorldApp\\\\config.txt"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo Version: 1.0 >> C:\\\\Apps\\\\HelloWorldApp\\\\config.txt"
# Create deployment script for easy management
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo @echo off > C:\\\\Apps\\\\HelloWorldApp\\\\run.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo echo Starting HelloWorldApp... >> C:\\\\Apps\\\\HelloWorldApp\\\\run.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe >> C:\\\\Apps\\\\HelloWorldApp\\\\run.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo pause >> C:\\\\Apps\\\\HelloWorldApp\\\\run.bat"
# Test the deployed application
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe"
'''
}
}
}
stage('Create Windows Service (Optional)') {
when {
// Only run this stage if you want to create a Windows service
expression { return true } // Set to false to skip service creation
}
steps {
script {
try {
sshagent(credentials: [CREDS_ID]) {
sh '''
# First, check if service already exists and remove it
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -Command \\"Write-Host 'Checking for existing service...'; try { \\\$service = Get-Service -Name 'HelloWorldApp' -ErrorAction SilentlyContinue; if(\\\$service) { Write-Host 'Stopping existing service...'; Stop-Service -Name 'HelloWorldApp' -Force -ErrorAction SilentlyContinue; Start-Sleep -Seconds 2; Write-Host 'Removing existing service...'; sc.exe delete HelloWorldApp | Out-Null; Start-Sleep -Seconds 2 } } catch { Write-Host 'No existing service found' }\\""
# Create Windows Service using sc.exe with proper error handling
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -Command \\"Write-Host 'Creating Windows Service...'; try { \\\$result = Start-Process -FilePath 'sc.exe' -ArgumentList 'create', 'HelloWorldApp', 'binPath=', 'C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe', 'start=', 'manual', 'DisplayName=', 'HelloWorld Application' -Wait -PassThru -NoNewWindow; if(\\\$result.ExitCode -eq 0) { Write-Host 'Service created successfully'; \\\$descResult = Start-Process -FilePath 'sc.exe' -ArgumentList 'description', 'HelloWorldApp', 'HelloWorld Application - Deployed via Jenkins CI/CD Pipeline' -Wait -PassThru -NoNewWindow; if(\\\$descResult.ExitCode -eq 0) { Write-Host 'Service description set successfully' } else { Write-Host 'Service created but description setting failed' }; Write-Host 'Service configuration completed' } else { Write-Host 'Service creation failed with exit code:' \\\$result.ExitCode } } catch { Write-Host 'Service creation encountered an error:' \\\$_.Exception.Message }\\""
# Verify service creation
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -Command \\"Write-Host 'Verifying service creation...'; try { \\\$service = Get-Service -Name 'HelloWorldApp' -ErrorAction SilentlyContinue; if(\\\$service) { Write-Host 'Service Status:' \\\$service.Status; Write-Host 'Service Name:' \\\$service.ServiceName; Write-Host 'Display Name:' \\\$service.DisplayName; Write-Host 'Service successfully registered' } else { Write-Host 'Service not found - creation may have failed' } } catch { Write-Host 'Service verification failed:' \\\$_.Exception.Message }\\""
# Set service to start automatically (optional)
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "powershell.exe -Command \\"Write-Host 'Configuring service startup...'; try { sc.exe config HelloWorldApp start= auto | Out-Null; Write-Host 'Service configured for automatic startup' } catch { Write-Host 'Service startup configuration failed' }\\""
'''
}
echo "Service creation completed successfully"
} catch (Exception e) {
echo "Service creation encountered issues: ${e.getMessage()}"
echo "Check if the application is compatible with Windows Service hosting"
}
}
}
}
stage('Service Management') {
when {
expression { return true } // Set to false to skip service management
}
steps {
sshagent(credentials: [CREDS_ID]) {
sh '''
# Create service management scripts
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo @echo off > C:\\\\Apps\\\\HelloWorldApp\\\\start-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo echo Starting HelloWorldApp Service... >> C:\\\\Apps\\\\HelloWorldApp\\\\start-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo net start HelloWorldApp >> C:\\\\Apps\\\\HelloWorldApp\\\\start-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo echo Service started successfully >> C:\\\\Apps\\\\HelloWorldApp\\\\start-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo pause >> C:\\\\Apps\\\\HelloWorldApp\\\\start-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo @echo off > C:\\\\Apps\\\\HelloWorldApp\\\\stop-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo echo Stopping HelloWorldApp Service... >> C:\\\\Apps\\\\HelloWorldApp\\\\stop-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo net stop HelloWorldApp >> C:\\\\Apps\\\\HelloWorldApp\\\\stop-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo echo Service stopped successfully >> C:\\\\Apps\\\\HelloWorldApp\\\\stop-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo pause >> C:\\\\Apps\\\\HelloWorldApp\\\\stop-service.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo @echo off > C:\\\\Apps\\\\HelloWorldApp\\\\service-status.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo echo Checking HelloWorldApp Service Status... >> C:\\\\Apps\\\\HelloWorldApp\\\\service-status.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo sc query HelloWorldApp >> C:\\\\Apps\\\\HelloWorldApp\\\\service-status.bat"
ssh -o StrictHostKeyChecking=no administrator@{WIN_SERVER_IP} "echo pause >> C:\\\\Apps\\\\HelloWorldApp\\\\service-status.bat"
# Show final deployment structure
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "echo. && echo Deployment completed. Files created: && dir C:\\\\Apps\\\\HelloWorldApp"
'''
}
}
}
stage('Deployment Verification') {
steps {
sshagent(credentials: [CREDS_ID]) {
sh '''
# Comprehensive deployment verification
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host '========================================'; Write-Host 'DEPLOYMENT VERIFICATION REPORT'; Write-Host '========================================'; Write-Host ''\\""
# 1. Verify application deployment
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host '1. APPLICATION DEPLOYMENT:'; if(Test-Path 'C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe') { Write-Host ' Status: DEPLOYED ✓'; \\\$file = Get-Item 'C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe'; Write-Host ' File size:' \\\$file.Length 'bytes'; Write-Host ' Last modified:' \\\$file.LastWriteTime; Write-Host ' Location: C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe' } else { Write-Host ' Status: NOT DEPLOYED ✗'; exit 1 }\\""
# 2. Verify code signature
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host ''; Write-Host '2. CODE SIGNATURE VERIFICATION:'; \\\$sig = Get-AuthenticodeSignature 'C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe'; if(\\\$sig.SignerCertificate) { Write-Host ' Status: SIGNED ✓'; Write-Host ' Signer:' \\\$sig.SignerCertificate.Subject; Write-Host ' Valid from:' \\\$sig.SignerCertificate.NotBefore; Write-Host ' Valid until:' \\\$sig.SignerCertificate.NotAfter; Write-Host ' Hash Algorithm:' \\\$sig.HashAlgorithm; if(\\\$sig.TimeStamperCertificate) { Write-Host ' Timestamp: YES ✓' } else { Write-Host ' Timestamp: NO ✗' } } else { Write-Host ' Status: NOT SIGNED ✗' }\\""
# 3. Verify Windows Service (non-blocking)
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host ''; Write-Host '3. WINDOWS SERVICE VERIFICATION:'; try { \\\$service = Get-Service -Name 'HelloWorldApp' -ErrorAction SilentlyContinue; if(\\\$service) { Write-Host ' Service Status:' \\\$service.Status; Write-Host ' Service Name:' \\\$service.ServiceName; Write-Host ' Display Name:' \\\$service.DisplayName; Write-Host ' Start Type: Automatic'; Write-Host ' Service: REGISTERED ✓' } else { Write-Host ' Service: NOT REGISTERED (Optional)' } } catch { Write-Host ' Service: VERIFICATION SKIPPED (Optional)' }\\""
# 4. Verify deployment structure (fixed escaping)
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host ''; Write-Host '4. DEPLOYMENT STRUCTURE:'; \\\$files = @('HelloWorldApp.exe', 'config.txt', 'run.bat', 'start-service.bat', 'stop-service.bat', 'service-status.bat'); foreach(\\\$file in \\\$files) { if(Test-Path \\\\"C:\\\\Apps\\\\HelloWorldApp\\\\\\\$file\\\\") { Write-Host \\\\" \\\$file EXISTS ✓\\\\" } else { Write-Host \\\\" \\\$file MISSING ✗\\\\" } }\\""
# 5. Test application execution
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host ''; Write-Host '5. APPLICATION EXECUTION TEST:'; try { \\\$output = & 'C:\\\\Apps\\\\HelloWorldApp\\\\HelloWorldApp.exe' 2>&1; Write-Host ' Execution: SUCCESS ✓'; Write-Host ' Output:' \\\$output } catch { Write-Host ' Execution: FAILED ✗'; Write-Host ' Error:' \\\$_.Exception.Message }\\""
# 6. Show file listing
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host ''; Write-Host '6. DEPLOYMENT DIRECTORY CONTENTS:'; Get-ChildItem 'C:\\\\Apps\\\\HelloWorldApp' | Format-Table Name, Length, LastWriteTime -AutoSize\\""
# 7. Network accessibility test
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host ''; Write-Host '7. SERVER ACCESSIBILITY:'; Write-Host ' Server IP: 172.31.91.18'; Write-Host ' Deployment Path: C:\\\\Apps\\\\HelloWorldApp'; Write-Host ' Remote Access: SSH ✓'\\""
# 8. Summary
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "powershell.exe -Command \\"Write-Host ''; Write-Host '========================================'; Write-Host 'DEPLOYMENT VERIFICATION COMPLETE'; Write-Host 'Core deployment: SUCCESS ✓'; Write-Host 'Application ready for use!'; Write-Host '========================================'\\""
'''
}
}
}
stage('Cleanup Signing Script') {
steps {
sshagent(credentials: [CREDS_ID]) {
sh '''
ssh -o StrictHostKeyChecking=no administrator@172.31.91.18 "del C:\\Users\\Administrator\\Desktop\\sign.ps1"
'''
}
}
}
}
post {
always {
cleanWs()
}
success {
echo 'Pipeline completed successfully!'
}
failure {
echo 'Pipeline failed!'
}
}
}
Etapa 6: Verificação da assinatura
Quando o pipeline for concluído com sucesso:
-
Navegue até o aplicativo implantado (por exemplo, C:\Apps\HelloWorldApp\HelloWorldApp.exe).
-
Clique com o botão direito do mouse no arquivo > Propriedades > Assinaturas digitais.
-
Selecione a assinatura na lista e clique em Detalhes.
-
Você verá as informações do signatário e o carimbo de data/hora (emitido pela GlobalSign TSA).
Atlas Discovery
Faça a varredura de seus terminais para localizar todos os seus certificados.
Inscrever-seTeste de configuração SSL
Verifique a instalação do seu certificado quanto a problemas e vulnerabilidades de SSL.
Contate o Suporte
Se você é um usuário do portal Atlas, por favor envie sua solicitação para support-atlas@globalsign.com.