Signing fails (HSM) with [error]The term 'sign.exe' is not recognized #925
Description
Describe the bug
singing fails with the following error,
##[error]The term 'sign.exe' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
the used yaml
please provide the yaml that you used. It helps you put the yaml like this:
stages:
- stage: Stage1
displayName: Build
jobs:
- job: Job1
displayName: Build
steps:
- checkout: self
clean: true
#Compile and Publish app
# Compile app
# Compile app for the Current Version
- task: ALOpsAppCompiler@2
condition: and(eq(variables['artifactVersion'], ''), eq(variables['pipelineTarget'], 'current'))
displayName: 'ALOPS - Compile App'
inputs:
artifacttype: $(artifactType)
artifactcountry: $(artifactCountry)
versionselect: 'Latest'
appversiontemplate: $(appVersion)
appFilenametemplate: '%APP_PUBLISHER%_%APP_NAME%_%APP_VERSION%.app'
failed_on_warnings: false
alSourcePath: $(Build.Repository.Name)/App/app.json
preprocessorsymbols: $(Preprocessorsymbols)
printappmanifest: true
pwsh : $(PS7)
- task: ALOpsAppSign@1
inputs:
signmethod: 'HSM'
usedocker: false
artifact_path: '$(Build.ArtifactStagingDirectory)'
timestamp_uri: 'http://timestamp.acs.microsoft.com'
hsmmethod: 'TRUSTED'
hsm_description: '<companyname>'
hsm_description_url: '<companyurl>'
hsm_signing_endpoint: 'https://weu.codesigning.azure.net/'
hsm_signing_account: '<singingaccount>'
hsm_trusted_certificateprofile: '<certprofile>'the output
Also the complete output is necessary for us to see what is going on. Also use backtics:
publish_artifact True
timestamp_uri http://timestamp.acs.microsoft.com/
pfx_path C:\a\2\s
pfx_password
hsmmethod TRUSTED
hsm_description <companyname>
hsm_description_url <companydescription>
hsm_digestalgorithm sha256
hsm_signing_endpoint https://weu.codesigning.azure.net/
hsm_signing_account <singingaccount>
hsm_trusted_certificateprofile <certprofile>
hsm_keyvault_name
hsm_keyvault_certificate_name
hsm_tenantid
hsm_clientid
hsm_client_secret
True
*** For documentation, please visit : https://www.alops.be/documentation
*** ALOps License:
* Licensed To: Mprise BV (Project License)
*** Importing required PS-Functions
*** Resolve App file in [C:\a\2\a]
*** Multiple App files found with filter [*.app].
* C:\a\2\a\<appname>26.26.202608.27577.app
*** Resolved App File: [C:\a\2\a\<appname>_26.26.202608.27577.app].
*** Starting App Sign for:
* C:\a\2\a\<appname>_26.26.202608.27577.app
*** App Sign: C:\a\2\a\<appname>_26.26.202608.27577.app
*** NavSip registration OK
*** App File: C:\a\2\a\<appname>_26.26.202608.27577.app
*** Timestamp Service: http://timestamp.acs.microsoft.com/
*** Setup Pfx File
*** PFX File: C:\a\2\s
*** Sign Method: HSM
*** Setup Sign Tool
Package Id Version Commands ------------------------------------------------ sign 0.9.1-beta.25379.1 sign
*** Sign Tool installed versions:
* 0.9.1-beta.25379.1 => 0.9.1
##[error]The term 'sign.exe' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
Finishing: ALOpsAppSign
Expected behavior
The app to be signed with the provided azure artifact signing details
Screenshots
If applicable, add screenshots to help explain your problem. You can easily paste them in here.
Additional context
Although hard to determine if it has any influence, the hsm_description and hsm_url were mandatory, but not documented
first run (with signtool not installed, .NET 8 not installed, it gave a warning to reopen the prompt before it could be used, and failed earlier, but that is something we will file under a different bug. but this issue is more pressing.
The docker option searched for a specific docker tag, but failed to attach.