From 9ba561a8104a81f510d75d30f87df1c2668384f3 Mon Sep 17 00:00:00 2001
From: Riff <r12f.code@gmail.com>
Date: Sun, 14 Nov 2021 14:16:51 -0800
Subject: [PATCH] Fixing file signing after recent AzureSignTool update. (#156)

---
 Makefile.toml                            | 4 ++--
 build/azure-pipeline/workflow-common.yml | 2 ++
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/Makefile.toml b/Makefile.toml
index af2307d..3260c59 100644
--- a/Makefile.toml
+++ b/Makefile.toml
@@ -297,7 +297,7 @@ BIN_FILES = array "rnp.exe" "rnp_server.exe"
 for BIN_FILE in ${BIN_FILES}
     BIN_FILE_PATH = set "${BUILD_DIR}/${BIN_FILE}"
     echo "Sign binary: ${BIN_FILE_PATH}"
-    exec AzureSignTool sign -du ${RNP_SIGNING_URL} -kvu ${RNP_SIGNING_VAULT_URL} -kvi ${RNP_SIGNING_CLIENT_ID} -kvs ${RNP_SIGNING_CLIENT_SECRET} -kvc ${RNP_SIGNING_CERT_NAME} -v "${BIN_FILE_PATH}"
+    exec AzureSignTool sign -du ${RNP_SIGNING_URL} -kvu ${RNP_SIGNING_VAULT_URL} -kvt ${RNP_SIGNING_TENANT_ID} -kvi ${RNP_SIGNING_CLIENT_ID} -kvs ${RNP_SIGNING_CLIENT_SECRET} -kvc ${RNP_SIGNING_CERT_NAME} -v "${BIN_FILE_PATH}"
 end
 '''
 
@@ -643,7 +643,7 @@ description = "Run AzureSignTool to sign the packages."
 condition = { env_set = [ "RNP_SIGNING_URL" ] }
 script_runner = "@duckscript"
 script = '''
-exec AzureSignTool sign -du ${RNP_SIGNING_URL} -kvu ${RNP_SIGNING_VAULT_URL} -kvi ${RNP_SIGNING_CLIENT_ID} -kvs ${RNP_SIGNING_CLIENT_SECRET} -kvc ${RNP_SIGNING_CERT_NAME} -v "${PUBLISH_DIR}/msix/rnp.${BUILD_TAG}.${BUILD_FLAVOR}.msix"
+exec AzureSignTool sign -du ${RNP_SIGNING_URL} -kvu ${RNP_SIGNING_VAULT_URL} -kvt ${RNP_SIGNING_TENANT_ID} -kvi ${RNP_SIGNING_CLIENT_ID} -kvs ${RNP_SIGNING_CLIENT_SECRET} -kvc ${RNP_SIGNING_CERT_NAME} -v "${PUBLISH_DIR}/msix/rnp.${BUILD_TAG}.${BUILD_FLAVOR}.msix"
 '''
 
 ##############################################
diff --git a/build/azure-pipeline/workflow-common.yml b/build/azure-pipeline/workflow-common.yml
index ee0394c..5122cde 100644
--- a/build/azure-pipeline/workflow-common.yml
+++ b/build/azure-pipeline/workflow-common.yml
@@ -147,6 +147,7 @@ stages:
               BUILD_BRANCH: $(Build.BranchName)
               RNP_SIGNING_URL: $(RnpSigningURL)
               RNP_SIGNING_VAULT_URL: $(RnpSigningVaultURL)
+              RNP_SIGNING_TENANT_ID: $(RnpSigningTenantId)
               RNP_SIGNING_CLIENT_ID: $(RnpSigningClientId)
               RNP_SIGNING_CLIENT_SECRET: $(RnpSigningClientSecret)
               RNP_SIGNING_CERT_NAME: $(RnpSigningCertName)
@@ -170,6 +171,7 @@ stages:
               BUILD_BRANCH: $(Build.BranchName)
               RNP_SIGNING_URL: $(RnpSigningURL)
               RNP_SIGNING_VAULT_URL: $(RnpSigningVaultURL)
+              RNP_SIGNING_TENANT_ID: $(RnpSigningTenantId)
               RNP_SIGNING_CLIENT_ID: $(RnpSigningClientId)
               RNP_SIGNING_CLIENT_SECRET: $(RnpSigningClientSecret)
               RNP_SIGNING_CERT_NAME: $(RnpSigningCertName)