EV Code Signing in Azure Pipelines

2020-10-29 Azure, Azure Key Vault, continuous integration, devops, code signing, Nexus

For basic code-signing on Azure, their secret files is very easy to use and described in many places. Unfortunately, when you want to sign with EV certificates, secret files won’t work and one must use the Azure Key Vault. This makes the process much more complicated. In this blog post, meant mainly as a memory dump to which I can return later when I forget everything, I will describe how we finally managed to do this.

Debugging Azure builds locally

2020-06-16 Azure, continuous integration, devops, Docker, Nexus

As part of streamlining our infrastructure at Nexus, we have started a project to move our Jenkins builds to Azure pipelines. In this post I will describe how we overcame the main obstacle we encountered — the pipelines are very hard to debug — in the hope that it might be more generally useful.