EV Code Signing in Azure Pipelines

2020-10-29 Azure, Azure Key Vault, continuous integration, devops, code signing, Nexus

For basic code-signing on Azure, their secret files is very easy to use and described in many places. Unfortunately, when you want to sign with EV certificates, secret files won’t work and one must use the Azure Key Vault. This makes the process much more complicated. In this blog post, meant mainly as a memory dump to which I can return later when I forget everything, I will describe how we finally managed to do this.

Debugging Azure builds locally

2020-06-16 Azure, continuous integration, devops, Docker, Nexus

As part of streamlining our infrastructure at Nexus, we have started a project to move our Jenkins builds to Azure pipelines. In this post I will describe how we overcame the main obstacle we encountered — the pipelines are very hard to debug — in the hope that it might be more generally useful.

VCPKG — a C++ package manager

2020-05-21 C++, vcpkg, conan, package manager, Nexus

Recently I embarked on a project to extract external dependencies of Personal Desktop and build them in a separate job in Azure providing the results as artifacts to the main job which builds Personal Desktop. I took this as an opportunity to rethink how we use external libraries in PD and started with some research. This blogpost describes what I found.