Migrate from deployment step to simple job

Author: tom-englert

azure-pipelines.yml

@@ -42,45 +42,53 @@ stages:
         ArtifactName: signing
 
 - stage: CodeSign
+  dependsOn: Build
   condition: and(succeeded('Build'), ne(variables['build.reason'], 'PullRequest'))
   jobs:
-  - deployment: CodeSign
+  - job: CodeSign
     displayName: Code Signing
     pool:
-      vmImage: windows-latest
-    environment: Code Signing
-    strategy:
-      runOnce:
-        deploy:
-          steps:
-          - task: CmdLine@2
-            displayName: "AntiMalware Scan"
-            inputs:
-              script: |
-                Dir "$(Pipeline.Workspace)\BuildPackages"
-                "%ProgramFiles%\Windows Defender\MpCmdRun.exe" -Scan -ScanType 3 -File "$(Pipeline.Workspace)\BuildPackages"
-              failOnStderr: true
+      vmImage: windows-latest # Code signing must run on a Windows agent for Authenticode signing (dll/exe)
+
+    steps:
+
+    # Retreive unsigned artifacts and file list
+    - download: current
+      artifact: signing
+      displayName: Download signing file list
 
-          - task: DotNetCoreCLI@2
-            inputs:
-              command: custom
-              custom: tool
-              arguments: install --tool-path . SignClient
-            displayName: Install SignTool tool
+    - download: current
+      artifact: BuildPackages
+      displayName: Download build artifacts
+
+    - task: CmdLine@2
+      displayName: "AntiMalware Scan"
+      inputs:
+        script: |
+          Dir "$(Pipeline.Workspace)\BuildPackages"
+          "%ProgramFiles%\Windows Defender\MpCmdRun.exe" -Scan -ScanType 3 -File "$(Pipeline.Workspace)\BuildPackages"
+        failOnStderr: true
+
+    - task: DotNetCoreCLI@2
+      inputs:
+        command: custom
+        custom: tool
+        arguments: install --tool-path . SignClient
+      displayName: Install SignTool tool
 
-          - pwsh: |
-              .\SignClient "Sign" `
-              --baseDirectory "$(Pipeline.Workspace)\BuildPackages" `
-              --input "**/*.*" `
-              --config "$(Pipeline.Workspace)\signing\SignClient.json" `
-              --filelist "$(Pipeline.Workspace)\signing\filelist.txt" `
-              --user "$(SignClientUser)" `
-              --secret "$(SignClientSecret)" `
-              --name "DataGrid Extensions" `
-              --description "DataGrid Extensions" `
-              --descriptionUrl "https://github.com/dotnet/DataGridExtensions"
-            displayName: Sign packages
+    - pwsh: |
+        .\SignClient "Sign" `
+        --baseDirectory "$(Pipeline.Workspace)\BuildPackages" `
+        --input "**/*.*" `
+        --config "$(Pipeline.Workspace)\signing\SignClient.json" `
+        --filelist "$(Pipeline.Workspace)\signing\filelist.txt" `
+        --user "$(SignClientUser)" `
+        --secret "$(SignClientSecret)" `
+        --name "DataGrid Extensions" `
+        --description "DataGrid Extensions" `
+        --descriptionUrl "https://github.com/dotnet/DataGridExtensions"
+      displayName: Sign packages
 
-          - publish: $(Pipeline.Workspace)\BuildPackages
-            displayName: Publish Signed Packages
-            artifact: SignedPackages
+    - publish: $(Pipeline.Workspace)\BuildPackages
+      displayName: Publish Signed Packages
+      artifact: SignedPackages