bpo-37354: Sign Activate.ps1 for release (GH-15235)

bpo-37354: Sign Activate.ps1 for release (GH-15235) · python/cpython@3e34a25

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,7 @@`
	`1`	`+parameters:`
	`2`	`+Include: '.exe, .dll, .pyd, .cat, *.ps1'`
	`3`	`+Exclude: 'vcruntime, libffi, libcrypto, libssl'`
	`4`	`+`
`1`	`5`	`jobs:`
`2`	`6`	`- job: Sign_Python`
`3`	`7`	`displayName: Sign Python binaries`
`@@ -17,7 +21,7 @@ jobs:`
`17`	`21`	`Name: amd64`
`18`	`22`
`19`	`23`	`steps:`
`20`		`- - checkout: none`
	`24`	`+ - template: ./checkout.yml`
`21`	`25`	`- template: ./find-sdk.yml`
`22`	`26`
`23`	`27`	`- powershell: \|`
`@@ -31,13 +35,18 @@ jobs:`
`31`	`35`	`targetPath: $(Build.BinariesDirectory)\bin`
`32`	`36`
`33`	`37`	`- powershell: \|`
`34`		`- $files = (gi .exe, .dll, .pyd, .cat -Exclude vcruntime, libffi, libcrypto, libssl)`
	`38`	`+ copy "$(Build.SourcesDirectory)\Lib\venv\scripts\common\Activate.ps1" .`
	`39`	`+ displayName: 'Copy files from source'`
	`40`	`+ workingDirectory: $(Build.BinariesDirectory)\bin`
	`41`	`+`
	`42`	`+ - powershell: \|`
	`43`	`+ $files = (gi ${{ parameters.Include }} -Exclude ${{ parameters.Exclude }})`
`35`	`44`	`signtool sign /a /n "$(SigningCertificate)" /fd sha256 /d "$(SigningDescription)" $files`
`36`	`45`	`displayName: 'Sign binaries'`
`37`	`46`	`workingDirectory: $(Build.BinariesDirectory)\bin`
`38`	`47`
`39`	`48`	`- powershell: \|`
`40`		`- $files = (gi .exe, .dll, .pyd, .cat -Exclude vcruntime, libffi, libcrypto, libssl)`
	`49`	`+ $files = (gi ${{ parameters.Include }} -Exclude ${{ parameters.Exclude }})`
`41`	`50`	`$failed = $true`
`42`	`51`	`foreach ($retry in 1..10) {`
`43`	`52`	`signtool timestamp /t http://timestamp.verisign.com/scripts/timestamp.dll $files`