From 183d301977d00dfd701a0bb875d5beac709dc507 Mon Sep 17 00:00:00 2001
From: Patrick Hallisey <pahallis@microsoft.com>
Date: Tue, 7 May 2024 14:41:08 -0700
Subject: [PATCH] Upgrade to a version ESRP Release that supports federated
 auth (#29612)

EsrpRelease@6 required a custom service connection that held an aad app
secret in its configuration. The latest version, EsrpRelease@7, uses a
standard ARM service connection, moving most of the configuration
settings (KeyVaultName, AuthCertName ...) from the custom connection
into the task itself.
---
 eng/pipelines/templates/steps/npm-release-task.yml | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/eng/pipelines/templates/steps/npm-release-task.yml b/eng/pipelines/templates/steps/npm-release-task.yml
index f45e749f1c20..2c6142369895 100644
--- a/eng/pipelines/templates/steps/npm-release-task.yml
+++ b/eng/pipelines/templates/steps/npm-release-task.yml
@@ -8,11 +8,15 @@ parameters:
 
 steps:
   - template: /eng/common/pipelines/templates/steps/set-default-branch.yml
-  - ${{if eq(parameters.Registry, 'https://registry.npmjs.org/')}}:
-      - task: EsrpRelease@6
+  - ${{ if eq(parameters.Registry, 'https://registry.npmjs.org/') }}:
+      - task: EsrpRelease@7
         inputs:
           displayName: 'Publish ${{parameters.Artifact.name}} to ESRP'
-          ConnectedServiceName: 'ESRP Release Service'
+          ConnectedServiceName: 'Azure SDK Engineering System'
+          ClientId: '5f81938c-2544-4f1f-9251-dd9de5b8a81b'
+          KeyVaultName: 'AzureSDKEngKeyVault'
+          AuthCertName: 'azure-sdk-esrp-release-auth-certificate'
+          SignCertName: 'azure-sdk-esrp-release-sign-certificate'
           Intent: 'PackageDistribution'
           ContentType: 'npm'
           FolderLocation: ${{parameters.PathToArtifacts}}