Attempting to use a file list with trusted-signing returns error

[nicktf01]

I'm trying to use a filelist to skip when signing the contents of a directory using trusted-signing

Repro steps

The following command is being executed from the directory containing the target files for signing. If I remove "-fl filelist.txt" and substitute "*.exe" the command completes successfully

"{path}\sign.exe code trusted-signing -tse "{path to endpoint}" -tsa "{trusted-Signing-Account}" -tscp {Cert Profile} -b {WorkingDir} -fl filelist.txt -v debug

Content of filelist.txt

**/*.exe
!**/Don'tSignMe.exe

Expected behavior
To sign all *.exe files in current working directory with one exclusion

Actual behavior
Program returns "Required argument missing for command: 'trusted-signing'."

If I add a wildcard after the filelist as in the example below, all files will get signed and the filelist will be ignored.

"{path}\sign.exe code trusted-signing -tse "{path to endpoint}" -tsa "{trusted-Signing-Account}" -tscp {Cert Profile} -b {WorkingDir} -fl filelist.txt * -v debug

Additional context
Version 0.9.1-beta.24469.1

[kauppine]

I also stumbled upon this previously and after looking around in the code, I noticed that the file-list only works with containers (zip, clickonce etc.). As a workaround, you could zip your directory and call
"{path}\sign.exe code trusted-signing -tse "{path to endpoint}" -tsa "{trusted-Signing-Account}" -tscp {Cert Profile} -b {WorkingDir} -fl filelist.txt -v debug *.zip

It would be nice if the file-list option worked with plain wildcard as a files to sign argument,

[nicktf01]

Thank you! Yes, I poked around and that was the conclusion I came to as well, but I thought I must be missing something. Seconded for having this work on unzipped files.

[bdovaz]

I have the same problem with sign code azure-key-vault. I can't add a file list without also adding:

Arguments:
  <file(s)>  File(s) to sign.

It should be exclusive. If you use a list of files with --file-list, it doesn't make sense that you have to use that argument as well.

[sageLinden]

I have the same problem with sign code azure-key-vault. I can't add a file list without also adding:

Arguments:
  <file(s)>  File(s) to sign.

It should be exclusive. If you use a list of files with --file-list, it doesn't make sense that you have to use that argument as well.

Yeah, we're having the same issue as well. This has been me the past few hours at the office...

[jozefizso]

We use the sign code trusted-signing --file-list "signlist.txt" command to sign .NET assemblies.

The signlist.txt is produced during build of the solution. The output directory can have binaries from dependencies and we don't want to sign them. The signlist.txt contains only files we have produced in our build.

Is there a workaround for this?