├── .config └── tsaoptions.json ├── .devcontainer └── devcontainer.json ├── .editorconfig ├── .github ├── CODE_OF_CONDUCT.md ├── SECURITY.md ├── dependabot.yml └── workflows │ ├── dependency-review.yml │ └── scorecards.yml ├── .gitignore ├── .pipelines ├── PowerShell-Snap-Official.yml └── templates │ ├── Approval.yml │ ├── InstallSnapd.yml │ ├── createOutputDirectory-linux.yml │ ├── pushJob.yml │ ├── releaseBuildAndPushStage.yml │ ├── releaseBuildJob.yml │ └── scanJob.yml ├── .vsts-ci ├── ci.yml ├── misc-analysis.yml ├── releaseBuild.yml └── templates │ ├── Approval.yml │ ├── credscan.yml │ ├── pushPhase.yml │ ├── releaseBuildAndPushStage.yml │ └── releaseBuildPhase.yml ├── LICENSE ├── README.md ├── appveyor.yml ├── assets ├── PS7-Error.png ├── PS7-Help.png ├── PS7.png ├── powershell-wrapper └── thirdPartyNoticeHeader.txt ├── build.ps1 ├── lts ├── .gitignore ├── assets │ ├── README.md │ └── icon.png ├── launcher │ └── powershell-wrapper └── snap │ ├── gui │ └── powershell-preview.desktop │ └── snapcraft.yaml ├── patches └── telemetry.diff ├── preview ├── .gitignore ├── assets │ ├── README.md │ └── icon.png ├── launcher │ └── powershell-wrapper └── snap │ ├── gui │ └── powershell-preview.desktop │ └── snapcraft.yaml ├── snapcraftConfig.json ├── stable ├── .gitignore ├── assets │ ├── README.md │ └── icon.png ├── launcher │ └── powershell-wrapper └── snap │ ├── gui │ └── powershell.desktop │ └── snapcraft.yaml └── tools ├── releaseBuild ├── .gitignore ├── Images │ ├── GenericLinuxFiles │ │ ├── powershell-snap.ps1 │ │ ├── powershell-snap.sh │ │ └── snapcraft-wrapper │ ├── microsoft_powershell_ubuntu16.04 │ │ └── Dockerfile │ └── microsoft_powershell_ubuntu18.04 │ │ └── Dockerfile ├── README.md ├── build.json ├── setRelease.ps1 ├── vstsbuild.ps1 └── vstsbuild.sh └── terms └── TermsExclusion.xml /.config/tsaoptions.json: -------------------------------------------------------------------------------- 1 | { 2 | "instanceUrl": "https://msazure.visualstudio.com", 3 | "projectName": "One", 4 | "areaPath": "One\\MGMT\\Compute\\Powershell\\Powershell\\PowerShell Core", 5 | "notificationAliases": [ 6 | "adityap@microsoft.com", 7 | "dongbow@microsoft.com", 8 | "pmeinecke@microsoft.com", 9 | "tplunk@microsoft.com" 10 | ] 11 | } 12 | -------------------------------------------------------------------------------- /.devcontainer/devcontainer.json: -------------------------------------------------------------------------------- 1 | { 2 | "image": "mcr.microsoft.com/powershell/test-deps:ubuntu-22.04", 3 | "features": { 4 | "ghcr.io/devcontainers/features/github-cli:1": {}, 5 | "ghcr.io/devcontainers/features/common-utils:2": {} 6 | }, 7 | "customizations": { 8 | "codespaces": { 9 | } 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /.editorconfig: -------------------------------------------------------------------------------- 1 | root = true 2 | 3 | [*] 4 | indent_style = space 5 | indent_size = 4 6 | end_of_line = lf 7 | charset = utf-8 8 | trim_trailing_whitespace = false 9 | insert_final_newline = false 10 | 11 | [*.yaml] 12 | indent_style = space 13 | indent_size = 2 14 | end_of_line = lf 15 | charset = utf-8 16 | trim_trailing_whitespace = true 17 | insert_final_newline = true -------------------------------------------------------------------------------- /.github/CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Microsoft Open Source Code of Conduct 2 | 3 | This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). 4 | 5 | Resources: 6 | 7 | - [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/) 8 | - [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) 9 | - Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns 10 | - Employees can reach out at [aka.ms/opensource/moderation-support](https://aka.ms/opensource/moderation-support) 11 | -------------------------------------------------------------------------------- /.github/SECURITY.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | ## Security 4 | 5 | Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin) and [PowerShell](https://github.com/PowerShell). 6 | 7 | If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/security.md/definition), please report it to us as described below. 8 | 9 | ## Reporting Security Issues 10 | 11 | **Please do not report security vulnerabilities through public GitHub issues.** 12 | 13 | Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://aka.ms/security.md/msrc/create-report). 14 | 15 | If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/security.md/msrc/pgp). 16 | 17 | You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc). 18 | 19 | Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue: 20 | 21 | * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.) 22 | * Full paths of source file(s) related to the manifestation of the issue 23 | * The location of the affected source code (tag/branch/commit or direct URL) 24 | * Any special configuration required to reproduce the issue 25 | * Step-by-step instructions to reproduce the issue 26 | * Proof-of-concept or exploit code (if possible) 27 | * Impact of the issue, including how an attacker might exploit the issue 28 | 29 | This information will help us triage your report more quickly. 30 | 31 | If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://aka.ms/security.md/msrc/bounty) page for more details about our active programs. 32 | 33 | ## Preferred Languages 34 | 35 | We prefer all communications to be in English. 36 | 37 | ## Policy 38 | 39 | Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://aka.ms/security.md/cvd). 40 | 41 | 42 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | - package-ecosystem: docker 4 | directory: /tools/releaseBuild/Images/microsoft_powershell_ubuntu16.04 5 | schedule: 6 | interval: daily 7 | 8 | - package-ecosystem: docker 9 | directory: /tools/releaseBuild/Images/microsoft_powershell_ubuntu18.04 10 | schedule: 11 | interval: daily 12 | -------------------------------------------------------------------------------- /.github/workflows/dependency-review.yml: -------------------------------------------------------------------------------- 1 | # Dependency Review Action 2 | # 3 | # This Action will scan dependency manifest files that change as part of a Pull Request, 4 | # surfacing known-vulnerable versions of the packages declared or updated in the PR. 5 | # Once installed, if the workflow run is marked as required, 6 | # PRs introducing known-vulnerable packages will be blocked from merging. 7 | # 8 | # Source repository: https://github.com/actions/dependency-review-action 9 | name: 'Dependency Review' 10 | on: [pull_request] 11 | 12 | permissions: 13 | contents: read 14 | 15 | jobs: 16 | dependency-review: 17 | runs-on: ubuntu-latest 18 | steps: 19 | - name: 'Checkout Repository' 20 | uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 21 | - name: 'Dependency Review' 22 | uses: actions/dependency-review-action@0efb1d1d84fc9633afcdaad14c485cbbc90ef46c # v2.5.1 23 | -------------------------------------------------------------------------------- /.github/workflows/scorecards.yml: -------------------------------------------------------------------------------- 1 | # This workflow uses actions that are not certified by GitHub. They are provided 2 | # by a third-party and are governed by separate terms of service, privacy 3 | # policy, and support documentation. 4 | 5 | name: Scorecard supply-chain security 6 | on: 7 | # For Branch-Protection check. Only the default branch is supported. See 8 | # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection 9 | branch_protection_rule: 10 | # To guarantee Maintained check is occasionally updated. See 11 | # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained 12 | schedule: 13 | - cron: '20 7 * * 2' 14 | push: 15 | branches: ["master"] 16 | 17 | # Declare default permissions as read only. 18 | permissions: read-all 19 | 20 | jobs: 21 | analysis: 22 | name: Scorecard analysis 23 | runs-on: ubuntu-latest 24 | permissions: 25 | # Needed to upload the results to code-scanning dashboard. 26 | security-events: write 27 | # Needed to publish results and get a badge (see publish_results below). 28 | id-token: write 29 | contents: read 30 | actions: read 31 | 32 | steps: 33 | - name: "Checkout code" 34 | uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 35 | with: 36 | persist-credentials: false 37 | 38 | - name: "Run analysis" 39 | uses: ossf/scorecard-action@99c53751e09b9529366343771cc321ec74e9bd3d # v2.0.6 40 | with: 41 | results_file: results.sarif 42 | results_format: sarif 43 | # (Optional) "write" PAT token. Uncomment the `repo_token` line below if: 44 | # - you want to enable the Branch-Protection check on a *public* repository, or 45 | # - you are installing Scorecards on a *private* repository 46 | # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat. 47 | # repo_token: ${{ secrets.SCORECARD_TOKEN }} 48 | 49 | # Public repositories: 50 | # - Publish results to OpenSSF REST API for easy access by consumers 51 | # - Allows the repository to include the Scorecard badge. 52 | # - See https://github.com/ossf/scorecard-action#publishing-results. 53 | # For private repositories: 54 | # - `publish_results` will always be set to `false`, regardless 55 | # of the value entered here. 56 | publish_results: true 57 | 58 | # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF 59 | # format to the repository Actions tab. 60 | - name: "Upload artifact" 61 | uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 62 | with: 63 | name: SARIF file 64 | path: results.sarif 65 | retention-days: 5 66 | 67 | # Upload the results to GitHub's code scanning dashboard. 68 | - name: "Upload to code-scanning" 69 | uses: github/codeql-action/upload-sarif@e949a1676c32f4c215780f7429eb9f00ff18b225 # v2.25.1 70 | with: 71 | sarif_file: results.sarif 72 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | #snapcraft specifics 2 | parts 3 | stage 4 | prime 5 | 6 | # mac finder 7 | 8 | **.DS_Store 9 | 10 | # snap packages 11 | *.snap 12 | -------------------------------------------------------------------------------- /.pipelines/PowerShell-Snap-Official.yml: -------------------------------------------------------------------------------- 1 | 2 | parameters: 3 | - name: release 4 | type: string 5 | displayName: | 6 | Use `stable` to release by default. 7 | 8 | Use `private` if you want to create a branch on the store to test the package. 9 | This will create a branch under the edge branch automatically that are difficult, but not impossible to find. 10 | 11 | `candidate`, `beta`, and `edge` are public but we don't have any existing meaning for these channels. 12 | values: 13 | - private 14 | - stable 15 | - candidate 16 | - beta 17 | - edge 18 | default: stable 19 | 20 | trigger: none 21 | 22 | variables: 23 | - name: CDP_DEFINITION_BUILD_COUNT 24 | value: $[counter('', 0)] # needed for onebranch.pipeline.version task 25 | - name: LinuxContainerImage 26 | value: mcr.microsoft.com/onebranch/cbl-mariner/build:2.0 # Docker image which is used to build the project 27 | - name: DEBIAN_FRONTEND 28 | value: noninteractive 29 | - group: poolNames 30 | 31 | resources: 32 | repositories: 33 | - repository: templates 34 | type: git 35 | name: OneBranch.Pipelines/GovernedTemplates 36 | ref: refs/heads/main 37 | 38 | extends: 39 | template: v2/OneBranch.Official.CrossPlat.yml@templates 40 | parameters: 41 | git: 42 | fetchDepth: 1 43 | # windows only feature 44 | #longpaths: true 45 | retryCount: 3 46 | # we don't use this and some of our agents doesn't have the feature installed 47 | lfs: false 48 | cloudvault: 49 | enabled: false # set to true to enable cloudvault 50 | runmode: stage # linux can run CloudVault upload as a separate stage 51 | dependsOn: linux_build 52 | artifacts: 53 | - drop_linux_stage_linux_job 54 | customTags: 'ES365AIMigrationTooling' 55 | globalSdl: 56 | disableLegacyManifest: true 57 | # disabled Armorty as we dont have any ARM templates to scan. It fails on some sample ARM templates. 58 | armory: 59 | enabled: false 60 | sbom: 61 | enabled: true 62 | compiled: 63 | enabled: false 64 | credscan: 65 | enabled: true 66 | scanFolder: $(Build.SourcesDirectory) 67 | cg: 68 | enabled: true 69 | asyncSdl: # https://aka.ms/obpipelines/asyncsdl 70 | enabled: true 71 | forStages: [scan_lts, scan_stable, scan_preview] 72 | credscan: 73 | enabled: true 74 | scanFolder: $(Build.SourcesDirectory) 75 | #suppressionsFile: $(Build.SourcesDirectory)\PowerShell\.config\suppress.json 76 | binskim: 77 | enabled: false 78 | # APIScan requires a non-Ready-To-Run build 79 | apiscan: 80 | enabled: false 81 | tsaOptionsFile: .config\tsaoptions.json 82 | 83 | stages: 84 | - template: /.pipelines/templates/releaseBuildAndPushStage.yml@self 85 | parameters: 86 | channel: stable 87 | release: ${{ parameters.release }} 88 | 89 | - template: /.pipelines/templates/releaseBuildAndPushStage.yml@self 90 | parameters: 91 | channel: preview 92 | release: ${{ parameters.release }} 93 | 94 | - template: /.pipelines/templates/releaseBuildAndPushStage.yml@self 95 | parameters: 96 | channel: lts 97 | release: ${{ parameters.release }} 98 | -------------------------------------------------------------------------------- /.pipelines/templates/Approval.yml: -------------------------------------------------------------------------------- 1 | parameters: 2 | - name: displayName 3 | type: string 4 | - name: instructions 5 | type: string 6 | - name: jobName 7 | type: string 8 | - name: timeoutInMinutes 9 | type: number 10 | # 2 days 11 | default: 2880 12 | - name: onTimeout 13 | type: string 14 | default: 'reject' 15 | values: 16 | - resume 17 | - reject 18 | 19 | jobs: 20 | - job: ${{ parameters.jobName }} 21 | displayName: ${{ parameters.displayName }} 22 | pool: 23 | type: agentless 24 | timeoutInMinutes: 4320 # job times out in 3 days 25 | steps: 26 | - task: ManualValidation@0 27 | displayName: ${{ parameters.displayName }} 28 | timeoutInMinutes: ${{ parameters.timeoutInMinutes }} 29 | inputs: 30 | instructions: ${{ parameters.instructions }} 31 | onTimeout: ${{ parameters.onTimeout }} 32 | -------------------------------------------------------------------------------- /.pipelines/templates/InstallSnapd.yml: -------------------------------------------------------------------------------- 1 | steps: 2 | 3 | - bash: | 4 | sudo apt update 5 | displayName: Apt Update 6 | condition: succeeded() 7 | 8 | - bash: | 9 | sudo apt-get -y install snapd 10 | displayName: Install snapd 11 | condition: succeeded() 12 | -------------------------------------------------------------------------------- /.pipelines/templates/createOutputDirectory-linux.yml: -------------------------------------------------------------------------------- 1 | steps: 2 | 3 | - bash: | 4 | mkdir -p -m a=rwx $(ob_outputDirectory) 5 | displayName: Create $(ob_outputDirectory) 6 | condition: succeeded() 7 | -------------------------------------------------------------------------------- /.pipelines/templates/pushJob.yml: -------------------------------------------------------------------------------- 1 | parameters: 2 | - name: channel 3 | type: string 4 | - name: release 5 | default: 'private' 6 | 7 | jobs: 8 | - job: push 9 | displayName: Push to ${{ parameters.release }} 10 | 11 | pool: 12 | type: linux 13 | isCustom: true 14 | name: $(ubuntuPool) 15 | demands: 16 | - ImageOverride -equals PSMMSUbuntu20.04-Secure 17 | 18 | variables: 19 | - name: ReleaseTag 20 | value: edge/default 21 | - group: SnapLogin 22 | - name: channel 23 | value: ${{ parameters.channel }} 24 | - name: ob_outputDirectory 25 | value: '$(Build.ArtifactStagingDirectory)/out' 26 | - name: DOWNLOAD_DIRECTORY 27 | value: '$(Build.ArtifactStagingDirectory)/down' 28 | 29 | steps: 30 | - checkout: self 31 | lfs: false 32 | 33 | - template: ./createOutputDirectory-linux.yml 34 | 35 | - task: DownloadPipelineArtifact@2 36 | displayName: 'Download build files' 37 | inputs: 38 | targetPath: $(DOWNLOAD_DIRECTORY) 39 | artifact: drop_build_$(channel)_build_$(channel) 40 | 41 | - pwsh: | 42 | $snaps = Get-ChildItem $(DOWNLOAD_DIRECTORY)/*.snap -recurse -File 43 | if($snaps.Count -gt 1) 44 | { 45 | $snaps | out-string -width 100 | Write-Verbose -verbose 46 | Write-Error "***More than one snap found***" -errorAction stop 47 | } 48 | displayName: Verify that only one snap was downloaded 49 | 50 | - pwsh: | 51 | [string]$Branch=$env:BUILD_SOURCEBRANCH 52 | $branchOnly = $Branch -replace '^refs/heads/'; 53 | $branchOnly = $branchOnly -replace '[_\-]' 54 | 55 | if('${{ parameters.release }}' -eq 'private') { 56 | if($branchOnly -eq 'master' -or $branchOnly -like '*dailytest*') 57 | { 58 | Write-verbose "release branch: $branchOnly" -verbose 59 | $generatedBranch = ([guid]::NewGuid()).ToString().Replace('-','') 60 | $releaseTag = "edge/$generatedBranch" 61 | } 62 | else 63 | { 64 | Write-verbose "non-release branch" -verbose 65 | # Branch is named 66 | $releaseTag = "edge/$branchOnly" 67 | $releaseTag += ([guid]::NewGuid()).ToString().Replace('-','') 68 | } 69 | } 70 | else { 71 | $releaseTag = "${{ parameters.release }}" 72 | } 73 | 74 | $vstsCommandString = "vso[task.setvariable variable=ReleaseTag]$releaseTag" 75 | Write-Verbose -Message "setting ReleaseTag to $releaseTag" -Verbose 76 | Write-Host -Object "##$vstsCommandString" 77 | displayName: Set ReleaseTag Variable 78 | 79 | - pwsh: | 80 | sudo chown root:root / 81 | displayName: 'Make sure root owns root' 82 | condition: succeeded() 83 | 84 | - template: ./InstallSnapd.yml 85 | 86 | - pwsh: | 87 | $channel = (Get-Content ./snapcraftConfig.json | ConvertFrom-Json).channel 88 | Write-Verbose -Verbose -Message "using Channel $channel" 89 | sudo snap install snapcraft --classic "--channel=$channel" 90 | condition: succeeded() 91 | displayName: 'Install snapcraft' 92 | retryCountOnTaskFailure: 2 93 | 94 | - pwsh: | 95 | $track = 'latest' 96 | if('$(channel)' -eq 'lts') 97 | { 98 | $track = 'lts' 99 | } 100 | 101 | $snaps = Get-ChildItem $(System.ArtifactsDirectory)/*.snap -recurse -File | Select-Object -ExpandProperty FullName 102 | 103 | foreach($snap in $snaps) 104 | { 105 | Write-Verbose -Verbose -Message "Uploading $snap to $track/$(ReleaseTag)" 106 | snapcraft upload --release "$track/$(ReleaseTag)" $snap 107 | } 108 | displayName: 'snapcraft upload' 109 | retryCountOnTaskFailure: 1 110 | env: 111 | SNAPCRAFT_STORE_CREDENTIALS: $(SNAPCRAFT_STORE_CREDENTIALS) 112 | -------------------------------------------------------------------------------- /.pipelines/templates/releaseBuildAndPushStage.yml: -------------------------------------------------------------------------------- 1 | parameters: 2 | - name: channel 3 | default: '' 4 | - name: release 5 | default: 'private' 6 | 7 | stages: 8 | - stage: build_${{ parameters.channel }} 9 | displayName: Build - ${{ parameters.channel }} 10 | dependsOn: [] 11 | jobs: 12 | - template: ./releaseBuildJob.yml 13 | parameters: 14 | channel: ${{ parameters.channel }} 15 | 16 | - stage: scan_${{ parameters.channel }} 17 | displayName: SDL - ${{ parameters.channel }} 18 | dependsOn: build_${{ parameters.channel }} 19 | jobs: 20 | - template: ./scanJob.yml 21 | parameters: 22 | channel: ${{ parameters.channel }} 23 | 24 | - stage: Push_${{ parameters.channel }} 25 | displayName: Push - ${{ parameters.channel }} to ${{ parameters.release }} 26 | dependsOn: scan_${{ parameters.channel }} 27 | jobs: 28 | - template: ./pushJob.yml 29 | parameters: 30 | channel: ${{ parameters.channel }} 31 | release: ${{ parameters.release }} 32 | -------------------------------------------------------------------------------- /.pipelines/templates/releaseBuildJob.yml: -------------------------------------------------------------------------------- 1 | parameters: 2 | - name: channel 3 | default: 'stable' 4 | - name: test 5 | default: Yes 6 | 7 | jobs: 8 | 9 | - job: build_${{ parameters.channel }} 10 | displayName: Build ${{ parameters.channel }} 11 | variables: 12 | - name: channel 13 | value: ${{ parameters.channel }} 14 | - name: ob_outputDirectory 15 | value: '$(Build.ArtifactStagingDirectory)/out' 16 | - name: SNAP_MOUNT 17 | value: $(Agent.TempDirectory)/pwshSnap 18 | - name: SNAP_COPY 19 | value: $(Agent.TempDirectory)/pwshSnapCopy 20 | - name: SNAP_TARGZ 21 | value: $(Agent.TempDirectory)/pwshSnap.tar.gz 22 | 23 | pool: 24 | type: linux 25 | isCustom: true 26 | name: $(ubuntuPool) 27 | demands: 28 | - ImageOverride -equals PSMMSUbuntu20.04-Secure 29 | 30 | steps: 31 | - checkout: self 32 | lfs: false 33 | 34 | - template: ./createOutputDirectory-linux.yml 35 | 36 | - powershell: | 37 | sudo chown root:root / 38 | displayName: 'Make sure root owns root' 39 | condition: succeeded() 40 | 41 | - template: ./InstallSnapd.yml 42 | 43 | - powershell: 'dir env:' 44 | displayName: 'Capture Environment' 45 | 46 | - powershell: | 47 | $channel = (Get-Content ./snapcraftConfig.json | ConvertFrom-Json).channel 48 | Write-Verbose -Verbose -Message "using Channel $channel" 49 | sudo snap install snapcraft --classic "--channel=$channel" 50 | displayName: Install snapcraft 51 | condition: succeeded() 52 | retryCountOnTaskFailure: 2 53 | 54 | - powershell: | 55 | switch('$(channel)') { 56 | 'stable' { 57 | cd stable 58 | $message = "vso[task.setvariable variable=PS_SNAP_EXEC;]powershell" 59 | Write-Host $message 60 | Write-Host "##$message" 61 | } 62 | 'lts' { 63 | cd lts 64 | $message = "vso[task.setvariable variable=PS_SNAP_EXEC;]powershell" 65 | Write-Host $message 66 | Write-Host "##$message" 67 | } 68 | 'preview' { 69 | cd preview 70 | $message = "vso[task.setvariable variable=PS_SNAP_EXEC;]powershell-preview" 71 | Write-Host $message 72 | Write-Host "##$message" 73 | } 74 | default { 75 | throw "Unknown channel: '$(channel)'" 76 | } 77 | } 78 | 79 | Write-Host "Building snap..." 80 | # destructive-mode leaves files and packages on the machine 81 | # This is okay because Azure DevOps Hosted machines are ephemeral. 82 | Write-Verbose "snapcraft version: $(snapcraft --version)" -Verbose 83 | snapcraft snap --debug --destructive-mode 84 | Write-Host "finding snap..." 85 | $snap = Get-ChildItem "*.snap" -Recurse -ErrorAction SilentlyContinue | Select-Object -ExpandProperty fullname -ErrorAction SilentlyContinue 86 | if(!$snap) 87 | { 88 | throw "snap build failed" 89 | } 90 | else 91 | { 92 | $message = "vso[task.setvariable variable=PS_SNAP_PATH;]$snap" 93 | Write-Host $message 94 | Write-Host "##$message" 95 | } 96 | displayName: Build snap $(channel) 97 | condition: and(succeeded(), ne(variables['$(channel)'],'no')) 98 | 99 | - powershell: | 100 | Get-ChildItem env: 101 | displayName: Capture env 102 | condition: always() 103 | 104 | - powershell: | 105 | Get-ChildItem $env:HOME/.local/state/snapcraft/log/*.log | foreach-object { 106 | $name = $_.fullname 107 | Write-Verbose -Verbose "uploading '$name'" 108 | Write-Host "##vso[artifact.upload containerfolder=$(channel)-logs;artifactname=$(channel)-log]$name" 109 | } 110 | displayName: 'Upload $(channel) build log' 111 | condition: always() 112 | 113 | - powershell: | 114 | sudo snap install $(PS_SNAP_PATH) --classic --dangerous 115 | displayName: 'Install $(channel) snap' 116 | condition: succeeded() 117 | 118 | - powershell: | 119 | &"$(PS_SNAP_EXEC)" -nologo -c '$psversiontable' 120 | displayName: 'Test $(channel) snap' 121 | condition: and(succeeded(), eq('${{ parameters.test }}','Yes')) 122 | 123 | # This is what we would need to do if this wasn't a custom job 124 | - powershell: | 125 | Copy-Item $(PS_SNAP_PATH) -Destination $(ob_outputDirectory)/ -verbose 126 | $artifactName = "drop_build_$(channel)_build_$(channel)" 127 | Write-Host "##vso[artifact.upload containerfolder=${artifactName};artifactname=${artifactName}]$(ob_outputDirectory)" 128 | displayName: Copy Artifact to OneBranch Job output directory and publish - $(channel) 129 | condition: succeeded() 130 | continueOnError: true 131 | 132 | - pwsh: | 133 | $snap = '$(PS_SNAP_PATH)' 134 | $mount = $env:SNAP_MOUNT 135 | $null = new-item -Path $mount -ItemType Directory -Force 136 | Write-Verbose -Verbose "sudo mount -t squashfs -o ro $snap $mount" 137 | sudo mount -t squashfs -o ro $snap $mount 138 | Write-Verbose -Verbose "get-childitem -recurse $mount" 139 | get-childitem -recurse $mount 140 | displayName: Unsquash Snap and capture contents 141 | 142 | # Copy to read write filesystem because scan tries to write back to this folder. 143 | - pwsh: | 144 | $mount = $env:SNAP_MOUNT 145 | $readWriteCopy = $env:SNAP_COPY 146 | Write-Verbose -Verbose "mount: $mount; copy: $readWriteCopy" 147 | $null = new-item -Path $readWriteCopy -ItemType Directory -Force 148 | $filesToExclude = Get-ChildItem -Path $mount -Recurse | Where-Object Attributes -match reparsepoint 149 | $exclude = @() 150 | $exclude += $filesToExclude | ForEach-Object { "$($_.Name)" + "*" } 151 | Copy-Item -Path $mount -Destination $readWriteCopy\ -Exclude $exclude -Force -Recurse -Verbose 152 | Write-Verbose -Verbose "get-childitem -recurse $readWriteCopy" 153 | get-childitem -recurse $readWriteCopy 154 | displayName: Copy to read/write fs 155 | 156 | - pwsh: | 157 | Write-Verbose "tar -czf ${env:SNAP_TARGZ} ${env:SNAP_COPY}" -Verbose 158 | tar -czf ${env:SNAP_TARGZ} ${env:SNAP_COPY} 159 | copy-item ${env:SNAP_TARGZ} -destination $(ob_outputDirectory)/ -verbose 160 | displayName: tar the snap contents from the r/w copy 161 | 162 | # Uploads any packages as an artifact 163 | - powershell: | 164 | $artifactName = "drop_build_$(channel)_build_$(channel)_targz" 165 | Write-Host "##vso[artifact.upload containerfolder=${artifactName};artifactname=${artifactName}]${env:SNAP_TARGZ}" 166 | displayName: Publish tar.gz Artifact - $(channel) 167 | condition: succeeded() 168 | continueOnError: true 169 | -------------------------------------------------------------------------------- /.pipelines/templates/scanJob.yml: -------------------------------------------------------------------------------- 1 | parameters: 2 | - name: channel 3 | type: string 4 | 5 | jobs: 6 | 7 | - job: scan 8 | displayName: Scan ${{ parameters.channel }} 9 | 10 | pool: 11 | type: linux 12 | 13 | variables: 14 | - name: channel 15 | value: ${{ parameters.channel }} 16 | - name: ob_outputDirectory 17 | value: '$(Build.ArtifactStagingDirectory)/out' 18 | - name: DOWNLOAD_DIRECTORY 19 | value: '$(Build.ArtifactStagingDirectory)/down' 20 | 21 | steps: 22 | - template: ./createOutputDirectory-linux.yml 23 | 24 | - task: DownloadPipelineArtifact@2 25 | displayName: 'Download targz files' 26 | inputs: 27 | targetPath: $(DOWNLOAD_DIRECTORY) 28 | artifact: drop_build_$(channel)_build_$(channel)_targz 29 | 30 | - pwsh: | 31 | $targzs = Get-ChildItem $(DOWNLOAD_DIRECTORY)/*.tar.gz -recurse -File | Select-Object -ExpandProperty FullName 32 | 33 | foreach($targz in $targzs) 34 | { 35 | Write-Verbose -Verbose "Extracting $targz" 36 | $target = '$(ob_outputDirectory)' 37 | tar -xvf $targz -C $target 38 | } 39 | displayName: 'Extract Tar.Gz' 40 | -------------------------------------------------------------------------------- /.vsts-ci/ci.yml: -------------------------------------------------------------------------------- 1 | name: PR-$(System.PullRequest.PullRequestNumber)-$(Date:yyyyMMdd)$(Rev:.rr) 2 | resources: 3 | - repo: self 4 | clean: true 5 | 6 | stages: 7 | - ${{ if ne(variables['Build.Reason'], 'PullRequest') }}: 8 | - stage: prepare 9 | displayName: Prepare 10 | jobs: 11 | - job: Set_Build_Name 12 | displayName: Set Build Name 13 | pool: 14 | vmImage: ubuntu-20.04 15 | steps: 16 | - powershell: Write-Host "##vso[build.updatebuildnumber]$env:BUILD_SOURCEBRANCHNAME-$env:BUILD_SOURCEVERSION-$((get-date).ToString("yyyyMMddhhss"))" 17 | displayName: Set Build Name for Non-PR 18 | 19 | - stage: lts 20 | dependsOn: [] 21 | jobs: 22 | - template: ./templates/releaseBuildPhase.yml 23 | parameters: 24 | channel: lts 25 | vmImage: ubuntu-20.04 26 | 27 | - stage: stable 28 | dependsOn: [] 29 | jobs: 30 | - template: ./templates/releaseBuildPhase.yml 31 | parameters: 32 | channel: stable 33 | vmImage: ubuntu-20.04 34 | 35 | - stage: preview 36 | dependsOn: [] 37 | jobs: 38 | - template: ./templates/releaseBuildPhase.yml 39 | parameters: 40 | channel: preview 41 | vmImage: ubuntu-20.04 42 | -------------------------------------------------------------------------------- /.vsts-ci/misc-analysis.yml: -------------------------------------------------------------------------------- 1 | name: PR-$(System.PullRequest.PullRequestNumber)-$(Date:yyyyMMdd)$(Rev:.rr) 2 | trigger: 3 | # Batch merge builds together while a merge build is running 4 | batch: true 5 | branches: 6 | include: 7 | - master 8 | - release* 9 | 10 | pr: 11 | branches: 12 | include: 13 | - master 14 | - release* 15 | 16 | resources: 17 | - repo: self 18 | clean: true 19 | 20 | jobs: 21 | - template: templates/credscan.yml 22 | -------------------------------------------------------------------------------- /.vsts-ci/releaseBuild.yml: -------------------------------------------------------------------------------- 1 | parameters: 2 | - name: release 3 | type: string 4 | displayName: | 5 | Use `stable` to release by default. 6 | 7 | Use `private` if you want to create a branch on the store to test the package. 8 | This will create a branch under the edge branch automatically that are difficult, but not impossible to find. 9 | 10 | `candidate`, `beta`, and `edge` are public but we don't have any existing meaning for these channels. 11 | values: 12 | - private 13 | - stable 14 | - candidate 15 | - beta 16 | - edge 17 | default: stable 18 | 19 | trigger: none 20 | 21 | resources: 22 | repositories: 23 | - repository: self 24 | clean: true 25 | - repository: ComplianceRepo 26 | type: github 27 | endpoint: ComplianceGHRepo 28 | name: PowerShell/Compliance 29 | 30 | variables: 31 | - name: POWERSHELL_TELEMETRY_OPTOUT 32 | value: 1 33 | - name: runCodesignValidationInjection 34 | value: false 35 | - group: poolNames 36 | 37 | stages: 38 | - template: ./templates/releaseBuildAndPushStage.yml 39 | parameters: 40 | channel: stable 41 | release: ${{ parameters.release }} 42 | 43 | - template: ./templates/releaseBuildAndPushStage.yml 44 | parameters: 45 | channel: preview 46 | release: ${{ parameters.release }} 47 | 48 | - template: ./templates/releaseBuildAndPushStage.yml 49 | parameters: 50 | channel: lts 51 | release: ${{ parameters.release }} 52 | -------------------------------------------------------------------------------- /.vsts-ci/templates/Approval.yml: -------------------------------------------------------------------------------- 1 | parameters: 2 | - name: displayName 3 | type: string 4 | - name: instructions 5 | type: string 6 | - name: jobName 7 | type: string 8 | - name: timeoutInMinutes 9 | type: number 10 | # 2 days 11 | default: 2880 12 | - name: onTimeout 13 | type: string 14 | default: 'reject' 15 | values: 16 | - resume 17 | - reject 18 | 19 | jobs: 20 | - job: ${{ parameters.jobName }} 21 | displayName: ${{ parameters.displayName }} 22 | pool: server 23 | timeoutInMinutes: 4320 # job times out in 3 days 24 | steps: 25 | - task: ManualValidation@0 26 | displayName: ${{ parameters.displayName }} 27 | timeoutInMinutes: ${{ parameters.timeoutInMinutes }} 28 | inputs: 29 | instructions: ${{ parameters.instructions }} 30 | onTimeout: ${{ parameters.onTimeout }} 31 | -------------------------------------------------------------------------------- /.vsts-ci/templates/credscan.yml: -------------------------------------------------------------------------------- 1 | parameters: 2 | jobName: 'credscan' 3 | displayName: Secret Scan 4 | 5 | jobs: 6 | - job: ${{ parameters.jobName }} 7 | pool: 8 | vmImage: windows-latest 9 | 10 | displayName: ${{ parameters.displayName }} 11 | 12 | steps: 13 | - powershell: Write-Host "##vso[build.updatebuildnumber]$env:BUILD_SOURCEBRANCHNAME-$env:BUILD_SOURCEVERSION-$((get-date).ToString("yyyyMMddhhmmss"))" 14 | displayName: Set Build Name for Non-PR 15 | condition: ne(variables['Build.Reason'], 'PullRequest') 16 | 17 | - task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2 18 | displayName: 'Scan for secrets' 19 | inputs: 20 | debugMode: false 21 | 22 | - task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@2 23 | displayName: 'Publish Secret Scan Logs to Build Artifacts' 24 | continueOnError: true 25 | 26 | - task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@1 27 | displayName: 'Check for failures' 28 | inputs: 29 | CredScan: true 30 | ToolLogsNotFoundAction: Error 31 | -------------------------------------------------------------------------------- /.vsts-ci/templates/pushPhase.yml: -------------------------------------------------------------------------------- 1 | parameters: 2 | - name: vmImage 3 | default: PSMMSUbuntu20.04-Secure 4 | - name: channel 5 | type: string 6 | - name: release 7 | default: 'private' 8 | 9 | jobs: 10 | - template: ./Approval.yml 11 | parameters: 12 | displayName: 'Approve ${{ parameters.channel }}-${{ parameters.release }} upload' 13 | instructions: | 14 | Only approve one channel at a time or malware scanning will fail. 15 | Approving this will trigger the upload of the snap as "${{ parameters.channel }}-${{ parameters.release }}" 16 | jobName: 'push_approval' 17 | 18 | - job: scan 19 | displayName: Scan ${{ parameters.channel }} 20 | 21 | pool: 22 | name: $(ubuntuPool) 23 | demands: 24 | - ImageOverride -equals ${{ parameters.vmImage }} 25 | 26 | variables: 27 | - name: channel 28 | value: ${{ parameters.channel }} 29 | - name: SNAP_MOUNT 30 | value: $(Agent.TempDirectory)/pwshSnap 31 | - name: SNAP_COPY 32 | value: $(Agent.TempDirectory)/pwshSnapCopy 33 | - name: SNAP_TARGZ 34 | value: $(Agent.TempDirectory)/pwshSnap.tar.gz 35 | 36 | 37 | steps: 38 | - checkout: self 39 | path: $(repoFolder) 40 | - checkout: ComplianceRepo 41 | 42 | - task: DownloadBuildArtifacts@0 43 | displayName: 'Download Build Artifacts' 44 | inputs: 45 | downloadType: specific 46 | itemPattern: '$(channel)/**/*.snap' 47 | 48 | - pwsh: | 49 | $snaps = Get-ChildItem $(System.ArtifactsDirectory)/*.snap -recurse -File 50 | if($snaps.Count -gt 1) 51 | { 52 | $snaps | out-string -width 100 | Write-Verbose -verbose 53 | Write-Error "***More than one snap found***" -errorAction stop 54 | } 55 | $snap = $snaps[0].fullname 56 | $mount = $env:SNAP_MOUNT 57 | $null = new-item -Path $mount -ItemType Directory -Force 58 | Write-Verbose -Verbose "sudo mount -t squashfs -o ro $snap $mount" 59 | sudo mount -t squashfs -o ro $snap $mount 60 | Write-Verbose -Verbose "get-childitem -recurse $mount" 61 | get-childitem -recurse $mount 62 | displayName: Unsquash Snap and capture contents 63 | 64 | # Copy to read write filesystem because scan tries to write back to this folder. 65 | - pwsh: | 66 | $mount = $env:SNAP_MOUNT 67 | $readWriteCopy = $env:SNAP_COPY 68 | Write-Verbose -Verbose "mount: $mount; copy: $readWriteCopy" 69 | $null = new-item -Path $readWriteCopy -ItemType Directory -Force 70 | $filesToExclude = Get-ChildItem -Path $mount -Recurse | Where-Object Attributes -match reparsepoint 71 | $exclude = @() 72 | $exclude += $filesToExclude | ForEach-Object { "$($_.Name)" + "*" } 73 | Copy-Item -Path $mount -Destination $readWriteCopy\ -Exclude $exclude -Force -Recurse -Verbose 74 | Write-Verbose -Verbose "get-childitem -recurse $readWriteCopy" 75 | get-childitem -recurse $readWriteCopy 76 | displayName: Copy to read/write fs 77 | 78 | - pwsh: | 79 | Write-Verbose "tar -czf ${env:SNAP_TARGZ} ${env:SNAP_COPY}" -Verbose 80 | tar -czf ${env:SNAP_TARGZ} ${env:SNAP_COPY} 81 | Write-Host "##vso[artifact.upload containerfolder=$(channel);artifactname=$(channel)]${env:SNAP_TARGZ}" 82 | displayName: tar the snap contents from the r/w copy 83 | 84 | - template: EsrpScan.yml@ComplianceRepo 85 | parameters: 86 | scanPath: $(Agent.TempDirectory) 87 | pattern: | 88 | **/*.tar.gz 89 | scanningService: 'pwshEsrpScanning' 90 | 91 | - job: push 92 | dependsOn: 93 | - push_approval 94 | - scan 95 | 96 | displayName: Push to ${{ parameters.release }} 97 | 98 | pool: 99 | name: $(ubuntuPool) 100 | demands: 101 | - ImageOverride -equals ${{ parameters.vmImage }} 102 | 103 | variables: 104 | - name: ReleaseTag 105 | value: edge/default 106 | - group: SnapLogin 107 | - name: channel 108 | value: ${{ parameters.channel }} 109 | 110 | steps: 111 | - checkout: self 112 | 113 | - task: DownloadBuildArtifacts@0 114 | displayName: 'Download Build Artifacts' 115 | inputs: 116 | downloadType: specific 117 | itemPattern: '$(channel)/**/*.snap' 118 | 119 | - pwsh: | 120 | $snaps = Get-ChildItem $(System.ArtifactsDirectory)/*.snap -recurse -File 121 | if($snaps.Count -gt 1) 122 | { 123 | $snaps | out-string -width 100 | Write-Verbose -verbose 124 | Write-Error "***More than one snap found***" -errorAction stop 125 | } 126 | displayName: Verify that only one snap was downloaded 127 | 128 | - pwsh: | 129 | [string]$Branch=$env:BUILD_SOURCEBRANCH 130 | $branchOnly = $Branch -replace '^refs/heads/'; 131 | $branchOnly = $branchOnly -replace '[_\-]' 132 | 133 | if('${{ parameters.release }}' -eq 'private') { 134 | if($branchOnly -eq 'master' -or $branchOnly -like '*dailytest*') 135 | { 136 | Write-verbose "release branch: $branchOnly" -verbose 137 | $generatedBranch = ([guid]::NewGuid()).ToString().Replace('-','') 138 | $releaseTag = "edge/$generatedBranch" 139 | } 140 | else 141 | { 142 | Write-verbose "non-release branch" -verbose 143 | # Branch is named 144 | $releaseTag = "edge/$branchOnly" 145 | $releaseTag += ([guid]::NewGuid()).ToString().Replace('-','') 146 | } 147 | } else { 148 | $releaseTag = "${{ parameters.release }}" 149 | } 150 | 151 | $vstsCommandString = "vso[task.setvariable variable=ReleaseTag]$releaseTag" 152 | Write-Verbose -Message "setting ReleaseTag to $releaseTag" -Verbose 153 | Write-Host -Object "##$vstsCommandString" 154 | displayName: Set ReleaseTag Variable 155 | 156 | - pwsh: | 157 | sudo chown root:root / 158 | displayName: 'Make sure root owns root' 159 | condition: succeeded() 160 | 161 | - pwsh: | 162 | $channel = (Get-Content ./snapcraftConfig.json | ConvertFrom-Json).channel 163 | Write-Verbose -Verbose -Message "using Channel $channel" 164 | sudo snap install snapcraft --classic "--channel=$channel" 165 | condition: succeeded() 166 | displayName: 'Install snapcraft' 167 | retryCountOnTaskFailure: 2 168 | 169 | - pwsh: | 170 | $track = 'latest' 171 | if('$(channel)' -eq 'lts') 172 | { 173 | $track = 'lts' 174 | } 175 | 176 | $snaps = Get-ChildItem $(System.ArtifactsDirectory)/*.snap -recurse -File | Select-Object -ExpandProperty FullName 177 | 178 | foreach($snap in $snaps) 179 | { 180 | Write-Verbose -Verbose -Message "Uploading $snap to $track/$(ReleaseTag)" 181 | snapcraft upload --release "$track/$(ReleaseTag)" $snap 182 | } 183 | displayName: 'snapcraft upload' 184 | retryCountOnTaskFailure: 1 185 | env: 186 | SNAPCRAFT_STORE_CREDENTIALS: $(SNAPCRAFT_STORE_CREDENTIALS) 187 | 188 | - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 189 | displayName: 'Component Detection' 190 | -------------------------------------------------------------------------------- /.vsts-ci/templates/releaseBuildAndPushStage.yml: -------------------------------------------------------------------------------- 1 | parameters: 2 | - name: channel 3 | default: '' 4 | - name: vmImage 5 | default: PSMMSUbuntu20.04-Secure 6 | - name: release 7 | default: 'private' 8 | 9 | stages: 10 | - stage: build_${{ parameters.channel }} 11 | displayName: Build - ${{ parameters.channel }} 12 | dependsOn: [] 13 | jobs: 14 | - template: ./releaseBuildPhase.yml 15 | parameters: 16 | channel: ${{ parameters.channel }} 17 | vmImage: ${{ parameters.vmImage }} 18 | 19 | - stage: Push_${{ parameters.channel }} 20 | displayName: Push - ${{ parameters.channel }} to ${{ parameters.release }} 21 | dependsOn: build_${{ parameters.channel }} 22 | jobs: 23 | - template: ./pushPhase.yml 24 | parameters: 25 | channel: ${{ parameters.channel }} 26 | release: ${{ parameters.release }} 27 | -------------------------------------------------------------------------------- /.vsts-ci/templates/releaseBuildPhase.yml: -------------------------------------------------------------------------------- 1 | parameters: 2 | - name: vmImage 3 | default: PSMMSUbuntu20.04-Secure 4 | - name: channel 5 | default: 'stable' 6 | - name: test 7 | default: Yes 8 | 9 | jobs: 10 | 11 | - job: build_${{ parameters.channel }} 12 | displayName: Build ${{ parameters.channel }} 13 | variables: 14 | - name: channel 15 | value: ${{ parameters.channel }} 16 | 17 | ${{ if startsWith(parameters.vmImage, 'PSMMS') }}: 18 | pool: 19 | name: $(ubuntuPool) 20 | demands: 21 | - ImageOverride -equals ${{ parameters.vmImage }} 22 | 23 | ${{ if not(startsWith(parameters.vmImage, 'PSMMS')) }}: 24 | pool: 25 | vmImage: ${{ parameters.vmImage }} 26 | 27 | steps: 28 | 29 | - powershell: | 30 | sudo chown root:root / 31 | displayName: 'Make sure root owns root' 32 | condition: succeeded() 33 | 34 | - powershell: 'dir env:' 35 | displayName: 'Capture Environment' 36 | 37 | - powershell: | 38 | $channel = (Get-Content ./snapcraftConfig.json | ConvertFrom-Json).channel 39 | Write-Verbose -Verbose -Message "using Channel $channel" 40 | sudo snap install snapcraft --classic "--channel=$channel" 41 | displayName: Install snapcraft 42 | condition: succeeded() 43 | retryCountOnTaskFailure: 2 44 | 45 | - bash: | 46 | sudo apt update 47 | displayName: Apt Update 48 | condition: succeeded() 49 | 50 | - powershell: | 51 | switch('$(channel)') { 52 | 'stable' { 53 | cd stable 54 | $message = "vso[task.setvariable variable=PS_SNAP_EXEC;]powershell" 55 | Write-Host $message 56 | Write-Host "##$message" 57 | } 58 | 'lts' { 59 | cd lts 60 | $message = "vso[task.setvariable variable=PS_SNAP_EXEC;]powershell" 61 | Write-Host $message 62 | Write-Host "##$message" 63 | } 64 | 'preview' { 65 | cd preview 66 | $message = "vso[task.setvariable variable=PS_SNAP_EXEC;]powershell-preview" 67 | Write-Host $message 68 | Write-Host "##$message" 69 | } 70 | default { 71 | throw "Unknown channel: '$(channel)'" 72 | } 73 | } 74 | 75 | Write-Host "Building snap..." 76 | # destructive-mode leaves files and packages on the machine 77 | # This is okay because Azure DevOps Hosted machines are ephemeral. 78 | Write-Verbose "snapcraft version: $(snapcraft --version)" -Verbose 79 | snapcraft snap --debug --destructive-mode 80 | Write-Host "finding snap..." 81 | $snap = Get-ChildItem "*.snap" -Recurse -ErrorAction SilentlyContinue | Select-Object -ExpandProperty fullname -ErrorAction SilentlyContinue 82 | if(!$snap) 83 | { 84 | throw "snap build failed" 85 | } 86 | else 87 | { 88 | $message = "vso[task.setvariable variable=PS_SNAP_PATH;]$snap" 89 | Write-Host $message 90 | Write-Host "##$message" 91 | } 92 | displayName: Build snap $(channel) 93 | condition: and(succeeded(), ne(variables['$(channel)'],'no')) 94 | 95 | - powershell: | 96 | Get-ChildItem /home/vsts/.local/state/snapcraft/log/*.log | foreach-object { 97 | $name = $_.fullname 98 | Write-Verbose -Verbose "uploading '$name'" 99 | Write-Host "##vso[artifact.upload containerfolder=$(channel)-logs;artifactname=$(channel)-log]$name" 100 | } 101 | displayName: 'Install $(channel) snap' 102 | condition: always() 103 | 104 | - powershell: | 105 | sudo snap install $(PS_SNAP_PATH) --classic --dangerous 106 | displayName: 'Install $(channel) snap' 107 | condition: succeeded() 108 | 109 | - powershell: | 110 | &"$(PS_SNAP_EXEC)" -nologo -c '$psversiontable' 111 | displayName: 'Test $(channel) snap' 112 | condition: and(succeeded(), eq('${{ parameters.test }}','Yes')) 113 | 114 | # Uploads any packages as an artifact 115 | - powershell: | 116 | Write-Host "##vso[artifact.upload containerfolder=$(channel);artifactname=$(channel)]$(PS_SNAP_PATH)" 117 | displayName: Publish Artifact - $(channel) 118 | condition: succeeded() 119 | continueOnError: true 120 | 121 | - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 122 | displayName: 'Component Detection' 123 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2017 Microsoft Corporation 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # PowerShell Snap 2 | 3 | ## Package Migration 4 | 5 | The ownership of the package is being migrated to Canonical. Please report issues with the package at [canonical/powershell-snap](https://github.com/canonical/powershell-snap). 6 | For issues with PowerShell itself, please report the issues at [powershell/powershell](https://github.com/powershell/powershell) 7 | 8 | ## Achrived readme contents 9 | 10 |

11 | Project 12 |
13 | PowerShell 14 |

15 | 16 |

This is the snap for PowerShell, "PowerShell for every system". It works on Ubuntu, Fedora, Debian, and other major Linux 17 | distributions.

18 | 19 | 24 | 25 | ## Install 26 | 27 | ```sh 28 | sudo snap install powershell --classic 29 | ``` 30 | 31 | ```sh 32 | sudo snap install powershell-preview --classic 33 | ``` 34 | 35 | ([Don't have snapd installed?](https://snapcraft.io/docs/core/install)) 36 | 37 | ## Known Issues 38 | 39 | - Ubuntu 20.04 is not working with the `powershell` package. 40 | - The work around is to use the `powershell-preview` package. 41 | - Some native libaries cause incompatible libarires to be loaded. Because the snap file system the readonly, there is no real workaround for this. 42 | - `libmi` always causes for this type of issue and is responsible for: 43 | - PowerShell remoting commands that don't invole `-Hostname` 44 | 45 | ## Alias Troubleshooting 46 | 47 | - Run `whereis pwsh-preview` if, `/snap/bin/pwsh-preview` is not returned, Snap has not created the alias. 48 | - If Snap has created the alias, and it is not working, you may need to reboot (or logout and back in) before it will work. 49 | - If Snap has not created the alias, you can create the alias with `sudo snap alias ` 50 | 51 | ## Code of Conduct 52 | 53 | Please see our [Code of Conduct](.github/CODE_OF_CONDUCT.md) before participating in this project. 54 | 55 | ## Security Policy 56 | 57 | For any security issues, please see our [Security Policy](.github/SECURITY.md). 58 | -------------------------------------------------------------------------------- /appveyor.yml: -------------------------------------------------------------------------------- 1 | version: 1.0.{build} 2 | environment: 3 | matrix: 4 | - APPVEYOR_BUILD_WORKER_IMAGE: ubuntu 5 | Purpose: preview 6 | - APPVEYOR_BUILD_WORKER_IMAGE: ubuntu 7 | Purpose: stable 8 | 9 | install: 10 | - ps: $env:BUILD_STAGINGDIRECTORY=$PWD 11 | 12 | build_script: 13 | - ps: if ($env:Purpose -eq 'preview') {./tools/releaseBuild/vstsbuild.ps1 -Name powershell-snap-preview-latest} 14 | - ps: if ($env:Purpose -eq 'stable') {./tools/releaseBuild/vstsbuild.ps1 -Name powershell-snap-latest} 15 | - ps: | 16 | $snap = Get-ChildItem /tmp/*.snap -Recurse -ErrorAction SilentlyContinue | Select-Object -ExpandProperty fullname -ErrorAction SilentlyContinue 17 | Write-Host "snap- $snap" 18 | Push-AppveyorArtifact $snap 19 | sudo snap install $snap --dangerous --classic 20 | - ps: if ($env:Purpose -eq 'preview') {/snap/bin/powershell-preview -c '$PSVersionTable.PSVersion.ToString() '} 21 | - ps: if ($env:Purpose -eq 'stable') {/snap/bin/powershell -c '$PSVersionTable.PSVersion.ToString() '} 22 | 23 | skip_commits: 24 | files: 25 | - '**/*.md' 26 | -------------------------------------------------------------------------------- /assets/PS7-Error.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PowerShell/PowerShell-Snap/572244641b09da3dbf051f6cae26cfded8167d14/assets/PS7-Error.png -------------------------------------------------------------------------------- /assets/PS7-Help.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PowerShell/PowerShell-Snap/572244641b09da3dbf051f6cae26cfded8167d14/assets/PS7-Help.png -------------------------------------------------------------------------------- /assets/PS7.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PowerShell/PowerShell-Snap/572244641b09da3dbf051f6cae26cfded8167d14/assets/PS7.png -------------------------------------------------------------------------------- /assets/powershell-wrapper: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (c) Microsoft Corporation. All rights reserved. 3 | # Licensed under the MIT License. 4 | 5 | SNAP="/snap/powershell/current" 6 | SNAP_NAME="$(awk '/^name:/{print $2}' $SNAP/meta/snap.yaml)" 7 | SNAP_VERSION="$(awk '/^version:/{print $2}' $SNAP/meta/snap.yaml)" 8 | SNAP_ARCH="amd64" 9 | 10 | export SNAP 11 | export SNAP_NAME 12 | export SNAP_VERSION 13 | export SNAP_ARCH 14 | 15 | exec "$SNAP/opt/powershell/pwsh" "$@" 16 | -------------------------------------------------------------------------------- /assets/thirdPartyNoticeHeader.txt: -------------------------------------------------------------------------------- 1 | ---------------------------------------------------------------------------------- 2 | THIRD-PARTY SOFTWARE NOTICES AND INFORMATION 3 | Do Not Translate or Localize 4 | 5 | This container incorporates material, listed below, from third parties. Microsoft reserves all rights not 6 | expressly granted, whether by implication, estoppel or otherwise. Any source code that Microsoft 7 | makes available can be found at http://3rdpartysource.microsoft.com. You may also obtain a copy of 8 | any available source code by sending a check or money order for US $5.00 to: 9 | 10 | Source Code Compliance Team 11 | Microsoft Corporation 12 | One Microsoft Way 13 | Redmond, WA 98052 USA 14 | 15 | Please write “source for the PowerShell Core Snap” with the version of the Snap package in the memo line of your payment. 16 | Notwithstanding any other terms under which this product was provided to you, you may reverse engineer 17 | this product to the extent required to debug changes to any libraries licensed under the GNU 18 | Lesser General Public License for your own use. 19 | ---------------------------------------------------------------------------------- 20 | -------------------------------------------------------------------------------- /build.ps1: -------------------------------------------------------------------------------- 1 | param( 2 | [ValidateSet('Docker','Official')] 3 | [string]$BuildType="Docker", 4 | [switch]$Preview 5 | ) 6 | 7 | $directory = 'stable' 8 | if($Preview.IsPresent) 9 | { 10 | $directory='preview' 11 | } 12 | 13 | $fullDirectory = Join-Path -Path $psscriptroot -ChildPath $directory 14 | 15 | Write-verbose -message "fd: $fullDirectory" -verbose 16 | 17 | switch($BuildType) 18 | { 19 | 'Docker' { 20 | $command = "echo `$PWD && apt update && snapcraft --version && snapcraft clean -s build && snapcraft" 21 | Write-verbose -message $command -verbose 22 | docker run -v ${fullDirectory}:${fullDirectory} -w ${fullDirectory} 'snapcore/snapcraft:stable' sh -c $command 23 | } 24 | 'Official' { 25 | $name = 'powershell-snap-latest' 26 | if($Preview.IsPresent) 27 | { 28 | $name = 'powershell-snap-preview-latest' 29 | } 30 | 31 | &"$PSScriptRoot/tools/releaseBuild/vstsbuild.ps1" -Name $Name 32 | } 33 | default { 34 | throw "Unknown BuildType: $BuildType" 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /lts/.gitignore: -------------------------------------------------------------------------------- 1 | /snap/.snapcraft 2 | -------------------------------------------------------------------------------- /lts/assets/README.md: -------------------------------------------------------------------------------- 1 | # Use of Trademarked Logos 2 | 3 | The assets in this folder are trademarked by Microsoft and don't fall under the same [License](https://raw.githubusercontent.com/PowerShell/PowerShell/master/LICENSE.txt) as the source code. 4 | 5 | ## Permitted Uses 6 | 7 | Parties interested in using these logos can review the [Use of Microsoft Copyrighted Material](https://www.microsoft.com/en-us/legal/intellectualproperty/permissions) page. 8 | If the use falls into any of those categories, you can move forward with the use and will not need additional permission. 9 | 10 | ## Third Party Permission Requests 11 | 12 | If questions remain after reviewing the permitted uses page, please submit a request to [Third Party Permissions](mailto:mscrqs@microsoft.com). 13 | The people supporting this will direct the request depending upon the content. 14 | 15 | If a request needs to be submitted to the [Third Party Permissions](mailto:mscrqs@microsoft.com), the request should include the following: 16 | 17 | - A statement that the [Use of Microsoft Copyrighted Material](https://www.microsoft.com/en-us/legal/intellectualproperty/permissions) was reviewed and did not address the situation. 18 | - A statement that Microsoft (and not a third party) is the owner of the logo at issue. 19 | - Clear identification of the materials to be used (i.e., the picture of the book cover included by the author in the letter request should suffice). 20 | - A description, including URLs of how they found or located the logo. 21 | - A description of how the party intends to use or distribute the logo (i.e., that it is for the book cover of an instructional book on PowerShell). 22 | - A description of how long the party needs to use the logo. 23 | -------------------------------------------------------------------------------- /lts/assets/icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PowerShell/PowerShell-Snap/572244641b09da3dbf051f6cae26cfded8167d14/lts/assets/icon.png -------------------------------------------------------------------------------- /lts/launcher/powershell-wrapper: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (c) Microsoft Corporation. All rights reserved. 3 | # Licensed under the MIT License. 4 | 5 | # Create $XDG_RUNTIME_DIR if it doesn't exist 6 | # || true causes bash to ignore errors 7 | [ -n "$XDG_RUNTIME_DIR" ] && mkdir -p $XDG_RUNTIME_DIR -m 700 || true 8 | 9 | exec "$SNAP/opt/powershell/pwsh" "$@" 10 | -------------------------------------------------------------------------------- /lts/snap/gui/powershell-preview.desktop: -------------------------------------------------------------------------------- 1 | 2 | [Desktop Entry] 3 | Name=PowerShell Preview 4 | Exec=powershell-preview 5 | Type=Application 6 | Terminal=true 7 | Categories=ConsoleOnly;System 8 | Icon=${SNAP}/meta/gui/icon.png 9 | -------------------------------------------------------------------------------- /lts/snap/snapcraft.yaml: -------------------------------------------------------------------------------- 1 | name: powershell 2 | 3 | icon: assets/icon.png 4 | 5 | grade: stable 6 | 7 | adopt-info: powershell 8 | base: core20 9 | summary: PowerShell for every system! 10 | description: | 11 | PowerShell is an automation and configuration management platform. 12 | It consists of a cross-platform (Windows, Linux, and macOS) 13 | command-line shell and associated scripting language. 14 | 15 | See https://docs.microsoft.com/en-us/powershell/scripting/powershell-core-support for support details. 16 | 17 | This is the LTS Channel package. 18 | 19 | confinement: classic 20 | 21 | apps: 22 | powershell: 23 | command: bin/powershell-wrapper 24 | environment: 25 | POWERSHELL_DISTRIBUTION_CHANNEL: PSSnap 26 | CLR_ICU_VERSION_OVERRIDE: 60.2 27 | 28 | parts: 29 | # A wrapper script 30 | launchers: 31 | plugin: dump 32 | source: . 33 | organize: 34 | launcher/powershell-wrapper: bin/powershell-wrapper 35 | filesets: 36 | wrapper: [bin/powershell-wrapper] 37 | stage: [$wrapper] 38 | prime: [$wrapper] 39 | powershell: 40 | after: [launchers] 41 | plugin: nil 42 | override-pull: | 43 | snapcraftctl pull 44 | file="./version.txt" 45 | if [ -f "$file" ] 46 | then 47 | version=$(cat $file) 48 | else 49 | version=$(curl -s -L https://aka.ms/pwsh-buildinfo-7-4| jq -r .ReleaseTag | sed 's/v//') 50 | fi 51 | snapcraftctl set-version "$version" 52 | snapcraftctl set-grade "stable" 53 | override-build: | 54 | file="./version.txt" 55 | buildinfo=$(curl -s -L https://aka.ms/pwsh-buildinfo-7-4) 56 | baseurl=$(echo $buildinfo | jq -r .BaseUrl) 57 | if [ -f "$file" ] 58 | then 59 | echo "using version file" 60 | version=$(cat $file) 61 | else 62 | echo "getting latest version from GitHub" 63 | version=$(echo $buildinfo | jq -r .ReleaseTag | sed 's/v//') 64 | echo "Writing version to file" 65 | echo $version > $file 66 | fi 67 | echo "getting powershell $version - $baseurl/v$version" 68 | case "$SNAPCRAFT_ARCH_TRIPLET" in 69 | aarch64-linux-gnu) 70 | curl -L -o powershell.tar.gz $baseurl/v$version/powershell-$version-linux-arm64.tar.gz ;; 71 | arm-linux-gnueabihf) 72 | curl -L -o powershell.tar.gz $baseurl/v$version/powershell-$version-linux-arm32.tar.gz ;; 73 | x86_64-linux-gnu) 74 | curl -L -o powershell.tar.gz $baseurl/v$version/powershell-$version-linux-x64.tar.gz ;; 75 | *) 76 | # fail because we don't have a build for the requested platform 77 | echo "The $SNAPCRAFT_ARCH_TRIPLET platform does not have an available build. Exiting." 78 | exit 1 ;; 79 | esac 80 | echo "getting Third Party Notice Header" 81 | curl -L -o thirdPartyNoticeHeader.txt https://raw.githubusercontent.com/PowerShell/PowerShell-Snap/master/assets/thirdPartyNoticeHeader.txt 82 | mkdir -p $SNAPCRAFT_PART_INSTALL/opt/powershell 83 | tar zxf powershell.tar.gz -C $SNAPCRAFT_PART_INSTALL/opt/powershell 84 | echo 'updating rpath...' 85 | current_rpath="$(patchelf --print-rpath $SNAPCRAFT_PART_INSTALL/opt/powershell/pwsh)" 86 | append_rpath='$ORIGIN:$ORIGIN/../../usr/lib/x86_64-linux-gnu:$ORIGIN/../../lib/x86_64-linux-gnu' 87 | new_rpath="${current_rpath}:${append_rpath}" 88 | echo "set rpath: ${new_rpath}" 89 | patchelf --force-rpath --set-rpath "${new_rpath}" $SNAPCRAFT_PART_INSTALL/opt/powershell/pwsh 90 | echo 'new rpath' 91 | patchelf --print-rpath $SNAPCRAFT_PART_INSTALL/opt/powershell/pwsh 92 | echo 'fixed rpath' 93 | chmod +x $SNAPCRAFT_PART_INSTALL/opt/powershell/pwsh 94 | echo "fixing symlinks" 95 | find $SNAPCRAFT_PART_INSTALL -type l -ls 96 | ln -sfn ../../usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0 $SNAPCRAFT_PART_INSTALL/opt/powershell/libcrypto.so.1.0.0 97 | ln -sfn ../../usr/lib/x86_64-linux-gnu/libssl.so.1.0.0 $SNAPCRAFT_PART_INSTALL/opt/powershell/libssl.so.1.0.0 98 | echo "added new symlinks" 99 | find $SNAPCRAFT_PART_INSTALL -type l -ls 100 | echo "checking for targets" 101 | find $SNAPCRAFT_PART_INSTALL -iname libcrypto.so.* -ls 102 | find $SNAPCRAFT_PART_INSTALL -iname libssl.so.* -ls 103 | echo "fixed symlinks" 104 | thirdPartyNoticeFile="$SNAPCRAFT_PART_INSTALL/thirdPartyNotices.txt" 105 | echo "building third party notices file - $thirdPartyNoticeFile" 106 | cat thirdPartyNoticeHeader.txt > $thirdPartyNoticeFile 107 | find $SNAPCRAFT_PART_INSTALL -type f -name 'copyright' -print | while read filename; do 108 | libname=$(dirname $filename | sed 's,^\(.*/\)\?\([^/]*\),\2,') 109 | echo '' 110 | echo '---------------------------------------------' 111 | echo "Package - $libname" 112 | echo '---------------------------------------------' 113 | cat "$filename" 114 | done >> $thirdPartyNoticeFile 115 | echo "Done building third party notices file - $thirdPartyNoticeFile" 116 | stage-packages: 117 | - libicu66 118 | - liblttng-ust0 119 | - zlib1g 120 | - libgcc1 121 | - libstdc++6 122 | - libssl1.1 123 | build-packages: 124 | - curl 125 | - jq 126 | - patchelf 127 | - python-all 128 | -------------------------------------------------------------------------------- /patches/telemetry.diff: -------------------------------------------------------------------------------- 1 | diff --git a/src/Microsoft.PowerShell.ConsoleHost/host/msh/Telemetry.cs b/src/Microsoft.PowerShell.ConsoleHost/host/msh/Telemetry.cs 2 | index 58987b32..9b6bbbfb 100644 3 | --- a/src/Microsoft.PowerShell.ConsoleHost/host/msh/Telemetry.cs 4 | +++ b/src/Microsoft.PowerShell.ConsoleHost/host/msh/Telemetry.cs 5 | @@ -21,6 +21,7 @@ namespace Microsoft.PowerShell 6 | // The name of the file by when present in $PSHOME will enable telemetry. 7 | // If this file is not present, no telemetry will be sent. 8 | private const string TelemetrySemaphoreFilename = "DELETE_ME_TO_DISABLE_CONSOLEHOST_TELEMETRY"; 9 | + private const string TelemetryOptout = "POWERSHELL_TELEMETRY_OPTOUT"; 10 | 11 | // The path to the semaphore file which enables telemetry 12 | private static string TelemetrySemaphoreFilePath = Path.Combine( 13 | @@ -42,6 +43,28 @@ namespace Microsoft.PowerShell 14 | TelemetryConfiguration.Active.TelemetryChannel.DeveloperMode = _developerMode; 15 | } 16 | 17 | + internal static bool GetEnvironmentVariableAsBool(string name, bool defaultValue) { 18 | + var str = Environment.GetEnvironmentVariable(name); 19 | + if (string.IsNullOrEmpty(str)) 20 | + { 21 | + return defaultValue; 22 | + } 23 | + 24 | + switch (str.ToLowerInvariant()) 25 | + { 26 | + case "true": 27 | + case "1": 28 | + case "yes": 29 | + return true; 30 | + case "false": 31 | + case "0": 32 | + case "no": 33 | + return false; 34 | + default: 35 | + return defaultValue; 36 | + } 37 | + } 38 | + 39 | /// 40 | /// Send the telemetry 41 | /// 42 | @@ -50,14 +73,18 @@ namespace Microsoft.PowerShell 43 | try 44 | { 45 | // if the semaphore file exists, try to send telemetry 46 | - if (Utils.NativeFileExists(TelemetrySemaphoreFilePath)) 47 | + var Enabled = Utils.NativeFileExists(TelemetrySemaphoreFilePath) && !GetEnvironmentVariableAsBool(TelemetryOptout, false); 48 | + 49 | + if ( ! Enabled ) 50 | + { 51 | + return; 52 | + } 53 | + 54 | + if ( _telemetryClient == null ) 55 | { 56 | - if ( _telemetryClient == null ) 57 | - { 58 | - _telemetryClient = new TelemetryClient(); 59 | - } 60 | - _telemetryClient.TrackEvent(eventName, payload, null); 61 | + _telemetryClient = new TelemetryClient(); 62 | } 63 | + _telemetryClient.TrackEvent(eventName, payload, null); 64 | } 65 | catch (Exception) 66 | { 67 | -------------------------------------------------------------------------------- /preview/.gitignore: -------------------------------------------------------------------------------- 1 | /snap/.snapcraft 2 | -------------------------------------------------------------------------------- /preview/assets/README.md: -------------------------------------------------------------------------------- 1 | # Use of Trademarked Logos 2 | 3 | The assets in this folder are trademarked by Microsoft and don't fall under the same [License](https://raw.githubusercontent.com/PowerShell/PowerShell/master/LICENSE.txt) as the source code. 4 | 5 | ## Permitted Uses 6 | 7 | Parties interested in using these logos can review the [Use of Microsoft Copyrighted Material](https://www.microsoft.com/en-us/legal/intellectualproperty/permissions) page. 8 | If the use falls into any of those categories, you can move forward with the use and will not need additional permission. 9 | 10 | ## Third Party Permission Requests 11 | 12 | If questions remain after reviewing the permitted uses page, please submit a request to [Third Party Permissions](mailto:mscrqs@microsoft.com). 13 | The people supporting this will direct the request depending upon the content. 14 | 15 | If a request needs to be submitted to the [Third Party Permissions](mailto:mscrqs@microsoft.com), the request should include the following: 16 | 17 | - A statement that the [Use of Microsoft Copyrighted Material](https://www.microsoft.com/en-us/legal/intellectualproperty/permissions) was reviewed and did not address the situation. 18 | - A statement that Microsoft (and not a third party) is the owner of the logo at issue. 19 | - Clear identification of the materials to be used (i.e., the picture of the book cover included by the author in the letter request should suffice). 20 | - A description, including URLs of how they found or located the logo. 21 | - A description of how the party intends to use or distribute the logo (i.e., that it is for the book cover of an instructional book on PowerShell). 22 | - A description of how long the party needs to use the logo. 23 | -------------------------------------------------------------------------------- /preview/assets/icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PowerShell/PowerShell-Snap/572244641b09da3dbf051f6cae26cfded8167d14/preview/assets/icon.png -------------------------------------------------------------------------------- /preview/launcher/powershell-wrapper: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (c) Microsoft Corporation. All rights reserved. 3 | # Licensed under the MIT License. 4 | 5 | # Create $XDG_RUNTIME_DIR if it doesn't exist 6 | # || true causes bash to ignore errors 7 | [ -n "$XDG_RUNTIME_DIR" ] && mkdir -p $XDG_RUNTIME_DIR -m 700 || true 8 | 9 | exec "$SNAP/opt/powershell/pwsh" "$@" 10 | -------------------------------------------------------------------------------- /preview/snap/gui/powershell-preview.desktop: -------------------------------------------------------------------------------- 1 | 2 | [Desktop Entry] 3 | Name=PowerShell Preview 4 | Exec=powershell-preview 5 | Type=Application 6 | Terminal=true 7 | Categories=ConsoleOnly;System 8 | Icon=${SNAP}/meta/gui/icon.png 9 | -------------------------------------------------------------------------------- /preview/snap/snapcraft.yaml: -------------------------------------------------------------------------------- 1 | name: powershell-preview 2 | 3 | icon: assets/icon.png 4 | 5 | grade: stable 6 | 7 | adopt-info: powershell-preview 8 | base: core20 9 | summary: PowerShell for every system! 10 | description: | 11 | PowerShell is an automation and configuration management platform. 12 | It consists of a cross-platform (Windows, Linux, and macOS) 13 | command-line shell and associated scripting language. 14 | 15 | See https://docs.microsoft.com/en-us/powershell/scripting/powershell-core-support for support details. 16 | 17 | confinement: classic 18 | 19 | apps: 20 | powershell-preview: 21 | command: bin/powershell-wrapper 22 | environment: 23 | POWERSHELL_DISTRIBUTION_CHANNEL: PSSnap 24 | CLR_ICU_VERSION_OVERRIDE: 60.2 25 | 26 | parts: 27 | # A wrapper script 28 | launchers: 29 | plugin: dump 30 | source: . 31 | organize: 32 | launcher/powershell-wrapper: bin/powershell-wrapper 33 | filesets: 34 | wrapper: [bin/powershell-wrapper] 35 | stage: [$wrapper] 36 | prime: [$wrapper] 37 | powershell-preview: 38 | after: [launchers] 39 | plugin: nil 40 | override-pull: | 41 | snapcraftctl pull 42 | file="./version.txt" 43 | if [ -f "$file" ] 44 | then 45 | version=$(cat $file) 46 | else 47 | version=$(curl -s -L https://aka.ms/pwsh-buildinfo-preview | jq -r .ReleaseTag | sed 's/v//') 48 | fi 49 | snapcraftctl set-version "$version" 50 | snapcraftctl set-grade "stable" 51 | override-build: | 52 | file="./version.txt" 53 | buildinfo=$(curl -s -L https://aka.ms/pwsh-buildinfo-preview) 54 | baseurl=$(echo $buildinfo | jq -r .BaseUrl) 55 | if [ -f "$file" ] 56 | then 57 | echo "using version file" 58 | version=$(cat $file) 59 | else 60 | echo "getting latest version from GitHub" 61 | version=$(echo $buildinfo | jq -r .ReleaseTag | sed 's/v//') 62 | echo "Writing version to file" 63 | echo $version > $file 64 | fi 65 | echo "getting powershell $version - $baseurl/v$version" 66 | case "$SNAPCRAFT_ARCH_TRIPLET" in 67 | aarch64-linux-gnu) 68 | curl -L -o powershell.tar.gz $baseurl/v$version/powershell-$version-linux-arm64.tar.gz ;; 69 | arm-linux-gnueabihf) 70 | curl -L -o powershell.tar.gz $baseurl/v$version/powershell-$version-linux-arm32.tar.gz ;; 71 | x86_64-linux-gnu) 72 | curl -L -o powershell.tar.gz $baseurl/v$version/powershell-$version-linux-x64.tar.gz ;; 73 | *) 74 | # fail because we don't have a build for the requested platform 75 | echo "The $SNAPCRAFT_ARCH_TRIPLET platform does not have an available build. Exiting." 76 | exit 1 ;; 77 | esac 78 | echo "getting Third Party Notice Header" 79 | curl -L -o thirdPartyNoticeHeader.txt https://raw.githubusercontent.com/PowerShell/PowerShell-Snap/master/assets/thirdPartyNoticeHeader.txt 80 | mkdir -p $SNAPCRAFT_PART_INSTALL/opt/powershell 81 | tar zxf powershell.tar.gz -C $SNAPCRAFT_PART_INSTALL/opt/powershell 82 | echo 'updating rpath...' 83 | current_rpath="$(patchelf --print-rpath $SNAPCRAFT_PART_INSTALL/opt/powershell/pwsh)" 84 | append_rpath='$ORIGIN:$ORIGIN/../../usr/lib/x86_64-linux-gnu:$ORIGIN/../../lib/x86_64-linux-gnu' 85 | new_rpath="${current_rpath}:${append_rpath}" 86 | echo "set rpath: ${new_rpath}" 87 | patchelf --force-rpath --set-rpath "${new_rpath}" $SNAPCRAFT_PART_INSTALL/opt/powershell/pwsh 88 | echo 'new rpath' 89 | patchelf --print-rpath $SNAPCRAFT_PART_INSTALL/opt/powershell/pwsh 90 | echo 'fixed rpath' 91 | chmod +x $SNAPCRAFT_PART_INSTALL/opt/powershell/pwsh 92 | echo "fixing symlinks" 93 | find $SNAPCRAFT_PART_INSTALL -type l -ls 94 | ln -sfn ../../usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0 $SNAPCRAFT_PART_INSTALL/opt/powershell/libcrypto.so.1.0.0 95 | ln -sfn ../../usr/lib/x86_64-linux-gnu/libssl.so.1.0.0 $SNAPCRAFT_PART_INSTALL/opt/powershell/libssl.so.1.0.0 96 | echo "added new symlinks" 97 | find $SNAPCRAFT_PART_INSTALL -type l -ls 98 | echo "checking for targets" 99 | find $SNAPCRAFT_PART_INSTALL -iname libcrypto.so.* -ls 100 | find $SNAPCRAFT_PART_INSTALL -iname libssl.so.* -ls 101 | echo "fixed symlinks" 102 | thirdPartyNoticeFile="$SNAPCRAFT_PART_INSTALL/thirdPartyNotices.txt" 103 | echo "building third party notices file - $thirdPartyNoticeFile" 104 | cat thirdPartyNoticeHeader.txt > $thirdPartyNoticeFile 105 | find $SNAPCRAFT_PART_INSTALL -type f -name 'copyright' -print | while read filename; do 106 | libname=$(dirname $filename | sed 's,^\(.*/\)\?\([^/]*\),\2,') 107 | echo '' 108 | echo '---------------------------------------------' 109 | echo "Package - $libname" 110 | echo '---------------------------------------------' 111 | cat "$filename" 112 | done >> $thirdPartyNoticeFile 113 | echo "Done building third party notices file - $thirdPartyNoticeFile" 114 | stage-packages: 115 | - libicu66 116 | - liblttng-ust0 117 | - zlib1g 118 | - libgcc1 119 | - libstdc++6 120 | - libssl1.1 121 | build-packages: 122 | - curl 123 | - jq 124 | - patchelf 125 | - python-all 126 | -------------------------------------------------------------------------------- /snapcraftConfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "channel" : "latest/stable" 3 | } 4 | -------------------------------------------------------------------------------- /stable/.gitignore: -------------------------------------------------------------------------------- 1 | /snap/.snapcraft 2 | -------------------------------------------------------------------------------- /stable/assets/README.md: -------------------------------------------------------------------------------- 1 | # Use of Trademarked Logos 2 | 3 | The assets in this folder are trademarked by Microsoft and don't fall under the same [License](https://raw.githubusercontent.com/PowerShell/PowerShell/master/LICENSE.txt) as the source code. 4 | 5 | ## Permitted Uses 6 | 7 | Parties interested in using these logos can review the [Use of Microsoft Copyrighted Material](https://www.microsoft.com/en-us/legal/intellectualproperty/permissions) page. 8 | If the use falls into any of those categories, you can move forward with the use and will not need additional permission. 9 | 10 | ## Third Party Permission Requests 11 | 12 | If questions remain after reviewing the permitted uses page, please submit a request to [Third Party Permissions](mailto:mscrqs@microsoft.com). 13 | The people supporting this will direct the request depending upon the content. 14 | 15 | If a request needs to be submitted to the [Third Party Permissions](mailto:mscrqs@microsoft.com), the request should include the following: 16 | 17 | - A statement that the [Use of Microsoft Copyrighted Material](https://www.microsoft.com/en-us/legal/intellectualproperty/permissions) was reviewed and did not address the situation. 18 | - A statement that Microsoft (and not a third party) is the owner of the logo at issue. 19 | - Clear identification of the materials to be used (i.e., the picture of the book cover included by the author in the letter request should suffice). 20 | - A description, including URLs of how they found or located the logo. 21 | - A description of how the party intends to use or distribute the logo (i.e., that it is for the book cover of an instructional book on PowerShell). 22 | - A description of how long the party needs to use the logo. 23 | -------------------------------------------------------------------------------- /stable/assets/icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PowerShell/PowerShell-Snap/572244641b09da3dbf051f6cae26cfded8167d14/stable/assets/icon.png -------------------------------------------------------------------------------- /stable/launcher/powershell-wrapper: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (c) Microsoft Corporation. All rights reserved. 3 | # Licensed under the MIT License. 4 | 5 | # Create $XDG_RUNTIME_DIR if it doesn't exist 6 | [ -n "$XDG_RUNTIME_DIR" ] && mkdir -p $XDG_RUNTIME_DIR -m 700 7 | 8 | exec "$SNAP/opt/powershell/pwsh" "$@" 9 | -------------------------------------------------------------------------------- /stable/snap/gui/powershell.desktop: -------------------------------------------------------------------------------- 1 | 2 | [Desktop Entry] 3 | Name=PowerShell 4 | Exec=powershell 5 | Type=Application 6 | Terminal=true 7 | Categories=ConsoleOnly;System 8 | Icon=${SNAP}/meta/gui/icon.png 9 | -------------------------------------------------------------------------------- /stable/snap/snapcraft.yaml: -------------------------------------------------------------------------------- 1 | name: powershell 2 | 3 | icon: assets/icon.png 4 | 5 | grade: stable 6 | 7 | adopt-info: powershell 8 | base: core20 9 | summary: PowerShell for every system! 10 | description: | 11 | PowerShell is an automation and configuration management platform. 12 | It consists of a cross-platform (Windows, Linux, and macOS) 13 | command-line shell and associated scripting language. 14 | 15 | See https://docs.microsoft.com/en-us/powershell/scripting/powershell-core-support for support details. 16 | 17 | This is the Stable Channel package. 18 | 19 | confinement: classic 20 | 21 | apps: 22 | powershell: 23 | command: bin/powershell-wrapper 24 | environment: 25 | POWERSHELL_DISTRIBUTION_CHANNEL: PSSnap 26 | CLR_ICU_VERSION_OVERRIDE: 60.2 27 | 28 | parts: 29 | # A wrapper script 30 | launchers: 31 | plugin: dump 32 | source: . 33 | organize: 34 | launcher/powershell-wrapper: bin/powershell-wrapper 35 | filesets: 36 | wrapper: [bin/powershell-wrapper] 37 | stage: [$wrapper] 38 | prime: [$wrapper] 39 | powershell: 40 | after: [launchers] 41 | plugin: nil 42 | override-pull: | 43 | snapcraftctl pull 44 | file="./version.txt" 45 | if [ -f "$file" ] 46 | then 47 | version=$(cat $file) 48 | else 49 | version=$(curl -s -L https://aka.ms/pwsh-buildinfo-7-4| jq -r .ReleaseTag | sed 's/v//') 50 | fi 51 | snapcraftctl set-version "$version" 52 | snapcraftctl set-grade "stable" 53 | override-build: | 54 | file="./version.txt" 55 | buildinfo=$(curl -s -L https://aka.ms/pwsh-buildinfo-7-4) 56 | baseurl=$(echo $buildinfo | jq -r .BaseUrl) 57 | if [ -f "$file" ] 58 | then 59 | echo "using version file" 60 | version=$(cat $file) 61 | else 62 | echo "getting latest version from GitHub" 63 | version=$(echo $buildinfo | jq -r .ReleaseTag | sed 's/v//') 64 | echo "Writing version to file" 65 | echo $version > $file 66 | fi 67 | echo "getting powershell $version - $baseurl/v$version" 68 | case "$SNAPCRAFT_ARCH_TRIPLET" in 69 | aarch64-linux-gnu) 70 | curl -L -o powershell.tar.gz $baseurl/v$version/powershell-$version-linux-arm64.tar.gz ;; 71 | arm-linux-gnueabihf) 72 | curl -L -o powershell.tar.gz $baseurl/v$version/powershell-$version-linux-arm32.tar.gz ;; 73 | x86_64-linux-gnu) 74 | curl -L -o powershell.tar.gz $baseurl/v$version/powershell-$version-linux-x64.tar.gz ;; 75 | *) 76 | # fail because we don't have a build for the requested platform 77 | echo "The $SNAPCRAFT_ARCH_TRIPLET platform does not have an available build. Exiting." 78 | exit 1 ;; 79 | esac 80 | echo "getting Third Party Notice Header" 81 | curl -L -o thirdPartyNoticeHeader.txt https://raw.githubusercontent.com/PowerShell/PowerShell-Snap/master/assets/thirdPartyNoticeHeader.txt 82 | mkdir -p $SNAPCRAFT_PART_INSTALL/opt/powershell 83 | tar zxf powershell.tar.gz -C $SNAPCRAFT_PART_INSTALL/opt/powershell 84 | echo 'updating rpath...' 85 | current_rpath="$(patchelf --print-rpath $SNAPCRAFT_PART_INSTALL/opt/powershell/pwsh)" 86 | append_rpath='$ORIGIN:$ORIGIN/../../usr/lib/x86_64-linux-gnu:$ORIGIN/../../lib/x86_64-linux-gnu' 87 | new_rpath="${current_rpath}:${append_rpath}" 88 | echo "set rpath: ${new_rpath}" 89 | patchelf --force-rpath --set-rpath "${new_rpath}" $SNAPCRAFT_PART_INSTALL/opt/powershell/pwsh 90 | echo 'new rpath' 91 | patchelf --print-rpath $SNAPCRAFT_PART_INSTALL/opt/powershell/pwsh 92 | echo 'fixed rpath' 93 | chmod +x $SNAPCRAFT_PART_INSTALL/opt/powershell/pwsh 94 | echo "fixing symlinks" 95 | find $SNAPCRAFT_PART_INSTALL -type l -ls 96 | ln -sfn ../../usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0 $SNAPCRAFT_PART_INSTALL/opt/powershell/libcrypto.so.1.0.0 97 | ln -sfn ../../usr/lib/x86_64-linux-gnu/libssl.so.1.0.0 $SNAPCRAFT_PART_INSTALL/opt/powershell/libssl.so.1.0.0 98 | echo "added new symlinks" 99 | find $SNAPCRAFT_PART_INSTALL -type l -ls 100 | echo "checking for targets" 101 | find $SNAPCRAFT_PART_INSTALL -iname libcrypto.so.* -ls 102 | find $SNAPCRAFT_PART_INSTALL -iname libssl.so.* -ls 103 | echo "fixed symlinks" 104 | thirdPartyNoticeFile="$SNAPCRAFT_PART_INSTALL/thirdPartyNotices.txt" 105 | echo "building third party notices file - $thirdPartyNoticeFile" 106 | cat thirdPartyNoticeHeader.txt > $thirdPartyNoticeFile 107 | find $SNAPCRAFT_PART_INSTALL -type f -name 'copyright' -print | while read filename; do 108 | libname=$(dirname $filename | sed 's,^\(.*/\)\?\([^/]*\),\2,') 109 | echo '' 110 | echo '---------------------------------------------' 111 | echo "Package - $libname" 112 | echo '---------------------------------------------' 113 | cat "$filename" 114 | done >> $thirdPartyNoticeFile 115 | echo "Done building third party notices file - $thirdPartyNoticeFile" 116 | stage-packages: 117 | - libicu66 118 | - liblttng-ust0 119 | - zlib1g 120 | - libgcc1 121 | - libstdc++6 122 | - libssl1.1 123 | build-packages: 124 | - curl 125 | - jq 126 | - patchelf 127 | - python-all 128 | -------------------------------------------------------------------------------- /tools/releaseBuild/.gitignore: -------------------------------------------------------------------------------- 1 | PSRelease/ 2 | -------------------------------------------------------------------------------- /tools/releaseBuild/Images/GenericLinuxFiles/powershell-snap.ps1: -------------------------------------------------------------------------------- 1 | [cmdletbinding(DefaultParameterSetName='default')] 2 | # PowerShell Script to build and package PowerShell from specified form and branch 3 | # Script is intented to use in Docker containers 4 | # Ensure PowerShell is available in the provided image 5 | 6 | param ( 7 | [string] $location = "/powershell", 8 | 9 | # Destination location of the package on docker host 10 | [string] $destination = '/mnt', 11 | 12 | [ValidatePattern("^v\d+\.\d+\.\d+(-\w+(\.\d+)?)?$")] 13 | [ValidateNotNullOrEmpty()] 14 | [string]$ReleaseTag, 15 | 16 | [parameter(parametersetName='preview',Mandatory)] 17 | [switch]$Preview, 18 | 19 | [parameter(parametersetName='lts',Mandatory)] 20 | [switch]$LTS 21 | ) 22 | 23 | $directory = 'stable' 24 | if ($Preview.IsPresent) { 25 | $directory = 'preview' 26 | } 27 | elseif ($LTS.IsPresent) { 28 | $directory = 'lts' 29 | } 30 | 31 | $ErrorActionPreference = 'Stop' 32 | $releaseTagParam = @{} 33 | if ($ReleaseTag) 34 | { 35 | $releaseTagParam = @{ 'ReleaseTag' = $ReleaseTag } 36 | } 37 | 38 | Push-Location 39 | try { 40 | Write-Verbose "snapcraft version $(snapcraft --version)" -Verbose 41 | Set-Location (Join-Path -Path $location -ChildPath $directory) 42 | Write-Verbose -message "building $pwd" -Verbose 43 | if ($ReleaseTag) { 44 | $version = $ReleaseTag -Replace '^v' 45 | $version | out-file -filePath './version.txt' -encoding ascii 46 | Write-Verbose "verify version..." -Verbose 47 | cat ./version.txt 48 | } 49 | 50 | Write-Verbose "building snap..." -Verbose 51 | snapcraft snap 52 | } 53 | finally 54 | { 55 | Pop-Location 56 | } 57 | 58 | $linuxPackages = Get-ChildItem "$location/powershell*.snap" -Recurse 59 | foreach ($linuxPackage in $linuxPackages) 60 | { 61 | $filePath = $linuxPackage.FullName 62 | Write-Verbose "Copying $filePath to $destination" -Verbose 63 | Copy-Item -Path $filePath -Destination $destination -force 64 | } 65 | -------------------------------------------------------------------------------- /tools/releaseBuild/Images/GenericLinuxFiles/powershell-snap.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright (c) Microsoft Corporation. All rights reserved. 3 | # Licensed under the MIT License. 4 | pwsh -command ".\powershell-snap.ps1 $*" 5 | -------------------------------------------------------------------------------- /tools/releaseBuild/Images/GenericLinuxFiles/snapcraft-wrapper: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | SNAP="/snap/snapcraft/current" 3 | SNAP_NAME="$(awk '/^name:/{print $2}' $SNAP/meta/snap.yaml)" 4 | SNAP_VERSION="$(awk '/^version:/{print $2}' $SNAP/meta/snap.yaml)" 5 | SNAP_ARCH="amd64" 6 | 7 | export SNAP 8 | export SNAP_NAME 9 | export SNAP_VERSION 10 | export SNAP_ARCH 11 | 12 | exec "$SNAP/usr/bin/python3" "$SNAP/bin/snapcraft" "$@" 13 | -------------------------------------------------------------------------------- /tools/releaseBuild/Images/microsoft_powershell_ubuntu16.04/Dockerfile: -------------------------------------------------------------------------------- 1 | # Docker image file that describes an Ubuntu16.04 image with PowerShell and SnapCraft installed from Microsoft APT Repo 2 | FROM mcr.microsoft.com/powershell:ubuntu-22.04@sha256:756dae797891cecc5a732c87695dc984c81b5ef755060c15073191996f71fc92 3 | 4 | ARG SNAPCRAFT_CHANNEL=stable 5 | 6 | ENV SNAPCRAFT_URL=https://api.snapcraft.io/api/v1/snaps/details/snapcraft?channel=${SNAPCRAFT_CHANNEL} 7 | # Install curl, used later 8 | # install git used by snapcraft 9 | RUN echo SNAPCRAFT_URL: ${SNAPCRAFT_URL} && \ 10 | apt-get update && \ 11 | apt-get dist-upgrade --yes && \ 12 | apt-get install --yes \ 13 | curl \ 14 | sudo \ 15 | jq \ 16 | squashfs-tools \ 17 | git && \ 18 | curl -L $(curl -H 'X-Ubuntu-Series: 16' 'https://api.snapcraft.io/api/v1/snaps/details/core' | jq '.download_url' -r) --output core.snap && \ 19 | mkdir -p /snap/core && unsquashfs -d /snap/core/current core.snap && rm core.snap && \ 20 | curl -L $(curl -H 'X-Ubuntu-Series: 16' 'https://api.snapcraft.io/api/v1/snaps/details/core20' | jq '.download_url' -r) --output core20.snap && \ 21 | mkdir -p /snap/core20 && unsquashfs -d /snap/core20/current core20.snap && rm core20.snap && \ 22 | curl -L $(curl -H 'X-Ubuntu-Series: 16' ${SNAPCRAFT_URL} | jq '.download_url' -r) --output snapcraft.snap && \ 23 | mkdir -p /snap/snapcraft && unsquashfs -d /snap/snapcraft/current snapcraft.snap && rm snapcraft.snap && \ 24 | apt remove --yes --purge jq squashfs-tools && \ 25 | apt-get autoclean --yes && \ 26 | apt-get clean --yes 27 | 28 | COPY snapcraft-wrapper /snap/bin/snapcraft 29 | 30 | ENV PATH=/snap/bin:$PATH 31 | 32 | COPY powershell-snap.ps1 /powershell-snap.ps1 33 | COPY powershell-snap.sh /powershell-snap.sh 34 | RUN chmod u+x /powershell-snap.sh 35 | -------------------------------------------------------------------------------- /tools/releaseBuild/Images/microsoft_powershell_ubuntu18.04/Dockerfile: -------------------------------------------------------------------------------- 1 | # Docker image file that describes an Ubuntu16.04 image with PowerShell and SnapCraft installed from Microsoft APT Repo 2 | FROM mcr.microsoft.com/powershell:ubuntu-22.04@sha256:756dae797891cecc5a732c87695dc984c81b5ef755060c15073191996f71fc92 3 | 4 | ARG SNAPCRAFT_CHANNEL=stable 5 | 6 | ENV SNAPCRAFT_URL=https://api.snapcraft.io/api/v1/snaps/details/snapcraft?channel=${SNAPCRAFT_CHANNEL} 7 | # Install curl, used later 8 | # install git used by snapcraft 9 | RUN echo SNAPCRAFT_URL: ${SNAPCRAFT_URL} && \ 10 | apt-get update && \ 11 | apt-get dist-upgrade --yes && \ 12 | apt-get install --yes \ 13 | curl \ 14 | sudo \ 15 | jq \ 16 | squashfs-tools \ 17 | git && \ 18 | curl -L $(curl -H 'X-Ubuntu-Series: 16' 'https://api.snapcraft.io/api/v1/snaps/details/core20' | jq '.download_url' -r) --output core20.snap && \ 19 | mkdir -p /snap/core20 && unsquashfs -d /snap/core20/current core20.snap && rm core20.snap && \ 20 | curl -L $(curl -H 'X-Ubuntu-Series: 16' ${SNAPCRAFT_URL} | jq '.download_url' -r) --output snapcraft.snap && \ 21 | mkdir -p /snap/snapcraft && unsquashfs -d /snap/snapcraft/current snapcraft.snap && rm snapcraft.snap && \ 22 | apt remove --yes --purge jq squashfs-tools && \ 23 | apt-get autoclean --yes && \ 24 | apt-get clean --yes 25 | 26 | COPY snapcraft-wrapper /snap/bin/snapcraft 27 | 28 | ENV PATH=/snap/bin:$PATH 29 | 30 | COPY powershell-snap.ps1 /powershell-snap.ps1 31 | COPY powershell-snap.sh /powershell-snap.sh 32 | RUN chmod u+x /powershell-snap.sh 33 | -------------------------------------------------------------------------------- /tools/releaseBuild/README.md: -------------------------------------------------------------------------------- 1 | # VSTS Release Builds 2 | 3 | ## Requirements 4 | 5 | Docker must be installed to run any of the release builds. 6 | 7 | 8 | ## Running Linux Release Builds 9 | 10 | From PowerShell Snap on Linux or macOS, run `.\vstsbuild.ps1 -ReleaseTag -Name `. 11 | 12 | Linux Build Names: 13 | 14 | * `powershell-snap` 15 | * Builds the powershell-snap 16 | -------------------------------------------------------------------------------- /tools/releaseBuild/build.json: -------------------------------------------------------------------------------- 1 | { 2 | "Windows": [], 3 | "Linux": [ 4 | { 5 | "Name": "powershell-snap-stable", 6 | "RepoDestinationPath": "/PowerShell", 7 | "BuildCommand": "/powershell-snap.sh -location _RepoDestinationPath_ -destination _DockerVolume_ -ReleaseTag _ReleaseTag_", 8 | "AdditionalContextFiles": [ 9 | "./tools/releaseBuild/Images/GenericLinuxFiles/powershell-snap.sh", 10 | "./tools/releaseBuild/Images/GenericLinuxFiles/powershell-snap.ps1", 11 | "./tools/releaseBuild/Images/GenericLinuxFiles/snapcraft-wrapper" 12 | ], 13 | "DockerFile": "./tools/releaseBuild/Images/microsoft_powershell_ubuntu20.04/Dockerfile", 14 | "DockerImageName": "ps-snap-ubunutu-20-04", 15 | "BinaryBucket": "stable", 16 | "EnableFeature": [ "ArtifactAsFolder" ] 17 | }, 18 | { 19 | "Name": "powershell-snap-lts", 20 | "RepoDestinationPath": "/PowerShell", 21 | "BuildCommand": "/powershell-snap.sh -location _RepoDestinationPath_ -destination _DockerVolume_ -ReleaseTag _ReleaseTag_ -LTS", 22 | "AdditionalContextFiles": [ 23 | "./tools/releaseBuild/Images/GenericLinuxFiles/powershell-snap.sh", 24 | "./tools/releaseBuild/Images/GenericLinuxFiles/powershell-snap.ps1", 25 | "./tools/releaseBuild/Images/GenericLinuxFiles/snapcraft-wrapper" 26 | ], 27 | "DockerFile": "./tools/releaseBuild/Images/microsoft_powershell_ubuntu20.04/Dockerfile", 28 | "DockerImageName": "ps-snap-ubunutu-20-04", 29 | "BinaryBucket": "lts", 30 | "EnableFeature": [ "ArtifactAsFolder" ] 31 | }, 32 | { 33 | "Name": "powershell-snap-preview", 34 | "RepoDestinationPath": "/PowerShell", 35 | "BuildCommand": "/powershell-snap.sh -location _RepoDestinationPath_ -destination _DockerVolume_ -ReleaseTag _ReleaseTag_ -Preview", 36 | "AdditionalContextFiles": [ 37 | "./tools/releaseBuild/Images/GenericLinuxFiles/powershell-snap.sh", 38 | "./tools/releaseBuild/Images/GenericLinuxFiles/powershell-snap.ps1", 39 | "./tools/releaseBuild/Images/GenericLinuxFiles/snapcraft-wrapper" 40 | ], 41 | "DockerFile": "./tools/releaseBuild/Images/microsoft_powershell_ubuntu20.04/Dockerfile", 42 | "DockerImageName": "ps-snap-ubunutu-20-04", 43 | "BinaryBucket": "preview", 44 | "EnableFeature": [ "ArtifactAsFolder" ] 45 | }, 46 | { 47 | "Name": "powershell-snap-latest", 48 | "RepoDestinationPath": "/PowerShell", 49 | "BuildCommand": "/powershell-snap.sh -location _RepoDestinationPath_ -destination _DockerVolume_", 50 | "AdditionalContextFiles": [ 51 | "./tools/releaseBuild/Images/GenericLinuxFiles/powershell-snap.sh", 52 | "./tools/releaseBuild/Images/GenericLinuxFiles/powershell-snap.ps1", 53 | "./tools/releaseBuild/Images/GenericLinuxFiles/snapcraft-wrapper" 54 | ], 55 | "DockerFile": "./tools/releaseBuild/Images/microsoft_powershell_ubuntu20.04/Dockerfile", 56 | "DockerImageName": "ps-snap-ubunutu-20-04", 57 | "BinaryBucket": "release" 58 | }, 59 | { 60 | "Name": "powershell-snap-preview-latest", 61 | "RepoDestinationPath": "/PowerShell", 62 | "BuildCommand": "/powershell-snap.sh -location _RepoDestinationPath_ -destination _DockerVolume_ -preview", 63 | "AdditionalContextFiles": [ 64 | "./tools/releaseBuild/Images/GenericLinuxFiles/powershell-snap.sh", 65 | "./tools/releaseBuild/Images/GenericLinuxFiles/powershell-snap.ps1", 66 | "./tools/releaseBuild/Images/GenericLinuxFiles/snapcraft-wrapper" 67 | ], 68 | "DockerFile": "./tools/releaseBuild/Images/microsoft_powershell_ubuntu20.04/Dockerfile", 69 | "DockerImageName": "ps-snap-ubunutu-20-04", 70 | "BinaryBucket": "release" 71 | } 72 | ] 73 | } 74 | -------------------------------------------------------------------------------- /tools/releaseBuild/setRelease.ps1: -------------------------------------------------------------------------------- 1 | param( 2 | [Parameter(HelpMessage='The branch name used to update the release tag.')] 3 | [string]$Branch=$env:BUILD_SOURCEBRANCH, 4 | 5 | [Parameter(HelpMessage='The variable name to put the new release tagin.')] 6 | [string]$Variable='ReleaseTag' 7 | ) 8 | 9 | # Script to set the release tag based on the branch name if it is not set or it is "fromBranch" 10 | # the branch name is expected to be release- or 11 | # VSTS passes it as 'refs/heads/release-v6.0.2' 12 | 13 | $branchOnly = $Branch -replace '^refs/heads/'; 14 | $branchOnly = $branchOnly -replace '[_\-]' 15 | 16 | if($branchOnly -eq 'master' -or $branchOnly -like '*dailytest*') 17 | { 18 | Write-verbose "release branch:" -verbose 19 | $releaseTag = 'edge' 20 | $vstsCommandString = "vso[task.setvariable variable=$Variable]$releaseTag" 21 | Write-Verbose -Message "setting $Variable to $releaseTag" -Verbose 22 | Write-Host -Object "##$vstsCommandString" 23 | } 24 | else 25 | { 26 | Write-verbose "non-release branch" -verbose 27 | # Branch is named 28 | 29 | $releaseTag = "hotfix/$branchOnly" 30 | $vstsCommandString = "vso[task.setvariable variable=$Variable]$releaseTag" 31 | Write-Verbose -Message "setting $Variable to $releaseTag" -Verbose 32 | Write-Host -Object "##$vstsCommandString" 33 | } 34 | 35 | Write-Output $releaseTag 36 | -------------------------------------------------------------------------------- /tools/releaseBuild/vstsbuild.ps1: -------------------------------------------------------------------------------- 1 | [cmdletbinding(DefaultParameterSetName='Build')] 2 | param( 3 | [ValidatePattern("^v\d+\.\d+\.\d+(-\w+(\.\d+)?)?$")] 4 | [string]$ReleaseTag 5 | ) 6 | 7 | DynamicParam { 8 | # Add a dynamic parameter '-Name' which specifies the name of the build to run 9 | 10 | # Get the names of the builds. 11 | $buildJsonPath = (Join-Path -path $PSScriptRoot -ChildPath 'build.json') 12 | $build = Get-Content -Path $buildJsonPath | ConvertFrom-Json 13 | $names = @($build.Windows.Name) 14 | foreach($name in $build.Linux.Name) 15 | { 16 | $names += $name 17 | } 18 | 19 | # Create the parameter attributs 20 | $ParameterAttr = New-Object "System.Management.Automation.ParameterAttribute" 21 | $ValidateSetAttr = New-Object "System.Management.Automation.ValidateSetAttribute" -ArgumentList $names 22 | $Attributes = New-Object "System.Collections.ObjectModel.Collection``1[System.Attribute]" 23 | $Attributes.Add($ParameterAttr) > $null 24 | $Attributes.Add($ValidateSetAttr) > $null 25 | 26 | # Create the parameter 27 | $Parameter = New-Object "System.Management.Automation.RuntimeDefinedParameter" -ArgumentList ("Name", [string], $Attributes) 28 | $Dict = New-Object "System.Management.Automation.RuntimeDefinedParameterDictionary" 29 | $Dict.Add("Name", $Parameter) > $null 30 | return $Dict 31 | } 32 | 33 | Begin { 34 | $Name = $PSBoundParameters['Name'] 35 | } 36 | 37 | End { 38 | $ErrorActionPreference = 'Stop' 39 | 40 | $additionalFiles = @() 41 | # If specified, Add package file to container 42 | 43 | 44 | $psReleaseBranch = 'master' 45 | $psReleaseFork = 'PowerShell' 46 | $location = Join-Path -Path $PSScriptRoot -ChildPath 'PSRelease' 47 | if(Test-Path $location) 48 | { 49 | Remove-Item -Path $location -Recurse -Force 50 | } 51 | 52 | $gitBinFullPath = (Get-Command -Name git).Source 53 | if (-not $gitBinFullPath) 54 | { 55 | throw "Git is required to proceed. Install from 'https://git-scm.com/download/win'" 56 | } 57 | 58 | Write-Verbose "cloning -b $psReleaseBranch --quiet https://github.com/$psReleaseFork/PSRelease.git" -verbose 59 | & $gitBinFullPath clone -b $psReleaseBranch --quiet https://github.com/$psReleaseFork/PSRelease.git $location 60 | 61 | Push-Location -Path $PWD.Path 62 | try{ 63 | Set-Location $location 64 | & $gitBinFullPath submodule update --init --recursive --quiet 65 | } 66 | finally 67 | { 68 | Pop-Location 69 | } 70 | 71 | $unresolvedRepoRoot = Join-Path -Path $PSScriptRoot '../..' 72 | $resolvedRepoRoot = (Resolve-Path -Path $unresolvedRepoRoot).ProviderPath 73 | 74 | try 75 | { 76 | Write-Verbose "Starting build at $resolvedRepoRoot ..." -Verbose 77 | Import-Module "$location/vstsBuild" -Force 78 | Import-Module "$location/dockerBasedBuild" -Force 79 | Clear-VstsTaskState 80 | 81 | $buildParameters = @{ 82 | ReleaseTag = $ReleaseTag 83 | } 84 | 85 | if($ReleaseTag) 86 | { 87 | Invoke-Build -RepoPath $resolvedRepoRoot -BuildJsonPath './tools/releaseBuild/build.json' -Name $Name -Parameters $buildParameters -AdditionalFiles $AdditionalFiles 88 | } 89 | else 90 | { 91 | Invoke-Build -RepoPath $resolvedRepoRoot -BuildJsonPath './tools/releaseBuild/build.json' -Name $Name -AdditionalFiles $AdditionalFiles 92 | } 93 | } 94 | catch 95 | { 96 | Write-VstsError -Error $_ 97 | } 98 | finally{ 99 | Write-VstsTaskState 100 | exit 0 101 | } 102 | } 103 | -------------------------------------------------------------------------------- /tools/releaseBuild/vstsbuild.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright (c) Microsoft Corporation. All rights reserved. 3 | # Licensed under the MIT License. 4 | 5 | pwsh -command ".\vstsbuild.ps1 $*" 6 | -------------------------------------------------------------------------------- /tools/terms/TermsExclusion.xml: -------------------------------------------------------------------------------- 1 | 2 | .GIT 3 | 4 | --------------------------------------------------------------------------------