├── .config
└── tsaoptions.json
├── .editorconfig
├── .gitattributes
├── .gitignore
├── Build.cmd
├── CODE-OF-CONDUCT.md
├── Directory.Build.props
├── Directory.Build.targets
├── Install-Scripts.sln
├── LICENSE.TXT
├── NuGet.config
├── THIRD-PARTY-NOTICES.TXT
├── azure-pipelines-PR.yml
├── azure-pipelines-official.yml
├── build.sh
├── docs
└── README.md
├── dotnet-install.asc
├── eng
├── Publishing.props
├── Signing.props
├── Version.Details.xml
├── Versions.props
├── common-variables.yml
├── common
│ ├── BuildConfiguration
│ │ └── build-configuration.json
│ ├── CIBuild.cmd
│ ├── PSScriptAnalyzerSettings.psd1
│ ├── README.md
│ ├── SetupNugetSources.ps1
│ ├── SetupNugetSources.sh
│ ├── build.ps1
│ ├── build.sh
│ ├── cibuild.sh
│ ├── cross
│ │ ├── arm
│ │ │ ├── sources.list.bionic
│ │ │ ├── sources.list.focal
│ │ │ ├── sources.list.jammy
│ │ │ ├── sources.list.jessie
│ │ │ ├── sources.list.xenial
│ │ │ ├── sources.list.zesty
│ │ │ └── tizen
│ │ │ │ └── tizen.patch
│ │ ├── arm64
│ │ │ ├── sources.list.bionic
│ │ │ ├── sources.list.buster
│ │ │ ├── sources.list.focal
│ │ │ ├── sources.list.jammy
│ │ │ ├── sources.list.stretch
│ │ │ ├── sources.list.xenial
│ │ │ ├── sources.list.zesty
│ │ │ └── tizen
│ │ │ │ └── tizen.patch
│ │ ├── armel
│ │ │ ├── armel.jessie.patch
│ │ │ ├── sources.list.jessie
│ │ │ └── tizen
│ │ │ │ └── tizen.patch
│ │ ├── armv6
│ │ │ └── sources.list.buster
│ │ ├── build-android-rootfs.sh
│ │ ├── build-rootfs.sh
│ │ ├── ppc64le
│ │ │ └── sources.list.bionic
│ │ ├── riscv64
│ │ │ └── sources.list.sid
│ │ ├── s390x
│ │ │ └── sources.list.bionic
│ │ ├── tizen-build-rootfs.sh
│ │ ├── tizen-fetch.sh
│ │ └── toolchain.cmake
│ ├── darc-init.ps1
│ ├── darc-init.sh
│ ├── dotnet-install.cmd
│ ├── dotnet-install.ps1
│ ├── dotnet-install.sh
│ ├── enable-cross-org-publishing.ps1
│ ├── generate-locproject.ps1
│ ├── generate-sbom-prep.ps1
│ ├── generate-sbom-prep.sh
│ ├── helixpublish.proj
│ ├── init-tools-native.cmd
│ ├── init-tools-native.ps1
│ ├── init-tools-native.sh
│ ├── internal-feed-operations.ps1
│ ├── internal-feed-operations.sh
│ ├── internal
│ │ ├── Directory.Build.props
│ │ ├── NuGet.config
│ │ └── Tools.csproj
│ ├── loc
│ │ └── P22DotNetHtmlLocalization.lss
│ ├── msbuild.ps1
│ ├── msbuild.sh
│ ├── native
│ │ ├── CommonLibrary.psm1
│ │ ├── common-library.sh
│ │ ├── init-compiler.sh
│ │ ├── init-distro-rid.sh
│ │ ├── init-os-and-arch.sh
│ │ ├── install-cmake-test.sh
│ │ ├── install-cmake.sh
│ │ └── install-tool.ps1
│ ├── pipeline-logging-functions.ps1
│ ├── pipeline-logging-functions.sh
│ ├── post-build
│ │ ├── add-build-to-channel.ps1
│ │ ├── check-channel-consistency.ps1
│ │ ├── nuget-validation.ps1
│ │ ├── post-build-utils.ps1
│ │ ├── publish-using-darc.ps1
│ │ ├── sourcelink-validation.ps1
│ │ ├── symbols-validation.ps1
│ │ └── trigger-subscriptions.ps1
│ ├── retain-build.ps1
│ ├── sdk-task.ps1
│ ├── sdl
│ │ ├── NuGet.config
│ │ ├── configure-sdl-tool.ps1
│ │ ├── execute-all-sdl-tools.ps1
│ │ ├── extract-artifact-archives.ps1
│ │ ├── extract-artifact-packages.ps1
│ │ ├── init-sdl.ps1
│ │ ├── packages.config
│ │ ├── run-sdl.ps1
│ │ ├── sdl.ps1
│ │ └── trim-assets-version.ps1
│ ├── templates-official
│ │ ├── job
│ │ │ ├── job.yml
│ │ │ ├── onelocbuild.yml
│ │ │ ├── publish-build-assets.yml
│ │ │ ├── source-build.yml
│ │ │ └── source-index-stage1.yml
│ │ ├── jobs
│ │ │ ├── codeql-build.yml
│ │ │ ├── jobs.yml
│ │ │ └── source-build.yml
│ │ ├── post-build
│ │ │ ├── common-variables.yml
│ │ │ ├── post-build.yml
│ │ │ ├── setup-maestro-vars.yml
│ │ │ └── trigger-subscription.yml
│ │ ├── steps
│ │ │ ├── add-build-to-channel.yml
│ │ │ ├── build-reason.yml
│ │ │ ├── component-governance.yml
│ │ │ ├── enable-internal-runtimes.yml
│ │ │ ├── execute-codeql.yml
│ │ │ ├── execute-sdl.yml
│ │ │ ├── generate-sbom.yml
│ │ │ ├── get-delegation-sas.yml
│ │ │ ├── get-federated-access-token.yml
│ │ │ ├── publish-logs.yml
│ │ │ ├── retain-build.yml
│ │ │ ├── send-to-helix.yml
│ │ │ └── source-build.yml
│ │ └── variables
│ │ │ ├── pool-providers.yml
│ │ │ └── sdl-variables.yml
│ ├── templates
│ │ ├── job
│ │ │ ├── execute-sdl.yml
│ │ │ ├── job.yml
│ │ │ ├── onelocbuild.yml
│ │ │ ├── publish-build-assets.yml
│ │ │ ├── source-build.yml
│ │ │ └── source-index-stage1.yml
│ │ ├── jobs
│ │ │ ├── codeql-build.yml
│ │ │ ├── jobs.yml
│ │ │ └── source-build.yml
│ │ ├── post-build
│ │ │ ├── common-variables.yml
│ │ │ ├── post-build.yml
│ │ │ ├── setup-maestro-vars.yml
│ │ │ └── trigger-subscription.yml
│ │ ├── steps
│ │ │ ├── add-build-to-channel.yml
│ │ │ ├── build-reason.yml
│ │ │ ├── component-governance.yml
│ │ │ ├── enable-internal-runtimes.yml
│ │ │ ├── execute-codeql.yml
│ │ │ ├── execute-sdl.yml
│ │ │ ├── generate-sbom.yml
│ │ │ ├── get-delegation-sas.yml
│ │ │ ├── get-federated-access-token.yml
│ │ │ ├── publish-logs.yml
│ │ │ ├── retain-build.yml
│ │ │ ├── run-on-unix.yml
│ │ │ ├── run-on-windows.yml
│ │ │ ├── run-script-ifequalelse.yml
│ │ │ ├── send-to-helix.yml
│ │ │ ├── source-build.yml
│ │ │ ├── telemetry-end.yml
│ │ │ └── telemetry-start.yml
│ │ └── variables
│ │ │ ├── pool-providers.yml
│ │ │ └── sdl-variables.yml
│ ├── tools.ps1
│ └── tools.sh
├── policheck_exclusions.xml
├── update-packagesource.cmd
├── update-packagesource.ps1
└── validate-sdk.yml
├── global.json
├── src
├── .vscode
│ └── launch.json
├── Signing
│ └── SignScripts.csproj
├── dotnet-install.ps1
├── dotnet-install.sh
└── install-dotnet-preview.sh
├── testEnvironments.json
└── tests
├── .gitignore
└── Install-Scripts.Test
├── AkaMsLinksTests.cs
├── Assets
├── .gitattributes
├── GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToBash_version=1.0.5_runtime=dotnet.verified.txt
├── GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToBash_version=2.1.0_runtime=aspnetcore.verified.txt
├── GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToBash_version=6.0.100_runtime=null.verified.txt
├── GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToBash_version=8.0.303_runtime=null.verified.txt
├── GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToBash_version=9.0.100_runtime=null.verified.txt
├── GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToPowershell_version=1.0.5_runtime=dotnet.verified.txt
├── GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToPowershell_version=2.1.0_runtime=aspnetcore.verified.txt
├── GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToPowershell_version=6.0.100_runtime=null.verified.txt
├── GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToPowershell_version=8.0.303_runtime=null.verified.txt
├── GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToPowershell_version=9.0.100_runtime=null.verified.txt
├── GivenThatIWantToGetTheSdkLinksFromAScript.WhenMacosIsPassedToBash.verified.txt
├── InstallationScriptTests.json
├── InstallationScriptTestsWithMultipleSdkFields.json
├── InstallationScriptTestsWithVersionFieldInTheMiddle.json
└── InstallationScriptTestsWithWindowsLineEndings.json
├── GivenThatIWantToGetTheSdkLinksFromAScript.cs
├── GivenThatIWantToInstallDotnetFromAScript.cs
├── Install-Scripts.Test.csproj
├── TestBase.cs
├── TestUtils.cs
└── Utils
├── ArgumentEscaper.cs
├── CommandResultAssertions.cs
├── CommandResultExtensions.cs
├── DotNetCommand.cs
└── Quality.cs
/.config/tsaoptions.json:
--------------------------------------------------------------------------------
1 | {
2 | "instanceUrl": "https://devdiv.visualstudio.com/",
3 | "template": "TFSDEVDIV",
4 | "projectName": "DEVDIV",
5 | "areaPath": "DevDiv\\NET Fundamentals\\.NET Acquisition\\install-scripts-incidents",
6 | "iterationPath": "DevDiv",
7 | "notificationAliases": [ "dnsbcgalerts@microsoft.com" ],
8 | "repositoryName": "install-scripts",
9 | "codebaseName": "install-scripts",
10 | "serviceTreeId": "33d7954d-0688-4e7b-9208-087c9e57f21a"
11 | }
12 |
--------------------------------------------------------------------------------
/.editorconfig:
--------------------------------------------------------------------------------
1 | # To learn more about .editorconfig see https://aka.ms/editorconfigdocs
2 | ###############################
3 | # Core EditorConfig Options #
4 | ###############################
5 |
6 |
7 | # Verify settings
8 | [*.{received,verified}.{txt,xml,json}]
9 | charset = "utf-8-bom"
10 | end_of_line = lf
11 | indent_size = unset
12 | indent_style = unset
13 | insert_final_newline = false
14 | tab_width = unset
15 | trim_trailing_whitespace = false
--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
1 | # bash script must have LF line endings to support macOS and Linux
2 | *.sh text eol=lf
3 | # powershell script must have CRLF line endings for signature validation to work
4 | *.ps1 text eol=crlf
5 |
6 | # VerifyTests
7 | *.verified.txt text eol=lf working-tree-encoding=UTF-8
8 |
--------------------------------------------------------------------------------
/Build.cmd:
--------------------------------------------------------------------------------
1 | @echo off
2 | powershell -ExecutionPolicy ByPass -NoProfile -command "& """%~dp0eng\common\Build.ps1""" -restore -build %*"
3 | exit /b %ErrorLevel%
4 |
--------------------------------------------------------------------------------
/CODE-OF-CONDUCT.md:
--------------------------------------------------------------------------------
1 | # Code of Conduct
2 |
3 | This project has adopted the code of conduct defined by the Contributor Covenant
4 | to clarify expected behavior in our community.
5 |
6 | For more information, see the [.NET Foundation Code of Conduct](https://dotnetfoundation.org/code-of-conduct).
7 |
--------------------------------------------------------------------------------
/Directory.Build.props:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 | $(CopyrightNetFoundation)
7 |
8 |
9 | MIT
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Directory.Build.targets:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/Install-Scripts.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 17
4 | VisualStudioVersion = 17.2.32526.322
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "SignScripts", "src\Signing\SignScripts.csproj", "{8335F5A8-00BD-4457-924B-CAF878E5D929}"
7 | EndProject
8 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Install-Scripts.Test", "tests\Install-Scripts.Test\Install-Scripts.Test.csproj", "{EC847B17-29BB-486C-8BC8-91EA9565B286}"
9 | EndProject
10 | Global
11 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
12 | Debug|Any CPU = Debug|Any CPU
13 | Release|Any CPU = Release|Any CPU
14 | EndGlobalSection
15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | {8335F5A8-00BD-4457-924B-CAF878E5D929}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
17 | {8335F5A8-00BD-4457-924B-CAF878E5D929}.Debug|Any CPU.Build.0 = Debug|Any CPU
18 | {8335F5A8-00BD-4457-924B-CAF878E5D929}.Release|Any CPU.ActiveCfg = Release|Any CPU
19 | {8335F5A8-00BD-4457-924B-CAF878E5D929}.Release|Any CPU.Build.0 = Release|Any CPU
20 | {EC847B17-29BB-486C-8BC8-91EA9565B286}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
21 | {EC847B17-29BB-486C-8BC8-91EA9565B286}.Debug|Any CPU.Build.0 = Debug|Any CPU
22 | {EC847B17-29BB-486C-8BC8-91EA9565B286}.Release|Any CPU.ActiveCfg = Release|Any CPU
23 | {EC847B17-29BB-486C-8BC8-91EA9565B286}.Release|Any CPU.Build.0 = Release|Any CPU
24 | EndGlobalSection
25 | GlobalSection(SolutionProperties) = preSolution
26 | HideSolutionNode = FALSE
27 | EndGlobalSection
28 | GlobalSection(ExtensibilityGlobals) = postSolution
29 | SolutionGuid = {04F10663-3588-4B62-8ABD-1EC771D0E387}
30 | EndGlobalSection
31 | EndGlobal
32 |
--------------------------------------------------------------------------------
/LICENSE.TXT:
--------------------------------------------------------------------------------
1 | The MIT License (MIT)
2 |
3 | Copyright (c) .NET Foundation and Contributors
4 |
5 | All rights reserved.
6 |
7 | Permission is hereby granted, free of charge, to any person obtaining a copy
8 | of this software and associated documentation files (the "Software"), to deal
9 | in the Software without restriction, including without limitation the rights
10 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | copies of the Software, and to permit persons to whom the Software is
12 | furnished to do so, subject to the following conditions:
13 |
14 | The above copyright notice and this permission notice shall be included in all
15 | copies or substantial portions of the Software.
16 |
17 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | SOFTWARE.
--------------------------------------------------------------------------------
/NuGet.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
--------------------------------------------------------------------------------
/THIRD-PARTY-NOTICES.TXT:
--------------------------------------------------------------------------------
1 | .NET Core uses third-party libraries or other resources that may be
2 | distributed under licenses different than the .NET Core software.
3 |
4 | In the event that we accidentally failed to list a required notice, please
5 | bring it to our attention. Post an issue or email us:
6 |
7 | dotnet@microsoft.com
8 |
9 | The attached notices are provided for information only.
10 |
11 | No notices are provided at this time.
--------------------------------------------------------------------------------
/azure-pipelines-PR.yml:
--------------------------------------------------------------------------------
1 | trigger:
2 | - main
3 |
4 | pr:
5 | - main
6 |
7 | variables:
8 | - template: eng/common-variables.yml
9 |
10 | stages:
11 | - stage: build
12 | displayName: Build
13 | jobs:
14 | - template: /eng/common/templates/jobs/jobs.yml
15 | parameters:
16 | workspace:
17 | clean: all
18 | jobs:
19 | - job: Windows_NT
20 | timeoutInMinutes: 90
21 | pool:
22 | name: NetCore-Public
23 | demands: ImageOverride -equals Windows.vs2022.amd64.open
24 |
25 | strategy:
26 | matrix:
27 | Build_Debug:
28 | _BuildConfig: Debug
29 | preSteps:
30 | - checkout: self
31 | clean: true
32 | steps:
33 | - task: UseDotNet@2
34 | displayName: Get .NET Core SDK
35 | inputs:
36 | version: 8.x
37 | - task: DotNetCoreCLI@2
38 | displayName: Run Tests
39 | inputs:
40 | command: test
41 |
42 | - job: LinuxTests
43 | timeoutInMinutes: 30
44 | pool:
45 | name: NetCore-Public
46 | demands: ImageOverride -equals build.ubuntu.2204.amd64.open
47 | steps:
48 | - checkout: self
49 | displayName: Checkout Self
50 | clean: true
51 | - task: UseDotNet@2
52 | displayName: Get .NET Core SDK
53 | inputs:
54 | version: 8.x
55 | - script: |
56 | chmod u+x src/dotnet-install.sh
57 | displayName: 'Add permission to execute'
58 | - task: DotNetCoreCLI@2
59 | displayName: Run Tests
60 | inputs:
61 | command: test
62 |
63 | - job: MacOSTests
64 | timeoutInMinutes: 45
65 | pool:
66 | vmImage: 'macOS-latest'
67 | steps:
68 | - checkout: self
69 | displayName: Checkout Self
70 | clean: true
71 | - task: UseDotNet@2
72 | displayName: Get .NET Core SDK
73 | inputs:
74 | version: 8.x
75 | - script: |
76 | chmod u+x src/dotnet-install.sh
77 | displayName: 'Add permission to execute'
78 | - task: DotNetCoreCLI@2
79 | displayName: Run Tests
80 | inputs:
81 | command: test
82 |
--------------------------------------------------------------------------------
/build.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | source="${BASH_SOURCE[0]}"
4 |
5 | # resolve $SOURCE until the file is no longer a symlink
6 | while [[ -h $source ]]; do
7 | scriptroot="$( cd -P "$( dirname "$source" )" && pwd )"
8 | source="$(readlink "$source")"
9 |
10 | # if $source was a relative symlink, we need to resolve it relative to the path where the
11 | # symlink file was located
12 | [[ $source != /* ]] && source="$scriptroot/$source"
13 | done
14 |
15 | scriptroot="$( cd -P "$( dirname "$source" )" && pwd )"
16 | "$scriptroot/eng/common/build.sh" --build --restore $@
17 |
--------------------------------------------------------------------------------
/docs/README.md:
--------------------------------------------------------------------------------
1 | [](https://dev.azure.com/dnceng-public/public/_build?definitionId=73)
2 |
3 | This repo is the central place for dotnet install and install dotnet preview scripts.
4 |
5 | **Please be advised that the project is currently in maintenance mode. This implies that we are focusing on addressing high-priority bugs and providing assistance with any issues that may arise. During this phase, no new features or significant improvements are anticipated.**
6 |
7 | For more information about the usage of dotnet install, see:
8 | https://learn.microsoft.com/dotnet/core/tools/dotnet-install-script
9 |
10 | To download the latest stable versions of dotnet install, go to:
11 | - Bash (Linux/macOS): https://dot.net/v1/dotnet-install.sh
12 | - PowerShell (Windows): https://dot.net/v1/dotnet-install.ps1
13 |
14 | Information about the usage of install dotnet preview is provided here:
15 | https://github.com/dotnet/core/blob/main/release-notes/7.0/install-linux.md#install-using-debrpm-packages
16 |
17 | The latest stable versions of install dotnet preview is available here:
18 | - https://builds.dotnet.microsoft.com/dotnet/release/install-preview/install-dotnet-preview.sh
19 |
--------------------------------------------------------------------------------
/dotnet-install.asc:
--------------------------------------------------------------------------------
1 | -----BEGIN PGP PUBLIC KEY BLOCK-----
2 | Version: BSN Pgp v1.1.0.0
3 |
4 | mQENBGPkMDwBCAC4k+2aKmawupYX+NL91FC8mU0Pe8JYBxDuG6+ZbWLywpWvKHUv
5 | WMMPKV8dQrV0q7MMqdbQthSylWLJkkfUgMhSMJ885+0CXS0Inv5yyMeMA8XvgJ2E
6 | GUgrSs5fabwAdPniVjndLmxIaov7xtCPSZAPP0Mjr8c000aTyQIUNsOYPviDUykS
7 | TMP4oQeBBenTLJsauH/IXAq8wbQyQyXjI6yVV13UmUSTe+uwpM+SN/s7B8GpkxOb
8 | +vZ9DmSexeoUvlaAO2MAAux8pogyQdvMDDkP7aXOkEfc9N87B1dXOSWShLvRg04W
9 | aDUfU+Q6EkQk1yGyZeWvCAMf5nVyxmwan5KTABEBAAG0OU1pY3Jvc29mdCBEZXZV
10 | WFRlYW1QcmFndWUgPGRldnV4dGVhbXByYWd1ZUBtaWNyb3NvZnQuY29tPokBOAQT
11 | AQgAIgUCY+QwPAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQuc8aUfx9
12 | Os+aTggAq9wJY0/hS2+R18RBm3CajFqN9be/uZ0uxLfmu05zgAKm6E2rRlSwX12J
13 | x0tcaJAT+Q+P7vVMeBf+B4yOLwOwe2z/MZaxYkckC6kEnnvzXNEhfKtRhapLClHD
14 | 7Lo3iinGNUB8Qa1lBX/t+1oAp50YW1pUeNEk7Ppk2daz3/BuoFwaP8fxwVJ9MEFB
15 | NidXwDy+uGQR9KBCU9mo6XZK3bsFW2vByWr4AQMvixw3m5QCY8m+NXRX08J9LD6t
16 | f0G5bcHEZj+t/RbWHt1iQKv/WB62CVdArSbPFYusd73kYtdLUdwELZILcIoPqV1c
17 | AX0xKovPmQNk8ITCopbbCs3jCIVvmw==
18 | =awWT
19 | -----END PGP PUBLIC KEY BLOCK-----
20 |
--------------------------------------------------------------------------------
/eng/Publishing.props:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | 3
5 |
6 |
7 |
--------------------------------------------------------------------------------
/eng/Signing.props:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/eng/Version.Details.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 | https://github.com/dotnet/arcade
8 | abb15166a8da9284d6ed177924cfd9b6f74c9f08
9 |
10 |
11 | https://github.com/dotnet/arcade
12 | abb15166a8da9284d6ed177924cfd9b6f74c9f08
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/eng/Versions.props:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | 1.0.0
5 | prerelease
6 |
7 |
8 |
--------------------------------------------------------------------------------
/eng/common-variables.yml:
--------------------------------------------------------------------------------
1 | variables:
2 | # Cannot use key:value syntax in root defined variables
3 | - name: _TeamName
4 | value: DotNetDevUxPrague
5 | - name: HelixApiAccessToken
6 | value: ''
7 | - name: _RunAsPublic
8 | value: True
9 | - name: _RunAsInternal
10 | value: False
11 | - name: _InternalBuildArgs
12 | value: ''
13 | - name: _UseBuildManifest
14 | value: False
15 | - name: _SignType
16 | value: test
17 |
18 | - ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
19 | - name: _RunAsPublic
20 | value: False
21 | - name: _RunAsInternal
22 | value: True
23 | - name: _SignType
24 | value: real
25 | - name: _UseBuildManifest
26 | value: False
27 | - group: Publish-Build-Assets
28 | - group: DotNet-HelixApi-Access
29 | - group: DotNet-Install-Scripts-SDLValidation-Params
30 | - name: _InternalBuildArgs
31 | value: /p:DotNetSignType=$(_SignType)
32 | /p:TeamName=$(_TeamName)
33 | /p:DotNetPublishUsingPipelines=true
34 | /p:OfficialBuildId=$(BUILD.BUILDNUMBER)
--------------------------------------------------------------------------------
/eng/common/BuildConfiguration/build-configuration.json:
--------------------------------------------------------------------------------
1 | {
2 | "RetryCountLimit": 1,
3 | "RetryByAnyError": false
4 | }
5 |
--------------------------------------------------------------------------------
/eng/common/CIBuild.cmd:
--------------------------------------------------------------------------------
1 | @echo off
2 | powershell -ExecutionPolicy ByPass -NoProfile -command "& """%~dp0Build.ps1""" -restore -build -test -sign -pack -publish -ci %*"
--------------------------------------------------------------------------------
/eng/common/PSScriptAnalyzerSettings.psd1:
--------------------------------------------------------------------------------
1 | @{
2 | IncludeRules=@('PSAvoidUsingCmdletAliases',
3 | 'PSAvoidUsingWMICmdlet',
4 | 'PSAvoidUsingPositionalParameters',
5 | 'PSAvoidUsingInvokeExpression',
6 | 'PSUseDeclaredVarsMoreThanAssignments',
7 | 'PSUseCmdletCorrectly',
8 | 'PSStandardDSCFunctionsInResource',
9 | 'PSUseIdenticalMandatoryParametersForDSC',
10 | 'PSUseIdenticalParametersForDSC')
11 | }
--------------------------------------------------------------------------------
/eng/common/README.md:
--------------------------------------------------------------------------------
1 | # Don't touch this folder
2 |
3 | uuuuuuuuuuuuuuuuuuuu
4 | u" uuuuuuuuuuuuuuuuuu "u
5 | u" u$$$$$$$$$$$$$$$$$$$$u "u
6 | u" u$$$$$$$$$$$$$$$$$$$$$$$$u "u
7 | u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u
8 | u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u
9 | u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u
10 | $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $
11 | $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $
12 | $ $$$" ... "$... ...$" ... "$$$ ... "$$$ $
13 | $ $$$u `"$$$$$$$ $$$ $$$$$ $$ $$$ $$$ $
14 | $ $$$$$$uu "$$$$ $$$ $$$$$ $$ """ u$$$ $
15 | $ $$$""$$$ $$$$ $$$u "$$$" u$$ $$$$$$$$ $
16 | $ $$$$....,$$$$$..$$$$$....,$$$$..$$$$$$$$ $
17 | $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $
18 | "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"
19 | "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"
20 | "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"
21 | "u "$$$$$$$$$$$$$$$$$$$$$$$$" u"
22 | "u "$$$$$$$$$$$$$$$$$$$$" u"
23 | "u """""""""""""""""" u"
24 | """"""""""""""""""""
25 |
26 | !!! Changes made in this directory are subject to being overwritten by automation !!!
27 |
28 | The files in this directory are shared by all Arcade repos and managed by automation. If you need to make changes to these files, open an issue or submit a pull request to https://github.com/dotnet/arcade first.
29 |
--------------------------------------------------------------------------------
/eng/common/cibuild.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | source="${BASH_SOURCE[0]}"
4 |
5 | # resolve $SOURCE until the file is no longer a symlink
6 | while [[ -h $source ]]; do
7 | scriptroot="$( cd -P "$( dirname "$source" )" && pwd )"
8 | source="$(readlink "$source")"
9 |
10 | # if $source was a relative symlink, we need to resolve it relative to the path where
11 | # the symlink file was located
12 | [[ $source != /* ]] && source="$scriptroot/$source"
13 | done
14 | scriptroot="$( cd -P "$( dirname "$source" )" && pwd )"
15 |
16 | . "$scriptroot/build.sh" --restore --build --test --pack --publish --ci $@
--------------------------------------------------------------------------------
/eng/common/cross/arm/sources.list.bionic:
--------------------------------------------------------------------------------
1 | deb http://ports.ubuntu.com/ubuntu-ports/ bionic main restricted universe
2 | deb-src http://ports.ubuntu.com/ubuntu-ports/ bionic main restricted universe
3 |
4 | deb http://ports.ubuntu.com/ubuntu-ports/ bionic-updates main restricted universe
5 | deb-src http://ports.ubuntu.com/ubuntu-ports/ bionic-updates main restricted universe
6 |
7 | deb http://ports.ubuntu.com/ubuntu-ports/ bionic-backports main restricted
8 | deb-src http://ports.ubuntu.com/ubuntu-ports/ bionic-backports main restricted
9 |
10 | deb http://ports.ubuntu.com/ubuntu-ports/ bionic-security main restricted universe multiverse
11 | deb-src http://ports.ubuntu.com/ubuntu-ports/ bionic-security main restricted universe multiverse
12 |
--------------------------------------------------------------------------------
/eng/common/cross/arm/sources.list.focal:
--------------------------------------------------------------------------------
1 | deb http://ports.ubuntu.com/ubuntu-ports/ focal main restricted universe
2 | deb-src http://ports.ubuntu.com/ubuntu-ports/ focal main restricted universe
3 |
4 | deb http://ports.ubuntu.com/ubuntu-ports/ focal-updates main restricted universe
5 | deb-src http://ports.ubuntu.com/ubuntu-ports/ focal-updates main restricted universe
6 |
7 | deb http://ports.ubuntu.com/ubuntu-ports/ focal-backports main restricted
8 | deb-src http://ports.ubuntu.com/ubuntu-ports/ focal-backports main restricted
9 |
10 | deb http://ports.ubuntu.com/ubuntu-ports/ focal-security main restricted universe multiverse
11 | deb-src http://ports.ubuntu.com/ubuntu-ports/ focal-security main restricted universe multiverse
12 |
--------------------------------------------------------------------------------
/eng/common/cross/arm/sources.list.jammy:
--------------------------------------------------------------------------------
1 | deb http://ports.ubuntu.com/ubuntu-ports/ jammy main restricted universe
2 | deb-src http://ports.ubuntu.com/ubuntu-ports/ jammy main restricted universe
3 |
4 | deb http://ports.ubuntu.com/ubuntu-ports/ jammy-updates main restricted universe
5 | deb-src http://ports.ubuntu.com/ubuntu-ports/ jammy-updates main restricted universe
6 |
7 | deb http://ports.ubuntu.com/ubuntu-ports/ jammy-backports main restricted
8 | deb-src http://ports.ubuntu.com/ubuntu-ports/ jammy-backports main restricted
9 |
10 | deb http://ports.ubuntu.com/ubuntu-ports/ jammy-security main restricted universe multiverse
11 | deb-src http://ports.ubuntu.com/ubuntu-ports/ jammy-security main restricted universe multiverse
12 |
--------------------------------------------------------------------------------
/eng/common/cross/arm/sources.list.jessie:
--------------------------------------------------------------------------------
1 | # Debian (sid) # UNSTABLE
2 | deb http://ftp.debian.org/debian/ sid main contrib non-free
3 | deb-src http://ftp.debian.org/debian/ sid main contrib non-free
4 |
--------------------------------------------------------------------------------
/eng/common/cross/arm/sources.list.xenial:
--------------------------------------------------------------------------------
1 | deb http://ports.ubuntu.com/ubuntu-ports/ xenial main restricted universe
2 | deb-src http://ports.ubuntu.com/ubuntu-ports/ xenial main restricted universe
3 |
4 | deb http://ports.ubuntu.com/ubuntu-ports/ xenial-updates main restricted universe
5 | deb-src http://ports.ubuntu.com/ubuntu-ports/ xenial-updates main restricted universe
6 |
7 | deb http://ports.ubuntu.com/ubuntu-ports/ xenial-backports main restricted
8 | deb-src http://ports.ubuntu.com/ubuntu-ports/ xenial-backports main restricted
9 |
10 | deb http://ports.ubuntu.com/ubuntu-ports/ xenial-security main restricted universe multiverse
11 | deb-src http://ports.ubuntu.com/ubuntu-ports/ xenial-security main restricted universe multiverse
12 |
--------------------------------------------------------------------------------
/eng/common/cross/arm/sources.list.zesty:
--------------------------------------------------------------------------------
1 | deb http://ports.ubuntu.com/ubuntu-ports/ zesty main restricted universe
2 | deb-src http://ports.ubuntu.com/ubuntu-ports/ zesty main restricted universe
3 |
4 | deb http://ports.ubuntu.com/ubuntu-ports/ zesty-updates main restricted universe
5 | deb-src http://ports.ubuntu.com/ubuntu-ports/ zesty-updates main restricted universe
6 |
7 | deb http://ports.ubuntu.com/ubuntu-ports/ zesty-backports main restricted
8 | deb-src http://ports.ubuntu.com/ubuntu-ports/ zesty-backports main restricted
9 |
10 | deb http://ports.ubuntu.com/ubuntu-ports/ zesty-security main restricted universe multiverse
11 | deb-src http://ports.ubuntu.com/ubuntu-ports/ zesty-security main restricted universe multiverse
12 |
--------------------------------------------------------------------------------
/eng/common/cross/arm/tizen/tizen.patch:
--------------------------------------------------------------------------------
1 | diff -u -r a/usr/lib/libc.so b/usr/lib/libc.so
2 | --- a/usr/lib/libc.so 2016-12-30 23:00:08.284951863 +0900
3 | +++ b/usr/lib/libc.so 2016-12-30 23:00:32.140951815 +0900
4 | @@ -2,4 +2,4 @@
5 | Use the shared library, but some functions are only in
6 | the static library, so try that secondarily. */
7 | OUTPUT_FORMAT(elf32-littlearm)
8 | -GROUP ( /lib/libc.so.6 /usr/lib/libc_nonshared.a AS_NEEDED ( /lib/ld-linux-armhf.so.3 ) )
9 | +GROUP ( libc.so.6 libc_nonshared.a AS_NEEDED ( ld-linux-armhf.so.3 ) )
10 |
--------------------------------------------------------------------------------
/eng/common/cross/arm64/sources.list.bionic:
--------------------------------------------------------------------------------
1 | deb http://ports.ubuntu.com/ubuntu-ports/ bionic main restricted universe
2 | deb-src http://ports.ubuntu.com/ubuntu-ports/ bionic main restricted universe
3 |
4 | deb http://ports.ubuntu.com/ubuntu-ports/ bionic-updates main restricted universe
5 | deb-src http://ports.ubuntu.com/ubuntu-ports/ bionic-updates main restricted universe
6 |
7 | deb http://ports.ubuntu.com/ubuntu-ports/ bionic-backports main restricted
8 | deb-src http://ports.ubuntu.com/ubuntu-ports/ bionic-backports main restricted
9 |
10 | deb http://ports.ubuntu.com/ubuntu-ports/ bionic-security main restricted universe multiverse
11 | deb-src http://ports.ubuntu.com/ubuntu-ports/ bionic-security main restricted universe multiverse
12 |
--------------------------------------------------------------------------------
/eng/common/cross/arm64/sources.list.buster:
--------------------------------------------------------------------------------
1 | deb http://deb.debian.org/debian buster main
2 | deb-src http://deb.debian.org/debian buster main
3 |
4 | deb http://deb.debian.org/debian-security/ buster/updates main
5 | deb-src http://deb.debian.org/debian-security/ buster/updates main
6 |
7 | deb http://deb.debian.org/debian buster-updates main
8 | deb-src http://deb.debian.org/debian buster-updates main
9 |
10 | deb http://deb.debian.org/debian buster-backports main contrib non-free
11 | deb-src http://deb.debian.org/debian buster-backports main contrib non-free
12 |
--------------------------------------------------------------------------------
/eng/common/cross/arm64/sources.list.focal:
--------------------------------------------------------------------------------
1 | deb http://ports.ubuntu.com/ubuntu-ports/ focal main restricted universe
2 | deb-src http://ports.ubuntu.com/ubuntu-ports/ focal main restricted universe
3 |
4 | deb http://ports.ubuntu.com/ubuntu-ports/ focal-updates main restricted universe
5 | deb-src http://ports.ubuntu.com/ubuntu-ports/ focal-updates main restricted universe
6 |
7 | deb http://ports.ubuntu.com/ubuntu-ports/ focal-backports main restricted
8 | deb-src http://ports.ubuntu.com/ubuntu-ports/ focal-backports main restricted
9 |
10 | deb http://ports.ubuntu.com/ubuntu-ports/ focal-security main restricted universe multiverse
11 | deb-src http://ports.ubuntu.com/ubuntu-ports/ focal-security main restricted universe multiverse
12 |
--------------------------------------------------------------------------------
/eng/common/cross/arm64/sources.list.jammy:
--------------------------------------------------------------------------------
1 | deb http://ports.ubuntu.com/ubuntu-ports/ jammy main restricted universe
2 | deb-src http://ports.ubuntu.com/ubuntu-ports/ jammy main restricted universe
3 |
4 | deb http://ports.ubuntu.com/ubuntu-ports/ jammy-updates main restricted universe
5 | deb-src http://ports.ubuntu.com/ubuntu-ports/ jammy-updates main restricted universe
6 |
7 | deb http://ports.ubuntu.com/ubuntu-ports/ jammy-backports main restricted
8 | deb-src http://ports.ubuntu.com/ubuntu-ports/ jammy-backports main restricted
9 |
10 | deb http://ports.ubuntu.com/ubuntu-ports/ jammy-security main restricted universe multiverse
11 | deb-src http://ports.ubuntu.com/ubuntu-ports/ jammy-security main restricted universe multiverse
12 |
--------------------------------------------------------------------------------
/eng/common/cross/arm64/sources.list.stretch:
--------------------------------------------------------------------------------
1 | deb http://deb.debian.org/debian stretch main
2 | deb-src http://deb.debian.org/debian stretch main
3 |
4 | deb http://deb.debian.org/debian-security/ stretch/updates main
5 | deb-src http://deb.debian.org/debian-security/ stretch/updates main
6 |
7 | deb http://deb.debian.org/debian stretch-updates main
8 | deb-src http://deb.debian.org/debian stretch-updates main
9 |
10 | deb http://deb.debian.org/debian stretch-backports main contrib non-free
11 | deb-src http://deb.debian.org/debian stretch-backports main contrib non-free
12 |
13 |
--------------------------------------------------------------------------------
/eng/common/cross/arm64/sources.list.xenial:
--------------------------------------------------------------------------------
1 | deb http://ports.ubuntu.com/ubuntu-ports/ xenial main restricted universe
2 | deb-src http://ports.ubuntu.com/ubuntu-ports/ xenial main restricted universe
3 |
4 | deb http://ports.ubuntu.com/ubuntu-ports/ xenial-updates main restricted universe
5 | deb-src http://ports.ubuntu.com/ubuntu-ports/ xenial-updates main restricted universe
6 |
7 | deb http://ports.ubuntu.com/ubuntu-ports/ xenial-backports main restricted
8 | deb-src http://ports.ubuntu.com/ubuntu-ports/ xenial-backports main restricted
9 |
10 | deb http://ports.ubuntu.com/ubuntu-ports/ xenial-security main restricted universe multiverse
11 | deb-src http://ports.ubuntu.com/ubuntu-ports/ xenial-security main restricted universe multiverse
12 |
--------------------------------------------------------------------------------
/eng/common/cross/arm64/sources.list.zesty:
--------------------------------------------------------------------------------
1 | deb http://ports.ubuntu.com/ubuntu-ports/ zesty main restricted universe
2 | deb-src http://ports.ubuntu.com/ubuntu-ports/ zesty main restricted universe
3 |
4 | deb http://ports.ubuntu.com/ubuntu-ports/ zesty-updates main restricted universe
5 | deb-src http://ports.ubuntu.com/ubuntu-ports/ zesty-updates main restricted universe
6 |
7 | deb http://ports.ubuntu.com/ubuntu-ports/ zesty-backports main restricted
8 | deb-src http://ports.ubuntu.com/ubuntu-ports/ zesty-backports main restricted
9 |
10 | deb http://ports.ubuntu.com/ubuntu-ports/ zesty-security main restricted universe multiverse
11 | deb-src http://ports.ubuntu.com/ubuntu-ports/ zesty-security main restricted universe multiverse
12 |
--------------------------------------------------------------------------------
/eng/common/cross/arm64/tizen/tizen.patch:
--------------------------------------------------------------------------------
1 | diff -u -r a/usr/lib/libc.so b/usr/lib/libc.so
2 | --- a/usr/lib64/libc.so 2016-12-30 23:00:08.284951863 +0900
3 | +++ b/usr/lib64/libc.so 2016-12-30 23:00:32.140951815 +0900
4 | @@ -2,4 +2,4 @@
5 | Use the shared library, but some functions are only in
6 | the static library, so try that secondarily. */
7 | OUTPUT_FORMAT(elf64-littleaarch64)
8 | -GROUP ( /lib64/libc.so.6 /usr/lib64/libc_nonshared.a AS_NEEDED ( /lib/ld-linux-aarch64.so.1 ) )
9 | +GROUP ( libc.so.6 libc_nonshared.a AS_NEEDED ( ld-linux-aarch64.so.1 ) )
10 |
--------------------------------------------------------------------------------
/eng/common/cross/armel/armel.jessie.patch:
--------------------------------------------------------------------------------
1 | diff -u -r a/usr/include/urcu/uatomic/generic.h b/usr/include/urcu/uatomic/generic.h
2 | --- a/usr/include/urcu/uatomic/generic.h 2014-10-22 15:00:58.000000000 -0700
3 | +++ b/usr/include/urcu/uatomic/generic.h 2020-10-30 21:38:28.550000000 -0700
4 | @@ -69,10 +69,10 @@
5 | #endif
6 | #ifdef UATOMIC_HAS_ATOMIC_SHORT
7 | case 2:
8 | - return __sync_val_compare_and_swap_2(addr, old, _new);
9 | + return __sync_val_compare_and_swap_2((uint16_t*) addr, old, _new);
10 | #endif
11 | case 4:
12 | - return __sync_val_compare_and_swap_4(addr, old, _new);
13 | + return __sync_val_compare_and_swap_4((uint32_t*) addr, old, _new);
14 | #if (CAA_BITS_PER_LONG == 64)
15 | case 8:
16 | return __sync_val_compare_and_swap_8(addr, old, _new);
17 | @@ -109,7 +109,7 @@
18 | return;
19 | #endif
20 | case 4:
21 | - __sync_and_and_fetch_4(addr, val);
22 | + __sync_and_and_fetch_4((uint32_t*) addr, val);
23 | return;
24 | #if (CAA_BITS_PER_LONG == 64)
25 | case 8:
26 | @@ -148,7 +148,7 @@
27 | return;
28 | #endif
29 | case 4:
30 | - __sync_or_and_fetch_4(addr, val);
31 | + __sync_or_and_fetch_4((uint32_t*) addr, val);
32 | return;
33 | #if (CAA_BITS_PER_LONG == 64)
34 | case 8:
35 | @@ -187,7 +187,7 @@
36 | return __sync_add_and_fetch_2(addr, val);
37 | #endif
38 | case 4:
39 | - return __sync_add_and_fetch_4(addr, val);
40 | + return __sync_add_and_fetch_4((uint32_t*) addr, val);
41 | #if (CAA_BITS_PER_LONG == 64)
42 | case 8:
43 | return __sync_add_and_fetch_8(addr, val);
44 |
--------------------------------------------------------------------------------
/eng/common/cross/armel/sources.list.jessie:
--------------------------------------------------------------------------------
1 | # Debian (jessie) # Stable
2 | deb http://ftp.debian.org/debian/ jessie main contrib non-free
3 | deb-src http://ftp.debian.org/debian/ jessie main contrib non-free
4 |
--------------------------------------------------------------------------------
/eng/common/cross/armel/tizen/tizen.patch:
--------------------------------------------------------------------------------
1 | diff -u -r a/usr/lib/libc.so b/usr/lib/libc.so
2 | --- a/usr/lib/libc.so 2016-12-30 23:00:08.284951863 +0900
3 | +++ b/usr/lib/libc.so 2016-12-30 23:00:32.140951815 +0900
4 | @@ -2,4 +2,4 @@
5 | Use the shared library, but some functions are only in
6 | the static library, so try that secondarily. */
7 | OUTPUT_FORMAT(elf32-littlearm)
8 | -GROUP ( /lib/libc.so.6 /usr/lib/libc_nonshared.a AS_NEEDED ( /lib/ld-linux.so.3 ) )
9 | +GROUP ( libc.so.6 libc_nonshared.a AS_NEEDED ( ld-linux.so.3 ) )
10 |
--------------------------------------------------------------------------------
/eng/common/cross/armv6/sources.list.buster:
--------------------------------------------------------------------------------
1 | deb http://raspbian.raspberrypi.org/raspbian/ buster main contrib non-free rpi
2 | deb-src http://raspbian.raspberrypi.org/raspbian/ buster main contrib non-free rpi
3 |
--------------------------------------------------------------------------------
/eng/common/cross/ppc64le/sources.list.bionic:
--------------------------------------------------------------------------------
1 | deb http://ports.ubuntu.com/ubuntu-ports/ bionic main restricted universe
2 | deb-src http://ports.ubuntu.com/ubuntu-ports/ bionic main restricted universe
3 |
4 | deb http://ports.ubuntu.com/ubuntu-ports/ bionic-updates main restricted universe
5 | deb-src http://ports.ubuntu.com/ubuntu-ports/ bionic-updates main restricted universe
6 |
7 | deb http://ports.ubuntu.com/ubuntu-ports/ bionic-backports main restricted
8 | deb-src http://ports.ubuntu.com/ubuntu-ports/ bionic-backports main restricted
9 |
10 | deb http://ports.ubuntu.com/ubuntu-ports/ bionic-security main restricted universe multiverse
11 | deb-src http://ports.ubuntu.com/ubuntu-ports/ bionic-security main restricted universe multiverse
12 |
--------------------------------------------------------------------------------
/eng/common/cross/riscv64/sources.list.sid:
--------------------------------------------------------------------------------
1 | deb http://deb.debian.org/debian-ports sid main
2 |
--------------------------------------------------------------------------------
/eng/common/cross/s390x/sources.list.bionic:
--------------------------------------------------------------------------------
1 | deb http://ports.ubuntu.com/ubuntu-ports/ bionic main restricted universe
2 | deb-src http://ports.ubuntu.com/ubuntu-ports/ bionic main restricted universe
3 |
4 | deb http://ports.ubuntu.com/ubuntu-ports/ bionic-updates main restricted universe
5 | deb-src http://ports.ubuntu.com/ubuntu-ports/ bionic-updates main restricted universe
6 |
7 | deb http://ports.ubuntu.com/ubuntu-ports/ bionic-backports main restricted
8 | deb-src http://ports.ubuntu.com/ubuntu-ports/ bionic-backports main restricted
9 |
10 | deb http://ports.ubuntu.com/ubuntu-ports/ bionic-security main restricted universe multiverse
11 | deb-src http://ports.ubuntu.com/ubuntu-ports/ bionic-security main restricted universe multiverse
12 |
--------------------------------------------------------------------------------
/eng/common/cross/tizen-build-rootfs.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | set -e
3 |
4 | ARCH=$1
5 | LINK_ARCH=$ARCH
6 |
7 | case "$ARCH" in
8 | arm)
9 | TIZEN_ARCH="armv7hl"
10 | ;;
11 | armel)
12 | TIZEN_ARCH="armv7l"
13 | LINK_ARCH="arm"
14 | ;;
15 | arm64)
16 | TIZEN_ARCH="aarch64"
17 | ;;
18 | x86)
19 | TIZEN_ARCH="i686"
20 | ;;
21 | x64)
22 | TIZEN_ARCH="x86_64"
23 | LINK_ARCH="x86"
24 | ;;
25 | *)
26 | echo "Unsupported architecture for tizen: $ARCH"
27 | exit 1
28 | esac
29 |
30 | __CrossDir=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
31 | __TIZEN_CROSSDIR="$__CrossDir/${ARCH}/tizen"
32 |
33 | if [[ -z "$ROOTFS_DIR" ]]; then
34 | echo "ROOTFS_DIR is not defined."
35 | exit 1;
36 | fi
37 |
38 | TIZEN_TMP_DIR=$ROOTFS_DIR/tizen_tmp
39 | mkdir -p $TIZEN_TMP_DIR
40 |
41 | # Download files
42 | echo ">>Start downloading files"
43 | VERBOSE=1 $__CrossDir/tizen-fetch.sh $TIZEN_TMP_DIR $TIZEN_ARCH
44 | echo "<>Start constructing Tizen rootfs"
47 | TIZEN_RPM_FILES=`ls $TIZEN_TMP_DIR/*.rpm`
48 | cd $ROOTFS_DIR
49 | for f in $TIZEN_RPM_FILES; do
50 | rpm2cpio $f | cpio -idm --quiet
51 | done
52 | echo "<>Start configuring Tizen rootfs"
59 | ln -sfn asm-${LINK_ARCH} ./usr/include/asm
60 | patch -p1 < $__TIZEN_CROSSDIR/tizen.patch
61 | echo "< 0 ]]; do
9 | opt="$(echo "$1" | tr "[:upper:]" "[:lower:]")"
10 | case "$opt" in
11 | --darcversion)
12 | darcVersion=$2
13 | shift
14 | ;;
15 | --versionendpoint)
16 | versionEndpoint=$2
17 | shift
18 | ;;
19 | --verbosity)
20 | verbosity=$2
21 | shift
22 | ;;
23 | --toolpath)
24 | toolpath=$2
25 | shift
26 | ;;
27 | *)
28 | echo "Invalid argument: $1"
29 | usage
30 | exit 1
31 | ;;
32 | esac
33 |
34 | shift
35 | done
36 |
37 | # resolve $source until the file is no longer a symlink
38 | while [[ -h "$source" ]]; do
39 | scriptroot="$( cd -P "$( dirname "$source" )" && pwd )"
40 | source="$(readlink "$source")"
41 | # if $source was a relative symlink, we need to resolve it relative to the path where the
42 | # symlink file was located
43 | [[ $source != /* ]] && source="$scriptroot/$source"
44 | done
45 | scriptroot="$( cd -P "$( dirname "$source" )" && pwd )"
46 |
47 | . "$scriptroot/tools.sh"
48 |
49 | if [ -z "$darcVersion" ]; then
50 | darcVersion=$(curl -X GET "$versionEndpoint" -H "accept: text/plain")
51 | fi
52 |
53 | function InstallDarcCli {
54 | local darc_cli_package_name="microsoft.dotnet.darc"
55 |
56 | InitializeDotNetCli true
57 | local dotnet_root=$_InitializeDotNetCli
58 |
59 | if [ -z "$toolpath" ]; then
60 | local tool_list=$($dotnet_root/dotnet tool list -g)
61 | if [[ $tool_list = *$darc_cli_package_name* ]]; then
62 | echo $($dotnet_root/dotnet tool uninstall $darc_cli_package_name -g)
63 | fi
64 | else
65 | local tool_list=$($dotnet_root/dotnet tool list --tool-path "$toolpath")
66 | if [[ $tool_list = *$darc_cli_package_name* ]]; then
67 | echo $($dotnet_root/dotnet tool uninstall $darc_cli_package_name --tool-path "$toolpath")
68 | fi
69 | fi
70 |
71 | local arcadeServicesSource="https://pkgs.dev.azure.com/dnceng/public/_packaging/dotnet-tools/nuget/v3/index.json"
72 |
73 | echo "Installing Darc CLI version $darcVersion..."
74 | echo "You may need to restart your command shell if this is the first dotnet tool you have installed."
75 | if [ -z "$toolpath" ]; then
76 | echo $($dotnet_root/dotnet tool install $darc_cli_package_name --version $darcVersion --add-source "$arcadeServicesSource" -v $verbosity -g)
77 | else
78 | echo $($dotnet_root/dotnet tool install $darc_cli_package_name --version $darcVersion --add-source "$arcadeServicesSource" -v $verbosity --tool-path "$toolpath")
79 | fi
80 | }
81 |
82 | InstallDarcCli
83 |
--------------------------------------------------------------------------------
/eng/common/dotnet-install.cmd:
--------------------------------------------------------------------------------
1 | @echo off
2 | powershell -ExecutionPolicy ByPass -NoProfile -command "& """%~dp0dotnet-install.ps1""" %*"
--------------------------------------------------------------------------------
/eng/common/dotnet-install.ps1:
--------------------------------------------------------------------------------
1 | [CmdletBinding(PositionalBinding=$false)]
2 | Param(
3 | [string] $verbosity = 'minimal',
4 | [string] $architecture = '',
5 | [string] $version = 'Latest',
6 | [string] $runtime = 'dotnet',
7 | [string] $RuntimeSourceFeed = '',
8 | [string] $RuntimeSourceFeedKey = ''
9 | )
10 |
11 | . $PSScriptRoot\tools.ps1
12 |
13 | $dotnetRoot = Join-Path $RepoRoot '.dotnet'
14 |
15 | $installdir = $dotnetRoot
16 | try {
17 | if ($architecture -and $architecture.Trim() -eq 'x86') {
18 | $installdir = Join-Path $installdir 'x86'
19 | }
20 | InstallDotNet $installdir $version $architecture $runtime $true -RuntimeSourceFeed $RuntimeSourceFeed -RuntimeSourceFeedKey $RuntimeSourceFeedKey
21 | }
22 | catch {
23 | Write-Host $_.ScriptStackTrace
24 | Write-PipelineTelemetryError -Category 'InitializeToolset' -Message $_
25 | ExitWithExitCode 1
26 | }
27 |
28 | ExitWithExitCode 0
29 |
--------------------------------------------------------------------------------
/eng/common/dotnet-install.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | source="${BASH_SOURCE[0]}"
4 | # resolve $source until the file is no longer a symlink
5 | while [[ -h "$source" ]]; do
6 | scriptroot="$( cd -P "$( dirname "$source" )" && pwd )"
7 | source="$(readlink "$source")"
8 | # if $source was a relative symlink, we need to resolve it relative to the path where the
9 | # symlink file was located
10 | [[ $source != /* ]] && source="$scriptroot/$source"
11 | done
12 | scriptroot="$( cd -P "$( dirname "$source" )" && pwd )"
13 |
14 | . "$scriptroot/tools.sh"
15 |
16 | version='Latest'
17 | architecture=''
18 | runtime='dotnet'
19 | runtimeSourceFeed=''
20 | runtimeSourceFeedKey=''
21 | while [[ $# > 0 ]]; do
22 | opt="$(echo "$1" | tr "[:upper:]" "[:lower:]")"
23 | case "$opt" in
24 | -version|-v)
25 | shift
26 | version="$1"
27 | ;;
28 | -architecture|-a)
29 | shift
30 | architecture="$1"
31 | ;;
32 | -runtime|-r)
33 | shift
34 | runtime="$1"
35 | ;;
36 | -runtimesourcefeed)
37 | shift
38 | runtimeSourceFeed="$1"
39 | ;;
40 | -runtimesourcefeedkey)
41 | shift
42 | runtimeSourceFeedKey="$1"
43 | ;;
44 | *)
45 | Write-PipelineTelemetryError -Category 'Build' -Message "Invalid argument: $1"
46 | exit 1
47 | ;;
48 | esac
49 | shift
50 | done
51 |
52 | # Use uname to determine what the CPU is, see https://en.wikipedia.org/wiki/Uname#Examples
53 | cpuname=$(uname -m)
54 | case $cpuname in
55 | arm64|aarch64)
56 | buildarch=arm64
57 | if [ "$(getconf LONG_BIT)" -lt 64 ]; then
58 | # This is 32-bit OS running on 64-bit CPU (for example Raspberry Pi OS)
59 | buildarch=arm
60 | fi
61 | ;;
62 | loongarch64)
63 | buildarch=loongarch64
64 | ;;
65 | amd64|x86_64)
66 | buildarch=x64
67 | ;;
68 | armv*l)
69 | buildarch=arm
70 | ;;
71 | i[3-6]86)
72 | buildarch=x86
73 | ;;
74 | *)
75 | echo "Unknown CPU $cpuname detected, treating it as x64"
76 | buildarch=x64
77 | ;;
78 | esac
79 |
80 | dotnetRoot="${repo_root}.dotnet"
81 | if [[ $architecture != "" ]] && [[ $architecture != $buildarch ]]; then
82 | dotnetRoot="$dotnetRoot/$architecture"
83 | fi
84 |
85 | InstallDotNet $dotnetRoot $version "$architecture" $runtime true $runtimeSourceFeed $runtimeSourceFeedKey || {
86 | local exit_code=$?
87 | Write-PipelineTelemetryError -Category 'InitializeToolset' -Message "dotnet-install.sh failed (exit code '$exit_code')." >&2
88 | ExitWithExitCode $exit_code
89 | }
90 |
91 | ExitWithExitCode 0
92 |
--------------------------------------------------------------------------------
/eng/common/enable-cross-org-publishing.ps1:
--------------------------------------------------------------------------------
1 | param(
2 | [string] $token
3 | )
4 |
5 |
6 | . $PSScriptRoot\pipeline-logging-functions.ps1
7 |
8 | # Write-PipelineSetVariable will no-op if a variable named $ci is not defined
9 | # Since this script is only ever called in AzDO builds, just universally set it
10 | $ci = $true
11 |
12 | Write-PipelineSetVariable -Name 'VSS_NUGET_ACCESSTOKEN' -Value $token -IsMultiJobVariable $false
13 | Write-PipelineSetVariable -Name 'VSS_NUGET_URI_PREFIXES' -Value 'https://dnceng.pkgs.visualstudio.com/;https://pkgs.dev.azure.com/dnceng/;https://devdiv.pkgs.visualstudio.com/;https://pkgs.dev.azure.com/devdiv/' -IsMultiJobVariable $false
14 |
--------------------------------------------------------------------------------
/eng/common/generate-sbom-prep.ps1:
--------------------------------------------------------------------------------
1 | Param(
2 | [Parameter(Mandatory=$true)][string] $ManifestDirPath # Manifest directory where sbom will be placed
3 | )
4 |
5 | . $PSScriptRoot\pipeline-logging-functions.ps1
6 |
7 | # Normally - we'd listen to the manifest path given, but 1ES templates will overwrite if this level gets uploaded directly
8 | # with their own overwriting ours. So we create it as a sub directory of the requested manifest path.
9 | $ArtifactName = "${env:SYSTEM_STAGENAME}_${env:AGENT_JOBNAME}_SBOM"
10 | $SafeArtifactName = $ArtifactName -replace '["/:<>\\|?@*"() ]', '_'
11 | $SbomGenerationDir = Join-Path $ManifestDirPath $SafeArtifactName
12 |
13 | Write-Host "Artifact name before : $ArtifactName"
14 | Write-Host "Artifact name after : $SafeArtifactName"
15 |
16 | Write-Host "Creating dir $ManifestDirPath"
17 |
18 | # create directory for sbom manifest to be placed
19 | if (!(Test-Path -path $SbomGenerationDir))
20 | {
21 | New-Item -ItemType Directory -path $SbomGenerationDir
22 | Write-Host "Successfully created directory $SbomGenerationDir"
23 | }
24 | else{
25 | Write-PipelineTelemetryError -category 'Build' "Unable to create sbom folder."
26 | }
27 |
28 | Write-Host "Updating artifact name"
29 | Write-Host "##vso[task.setvariable variable=ARTIFACT_NAME]$SafeArtifactName"
30 |
--------------------------------------------------------------------------------
/eng/common/generate-sbom-prep.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | source="${BASH_SOURCE[0]}"
4 |
5 | # resolve $SOURCE until the file is no longer a symlink
6 | while [[ -h $source ]]; do
7 | scriptroot="$( cd -P "$( dirname "$source" )" && pwd )"
8 | source="$(readlink "$source")"
9 |
10 | # if $source was a relative symlink, we need to resolve it relative to the path where the
11 | # symlink file was located
12 | [[ $source != /* ]] && source="$scriptroot/$source"
13 | done
14 | scriptroot="$( cd -P "$( dirname "$source" )" && pwd )"
15 | . $scriptroot/pipeline-logging-functions.sh
16 |
17 | # replace all special characters with _, some builds use special characters like : in Agent.Jobname, that is not a permissible name while uploading artifacts.
18 | artifact_name=$SYSTEM_STAGENAME"_"$AGENT_JOBNAME"_SBOM"
19 | safe_artifact_name="${artifact_name//["/:<>\\|?@*$" ]/_}"
20 |
21 | manifest_dir=$1
22 |
23 | # Normally - we'd listen to the manifest path given, but 1ES templates will overwrite if this level gets uploaded directly
24 | # with their own overwriting ours. So we create it as a sub directory of the requested manifest path.
25 | sbom_generation_dir="$manifest_dir/$safe_artifact_name"
26 |
27 | if [ ! -d "$sbom_generation_dir" ] ; then
28 | mkdir -p "$sbom_generation_dir"
29 | echo "Sbom directory created." $sbom_generation_dir
30 | else
31 | Write-PipelineTelemetryError -category 'Build' "Unable to create sbom folder."
32 | fi
33 |
34 | echo "Artifact name before : "$artifact_name
35 | echo "Artifact name after : "$safe_artifact_name
36 | export ARTIFACT_NAME=$safe_artifact_name
37 | echo "##vso[task.setvariable variable=ARTIFACT_NAME]$safe_artifact_name"
38 |
39 | exit 0
40 |
--------------------------------------------------------------------------------
/eng/common/helixpublish.proj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | msbuild
5 |
6 |
7 |
8 |
9 | %(Identity)
10 |
11 |
12 |
13 |
14 |
15 | $(WorkItemDirectory)
16 | $(WorkItemCommand)
17 | $(WorkItemTimeout)
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
--------------------------------------------------------------------------------
/eng/common/init-tools-native.cmd:
--------------------------------------------------------------------------------
1 | @echo off
2 | powershell -NoProfile -NoLogo -ExecutionPolicy ByPass -command "& """%~dp0init-tools-native.ps1""" %*"
3 | exit /b %ErrorLevel%
--------------------------------------------------------------------------------
/eng/common/internal/Directory.Build.props:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/eng/common/internal/NuGet.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
--------------------------------------------------------------------------------
/eng/common/internal/Tools.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | net472
5 | false
6 | false
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 | https://devdiv.pkgs.visualstudio.com/_packaging/dotnet-core-internal-tooling/nuget/v3/index.json;
21 |
22 |
23 | $(RestoreSources);
24 | https://devdiv.pkgs.visualstudio.com/_packaging/VS/nuget/v3/index.json;
25 |
26 |
27 |
28 |
29 |
30 |
31 |
--------------------------------------------------------------------------------
/eng/common/loc/P22DotNetHtmlLocalization.lss:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
22 |
25 |
26 |
27 |
28 |
29 |
--------------------------------------------------------------------------------
/eng/common/msbuild.ps1:
--------------------------------------------------------------------------------
1 | [CmdletBinding(PositionalBinding=$false)]
2 | Param(
3 | [string] $verbosity = 'minimal',
4 | [bool] $warnAsError = $true,
5 | [bool] $nodeReuse = $true,
6 | [switch] $ci,
7 | [switch] $prepareMachine,
8 | [switch] $excludePrereleaseVS,
9 | [string] $msbuildEngine = $null,
10 | [Parameter(ValueFromRemainingArguments=$true)][String[]]$extraArgs
11 | )
12 |
13 | . $PSScriptRoot\tools.ps1
14 |
15 | try {
16 | if ($ci) {
17 | $nodeReuse = $false
18 | }
19 |
20 | MSBuild @extraArgs
21 | }
22 | catch {
23 | Write-Host $_.ScriptStackTrace
24 | Write-PipelineTelemetryError -Category 'Build' -Message $_
25 | ExitWithExitCode 1
26 | }
27 |
28 | ExitWithExitCode 0
--------------------------------------------------------------------------------
/eng/common/msbuild.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | source="${BASH_SOURCE[0]}"
4 |
5 | # resolve $source until the file is no longer a symlink
6 | while [[ -h "$source" ]]; do
7 | scriptroot="$( cd -P "$( dirname "$source" )" && pwd )"
8 | source="$(readlink "$source")"
9 | # if $source was a relative symlink, we need to resolve it relative to the path where the
10 | # symlink file was located
11 | [[ $source != /* ]] && source="$scriptroot/$source"
12 | done
13 | scriptroot="$( cd -P "$( dirname "$source" )" && pwd )"
14 |
15 | verbosity='minimal'
16 | warn_as_error=true
17 | node_reuse=true
18 | prepare_machine=false
19 | extra_args=''
20 |
21 | while (($# > 0)); do
22 | lowerI="$(echo $1 | tr "[:upper:]" "[:lower:]")"
23 | case $lowerI in
24 | --verbosity)
25 | verbosity=$2
26 | shift 2
27 | ;;
28 | --warnaserror)
29 | warn_as_error=$2
30 | shift 2
31 | ;;
32 | --nodereuse)
33 | node_reuse=$2
34 | shift 2
35 | ;;
36 | --ci)
37 | ci=true
38 | shift 1
39 | ;;
40 | --preparemachine)
41 | prepare_machine=true
42 | shift 1
43 | ;;
44 | *)
45 | extra_args="$extra_args $1"
46 | shift 1
47 | ;;
48 | esac
49 | done
50 |
51 | . "$scriptroot/tools.sh"
52 |
53 | if [[ "$ci" == true ]]; then
54 | node_reuse=false
55 | fi
56 |
57 | MSBuild $extra_args
58 | ExitWithExitCode 0
59 |
--------------------------------------------------------------------------------
/eng/common/native/init-os-and-arch.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | # Use uname to determine what the OS is.
4 | OSName=$(uname -s | tr '[:upper:]' '[:lower:]')
5 |
6 | if command -v getprop && getprop ro.product.system.model 2>&1 | grep -qi android; then
7 | OSName="android"
8 | fi
9 |
10 | case "$OSName" in
11 | freebsd|linux|netbsd|openbsd|sunos|android|haiku)
12 | os="$OSName" ;;
13 | darwin)
14 | os=osx ;;
15 | *)
16 | echo "Unsupported OS $OSName detected!"
17 | exit 1 ;;
18 | esac
19 |
20 | # On Solaris, `uname -m` is discouraged, see https://docs.oracle.com/cd/E36784_01/html/E36870/uname-1.html
21 | # and `uname -p` returns processor type (e.g. i386 on amd64).
22 | # The appropriate tool to determine CPU is isainfo(1) https://docs.oracle.com/cd/E36784_01/html/E36870/isainfo-1.html.
23 | if [ "$os" = "sunos" ]; then
24 | if uname -o 2>&1 | grep -q illumos; then
25 | os="illumos"
26 | else
27 | os="solaris"
28 | fi
29 | CPUName=$(isainfo -n)
30 | else
31 | # For the rest of the operating systems, use uname(1) to determine what the CPU is.
32 | CPUName=$(uname -m)
33 | fi
34 |
35 | case "$CPUName" in
36 | arm64|aarch64)
37 | arch=arm64
38 | ;;
39 |
40 | loongarch64)
41 | arch=loongarch64
42 | ;;
43 |
44 | riscv64)
45 | arch=riscv64
46 | ;;
47 |
48 | amd64|x86_64)
49 | arch=x64
50 | ;;
51 |
52 | armv7l|armv8l)
53 | if (NAME=""; . /etc/os-release; test "$NAME" = "Tizen"); then
54 | arch=armel
55 | else
56 | arch=arm
57 | fi
58 | ;;
59 |
60 | armv6l)
61 | arch=armv6
62 | ;;
63 |
64 | i[3-6]86)
65 | echo "Unsupported CPU $CPUName detected, build might not succeed!"
66 | arch=x86
67 | ;;
68 |
69 | s390x)
70 | arch=s390x
71 | ;;
72 |
73 | ppc64le)
74 | arch=ppc64le
75 | ;;
76 | *)
77 | echo "Unknown CPU $CPUName detected!"
78 | exit 1
79 | ;;
80 | esac
81 |
--------------------------------------------------------------------------------
/eng/common/native/install-cmake-test.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | source="${BASH_SOURCE[0]}"
4 | scriptroot="$( cd -P "$( dirname "$source" )" && pwd )"
5 |
6 | . $scriptroot/common-library.sh
7 |
8 | base_uri=
9 | install_path=
10 | version=
11 | clean=false
12 | force=false
13 | download_retries=5
14 | retry_wait_time_seconds=30
15 |
16 | while (($# > 0)); do
17 | lowerI="$(echo $1 | tr "[:upper:]" "[:lower:]")"
18 | case $lowerI in
19 | --baseuri)
20 | base_uri=$2
21 | shift 2
22 | ;;
23 | --installpath)
24 | install_path=$2
25 | shift 2
26 | ;;
27 | --version)
28 | version=$2
29 | shift 2
30 | ;;
31 | --clean)
32 | clean=true
33 | shift 1
34 | ;;
35 | --force)
36 | force=true
37 | shift 1
38 | ;;
39 | --downloadretries)
40 | download_retries=$2
41 | shift 2
42 | ;;
43 | --retrywaittimeseconds)
44 | retry_wait_time_seconds=$2
45 | shift 2
46 | ;;
47 | --help)
48 | echo "Common settings:"
49 | echo " --baseuri Base file directory or Url wrom which to acquire tool archives"
50 | echo " --installpath Base directory to install native tool to"
51 | echo " --clean Don't install the tool, just clean up the current install of the tool"
52 | echo " --force Force install of tools even if they previously exist"
53 | echo " --help Print help and exit"
54 | echo ""
55 | echo "Advanced settings:"
56 | echo " --downloadretries Total number of retry attempts"
57 | echo " --retrywaittimeseconds Wait time between retry attempts in seconds"
58 | echo ""
59 | exit 0
60 | ;;
61 | esac
62 | done
63 |
64 | tool_name="cmake-test"
65 | tool_os=$(GetCurrentOS)
66 | tool_folder="$(echo $tool_os | tr "[:upper:]" "[:lower:]")"
67 | tool_arch="x86_64"
68 | tool_name_moniker="$tool_name-$version-$tool_os-$tool_arch"
69 | tool_install_directory="$install_path/$tool_name/$version"
70 | tool_file_path="$tool_install_directory/$tool_name_moniker/bin/$tool_name"
71 | shim_path="$install_path/$tool_name.sh"
72 | uri="${base_uri}/$tool_folder/$tool_name/$tool_name_moniker.tar.gz"
73 |
74 | # Clean up tool and installers
75 | if [[ $clean = true ]]; then
76 | echo "Cleaning $tool_install_directory"
77 | if [[ -d $tool_install_directory ]]; then
78 | rm -rf $tool_install_directory
79 | fi
80 |
81 | echo "Cleaning $shim_path"
82 | if [[ -f $shim_path ]]; then
83 | rm -rf $shim_path
84 | fi
85 |
86 | tool_temp_path=$(GetTempPathFileName $uri)
87 | echo "Cleaning $tool_temp_path"
88 | if [[ -f $tool_temp_path ]]; then
89 | rm -rf $tool_temp_path
90 | fi
91 |
92 | exit 0
93 | fi
94 |
95 | # Install tool
96 | if [[ -f $tool_file_path ]] && [[ $force = false ]]; then
97 | echo "$tool_name ($version) already exists, skipping install"
98 | exit 0
99 | fi
100 |
101 | DownloadAndExtract $uri $tool_install_directory $force $download_retries $retry_wait_time_seconds
102 |
103 | if [[ $? != 0 ]]; then
104 | Write-PipelineTelemetryError -category 'NativeToolsBootstrap' 'Installation failed'
105 | exit 1
106 | fi
107 |
108 | # Generate Shim
109 | # Always rewrite shims so that we are referencing the expected version
110 | NewScriptShim $shim_path $tool_file_path true
111 |
112 | if [[ $? != 0 ]]; then
113 | Write-PipelineTelemetryError -category 'NativeToolsBootstrap' 'Shim generation failed'
114 | exit 1
115 | fi
116 |
117 | exit 0
118 |
--------------------------------------------------------------------------------
/eng/common/native/install-cmake.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | source="${BASH_SOURCE[0]}"
4 | scriptroot="$( cd -P "$( dirname "$source" )" && pwd )"
5 |
6 | . $scriptroot/common-library.sh
7 |
8 | base_uri=
9 | install_path=
10 | version=
11 | clean=false
12 | force=false
13 | download_retries=5
14 | retry_wait_time_seconds=30
15 |
16 | while (($# > 0)); do
17 | lowerI="$(echo $1 | tr "[:upper:]" "[:lower:]")"
18 | case $lowerI in
19 | --baseuri)
20 | base_uri=$2
21 | shift 2
22 | ;;
23 | --installpath)
24 | install_path=$2
25 | shift 2
26 | ;;
27 | --version)
28 | version=$2
29 | shift 2
30 | ;;
31 | --clean)
32 | clean=true
33 | shift 1
34 | ;;
35 | --force)
36 | force=true
37 | shift 1
38 | ;;
39 | --downloadretries)
40 | download_retries=$2
41 | shift 2
42 | ;;
43 | --retrywaittimeseconds)
44 | retry_wait_time_seconds=$2
45 | shift 2
46 | ;;
47 | --help)
48 | echo "Common settings:"
49 | echo " --baseuri Base file directory or Url wrom which to acquire tool archives"
50 | echo " --installpath Base directory to install native tool to"
51 | echo " --clean Don't install the tool, just clean up the current install of the tool"
52 | echo " --force Force install of tools even if they previously exist"
53 | echo " --help Print help and exit"
54 | echo ""
55 | echo "Advanced settings:"
56 | echo " --downloadretries Total number of retry attempts"
57 | echo " --retrywaittimeseconds Wait time between retry attempts in seconds"
58 | echo ""
59 | exit 0
60 | ;;
61 | esac
62 | done
63 |
64 | tool_name="cmake"
65 | tool_os=$(GetCurrentOS)
66 | tool_folder="$(echo $tool_os | tr "[:upper:]" "[:lower:]")"
67 | tool_arch="x86_64"
68 | tool_name_moniker="$tool_name-$version-$tool_os-$tool_arch"
69 | tool_install_directory="$install_path/$tool_name/$version"
70 | tool_file_path="$tool_install_directory/$tool_name_moniker/bin/$tool_name"
71 | shim_path="$install_path/$tool_name.sh"
72 | uri="${base_uri}/$tool_folder/$tool_name/$tool_name_moniker.tar.gz"
73 |
74 | # Clean up tool and installers
75 | if [[ $clean = true ]]; then
76 | echo "Cleaning $tool_install_directory"
77 | if [[ -d $tool_install_directory ]]; then
78 | rm -rf $tool_install_directory
79 | fi
80 |
81 | echo "Cleaning $shim_path"
82 | if [[ -f $shim_path ]]; then
83 | rm -rf $shim_path
84 | fi
85 |
86 | tool_temp_path=$(GetTempPathFileName $uri)
87 | echo "Cleaning $tool_temp_path"
88 | if [[ -f $tool_temp_path ]]; then
89 | rm -rf $tool_temp_path
90 | fi
91 |
92 | exit 0
93 | fi
94 |
95 | # Install tool
96 | if [[ -f $tool_file_path ]] && [[ $force = false ]]; then
97 | echo "$tool_name ($version) already exists, skipping install"
98 | exit 0
99 | fi
100 |
101 | DownloadAndExtract $uri $tool_install_directory $force $download_retries $retry_wait_time_seconds
102 |
103 | if [[ $? != 0 ]]; then
104 | Write-PipelineTelemetryError -category 'NativeToolsBootstrap' 'Installation failed'
105 | exit 1
106 | fi
107 |
108 | # Generate Shim
109 | # Always rewrite shims so that we are referencing the expected version
110 | NewScriptShim $shim_path $tool_file_path true
111 |
112 | if [[ $? != 0 ]]; then
113 | Write-PipelineTelemetryError -category 'NativeToolsBootstrap' 'Shim generation failed'
114 | exit 1
115 | fi
116 |
117 | exit 0
118 |
--------------------------------------------------------------------------------
/eng/common/post-build/add-build-to-channel.ps1:
--------------------------------------------------------------------------------
1 | param(
2 | [Parameter(Mandatory=$true)][int] $BuildId,
3 | [Parameter(Mandatory=$true)][int] $ChannelId,
4 | [Parameter(Mandatory=$true)][string] $MaestroApiAccessToken,
5 | [Parameter(Mandatory=$false)][string] $MaestroApiEndPoint = 'https://maestro.dot.net',
6 | [Parameter(Mandatory=$false)][string] $MaestroApiVersion = '2019-01-16'
7 | )
8 |
9 | try {
10 | . $PSScriptRoot\post-build-utils.ps1
11 |
12 | # Check that the channel we are going to promote the build to exist
13 | $channelInfo = Get-MaestroChannel -ChannelId $ChannelId
14 |
15 | if (!$channelInfo) {
16 | Write-PipelineTelemetryCategory -Category 'PromoteBuild' -Message "Channel with BAR ID $ChannelId was not found in BAR!"
17 | ExitWithExitCode 1
18 | }
19 |
20 | # Get info about which channel(s) the build has already been promoted to
21 | $buildInfo = Get-MaestroBuild -BuildId $BuildId
22 |
23 | if (!$buildInfo) {
24 | Write-PipelineTelemetryError -Category 'PromoteBuild' -Message "Build with BAR ID $BuildId was not found in BAR!"
25 | ExitWithExitCode 1
26 | }
27 |
28 | # Find whether the build is already assigned to the channel or not
29 | if ($buildInfo.channels) {
30 | foreach ($channel in $buildInfo.channels) {
31 | if ($channel.Id -eq $ChannelId) {
32 | Write-Host "The build with BAR ID $BuildId is already on channel $ChannelId!"
33 | ExitWithExitCode 0
34 | }
35 | }
36 | }
37 |
38 | Write-Host "Promoting build '$BuildId' to channel '$ChannelId'."
39 |
40 | Assign-BuildToChannel -BuildId $BuildId -ChannelId $ChannelId
41 |
42 | Write-Host 'done.'
43 | }
44 | catch {
45 | Write-Host $_
46 | Write-PipelineTelemetryError -Category 'PromoteBuild' -Message "There was an error while trying to promote build '$BuildId' to channel '$ChannelId'"
47 | ExitWithExitCode 1
48 | }
49 |
--------------------------------------------------------------------------------
/eng/common/post-build/check-channel-consistency.ps1:
--------------------------------------------------------------------------------
1 | param(
2 | [Parameter(Mandatory=$true)][string] $PromoteToChannels, # List of channels that the build should be promoted to
3 | [Parameter(Mandatory=$true)][array] $AvailableChannelIds # List of channel IDs available in the YAML implementation
4 | )
5 |
6 | try {
7 | . $PSScriptRoot\post-build-utils.ps1
8 |
9 | if ($PromoteToChannels -eq "") {
10 | Write-PipelineTaskError -Type 'warning' -Message "This build won't publish assets as it's not configured to any Maestro channel. If that wasn't intended use Darc to configure a default channel using add-default-channel for this branch or to promote it to a channel using add-build-to-channel. See https://github.com/dotnet/arcade/blob/master/Documentation/Darc.md#assigning-an-individual-build-to-a-channel for more info."
11 | ExitWithExitCode 0
12 | }
13 |
14 | # Check that every channel that Maestro told to promote the build to
15 | # is available in YAML
16 | $PromoteToChannelsIds = $PromoteToChannels -split "\D" | Where-Object { $_ }
17 |
18 | $hasErrors = $false
19 |
20 | foreach ($id in $PromoteToChannelsIds) {
21 | if (($id -ne 0) -and ($id -notin $AvailableChannelIds)) {
22 | Write-PipelineTaskError -Message "Channel $id is not present in the post-build YAML configuration! This is an error scenario. Please contact @dnceng."
23 | $hasErrors = $true
24 | }
25 | }
26 |
27 | # The `Write-PipelineTaskError` doesn't error the script and we might report several errors
28 | # in the previous lines. The check below makes sure that we return an error state from the
29 | # script if we reported any validation error
30 | if ($hasErrors) {
31 | ExitWithExitCode 1
32 | }
33 |
34 | Write-Host 'done.'
35 | }
36 | catch {
37 | Write-Host $_
38 | Write-PipelineTelemetryError -Category 'CheckChannelConsistency' -Message "There was an error while trying to check consistency of Maestro default channels for the build and post-build YAML configuration."
39 | ExitWithExitCode 1
40 | }
41 |
--------------------------------------------------------------------------------
/eng/common/post-build/nuget-validation.ps1:
--------------------------------------------------------------------------------
1 | # This script validates NuGet package metadata information using this
2 | # tool: https://github.com/NuGet/NuGetGallery/tree/jver-verify/src/VerifyMicrosoftPackage
3 |
4 | param(
5 | [Parameter(Mandatory=$true)][string] $PackagesPath, # Path to where the packages to be validated are
6 | [Parameter(Mandatory=$true)][string] $ToolDestinationPath # Where the validation tool should be downloaded to
7 | )
8 |
9 | try {
10 | . $PSScriptRoot\post-build-utils.ps1
11 |
12 | $url = 'https://raw.githubusercontent.com/NuGet/NuGetGallery/3e25ad135146676bcab0050a516939d9958bfa5d/src/VerifyMicrosoftPackage/verify.ps1'
13 |
14 | New-Item -ItemType 'directory' -Path ${ToolDestinationPath} -Force
15 |
16 | Invoke-WebRequest $url -OutFile ${ToolDestinationPath}\verify.ps1
17 |
18 | & ${ToolDestinationPath}\verify.ps1 ${PackagesPath}\*.nupkg
19 | }
20 | catch {
21 | Write-Host $_.ScriptStackTrace
22 | Write-PipelineTelemetryError -Category 'NuGetValidation' -Message $_
23 | ExitWithExitCode 1
24 | }
25 |
--------------------------------------------------------------------------------
/eng/common/post-build/post-build-utils.ps1:
--------------------------------------------------------------------------------
1 | # Most of the functions in this file require the variables `MaestroApiEndPoint`,
2 | # `MaestroApiVersion` and `MaestroApiAccessToken` to be globally available.
3 |
4 | $ErrorActionPreference = 'Stop'
5 | Set-StrictMode -Version 2.0
6 |
7 | # `tools.ps1` checks $ci to perform some actions. Since the post-build
8 | # scripts don't necessarily execute in the same agent that run the
9 | # build.ps1/sh script this variable isn't automatically set.
10 | $ci = $true
11 | $disableConfigureToolsetImport = $true
12 | . $PSScriptRoot\..\tools.ps1
13 |
14 | function Create-MaestroApiRequestHeaders([string]$ContentType = 'application/json') {
15 | Validate-MaestroVars
16 |
17 | $headers = New-Object 'System.Collections.Generic.Dictionary[[String],[String]]'
18 | $headers.Add('Accept', $ContentType)
19 | $headers.Add('Authorization',"Bearer $MaestroApiAccessToken")
20 | return $headers
21 | }
22 |
23 | function Get-MaestroChannel([int]$ChannelId) {
24 | Validate-MaestroVars
25 |
26 | $apiHeaders = Create-MaestroApiRequestHeaders
27 | $apiEndpoint = "$MaestroApiEndPoint/api/channels/${ChannelId}?api-version=$MaestroApiVersion"
28 |
29 | $result = try { Invoke-WebRequest -Method Get -Uri $apiEndpoint -Headers $apiHeaders | ConvertFrom-Json } catch { Write-Host "Error: $_" }
30 | return $result
31 | }
32 |
33 | function Get-MaestroBuild([int]$BuildId) {
34 | Validate-MaestroVars
35 |
36 | $apiHeaders = Create-MaestroApiRequestHeaders -AuthToken $MaestroApiAccessToken
37 | $apiEndpoint = "$MaestroApiEndPoint/api/builds/${BuildId}?api-version=$MaestroApiVersion"
38 |
39 | $result = try { return Invoke-WebRequest -Method Get -Uri $apiEndpoint -Headers $apiHeaders | ConvertFrom-Json } catch { Write-Host "Error: $_" }
40 | return $result
41 | }
42 |
43 | function Get-MaestroSubscriptions([string]$SourceRepository, [int]$ChannelId) {
44 | Validate-MaestroVars
45 |
46 | $SourceRepository = [System.Web.HttpUtility]::UrlEncode($SourceRepository)
47 | $apiHeaders = Create-MaestroApiRequestHeaders -AuthToken $MaestroApiAccessToken
48 | $apiEndpoint = "$MaestroApiEndPoint/api/subscriptions?sourceRepository=$SourceRepository&channelId=$ChannelId&api-version=$MaestroApiVersion"
49 |
50 | $result = try { Invoke-WebRequest -Method Get -Uri $apiEndpoint -Headers $apiHeaders | ConvertFrom-Json } catch { Write-Host "Error: $_" }
51 | return $result
52 | }
53 |
54 | function Assign-BuildToChannel([int]$BuildId, [int]$ChannelId) {
55 | Validate-MaestroVars
56 |
57 | $apiHeaders = Create-MaestroApiRequestHeaders -AuthToken $MaestroApiAccessToken
58 | $apiEndpoint = "$MaestroApiEndPoint/api/channels/${ChannelId}/builds/${BuildId}?api-version=$MaestroApiVersion"
59 | Invoke-WebRequest -Method Post -Uri $apiEndpoint -Headers $apiHeaders | Out-Null
60 | }
61 |
62 | function Trigger-Subscription([string]$SubscriptionId) {
63 | Validate-MaestroVars
64 |
65 | $apiHeaders = Create-MaestroApiRequestHeaders -AuthToken $MaestroApiAccessToken
66 | $apiEndpoint = "$MaestroApiEndPoint/api/subscriptions/$SubscriptionId/trigger?api-version=$MaestroApiVersion"
67 | Invoke-WebRequest -Uri $apiEndpoint -Headers $apiHeaders -Method Post | Out-Null
68 | }
69 |
70 | function Validate-MaestroVars {
71 | try {
72 | Get-Variable MaestroApiEndPoint | Out-Null
73 | Get-Variable MaestroApiVersion | Out-Null
74 | Get-Variable MaestroApiAccessToken | Out-Null
75 |
76 | if (!($MaestroApiEndPoint -Match '^http[s]?://maestro-(int|prod).westus2.cloudapp.azure.com$')) {
77 | Write-PipelineTelemetryError -Category 'MaestroVars' -Message "MaestroApiEndPoint is not a valid Maestro URL. '$MaestroApiEndPoint'"
78 | ExitWithExitCode 1
79 | }
80 |
81 | if (!($MaestroApiVersion -Match '^[0-9]{4}-[0-9]{2}-[0-9]{2}$')) {
82 | Write-PipelineTelemetryError -Category 'MaestroVars' -Message "MaestroApiVersion does not match a version string in the format yyyy-MM-DD. '$MaestroApiVersion'"
83 | ExitWithExitCode 1
84 | }
85 | }
86 | catch {
87 | Write-PipelineTelemetryError -Category 'MaestroVars' -Message 'Error: Variables `MaestroApiEndPoint`, `MaestroApiVersion` and `MaestroApiAccessToken` are required while using this script.'
88 | Write-Host $_
89 | ExitWithExitCode 1
90 | }
91 | }
92 |
--------------------------------------------------------------------------------
/eng/common/post-build/publish-using-darc.ps1:
--------------------------------------------------------------------------------
1 | param(
2 | [Parameter(Mandatory=$true)][int] $BuildId,
3 | [Parameter(Mandatory=$true)][int] $PublishingInfraVersion,
4 | [Parameter(Mandatory=$true)][string] $AzdoToken,
5 | [Parameter(Mandatory=$false)][string] $MaestroApiEndPoint = 'https://maestro.dot.net',
6 | [Parameter(Mandatory=$true)][string] $WaitPublishingFinish,
7 | [Parameter(Mandatory=$false)][string] $ArtifactsPublishingAdditionalParameters,
8 | [Parameter(Mandatory=$false)][string] $SymbolPublishingAdditionalParameters
9 | )
10 |
11 | try {
12 | . $PSScriptRoot\post-build-utils.ps1
13 |
14 | $darc = Get-Darc
15 |
16 | $optionalParams = [System.Collections.ArrayList]::new()
17 |
18 | if ("" -ne $ArtifactsPublishingAdditionalParameters) {
19 | $optionalParams.Add("--artifact-publishing-parameters") | Out-Null
20 | $optionalParams.Add($ArtifactsPublishingAdditionalParameters) | Out-Null
21 | }
22 |
23 | if ("" -ne $SymbolPublishingAdditionalParameters) {
24 | $optionalParams.Add("--symbol-publishing-parameters") | Out-Null
25 | $optionalParams.Add($SymbolPublishingAdditionalParameters) | Out-Null
26 | }
27 |
28 | if ("false" -eq $WaitPublishingFinish) {
29 | $optionalParams.Add("--no-wait") | Out-Null
30 | }
31 |
32 | & $darc add-build-to-channel `
33 | --id $buildId `
34 | --publishing-infra-version $PublishingInfraVersion `
35 | --default-channels `
36 | --source-branch main `
37 | --azdev-pat "$AzdoToken" `
38 | --bar-uri "$MaestroApiEndPoint" `
39 | --ci `
40 | @optionalParams
41 |
42 | if ($LastExitCode -ne 0) {
43 | Write-Host "Problems using Darc to promote build ${buildId} to default channels. Stopping execution..."
44 | exit 1
45 | }
46 |
47 | Write-Host 'done.'
48 | }
49 | catch {
50 | Write-Host $_
51 | Write-PipelineTelemetryError -Category 'PromoteBuild' -Message "There was an error while trying to publish build '$BuildId' to default channels."
52 | ExitWithExitCode 1
53 | }
54 |
--------------------------------------------------------------------------------
/eng/common/post-build/trigger-subscriptions.ps1:
--------------------------------------------------------------------------------
1 | param(
2 | [Parameter(Mandatory=$true)][string] $SourceRepo,
3 | [Parameter(Mandatory=$true)][int] $ChannelId,
4 | [Parameter(Mandatory=$true)][string] $MaestroApiAccessToken,
5 | [Parameter(Mandatory=$false)][string] $MaestroApiEndPoint = 'https://maestro.dot.net',
6 | [Parameter(Mandatory=$false)][string] $MaestroApiVersion = '2019-01-16'
7 | )
8 |
9 | try {
10 | . $PSScriptRoot\post-build-utils.ps1
11 |
12 | # Get all the $SourceRepo subscriptions
13 | $normalizedSourceRepo = $SourceRepo.Replace('dnceng@', '')
14 | $subscriptions = Get-MaestroSubscriptions -SourceRepository $normalizedSourceRepo -ChannelId $ChannelId
15 |
16 | if (!$subscriptions) {
17 | Write-PipelineTelemetryError -Category 'TriggerSubscriptions' -Message "No subscriptions found for source repo '$normalizedSourceRepo' in channel '$ChannelId'"
18 | ExitWithExitCode 0
19 | }
20 |
21 | $subscriptionsToTrigger = New-Object System.Collections.Generic.List[string]
22 | $failedTriggeredSubscription = $false
23 |
24 | # Get all enabled subscriptions that need dependency flow on 'everyBuild'
25 | foreach ($subscription in $subscriptions) {
26 | if ($subscription.enabled -and $subscription.policy.updateFrequency -like 'everyBuild' -and $subscription.channel.id -eq $ChannelId) {
27 | Write-Host "Should trigger this subscription: ${$subscription.id}"
28 | [void]$subscriptionsToTrigger.Add($subscription.id)
29 | }
30 | }
31 |
32 | foreach ($subscriptionToTrigger in $subscriptionsToTrigger) {
33 | try {
34 | Write-Host "Triggering subscription '$subscriptionToTrigger'."
35 |
36 | Trigger-Subscription -SubscriptionId $subscriptionToTrigger
37 |
38 | Write-Host 'done.'
39 | }
40 | catch
41 | {
42 | Write-Host "There was an error while triggering subscription '$subscriptionToTrigger'"
43 | Write-Host $_
44 | Write-Host $_.ScriptStackTrace
45 | $failedTriggeredSubscription = $true
46 | }
47 | }
48 |
49 | if ($subscriptionsToTrigger.Count -eq 0) {
50 | Write-Host "No subscription matched source repo '$normalizedSourceRepo' and channel ID '$ChannelId'."
51 | }
52 | elseif ($failedTriggeredSubscription) {
53 | Write-PipelineTelemetryError -Category 'TriggerSubscriptions' -Message 'At least one subscription failed to be triggered...'
54 | ExitWithExitCode 1
55 | }
56 | else {
57 | Write-Host 'All subscriptions were triggered successfully!'
58 | }
59 | }
60 | catch {
61 | Write-Host $_.ScriptStackTrace
62 | Write-PipelineTelemetryError -Category 'TriggerSubscriptions' -Message $_
63 | ExitWithExitCode 1
64 | }
65 |
--------------------------------------------------------------------------------
/eng/common/retain-build.ps1:
--------------------------------------------------------------------------------
1 |
2 | Param(
3 | [Parameter(Mandatory=$true)][int] $buildId,
4 | [Parameter(Mandatory=$true)][string] $azdoOrgUri,
5 | [Parameter(Mandatory=$true)][string] $azdoProject,
6 | [Parameter(Mandatory=$true)][string] $token
7 | )
8 |
9 | $ErrorActionPreference = 'Stop'
10 | Set-StrictMode -Version 2.0
11 |
12 | function Get-AzDOHeaders(
13 | [string] $token)
14 | {
15 | $base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(":${token}"))
16 | $headers = @{"Authorization"="Basic $base64AuthInfo"}
17 | return $headers
18 | }
19 |
20 | function Update-BuildRetention(
21 | [string] $azdoOrgUri,
22 | [string] $azdoProject,
23 | [int] $buildId,
24 | [string] $token)
25 | {
26 | $headers = Get-AzDOHeaders -token $token
27 | $requestBody = "{
28 | `"keepForever`": `"true`"
29 | }"
30 |
31 | $requestUri = "${azdoOrgUri}/${azdoProject}/_apis/build/builds/${buildId}?api-version=6.0"
32 | write-Host "Attempting to retain build using the following URI: ${requestUri} ..."
33 |
34 | try {
35 | Invoke-RestMethod -Uri $requestUri -Method Patch -Body $requestBody -Header $headers -contentType "application/json"
36 | Write-Host "Updated retention settings for build ${buildId}."
37 | }
38 | catch {
39 | Write-Error "Failed to update retention settings for build: $_.Exception.Response.StatusDescription"
40 | exit 1
41 | }
42 | }
43 |
44 | Update-BuildRetention -azdoOrgUri $azdoOrgUri -azdoProject $azdoProject -buildId $buildId -token $token
45 | exit 0
46 |
--------------------------------------------------------------------------------
/eng/common/sdk-task.ps1:
--------------------------------------------------------------------------------
1 | [CmdletBinding(PositionalBinding=$false)]
2 | Param(
3 | [string] $configuration = 'Debug',
4 | [string] $task,
5 | [string] $verbosity = 'minimal',
6 | [string] $msbuildEngine = $null,
7 | [switch] $restore,
8 | [switch] $prepareMachine,
9 | [switch] $help,
10 | [Parameter(ValueFromRemainingArguments=$true)][String[]]$properties
11 | )
12 |
13 | $ci = $true
14 | $binaryLog = $true
15 | $warnAsError = $true
16 |
17 | . $PSScriptRoot\tools.ps1
18 |
19 | function Print-Usage() {
20 | Write-Host "Common settings:"
21 | Write-Host " -task Name of Arcade task (name of a project in SdkTasks directory of the Arcade SDK package)"
22 | Write-Host " -restore Restore dependencies"
23 | Write-Host " -verbosity Msbuild verbosity: q[uiet], m[inimal], n[ormal], d[etailed], and diag[nostic]"
24 | Write-Host " -help Print help and exit"
25 | Write-Host ""
26 |
27 | Write-Host "Advanced settings:"
28 | Write-Host " -prepareMachine Prepare machine for CI run"
29 | Write-Host " -msbuildEngine Msbuild engine to use to run build ('dotnet', 'vs', or unspecified)."
30 | Write-Host ""
31 | Write-Host "Command line arguments not listed above are passed thru to msbuild."
32 | }
33 |
34 | function Build([string]$target) {
35 | $logSuffix = if ($target -eq 'Execute') { '' } else { ".$target" }
36 | $log = Join-Path $LogDir "$task$logSuffix.binlog"
37 | $outputPath = Join-Path $ToolsetDir "$task\"
38 |
39 | MSBuild $taskProject `
40 | /bl:$log `
41 | /t:$target `
42 | /p:Configuration=$configuration `
43 | /p:RepoRoot=$RepoRoot `
44 | /p:BaseIntermediateOutputPath=$outputPath `
45 | /v:$verbosity `
46 | @properties
47 | }
48 |
49 | try {
50 | if ($help -or (($null -ne $properties) -and ($properties.Contains('/help') -or $properties.Contains('/?')))) {
51 | Print-Usage
52 | exit 0
53 | }
54 |
55 | if ($task -eq "") {
56 | Write-PipelineTelemetryError -Category 'Build' -Message "Missing required parameter '-task '"
57 | Print-Usage
58 | ExitWithExitCode 1
59 | }
60 |
61 | if( $msbuildEngine -eq "vs") {
62 | # Ensure desktop MSBuild is available for sdk tasks.
63 | if( -not ($GlobalJson.tools.PSObject.Properties.Name -contains "vs" )) {
64 | $GlobalJson.tools | Add-Member -Name "vs" -Value (ConvertFrom-Json "{ `"version`": `"16.5`" }") -MemberType NoteProperty
65 | }
66 | if( -not ($GlobalJson.tools.PSObject.Properties.Name -match "xcopy-msbuild" )) {
67 | $GlobalJson.tools | Add-Member -Name "xcopy-msbuild" -Value "17.12.0" -MemberType NoteProperty
68 | }
69 | if ($GlobalJson.tools."xcopy-msbuild".Trim() -ine "none") {
70 | $xcopyMSBuildToolsFolder = InitializeXCopyMSBuild $GlobalJson.tools."xcopy-msbuild" -install $true
71 | }
72 | if ($xcopyMSBuildToolsFolder -eq $null) {
73 | throw 'Unable to get xcopy downloadable version of msbuild'
74 | }
75 |
76 | $global:_MSBuildExe = "$($xcopyMSBuildToolsFolder)\MSBuild\Current\Bin\MSBuild.exe"
77 | }
78 |
79 | $taskProject = GetSdkTaskProject $task
80 | if (!(Test-Path $taskProject)) {
81 | Write-PipelineTelemetryError -Category 'Build' -Message "Unknown task: $task"
82 | ExitWithExitCode 1
83 | }
84 |
85 | if ($restore) {
86 | Build 'Restore'
87 | }
88 |
89 | Build 'Execute'
90 | }
91 | catch {
92 | Write-Host $_.ScriptStackTrace
93 | Write-PipelineTelemetryError -Category 'Build' -Message $_
94 | ExitWithExitCode 1
95 | }
96 |
97 | ExitWithExitCode 0
98 |
--------------------------------------------------------------------------------
/eng/common/sdl/NuGet.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/eng/common/sdl/extract-artifact-archives.ps1:
--------------------------------------------------------------------------------
1 | # This script looks for each archive file in a directory and extracts it into the target directory.
2 | # For example, the file "$InputPath/bin.tar.gz" extracts to "$ExtractPath/bin.tar.gz.extracted/**".
3 | # Uses the "tar" utility added to Windows 10 / Windows 2019 that supports tar.gz and zip.
4 | param(
5 | # Full path to directory where archives are stored.
6 | [Parameter(Mandatory=$true)][string] $InputPath,
7 | # Full path to directory to extract archives into. May be the same as $InputPath.
8 | [Parameter(Mandatory=$true)][string] $ExtractPath
9 | )
10 |
11 | $ErrorActionPreference = 'Stop'
12 | Set-StrictMode -Version 2.0
13 |
14 | $disableConfigureToolsetImport = $true
15 |
16 | try {
17 | # `tools.ps1` checks $ci to perform some actions. Since the SDL
18 | # scripts don't necessarily execute in the same agent that run the
19 | # build.ps1/sh script this variable isn't automatically set.
20 | $ci = $true
21 | . $PSScriptRoot\..\tools.ps1
22 |
23 | Measure-Command {
24 | $jobs = @()
25 |
26 | # Find archive files for non-Windows and Windows builds.
27 | $archiveFiles = @(
28 | Get-ChildItem (Join-Path $InputPath "*.tar.gz")
29 | Get-ChildItem (Join-Path $InputPath "*.zip")
30 | )
31 |
32 | foreach ($targzFile in $archiveFiles) {
33 | $jobs += Start-Job -ScriptBlock {
34 | $file = $using:targzFile
35 | $fileName = [System.IO.Path]::GetFileName($file)
36 | $extractDir = Join-Path $using:ExtractPath "$fileName.extracted"
37 |
38 | New-Item $extractDir -ItemType Directory -Force | Out-Null
39 |
40 | Write-Host "Extracting '$file' to '$extractDir'..."
41 |
42 | # Pipe errors to stdout to prevent PowerShell detecting them and quitting the job early.
43 | # This type of quit skips the catch, so we wouldn't be able to tell which file triggered the
44 | # error. Save output so it can be stored in the exception string along with context.
45 | $output = tar -xf $file -C $extractDir 2>&1
46 | # Handle NZEC manually rather than using Exit-IfNZEC: we are in a background job, so we
47 | # don't have access to the outer scope.
48 | if ($LASTEXITCODE -ne 0) {
49 | throw "Error extracting '$file': non-zero exit code ($LASTEXITCODE). Output: '$output'"
50 | }
51 |
52 | Write-Host "Extracted to $extractDir"
53 | }
54 | }
55 |
56 | Receive-Job $jobs -Wait
57 | }
58 | }
59 | catch {
60 | Write-Host $_
61 | Write-PipelineTelemetryError -Force -Category 'Sdl' -Message $_
62 | ExitWithExitCode 1
63 | }
64 |
--------------------------------------------------------------------------------
/eng/common/sdl/extract-artifact-packages.ps1:
--------------------------------------------------------------------------------
1 | param(
2 | [Parameter(Mandatory=$true)][string] $InputPath, # Full path to directory where artifact packages are stored
3 | [Parameter(Mandatory=$true)][string] $ExtractPath # Full path to directory where the packages will be extracted
4 | )
5 |
6 | $ErrorActionPreference = 'Stop'
7 | Set-StrictMode -Version 2.0
8 |
9 | $disableConfigureToolsetImport = $true
10 |
11 | function ExtractArtifacts {
12 | if (!(Test-Path $InputPath)) {
13 | Write-Host "Input Path does not exist: $InputPath"
14 | ExitWithExitCode 0
15 | }
16 | $Jobs = @()
17 | Get-ChildItem "$InputPath\*.nupkg" |
18 | ForEach-Object {
19 | $Jobs += Start-Job -ScriptBlock $ExtractPackage -ArgumentList $_.FullName
20 | }
21 |
22 | foreach ($Job in $Jobs) {
23 | Wait-Job -Id $Job.Id | Receive-Job
24 | }
25 | }
26 |
27 | try {
28 | # `tools.ps1` checks $ci to perform some actions. Since the SDL
29 | # scripts don't necessarily execute in the same agent that run the
30 | # build.ps1/sh script this variable isn't automatically set.
31 | $ci = $true
32 | . $PSScriptRoot\..\tools.ps1
33 |
34 | $ExtractPackage = {
35 | param(
36 | [string] $PackagePath # Full path to a NuGet package
37 | )
38 |
39 | if (!(Test-Path $PackagePath)) {
40 | Write-PipelineTelemetryError -Category 'Build' -Message "Input file does not exist: $PackagePath"
41 | ExitWithExitCode 1
42 | }
43 |
44 | $RelevantExtensions = @('.dll', '.exe', '.pdb')
45 | Write-Host -NoNewLine 'Extracting ' ([System.IO.Path]::GetFileName($PackagePath)) '...'
46 |
47 | $PackageId = [System.IO.Path]::GetFileNameWithoutExtension($PackagePath)
48 | $ExtractPath = Join-Path -Path $using:ExtractPath -ChildPath $PackageId
49 |
50 | Add-Type -AssemblyName System.IO.Compression.FileSystem
51 |
52 | [System.IO.Directory]::CreateDirectory($ExtractPath);
53 |
54 | try {
55 | $zip = [System.IO.Compression.ZipFile]::OpenRead($PackagePath)
56 |
57 | $zip.Entries |
58 | Where-Object {$RelevantExtensions -contains [System.IO.Path]::GetExtension($_.Name)} |
59 | ForEach-Object {
60 | $TargetPath = Join-Path -Path $ExtractPath -ChildPath (Split-Path -Path $_.FullName)
61 | [System.IO.Directory]::CreateDirectory($TargetPath);
62 |
63 | $TargetFile = Join-Path -Path $ExtractPath -ChildPath $_.FullName
64 | [System.IO.Compression.ZipFileExtensions]::ExtractToFile($_, $TargetFile)
65 | }
66 | }
67 | catch {
68 | Write-Host $_
69 | Write-PipelineTelemetryError -Force -Category 'Sdl' -Message $_
70 | ExitWithExitCode 1
71 | }
72 | finally {
73 | $zip.Dispose()
74 | }
75 | }
76 | Measure-Command { ExtractArtifacts }
77 | }
78 | catch {
79 | Write-Host $_
80 | Write-PipelineTelemetryError -Force -Category 'Sdl' -Message $_
81 | ExitWithExitCode 1
82 | }
83 |
--------------------------------------------------------------------------------
/eng/common/sdl/init-sdl.ps1:
--------------------------------------------------------------------------------
1 | Param(
2 | [string] $GuardianCliLocation,
3 | [string] $Repository,
4 | [string] $BranchName='master',
5 | [string] $WorkingDirectory,
6 | [string] $GuardianLoggerLevel='Standard'
7 | )
8 |
9 | $ErrorActionPreference = 'Stop'
10 | Set-StrictMode -Version 2.0
11 | $disableConfigureToolsetImport = $true
12 | $global:LASTEXITCODE = 0
13 |
14 | # `tools.ps1` checks $ci to perform some actions. Since the SDL
15 | # scripts don't necessarily execute in the same agent that run the
16 | # build.ps1/sh script this variable isn't automatically set.
17 | $ci = $true
18 | . $PSScriptRoot\..\tools.ps1
19 |
20 | # Don't display the console progress UI - it's a huge perf hit
21 | $ProgressPreference = 'SilentlyContinue'
22 |
23 | Add-Type -AssemblyName System.IO.Compression.FileSystem
24 |
25 | try {
26 | # if the folder does not exist, we'll do a guardian init and push it to the remote repository
27 | Write-Host 'Initializing Guardian...'
28 | Write-Host "$GuardianCliLocation init --working-directory $WorkingDirectory --logger-level $GuardianLoggerLevel"
29 | & $GuardianCliLocation init --working-directory $WorkingDirectory --logger-level $GuardianLoggerLevel
30 | if ($LASTEXITCODE -ne 0) {
31 | Write-PipelineTelemetryError -Force -Category 'Build' -Message "Guardian init failed with exit code $LASTEXITCODE."
32 | ExitWithExitCode $LASTEXITCODE
33 | }
34 | # We create the mainbaseline so it can be edited later
35 | Write-Host "$GuardianCliLocation baseline --working-directory $WorkingDirectory --name mainbaseline"
36 | & $GuardianCliLocation baseline --working-directory $WorkingDirectory --name mainbaseline
37 | if ($LASTEXITCODE -ne 0) {
38 | Write-PipelineTelemetryError -Force -Category 'Build' -Message "Guardian baseline failed with exit code $LASTEXITCODE."
39 | ExitWithExitCode $LASTEXITCODE
40 | }
41 | ExitWithExitCode 0
42 | }
43 | catch {
44 | Write-Host $_.ScriptStackTrace
45 | Write-PipelineTelemetryError -Force -Category 'Sdl' -Message $_
46 | ExitWithExitCode 1
47 | }
48 |
--------------------------------------------------------------------------------
/eng/common/sdl/packages.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/eng/common/sdl/run-sdl.ps1:
--------------------------------------------------------------------------------
1 | Param(
2 | [string] $GuardianCliLocation,
3 | [string] $WorkingDirectory,
4 | [string] $GdnFolder,
5 | [string] $UpdateBaseline,
6 | [string] $GuardianLoggerLevel='Standard'
7 | )
8 |
9 | $ErrorActionPreference = 'Stop'
10 | Set-StrictMode -Version 2.0
11 | $disableConfigureToolsetImport = $true
12 | $global:LASTEXITCODE = 0
13 |
14 | try {
15 | # `tools.ps1` checks $ci to perform some actions. Since the SDL
16 | # scripts don't necessarily execute in the same agent that run the
17 | # build.ps1/sh script this variable isn't automatically set.
18 | $ci = $true
19 | . $PSScriptRoot\..\tools.ps1
20 |
21 | # We store config files in the r directory of .gdn
22 | $gdnConfigPath = Join-Path $GdnFolder 'r'
23 | $ValidPath = Test-Path $GuardianCliLocation
24 |
25 | if ($ValidPath -eq $False)
26 | {
27 | Write-PipelineTelemetryError -Force -Category 'Sdl' -Message "Invalid Guardian CLI Location."
28 | ExitWithExitCode 1
29 | }
30 |
31 | $gdnConfigFiles = Get-ChildItem $gdnConfigPath -Recurse -Include '*.gdnconfig'
32 | Write-Host "Discovered Guardian config files:"
33 | $gdnConfigFiles | Out-String | Write-Host
34 |
35 | Exec-BlockVerbosely {
36 | & $GuardianCliLocation run `
37 | --working-directory $WorkingDirectory `
38 | --baseline mainbaseline `
39 | --update-baseline $UpdateBaseline `
40 | --logger-level $GuardianLoggerLevel `
41 | --config @gdnConfigFiles
42 | Exit-IfNZEC "Sdl"
43 | }
44 | }
45 | catch {
46 | Write-Host $_.ScriptStackTrace
47 | Write-PipelineTelemetryError -Force -Category 'Sdl' -Message $_
48 | ExitWithExitCode 1
49 | }
50 |
--------------------------------------------------------------------------------
/eng/common/sdl/sdl.ps1:
--------------------------------------------------------------------------------
1 |
2 | function Install-Gdn {
3 | param(
4 | [Parameter(Mandatory=$true)]
5 | [string]$Path,
6 |
7 | [string]$Source = "https://pkgs.dev.azure.com/dnceng/_packaging/Guardian1ESPTUpstreamOrgFeed/nuget/v3/index.json",
8 |
9 | # If omitted, install the latest version of Guardian, otherwise install that specific version.
10 | [string]$Version
11 | )
12 |
13 | $ErrorActionPreference = 'Stop'
14 | Set-StrictMode -Version 2.0
15 | $disableConfigureToolsetImport = $true
16 | $global:LASTEXITCODE = 0
17 |
18 | # `tools.ps1` checks $ci to perform some actions. Since the SDL
19 | # scripts don't necessarily execute in the same agent that run the
20 | # build.ps1/sh script this variable isn't automatically set.
21 | $ci = $true
22 | . $PSScriptRoot\..\tools.ps1
23 |
24 | $argumentList = @("install", "Microsoft.Guardian.Cli.win-x64", "-Source $Source", "-OutputDirectory $Path", "-NonInteractive", "-NoCache")
25 |
26 | if ($Version) {
27 | $argumentList += "-Version $Version"
28 | }
29 |
30 | Start-Process nuget -Verbose -ArgumentList $argumentList -NoNewWindow -Wait
31 |
32 | $gdnCliPath = Get-ChildItem -Filter guardian.cmd -Recurse -Path $Path
33 |
34 | if (!$gdnCliPath)
35 | {
36 | Write-PipelineTelemetryError -Category 'Sdl' -Message 'Failure installing Guardian'
37 | }
38 |
39 | return $gdnCliPath.FullName
40 | }
--------------------------------------------------------------------------------
/eng/common/sdl/trim-assets-version.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .SYNOPSIS
3 | Install and run the 'Microsoft.DotNet.VersionTools.Cli' tool with the 'trim-artifacts-version' command to trim the version from the NuGet assets file name.
4 |
5 | .PARAMETER InputPath
6 | Full path to directory where artifact packages are stored
7 |
8 | .PARAMETER Recursive
9 | Search for NuGet packages recursively
10 |
11 | #>
12 |
13 | Param(
14 | [string] $InputPath,
15 | [bool] $Recursive = $true
16 | )
17 |
18 | $CliToolName = "Microsoft.DotNet.VersionTools.Cli"
19 |
20 | function Install-VersionTools-Cli {
21 | param(
22 | [Parameter(Mandatory=$true)][string]$Version
23 | )
24 |
25 | Write-Host "Installing the package '$CliToolName' with a version of '$version' ..."
26 | $feed = "https://pkgs.dev.azure.com/dnceng/public/_packaging/dotnet-eng/nuget/v3/index.json"
27 |
28 | $argumentList = @("tool", "install", "--local", "$CliToolName", "--add-source $feed", "--no-cache", "--version $Version", "--create-manifest-if-needed")
29 | Start-Process "$dotnet" -Verbose -ArgumentList $argumentList -NoNewWindow -Wait
30 | }
31 |
32 | # -------------------------------------------------------------------
33 |
34 | if (!(Test-Path $InputPath)) {
35 | Write-Host "Input Path '$InputPath' does not exist"
36 | ExitWithExitCode 1
37 | }
38 |
39 | $ErrorActionPreference = 'Stop'
40 | Set-StrictMode -Version 2.0
41 |
42 | $disableConfigureToolsetImport = $true
43 | $global:LASTEXITCODE = 0
44 |
45 | # `tools.ps1` checks $ci to perform some actions. Since the SDL
46 | # scripts don't necessarily execute in the same agent that run the
47 | # build.ps1/sh script this variable isn't automatically set.
48 | $ci = $true
49 | . $PSScriptRoot\..\tools.ps1
50 |
51 | try {
52 | $dotnetRoot = InitializeDotNetCli -install:$true
53 | $dotnet = "$dotnetRoot\dotnet.exe"
54 |
55 | $toolsetVersion = Read-ArcadeSdkVersion
56 | Install-VersionTools-Cli -Version $toolsetVersion
57 |
58 | $cliToolFound = (& "$dotnet" tool list --local | Where-Object {$_.Split(' ')[0] -eq $CliToolName})
59 | if ($null -eq $cliToolFound) {
60 | Write-PipelineTelemetryError -Force -Category 'Sdl' -Message "The '$CliToolName' tool is not installed."
61 | ExitWithExitCode 1
62 | }
63 |
64 | Exec-BlockVerbosely {
65 | & "$dotnet" $CliToolName trim-assets-version `
66 | --assets-path $InputPath `
67 | --recursive $Recursive
68 | Exit-IfNZEC "Sdl"
69 | }
70 | }
71 | catch {
72 | Write-Host $_
73 | Write-PipelineTelemetryError -Force -Category 'Sdl' -Message $_
74 | ExitWithExitCode 1
75 | }
--------------------------------------------------------------------------------
/eng/common/templates-official/job/source-build.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | # This template adds arcade-powered source-build to CI. The template produces a server job with a
3 | # default ID 'Source_Build_Complete' to put in a dependency list if necessary.
4 |
5 | # Specifies the prefix for source-build jobs added to pipeline. Use this if disambiguation needed.
6 | jobNamePrefix: 'Source_Build'
7 |
8 | # Defines the platform on which to run the job. By default, a linux-x64 machine, suitable for
9 | # managed-only repositories. This is an object with these properties:
10 | #
11 | # name: ''
12 | # The name of the job. This is included in the job ID.
13 | # targetRID: ''
14 | # The name of the target RID to use, instead of the one auto-detected by Arcade.
15 | # nonPortable: false
16 | # Enables non-portable mode. This means a more specific RID (e.g. fedora.32-x64 rather than
17 | # linux-x64), and compiling against distro-provided packages rather than portable ones.
18 | # skipPublishValidation: false
19 | # Disables publishing validation. By default, a check is performed to ensure no packages are
20 | # published by source-build.
21 | # container: ''
22 | # A container to use. Runs in docker.
23 | # pool: {}
24 | # A pool to use. Runs directly on an agent.
25 | # buildScript: ''
26 | # Specifies the build script to invoke to perform the build in the repo. The default
27 | # './build.sh' should work for typical Arcade repositories, but this is customizable for
28 | # difficult situations.
29 | # jobProperties: {}
30 | # A list of job properties to inject at the top level, for potential extensibility beyond
31 | # container and pool.
32 | platform: {}
33 |
34 | # If set to true and running on a non-public project,
35 | # Internal blob storage locations will be enabled.
36 | # This is not enabled by default because many repositories do not need internal sources
37 | # and do not need to have the required service connections approved in the pipeline.
38 | enableInternalSources: false
39 |
40 | jobs:
41 | - job: ${{ parameters.jobNamePrefix }}_${{ parameters.platform.name }}
42 | displayName: Source-Build (${{ parameters.platform.name }})
43 |
44 | ${{ each property in parameters.platform.jobProperties }}:
45 | ${{ property.key }}: ${{ property.value }}
46 |
47 | ${{ if ne(parameters.platform.container, '') }}:
48 | container: ${{ parameters.platform.container }}
49 |
50 | ${{ if eq(parameters.platform.pool, '') }}:
51 | # The default VM host AzDO pool. This should be capable of running Docker containers: almost all
52 | # source-build builds run in Docker, including the default managed platform.
53 | # /eng/common/templates-official/variables/pool-providers.yml can't be used here (some customers declare variables already), so duplicate its logic
54 | pool:
55 | ${{ if eq(variables['System.TeamProject'], 'public') }}:
56 | name: $[replace(replace(eq(contains(coalesce(variables['System.PullRequest.TargetBranch'], variables['Build.SourceBranch'], 'refs/heads/main'), 'release'), 'true'), True, 'NetCore-Svc-Public' ), False, 'NetCore-Public')]
57 | demands: ImageOverride -equals Build.Ubuntu.2204.Amd64.Open
58 |
59 | ${{ if eq(variables['System.TeamProject'], 'internal') }}:
60 | name: $[replace(replace(eq(contains(coalesce(variables['System.PullRequest.TargetBranch'], variables['Build.SourceBranch'], 'refs/heads/main'), 'release'), 'true'), True, 'NetCore1ESPool-Svc-Internal'), False, 'NetCore1ESPool-Internal')]
61 | image: 1es-mariner-2
62 | os: linux
63 |
64 | ${{ if ne(parameters.platform.pool, '') }}:
65 | pool: ${{ parameters.platform.pool }}
66 |
67 | workspace:
68 | clean: all
69 |
70 | steps:
71 | - ${{ if eq(parameters.enableInternalSources, true) }}:
72 | - template: /eng/common/templates-official/steps/enable-internal-runtimes.yml
73 | - template: /eng/common/templates-official/steps/source-build.yml
74 | parameters:
75 | platform: ${{ parameters.platform }}
76 |
--------------------------------------------------------------------------------
/eng/common/templates-official/job/source-index-stage1.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | runAsPublic: false
3 | sourceIndexUploadPackageVersion: 2.0.0-20250425.2
4 | sourceIndexProcessBinlogPackageVersion: 1.0.1-20250425.2
5 | sourceIndexPackageSource: https://pkgs.dev.azure.com/dnceng/public/_packaging/dotnet-tools/nuget/v3/index.json
6 | sourceIndexBuildCommand: powershell -NoLogo -NoProfile -ExecutionPolicy Bypass -Command "eng/common/build.ps1 -restore -build -binarylog -ci"
7 | preSteps: []
8 | binlogPath: artifacts/log/Debug/Build.binlog
9 | condition: ''
10 | dependsOn: ''
11 | pool: ''
12 |
13 | jobs:
14 | - job: SourceIndexStage1
15 | dependsOn: ${{ parameters.dependsOn }}
16 | condition: ${{ parameters.condition }}
17 | variables:
18 | - name: SourceIndexUploadPackageVersion
19 | value: ${{ parameters.sourceIndexUploadPackageVersion }}
20 | - name: SourceIndexProcessBinlogPackageVersion
21 | value: ${{ parameters.sourceIndexProcessBinlogPackageVersion }}
22 | - name: SourceIndexPackageSource
23 | value: ${{ parameters.sourceIndexPackageSource }}
24 | - name: BinlogPath
25 | value: ${{ parameters.binlogPath }}
26 | - template: /eng/common/templates-official/variables/pool-providers.yml
27 |
28 | ${{ if ne(parameters.pool, '') }}:
29 | pool: ${{ parameters.pool }}
30 | ${{ if eq(parameters.pool, '') }}:
31 | pool:
32 | ${{ if eq(variables['System.TeamProject'], 'public') }}:
33 | name: $(DncEngPublicBuildPool)
34 | demands: ImageOverride -equals windows.vs2019.amd64.open
35 | ${{ if eq(variables['System.TeamProject'], 'internal') }}:
36 | name: $(DncEngInternalBuildPool)
37 | image: windows.vs2022.amd64
38 | os: windows
39 |
40 | steps:
41 | - ${{ each preStep in parameters.preSteps }}:
42 | - ${{ preStep }}
43 |
44 | - task: UseDotNet@2
45 | displayName: Use .NET 8 SDK
46 | inputs:
47 | packageType: sdk
48 | version: 8.0.x
49 | installationPath: $(Agent.TempDirectory)/dotnet
50 | workingDirectory: $(Agent.TempDirectory)
51 |
52 | - script: |
53 | $(Agent.TempDirectory)/dotnet/dotnet tool install BinLogToSln --version $(sourceIndexProcessBinlogPackageVersion) --add-source $(SourceIndexPackageSource) --tool-path $(Agent.TempDirectory)/.source-index/tools
54 | $(Agent.TempDirectory)/dotnet/dotnet tool install UploadIndexStage1 --version $(sourceIndexUploadPackageVersion) --add-source $(SourceIndexPackageSource) --tool-path $(Agent.TempDirectory)/.source-index/tools
55 | displayName: Download Tools
56 | # Set working directory to temp directory so 'dotnet' doesn't try to use global.json and use the repo's sdk.
57 | workingDirectory: $(Agent.TempDirectory)
58 |
59 | - script: ${{ parameters.sourceIndexBuildCommand }}
60 | displayName: Build Repository
61 |
62 | - script: $(Agent.TempDirectory)/.source-index/tools/BinLogToSln -i $(BinlogPath) -r $(Build.SourcesDirectory) -n $(Build.Repository.Name) -o .source-index/stage1output
63 | displayName: Process Binlog into indexable sln
64 |
65 | - ${{ if and(eq(parameters.runAsPublic, 'false'), ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
66 | - task: AzureCLI@2
67 | displayName: Get stage 1 auth token
68 | inputs:
69 | azureSubscription: 'SourceDotNet Stage1 Publish'
70 | addSpnToEnvironment: true
71 | scriptType: 'ps'
72 | scriptLocation: 'inlineScript'
73 | inlineScript: |
74 | echo "##vso[task.setvariable variable=ARM_CLIENT_ID;issecret=true]$env:servicePrincipalId"
75 | echo "##vso[task.setvariable variable=ARM_ID_TOKEN;issecret=true]$env:idToken"
76 | echo "##vso[task.setvariable variable=ARM_TENANT_ID;issecret=true]$env:tenantId"
77 |
78 | - script: |
79 | az login --service-principal -u $(ARM_CLIENT_ID) --tenant $(ARM_TENANT_ID) --allow-no-subscriptions --federated-token $(ARM_ID_TOKEN)
80 | displayName: "Login to Azure"
81 |
82 | - script: $(Agent.TempDirectory)/.source-index/tools/UploadIndexStage1 -i .source-index/stage1output -n $(Build.Repository.Name) -s netsourceindexstage1 -b stage1
83 | displayName: Upload stage1 artifacts to source index
84 |
--------------------------------------------------------------------------------
/eng/common/templates-official/jobs/codeql-build.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | # See schema documentation in /Documentation/AzureDevOps/TemplateSchema.md
3 | continueOnError: false
4 | # Required: A collection of jobs to run - https://docs.microsoft.com/en-us/azure/devops/pipelines/yaml-schema?view=vsts&tabs=schema#job
5 | jobs: []
6 | # Optional: if specified, restore and use this version of Guardian instead of the default.
7 | overrideGuardianVersion: ''
8 |
9 | jobs:
10 | - template: /eng/common/templates-official/jobs/jobs.yml
11 | parameters:
12 | enableMicrobuild: false
13 | enablePublishBuildArtifacts: false
14 | enablePublishTestResults: false
15 | enablePublishBuildAssets: false
16 | enablePublishUsingPipelines: false
17 | enableTelemetry: true
18 |
19 | variables:
20 | - group: Publish-Build-Assets
21 | # The Guardian version specified in 'eng/common/sdl/packages.config'. This value must be kept in
22 | # sync with the packages.config file.
23 | - name: DefaultGuardianVersion
24 | value: 0.109.0
25 | - name: GuardianPackagesConfigFile
26 | value: $(Build.SourcesDirectory)\eng\common\sdl\packages.config
27 | - name: GuardianVersion
28 | value: ${{ coalesce(parameters.overrideGuardianVersion, '$(DefaultGuardianVersion)') }}
29 |
30 | jobs: ${{ parameters.jobs }}
31 |
32 |
--------------------------------------------------------------------------------
/eng/common/templates-official/jobs/jobs.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | # See schema documentation in /Documentation/AzureDevOps/TemplateSchema.md
3 | continueOnError: false
4 |
5 | # Optional: Include PublishBuildArtifacts task
6 | enablePublishBuildArtifacts: false
7 |
8 | # Optional: Enable publishing using release pipelines
9 | enablePublishUsingPipelines: false
10 |
11 | # Optional: Enable running the source-build jobs to build repo from source
12 | enableSourceBuild: false
13 |
14 | # Optional: Parameters for source-build template.
15 | # See /eng/common/templates-official/jobs/source-build.yml for options
16 | sourceBuildParameters: []
17 |
18 | graphFileGeneration:
19 | # Optional: Enable generating the graph files at the end of the build
20 | enabled: false
21 | # Optional: Include toolset dependencies in the generated graph files
22 | includeToolset: false
23 |
24 | # Required: A collection of jobs to run - https://docs.microsoft.com/en-us/azure/devops/pipelines/yaml-schema?view=vsts&tabs=schema#job
25 | jobs: []
26 |
27 | # Optional: Override automatically derived dependsOn value for "publish build assets" job
28 | publishBuildAssetsDependsOn: ''
29 |
30 | # Optional: Publish the assets as soon as the publish to BAR stage is complete, rather doing so in a separate stage.
31 | publishAssetsImmediately: false
32 |
33 | # Optional: If using publishAssetsImmediately and additional parameters are needed, can be used to send along additional parameters (normally sent to post-build.yml)
34 | artifactsPublishingAdditionalParameters: ''
35 | signingValidationAdditionalParameters: ''
36 |
37 | # Optional: should run as a public build even in the internal project
38 | # if 'true', the build won't run any of the internal only steps, even if it is running in non-public projects.
39 | runAsPublic: false
40 |
41 | enableSourceIndex: false
42 | sourceIndexParams: {}
43 |
44 | # Internal resources (telemetry, microbuild) can only be accessed from non-public projects,
45 | # and some (Microbuild) should only be applied to non-PR cases for internal builds.
46 |
47 | jobs:
48 | - ${{ each job in parameters.jobs }}:
49 | - template: ../job/job.yml
50 | parameters:
51 | # pass along parameters
52 | ${{ each parameter in parameters }}:
53 | ${{ if ne(parameter.key, 'jobs') }}:
54 | ${{ parameter.key }}: ${{ parameter.value }}
55 |
56 | # pass along job properties
57 | ${{ each property in job }}:
58 | ${{ if ne(property.key, 'job') }}:
59 | ${{ property.key }}: ${{ property.value }}
60 |
61 | name: ${{ job.job }}
62 |
63 | - ${{ if eq(parameters.enableSourceBuild, true) }}:
64 | - template: /eng/common/templates-official/jobs/source-build.yml
65 | parameters:
66 | allCompletedJobId: Source_Build_Complete
67 | ${{ each parameter in parameters.sourceBuildParameters }}:
68 | ${{ parameter.key }}: ${{ parameter.value }}
69 |
70 | - ${{ if eq(parameters.enableSourceIndex, 'true') }}:
71 | - template: ../job/source-index-stage1.yml
72 | parameters:
73 | runAsPublic: ${{ parameters.runAsPublic }}
74 | ${{ each parameter in parameters.sourceIndexParams }}:
75 | ${{ parameter.key }}: ${{ parameter.value }}
76 |
77 | - ${{ if and(eq(parameters.runAsPublic, 'false'), ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
78 | - ${{ if or(eq(parameters.enablePublishBuildAssets, true), eq(parameters.artifacts.publish.manifests, 'true'), ne(parameters.artifacts.publish.manifests, '')) }}:
79 | - template: ../job/publish-build-assets.yml
80 | parameters:
81 | continueOnError: ${{ parameters.continueOnError }}
82 | dependsOn:
83 | - ${{ if ne(parameters.publishBuildAssetsDependsOn, '') }}:
84 | - ${{ each job in parameters.publishBuildAssetsDependsOn }}:
85 | - ${{ job.job }}
86 | - ${{ if eq(parameters.publishBuildAssetsDependsOn, '') }}:
87 | - ${{ each job in parameters.jobs }}:
88 | - ${{ job.job }}
89 | - ${{ if eq(parameters.enableSourceBuild, true) }}:
90 | - Source_Build_Complete
91 |
92 | runAsPublic: ${{ parameters.runAsPublic }}
93 | publishUsingPipelines: ${{ parameters.enablePublishUsingPipelines }}
94 | publishAssetsImmediately: ${{ parameters.publishAssetsImmediately }}
95 | enablePublishBuildArtifacts: ${{ parameters.enablePublishBuildArtifacts }}
96 | artifactsPublishingAdditionalParameters: ${{ parameters.artifactsPublishingAdditionalParameters }}
97 | signingValidationAdditionalParameters: ${{ parameters.signingValidationAdditionalParameters }}
98 |
--------------------------------------------------------------------------------
/eng/common/templates-official/jobs/source-build.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | # This template adds arcade-powered source-build to CI. A job is created for each platform, as
3 | # well as an optional server job that completes when all platform jobs complete.
4 |
5 | # The name of the "join" job for all source-build platforms. If set to empty string, the job is
6 | # not included. Existing repo pipelines can use this job depend on all source-build jobs
7 | # completing without maintaining a separate list of every single job ID: just depend on this one
8 | # server job. By default, not included. Recommended name if used: 'Source_Build_Complete'.
9 | allCompletedJobId: ''
10 |
11 | # See /eng/common/templates-official/job/source-build.yml
12 | jobNamePrefix: 'Source_Build'
13 |
14 | # This is the default platform provided by Arcade, intended for use by a managed-only repo.
15 | defaultManagedPlatform:
16 | name: 'Managed'
17 | container: 'mcr.microsoft.com/dotnet-buildtools/prereqs:centos-stream-9-amd64'
18 |
19 | # Defines the platforms on which to run build jobs. One job is created for each platform, and the
20 | # object in this array is sent to the job template as 'platform'. If no platforms are specified,
21 | # one job runs on 'defaultManagedPlatform'.
22 | platforms: []
23 |
24 | # If set to true and running on a non-public project,
25 | # Internal nuget and blob storage locations will be enabled.
26 | # This is not enabled by default because many repositories do not need internal sources
27 | # and do not need to have the required service connections approved in the pipeline.
28 | enableInternalSources: false
29 |
30 | jobs:
31 |
32 | - ${{ if ne(parameters.allCompletedJobId, '') }}:
33 | - job: ${{ parameters.allCompletedJobId }}
34 | displayName: Source-Build Complete
35 | pool: server
36 | dependsOn:
37 | - ${{ each platform in parameters.platforms }}:
38 | - ${{ parameters.jobNamePrefix }}_${{ platform.name }}
39 | - ${{ if eq(length(parameters.platforms), 0) }}:
40 | - ${{ parameters.jobNamePrefix }}_${{ parameters.defaultManagedPlatform.name }}
41 |
42 | - ${{ each platform in parameters.platforms }}:
43 | - template: /eng/common/templates-official/job/source-build.yml
44 | parameters:
45 | jobNamePrefix: ${{ parameters.jobNamePrefix }}
46 | platform: ${{ platform }}
47 | enableInternalSources: ${{ parameters.enableInternalSources }}
48 |
49 | - ${{ if eq(length(parameters.platforms), 0) }}:
50 | - template: /eng/common/templates-official/job/source-build.yml
51 | parameters:
52 | jobNamePrefix: ${{ parameters.jobNamePrefix }}
53 | platform: ${{ parameters.defaultManagedPlatform }}
54 | enableInternalSources: ${{ parameters.enableInternalSources }}
55 |
--------------------------------------------------------------------------------
/eng/common/templates-official/post-build/common-variables.yml:
--------------------------------------------------------------------------------
1 | variables:
2 | - group: Publish-Build-Assets
3 |
4 | # Whether the build is internal or not
5 | - name: IsInternalBuild
6 | value: ${{ and(ne(variables['System.TeamProject'], 'public'), contains(variables['Build.SourceBranch'], 'internal')) }}
7 |
8 | # Default Maestro++ API Endpoint and API Version
9 | - name: MaestroApiEndPoint
10 | value: "https://maestro.dot.net"
11 | - name: MaestroApiAccessToken
12 | value: $(MaestroAccessToken)
13 | - name: MaestroApiVersion
14 | value: "2020-02-20"
15 |
16 | - name: SourceLinkCLIVersion
17 | value: 3.0.0
18 | - name: SymbolToolVersion
19 | value: 1.0.1
20 |
21 | - name: runCodesignValidationInjection
22 | value: false
23 |
--------------------------------------------------------------------------------
/eng/common/templates-official/post-build/setup-maestro-vars.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | BARBuildId: ''
3 | PromoteToChannelIds: ''
4 |
5 | steps:
6 | - ${{ if eq(coalesce(parameters.PromoteToChannelIds, 0), 0) }}:
7 | - task: DownloadBuildArtifacts@0
8 | displayName: Download Release Configs
9 | inputs:
10 | buildType: current
11 | artifactName: ReleaseConfigs
12 | checkDownloadedFiles: true
13 |
14 | - task: PowerShell@2
15 | name: setReleaseVars
16 | displayName: Set Release Configs Vars
17 | inputs:
18 | targetType: inline
19 | pwsh: true
20 | script: |
21 | try {
22 | if (!$Env:PromoteToMaestroChannels -or $Env:PromoteToMaestroChannels.Trim() -eq '') {
23 | $Content = Get-Content $(Build.StagingDirectory)/ReleaseConfigs/ReleaseConfigs.txt
24 |
25 | $BarId = $Content | Select -Index 0
26 | $Channels = $Content | Select -Index 1
27 | $IsStableBuild = $Content | Select -Index 2
28 |
29 | $AzureDevOpsProject = $Env:System_TeamProject
30 | $AzureDevOpsBuildDefinitionId = $Env:System_DefinitionId
31 | $AzureDevOpsBuildId = $Env:Build_BuildId
32 | }
33 | else {
34 | $buildApiEndpoint = "${Env:MaestroApiEndPoint}/api/builds/${Env:BARBuildId}?api-version=${Env:MaestroApiVersion}"
35 |
36 | $apiHeaders = New-Object 'System.Collections.Generic.Dictionary[[String],[String]]'
37 | $apiHeaders.Add('Accept', 'application/json')
38 | $apiHeaders.Add('Authorization',"Bearer ${Env:MAESTRO_API_TOKEN}")
39 |
40 | $buildInfo = try { Invoke-WebRequest -Method Get -Uri $buildApiEndpoint -Headers $apiHeaders | ConvertFrom-Json } catch { Write-Host "Error: $_" }
41 |
42 | $BarId = $Env:BARBuildId
43 | $Channels = $Env:PromoteToMaestroChannels -split ","
44 | $Channels = $Channels -join "]["
45 | $Channels = "[$Channels]"
46 |
47 | $IsStableBuild = $buildInfo.stable
48 | $AzureDevOpsProject = $buildInfo.azureDevOpsProject
49 | $AzureDevOpsBuildDefinitionId = $buildInfo.azureDevOpsBuildDefinitionId
50 | $AzureDevOpsBuildId = $buildInfo.azureDevOpsBuildId
51 | }
52 |
53 | Write-Host "##vso[task.setvariable variable=BARBuildId]$BarId"
54 | Write-Host "##vso[task.setvariable variable=TargetChannels]$Channels"
55 | Write-Host "##vso[task.setvariable variable=IsStableBuild]$IsStableBuild"
56 |
57 | Write-Host "##vso[task.setvariable variable=AzDOProjectName]$AzureDevOpsProject"
58 | Write-Host "##vso[task.setvariable variable=AzDOPipelineId]$AzureDevOpsBuildDefinitionId"
59 | Write-Host "##vso[task.setvariable variable=AzDOBuildId]$AzureDevOpsBuildId"
60 | }
61 | catch {
62 | Write-Host $_
63 | Write-Host $_.Exception
64 | Write-Host $_.ScriptStackTrace
65 | exit 1
66 | }
67 | env:
68 | MAESTRO_API_TOKEN: $(MaestroApiAccessToken)
69 | BARBuildId: ${{ parameters.BARBuildId }}
70 | PromoteToMaestroChannels: ${{ parameters.PromoteToChannelIds }}
71 |
--------------------------------------------------------------------------------
/eng/common/templates-official/post-build/trigger-subscription.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | ChannelId: 0
3 |
4 | steps:
5 | - task: PowerShell@2
6 | displayName: Triggering subscriptions
7 | inputs:
8 | filePath: $(Build.SourcesDirectory)/eng/common/post-build/trigger-subscriptions.ps1
9 | arguments: -SourceRepo $(Build.Repository.Uri)
10 | -ChannelId ${{ parameters.ChannelId }}
11 | -MaestroApiAccessToken $(MaestroAccessToken)
12 | -MaestroApiEndPoint $(MaestroApiEndPoint)
13 | -MaestroApiVersion $(MaestroApiVersion)
14 |
--------------------------------------------------------------------------------
/eng/common/templates-official/steps/add-build-to-channel.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | ChannelId: 0
3 |
4 | steps:
5 | - task: PowerShell@2
6 | displayName: Add Build to Channel
7 | inputs:
8 | filePath: $(Build.SourcesDirectory)/eng/common/post-build/add-build-to-channel.ps1
9 | arguments: -BuildId $(BARBuildId)
10 | -ChannelId ${{ parameters.ChannelId }}
11 | -MaestroApiAccessToken $(MaestroApiAccessToken)
12 | -MaestroApiEndPoint $(MaestroApiEndPoint)
13 | -MaestroApiVersion $(MaestroApiVersion)
14 |
--------------------------------------------------------------------------------
/eng/common/templates-official/steps/build-reason.yml:
--------------------------------------------------------------------------------
1 | # build-reason.yml
2 | # Description: runs steps if build.reason condition is valid. conditions is a string of valid build reasons
3 | # to include steps (',' separated).
4 | parameters:
5 | conditions: ''
6 | steps: []
7 |
8 | steps:
9 | - ${{ if and( not(startsWith(parameters.conditions, 'not')), contains(parameters.conditions, variables['build.reason'])) }}:
10 | - ${{ parameters.steps }}
11 | - ${{ if and( startsWith(parameters.conditions, 'not'), not(contains(parameters.conditions, variables['build.reason']))) }}:
12 | - ${{ parameters.steps }}
13 |
--------------------------------------------------------------------------------
/eng/common/templates-official/steps/component-governance.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | disableComponentGovernance: false
3 | componentGovernanceIgnoreDirectories: ''
4 |
5 | steps:
6 | - ${{ if eq(parameters.disableComponentGovernance, 'true') }}:
7 | - script: echo "##vso[task.setvariable variable=skipComponentGovernanceDetection]true"
8 | displayName: Set skipComponentGovernanceDetection variable
9 | - ${{ if ne(parameters.disableComponentGovernance, 'true') }}:
10 | - task: ComponentGovernanceComponentDetection@0
11 | continueOnError: true
12 | inputs:
13 | ignoreDirectories: ${{ parameters.componentGovernanceIgnoreDirectories }}
--------------------------------------------------------------------------------
/eng/common/templates-official/steps/enable-internal-runtimes.yml:
--------------------------------------------------------------------------------
1 | # Obtains internal runtime download credentials and populates the 'dotnetbuilds-internal-container-read-token-base64'
2 | # variable with the base64-encoded SAS token, by default
3 |
4 | parameters:
5 | - name: federatedServiceConnection
6 | type: string
7 | default: 'dotnetbuilds-internal-read'
8 | - name: outputVariableName
9 | type: string
10 | default: 'dotnetbuilds-internal-container-read-token-base64'
11 | - name: expiryInHours
12 | type: number
13 | default: 1
14 | - name: base64Encode
15 | type: boolean
16 | default: true
17 |
18 | steps:
19 | - ${{ if ne(variables['System.TeamProject'], 'public') }}:
20 | - template: /eng/common/templates-official/steps/get-delegation-sas.yml
21 | parameters:
22 | federatedServiceConnection: ${{ parameters.federatedServiceConnection }}
23 | outputVariableName: ${{ parameters.outputVariableName }}
24 | expiryInHours: ${{ parameters.expiryInHours }}
25 | base64Encode: ${{ parameters.base64Encode }}
26 | storageAccount: dotnetbuilds
27 | container: internal
28 | permissions: rl
29 |
--------------------------------------------------------------------------------
/eng/common/templates-official/steps/execute-codeql.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | # Language that should be analyzed. Defaults to csharp
3 | language: csharp
4 | # Build Commands
5 | buildCommands: ''
6 | overrideParameters: '' # Optional: to override values for parameters.
7 | additionalParameters: '' # Optional: parameters that need user specific values eg: '-SourceToolsList @("abc","def") -ArtifactToolsList @("ghi","jkl")'
8 | # Optional: if specified, restore and use this version of Guardian instead of the default.
9 | overrideGuardianVersion: ''
10 | # Optional: if true, publish the '.gdn' folder as a pipeline artifact. This can help with in-depth
11 | # diagnosis of problems with specific tool configurations.
12 | publishGuardianDirectoryToPipeline: false
13 | # The script to run to execute all SDL tools. Use this if you want to use a script to define SDL
14 | # parameters rather than relying on YAML. It may be better to use a local script, because you can
15 | # reproduce results locally without piecing together a command based on the YAML.
16 | executeAllSdlToolsScript: 'eng/common/sdl/execute-all-sdl-tools.ps1'
17 | # There is some sort of bug (has been reported) in Azure DevOps where if this parameter is named
18 | # 'continueOnError', the parameter value is not correctly picked up.
19 | # This can also be remedied by the caller (post-build.yml) if it does not use a nested parameter
20 | # optional: determines whether to continue the build if the step errors;
21 | sdlContinueOnError: false
22 |
23 | steps:
24 | - template: /eng/common/templates-official/steps/execute-sdl.yml
25 | parameters:
26 | overrideGuardianVersion: ${{ parameters.overrideGuardianVersion }}
27 | executeAllSdlToolsScript: ${{ parameters.executeAllSdlToolsScript }}
28 | overrideParameters: ${{ parameters.overrideParameters }}
29 | additionalParameters: '${{ parameters.additionalParameters }}
30 | -CodeQLAdditionalRunConfigParams @("BuildCommands < ${{ parameters.buildCommands }}", "Language < ${{ parameters.language }}")'
31 | publishGuardianDirectoryToPipeline: ${{ parameters.publishGuardianDirectoryToPipeline }}
32 | sdlContinueOnError: ${{ parameters.sdlContinueOnError }}
--------------------------------------------------------------------------------
/eng/common/templates-official/steps/execute-sdl.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | overrideGuardianVersion: ''
3 | executeAllSdlToolsScript: ''
4 | overrideParameters: ''
5 | additionalParameters: ''
6 | publishGuardianDirectoryToPipeline: false
7 | sdlContinueOnError: false
8 | condition: ''
9 |
10 | steps:
11 | - task: NuGetAuthenticate@1
12 |
13 | - task: NuGetToolInstaller@1
14 | displayName: 'Install NuGet.exe'
15 |
16 | - ${{ if ne(parameters.overrideGuardianVersion, '') }}:
17 | - pwsh: |
18 | Set-Location -Path $(Build.SourcesDirectory)\eng\common\sdl
19 | . .\sdl.ps1
20 | $guardianCliLocation = Install-Gdn -Path $(Build.SourcesDirectory)\.artifacts -Version ${{ parameters.overrideGuardianVersion }}
21 | Write-Host "##vso[task.setvariable variable=GuardianCliLocation]$guardianCliLocation"
22 | displayName: Install Guardian (Overridden)
23 |
24 | - ${{ if eq(parameters.overrideGuardianVersion, '') }}:
25 | - pwsh: |
26 | Set-Location -Path $(Build.SourcesDirectory)\eng\common\sdl
27 | . .\sdl.ps1
28 | $guardianCliLocation = Install-Gdn -Path $(Build.SourcesDirectory)\.artifacts
29 | Write-Host "##vso[task.setvariable variable=GuardianCliLocation]$guardianCliLocation"
30 | displayName: Install Guardian
31 |
32 | - ${{ if ne(parameters.overrideParameters, '') }}:
33 | - powershell: ${{ parameters.executeAllSdlToolsScript }} ${{ parameters.overrideParameters }}
34 | displayName: Execute SDL (Overridden)
35 | continueOnError: ${{ parameters.sdlContinueOnError }}
36 | condition: ${{ parameters.condition }}
37 |
38 | - ${{ if eq(parameters.overrideParameters, '') }}:
39 | - powershell: ${{ parameters.executeAllSdlToolsScript }}
40 | -GuardianCliLocation $(GuardianCliLocation)
41 | -NugetPackageDirectory $(Build.SourcesDirectory)\.packages
42 | -AzureDevOpsAccessToken $(dn-bot-dotnet-build-rw-code-rw)
43 | ${{ parameters.additionalParameters }}
44 | displayName: Execute SDL
45 | continueOnError: ${{ parameters.sdlContinueOnError }}
46 | condition: ${{ parameters.condition }}
47 |
48 | - ${{ if ne(parameters.publishGuardianDirectoryToPipeline, 'false') }}:
49 | # We want to publish the Guardian results and configuration for easy diagnosis. However, the
50 | # '.gdn' dir is a mix of configuration, results, extracted dependencies, and Guardian default
51 | # tooling files. Some of these files are large and aren't useful during an investigation, so
52 | # exclude them by simply deleting them before publishing. (As of writing, there is no documented
53 | # way to selectively exclude a dir from the pipeline artifact publish task.)
54 | - task: DeleteFiles@1
55 | displayName: Delete Guardian dependencies to avoid uploading
56 | inputs:
57 | SourceFolder: $(Agent.BuildDirectory)/.gdn
58 | Contents: |
59 | c
60 | i
61 | condition: succeededOrFailed()
62 |
63 | - publish: $(Agent.BuildDirectory)/.gdn
64 | artifact: GuardianConfiguration
65 | displayName: Publish GuardianConfiguration
66 | condition: succeededOrFailed()
67 |
68 | # Publish the SARIF files in a container named CodeAnalysisLogs to enable integration
69 | # with the "SARIF SAST Scans Tab" Azure DevOps extension
70 | - task: CopyFiles@2
71 | displayName: Copy SARIF files
72 | inputs:
73 | flattenFolders: true
74 | sourceFolder: $(Agent.BuildDirectory)/.gdn/rc/
75 | contents: '**/*.sarif'
76 | targetFolder: $(Build.SourcesDirectory)/CodeAnalysisLogs
77 | condition: succeededOrFailed()
78 |
79 | # Use PublishBuildArtifacts because the SARIF extension only checks this case
80 | # see microsoft/sarif-azuredevops-extension#4
81 | - task: PublishBuildArtifacts@1
82 | displayName: Publish SARIF files to CodeAnalysisLogs container
83 | inputs:
84 | pathToPublish: $(Build.SourcesDirectory)/CodeAnalysisLogs
85 | artifactName: CodeAnalysisLogs
86 | condition: succeededOrFailed()
--------------------------------------------------------------------------------
/eng/common/templates-official/steps/generate-sbom.yml:
--------------------------------------------------------------------------------
1 | # BuildDropPath - The root folder of the drop directory for which the manifest file will be generated.
2 | # PackageName - The name of the package this SBOM represents.
3 | # PackageVersion - The version of the package this SBOM represents.
4 | # ManifestDirPath - The path of the directory where the generated manifest files will be placed
5 | # IgnoreDirectories - Directories to ignore for SBOM generation. This will be passed through to the CG component detector.
6 |
7 | parameters:
8 | PackageVersion: 8.0.0
9 | BuildDropPath: '$(Build.SourcesDirectory)/artifacts'
10 | PackageName: '.NET'
11 | ManifestDirPath: $(Build.ArtifactStagingDirectory)/sbom
12 | IgnoreDirectories: ''
13 | sbomContinueOnError: true
14 |
15 | steps:
16 | - task: PowerShell@2
17 | displayName: Prep for SBOM generation in (Non-linux)
18 | condition: or(eq(variables['Agent.Os'], 'Windows_NT'), eq(variables['Agent.Os'], 'Darwin'))
19 | inputs:
20 | filePath: ./eng/common/generate-sbom-prep.ps1
21 | arguments: ${{parameters.manifestDirPath}}
22 |
23 | # Chmodding is a workaround for https://github.com/dotnet/arcade/issues/8461
24 | - script: |
25 | chmod +x ./eng/common/generate-sbom-prep.sh
26 | ./eng/common/generate-sbom-prep.sh ${{parameters.manifestDirPath}}
27 | displayName: Prep for SBOM generation in (Linux)
28 | condition: eq(variables['Agent.Os'], 'Linux')
29 | continueOnError: ${{ parameters.sbomContinueOnError }}
30 |
31 | - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
32 | displayName: 'Generate SBOM manifest'
33 | continueOnError: ${{ parameters.sbomContinueOnError }}
34 | inputs:
35 | PackageName: ${{ parameters.packageName }}
36 | BuildDropPath: ${{ parameters.buildDropPath }}
37 | PackageVersion: ${{ parameters.packageVersion }}
38 | ManifestDirPath: ${{ parameters.manifestDirPath }}/$(ARTIFACT_NAME)
39 | ${{ if ne(parameters.IgnoreDirectories, '') }}:
40 | AdditionalComponentDetectorArgs: '--IgnoreDirectories ${{ parameters.IgnoreDirectories }}'
41 |
42 | - task: 1ES.PublishPipelineArtifact@1
43 | displayName: Publish SBOM manifest
44 | continueOnError: ${{parameters.sbomContinueOnError}}
45 | inputs:
46 | targetPath: '${{parameters.manifestDirPath}}'
47 | artifactName: $(ARTIFACT_NAME)
48 |
49 |
--------------------------------------------------------------------------------
/eng/common/templates-official/steps/get-delegation-sas.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | - name: federatedServiceConnection
3 | type: string
4 | - name: outputVariableName
5 | type: string
6 | - name: expiryInHours
7 | type: number
8 | default: 1
9 | - name: base64Encode
10 | type: boolean
11 | default: false
12 | - name: storageAccount
13 | type: string
14 | - name: container
15 | type: string
16 | - name: permissions
17 | type: string
18 | default: 'rl'
19 |
20 | steps:
21 | - task: AzureCLI@2
22 | displayName: 'Generate delegation SAS Token for ${{ parameters.storageAccount }}/${{ parameters.container }}'
23 | inputs:
24 | azureSubscription: ${{ parameters.federatedServiceConnection }}
25 | scriptType: 'pscore'
26 | scriptLocation: 'inlineScript'
27 | inlineScript: |
28 | # Calculate the expiration of the SAS token and convert to UTC
29 | $expiry = (Get-Date).AddHours(${{ parameters.expiryInHours }}).ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ")
30 |
31 | # Temporarily work around a helix issue where SAS tokens with / in them will cause incorrect downloads
32 | # of correlation payloads. https://github.com/dotnet/dnceng/issues/3484
33 | $sas = ""
34 | do {
35 | $sas = az storage container generate-sas --account-name ${{ parameters.storageAccount }} --name ${{ parameters.container }} --permissions ${{ parameters.permissions }} --expiry $expiry --auth-mode login --as-user -o tsv
36 | if ($LASTEXITCODE -ne 0) {
37 | Write-Error "Failed to generate SAS token."
38 | exit 1
39 | }
40 | } while($sas.IndexOf('/') -ne -1)
41 |
42 | if ($LASTEXITCODE -ne 0) {
43 | Write-Error "Failed to generate SAS token."
44 | exit 1
45 | }
46 |
47 | if ('${{ parameters.base64Encode }}' -eq 'true') {
48 | $sas = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($sas))
49 | }
50 |
51 | Write-Host "Setting '${{ parameters.outputVariableName }}' with the access token value"
52 | Write-Host "##vso[task.setvariable variable=${{ parameters.outputVariableName }};issecret=true]$sas"
53 |
--------------------------------------------------------------------------------
/eng/common/templates-official/steps/get-federated-access-token.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | - name: federatedServiceConnection
3 | type: string
4 | - name: outputVariableName
5 | type: string
6 | - name: stepName
7 | type: string
8 | default: 'getFederatedAccessToken'
9 | - name: condition
10 | type: string
11 | default: ''
12 | # Resource to get a token for. Common values include:
13 | # - '499b84ac-1321-427f-aa17-267ca6975798' for Azure DevOps
14 | # - 'https://storage.azure.com/' for storage
15 | # Defaults to Azure DevOps
16 | - name: resource
17 | type: string
18 | default: '499b84ac-1321-427f-aa17-267ca6975798'
19 | - name: isStepOutputVariable
20 | type: boolean
21 | default: false
22 |
23 | steps:
24 | - task: AzureCLI@2
25 | displayName: 'Getting federated access token for feeds'
26 | name: ${{ parameters.stepName }}
27 | ${{ if ne(parameters.condition, '') }}:
28 | condition: ${{ parameters.condition }}
29 | inputs:
30 | azureSubscription: ${{ parameters.federatedServiceConnection }}
31 | scriptType: 'pscore'
32 | scriptLocation: 'inlineScript'
33 | inlineScript: |
34 | $accessToken = az account get-access-token --query accessToken --resource ${{ parameters.resource }} --output tsv
35 | if ($LASTEXITCODE -ne 0) {
36 | Write-Error "Failed to get access token for resource '${{ parameters.resource }}'"
37 | exit 1
38 | }
39 | Write-Host "Setting '${{ parameters.outputVariableName }}' with the access token value"
40 | Write-Host "##vso[task.setvariable variable=${{ parameters.outputVariableName }};issecret=true;isOutput=${{ parameters.isStepOutputVariable }}]$accessToken"
--------------------------------------------------------------------------------
/eng/common/templates-official/steps/publish-logs.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | StageLabel: ''
3 | JobLabel: ''
4 |
5 | steps:
6 | - task: Powershell@2
7 | displayName: Prepare Binlogs to Upload
8 | inputs:
9 | targetType: inline
10 | script: |
11 | New-Item -ItemType Directory $(Build.SourcesDirectory)/PostBuildLogs/${{parameters.StageLabel}}/${{parameters.JobLabel}}/
12 | Move-Item -Path $(Build.SourcesDirectory)/artifacts/log/Debug/* $(Build.SourcesDirectory)/PostBuildLogs/${{parameters.StageLabel}}/${{parameters.JobLabel}}/
13 | continueOnError: true
14 | condition: always()
15 |
16 | - task: 1ES.PublishBuildArtifacts@1
17 | displayName: Publish Logs
18 | inputs:
19 | PathtoPublish: '$(Build.SourcesDirectory)/PostBuildLogs'
20 | PublishLocation: Container
21 | ArtifactName: PostBuildLogs
22 | continueOnError: true
23 | condition: always()
24 |
--------------------------------------------------------------------------------
/eng/common/templates-official/steps/retain-build.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | # Optional azure devops PAT with build execute permissions for the build's organization,
3 | # only needed if the build that should be retained ran on a different organization than
4 | # the pipeline where this template is executing from
5 | Token: ''
6 | # Optional BuildId to retain, defaults to the current running build
7 | BuildId: ''
8 | # Azure devops Organization URI for the build in the https://dev.azure.com/ format.
9 | # Defaults to the organization the current pipeline is running on
10 | AzdoOrgUri: '$(System.CollectionUri)'
11 | # Azure devops project for the build. Defaults to the project the current pipeline is running on
12 | AzdoProject: '$(System.TeamProject)'
13 |
14 | steps:
15 | - task: powershell@2
16 | inputs:
17 | targetType: 'filePath'
18 | filePath: eng/common/retain-build.ps1
19 | pwsh: true
20 | arguments: >
21 | -AzdoOrgUri: ${{parameters.AzdoOrgUri}}
22 | -AzdoProject ${{parameters.AzdoProject}}
23 | -Token ${{coalesce(parameters.Token, '$env:SYSTEM_ACCESSTOKEN') }}
24 | -BuildId ${{coalesce(parameters.BuildId, '$env:BUILD_ID')}}
25 | displayName: Enable permanent build retention
26 | env:
27 | SYSTEM_ACCESSTOKEN: $(System.AccessToken)
28 | BUILD_ID: $(Build.BuildId)
--------------------------------------------------------------------------------
/eng/common/templates-official/variables/pool-providers.yml:
--------------------------------------------------------------------------------
1 | # Select a pool provider based off branch name. Anything with branch name containing 'release' must go into an -Svc pool,
2 | # otherwise it should go into the "normal" pools. This separates out the queueing and billing of released branches.
3 |
4 | # Motivation:
5 | # Once a given branch of a repository's output has been officially "shipped" once, it is then considered to be COGS
6 | # (Cost of goods sold) and should be moved to a servicing pool provider. This allows both separation of queueing
7 | # (allowing release builds and main PR builds to not intefere with each other) and billing (required for COGS.
8 | # Additionally, the pool provider name itself may be subject to change when the .NET Core Engineering Services
9 | # team needs to move resources around and create new and potentially differently-named pools. Using this template
10 | # file from an Arcade-ified repo helps guard against both having to update one's release/* branches and renaming.
11 |
12 | # How to use:
13 | # This yaml assumes your shipped product branches use the naming convention "release/..." (which many do).
14 | # If we find alternate naming conventions in broad usage it can be added to the condition below.
15 | #
16 | # First, import the template in an arcade-ified repo to pick up the variables, e.g.:
17 | #
18 | # variables:
19 | # - template: /eng/common/templates-official/variables/pool-providers.yml
20 | #
21 | # ... then anywhere specifying the pool provider use the runtime variables,
22 | # $(DncEngInternalBuildPool)
23 | #
24 | # pool:
25 | # name: $(DncEngInternalBuildPool)
26 | # image: 1es-windows-2022
27 |
28 | variables:
29 | # Coalesce the target and source branches so we know when a PR targets a release branch
30 | # If these variables are somehow missing, fall back to main (tends to have more capacity)
31 |
32 | # Any new -Svc alternative pools should have variables added here to allow for splitting work
33 |
34 | - name: DncEngInternalBuildPool
35 | value: $[
36 | replace(
37 | replace(
38 | eq(contains(coalesce(variables['System.PullRequest.TargetBranch'], variables['Build.SourceBranch'], 'refs/heads/main'), 'release'), 'true'),
39 | True,
40 | 'NetCore1ESPool-Svc-Internal'
41 | ),
42 | False,
43 | 'NetCore1ESPool-Internal'
44 | )
45 | ]
--------------------------------------------------------------------------------
/eng/common/templates-official/variables/sdl-variables.yml:
--------------------------------------------------------------------------------
1 | variables:
2 | # The Guardian version specified in 'eng/common/sdl/packages.config'. This value must be kept in
3 | # sync with the packages.config file.
4 | - name: DefaultGuardianVersion
5 | value: 0.109.0
6 | - name: GuardianPackagesConfigFile
7 | value: $(Build.SourcesDirectory)\eng\common\sdl\packages.config
--------------------------------------------------------------------------------
/eng/common/templates/job/onelocbuild.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | # Optional: dependencies of the job
3 | dependsOn: ''
4 |
5 | # Optional: A defined YAML pool - https://docs.microsoft.com/en-us/azure/devops/pipelines/yaml-schema?view=vsts&tabs=schema#pool
6 | pool: ''
7 |
8 | CeapexPat: $(dn-bot-ceapex-package-r) # PAT for the loc AzDO instance https://dev.azure.com/ceapex
9 | GithubPat: $(BotAccount-dotnet-bot-repo-PAT)
10 |
11 | SourcesDirectory: $(Build.SourcesDirectory)
12 | CreatePr: true
13 | AutoCompletePr: false
14 | ReusePr: true
15 | UseLfLineEndings: true
16 | UseCheckedInLocProjectJson: false
17 | SkipLocProjectJsonGeneration: false
18 | LanguageSet: VS_Main_Languages
19 | LclSource: lclFilesInRepo
20 | LclPackageId: ''
21 | RepoType: gitHub
22 | GitHubOrg: dotnet
23 | MirrorRepo: ''
24 | MirrorBranch: main
25 | condition: ''
26 | JobNameSuffix: ''
27 |
28 | jobs:
29 | - job: OneLocBuild${{ parameters.JobNameSuffix }}
30 |
31 | dependsOn: ${{ parameters.dependsOn }}
32 |
33 | displayName: OneLocBuild${{ parameters.JobNameSuffix }}
34 |
35 | variables:
36 | - group: OneLocBuildVariables # Contains the CeapexPat and GithubPat
37 | - name: _GenerateLocProjectArguments
38 | value: -SourcesDirectory ${{ parameters.SourcesDirectory }}
39 | -LanguageSet "${{ parameters.LanguageSet }}"
40 | -CreateNeutralXlfs
41 | - ${{ if eq(parameters.UseCheckedInLocProjectJson, 'true') }}:
42 | - name: _GenerateLocProjectArguments
43 | value: ${{ variables._GenerateLocProjectArguments }} -UseCheckedInLocProjectJson
44 | - template: /eng/common/templates/variables/pool-providers.yml
45 |
46 | ${{ if ne(parameters.pool, '') }}:
47 | pool: ${{ parameters.pool }}
48 | ${{ if eq(parameters.pool, '') }}:
49 | pool:
50 | # We don't use the collection uri here because it might vary (.visualstudio.com vs. dev.azure.com)
51 | ${{ if eq(variables['System.TeamProject'], 'DevDiv') }}:
52 | name: VSEngSS-MicroBuild2022-1ES
53 | demands: Cmd
54 | # If it's not devdiv, it's dnceng
55 | ${{ if ne(variables['System.TeamProject'], 'DevDiv') }}:
56 | name: $(DncEngInternalBuildPool)
57 | demands: ImageOverride -equals windows.vs2019.amd64
58 |
59 | steps:
60 | - ${{ if ne(parameters.SkipLocProjectJsonGeneration, 'true') }}:
61 | - task: Powershell@2
62 | inputs:
63 | filePath: $(Build.SourcesDirectory)/eng/common/generate-locproject.ps1
64 | arguments: $(_GenerateLocProjectArguments)
65 | displayName: Generate LocProject.json
66 | condition: ${{ parameters.condition }}
67 |
68 | - task: OneLocBuild@2
69 | displayName: OneLocBuild
70 | env:
71 | SYSTEM_ACCESSTOKEN: $(System.AccessToken)
72 | inputs:
73 | locProj: eng/Localize/LocProject.json
74 | outDir: $(Build.ArtifactStagingDirectory)
75 | lclSource: ${{ parameters.LclSource }}
76 | lclPackageId: ${{ parameters.LclPackageId }}
77 | isCreatePrSelected: ${{ parameters.CreatePr }}
78 | isAutoCompletePrSelected: ${{ parameters.AutoCompletePr }}
79 | ${{ if eq(parameters.CreatePr, true) }}:
80 | isUseLfLineEndingsSelected: ${{ parameters.UseLfLineEndings }}
81 | ${{ if eq(parameters.RepoType, 'gitHub') }}:
82 | isShouldReusePrSelected: ${{ parameters.ReusePr }}
83 | packageSourceAuth: patAuth
84 | patVariable: ${{ parameters.CeapexPat }}
85 | ${{ if eq(parameters.RepoType, 'gitHub') }}:
86 | repoType: ${{ parameters.RepoType }}
87 | gitHubPatVariable: "${{ parameters.GithubPat }}"
88 | ${{ if ne(parameters.MirrorRepo, '') }}:
89 | isMirrorRepoSelected: true
90 | gitHubOrganization: ${{ parameters.GitHubOrg }}
91 | mirrorRepo: ${{ parameters.MirrorRepo }}
92 | mirrorBranch: ${{ parameters.MirrorBranch }}
93 | condition: ${{ parameters.condition }}
94 |
95 | - task: PublishBuildArtifacts@1
96 | displayName: Publish Localization Files
97 | inputs:
98 | PathtoPublish: '$(Build.ArtifactStagingDirectory)/loc'
99 | PublishLocation: Container
100 | ArtifactName: Loc
101 | condition: ${{ parameters.condition }}
102 |
103 | - task: PublishBuildArtifacts@1
104 | displayName: Publish LocProject.json
105 | inputs:
106 | PathtoPublish: '$(Build.SourcesDirectory)/eng/Localize/'
107 | PublishLocation: Container
108 | ArtifactName: Loc
109 | condition: ${{ parameters.condition }}
--------------------------------------------------------------------------------
/eng/common/templates/job/source-build.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | # This template adds arcade-powered source-build to CI. The template produces a server job with a
3 | # default ID 'Source_Build_Complete' to put in a dependency list if necessary.
4 |
5 | # Specifies the prefix for source-build jobs added to pipeline. Use this if disambiguation needed.
6 | jobNamePrefix: 'Source_Build'
7 |
8 | # Defines the platform on which to run the job. By default, a linux-x64 machine, suitable for
9 | # managed-only repositories. This is an object with these properties:
10 | #
11 | # name: ''
12 | # The name of the job. This is included in the job ID.
13 | # targetRID: ''
14 | # The name of the target RID to use, instead of the one auto-detected by Arcade.
15 | # nonPortable: false
16 | # Enables non-portable mode. This means a more specific RID (e.g. fedora.32-x64 rather than
17 | # linux-x64), and compiling against distro-provided packages rather than portable ones.
18 | # skipPublishValidation: false
19 | # Disables publishing validation. By default, a check is performed to ensure no packages are
20 | # published by source-build.
21 | # container: ''
22 | # A container to use. Runs in docker.
23 | # pool: {}
24 | # A pool to use. Runs directly on an agent.
25 | # buildScript: ''
26 | # Specifies the build script to invoke to perform the build in the repo. The default
27 | # './build.sh' should work for typical Arcade repositories, but this is customizable for
28 | # difficult situations.
29 | # jobProperties: {}
30 | # A list of job properties to inject at the top level, for potential extensibility beyond
31 | # container and pool.
32 | platform: {}
33 |
34 | # If set to true and running on a non-public project,
35 | # Internal blob storage locations will be enabled.
36 | # This is not enabled by default because many repositories do not need internal sources
37 | # and do not need to have the required service connections approved in the pipeline.
38 | enableInternalSources: false
39 |
40 | jobs:
41 | - job: ${{ parameters.jobNamePrefix }}_${{ parameters.platform.name }}
42 | displayName: Source-Build (${{ parameters.platform.name }})
43 |
44 | ${{ each property in parameters.platform.jobProperties }}:
45 | ${{ property.key }}: ${{ property.value }}
46 |
47 | ${{ if ne(parameters.platform.container, '') }}:
48 | container: ${{ parameters.platform.container }}
49 |
50 | ${{ if eq(parameters.platform.pool, '') }}:
51 | # The default VM host AzDO pool. This should be capable of running Docker containers: almost all
52 | # source-build builds run in Docker, including the default managed platform.
53 | # /eng/common/templates/variables/pool-providers.yml can't be used here (some customers declare variables already), so duplicate its logic
54 | pool:
55 | ${{ if eq(variables['System.TeamProject'], 'public') }}:
56 | name: $[replace(replace(eq(contains(coalesce(variables['System.PullRequest.TargetBranch'], variables['Build.SourceBranch'], 'refs/heads/main'), 'release'), 'true'), True, 'NetCore-Svc-Public' ), False, 'NetCore-Public')]
57 | demands: ImageOverride -equals Build.Ubuntu.2204.Amd64.Open
58 |
59 | ${{ if eq(variables['System.TeamProject'], 'internal') }}:
60 | name: $[replace(replace(eq(contains(coalesce(variables['System.PullRequest.TargetBranch'], variables['Build.SourceBranch'], 'refs/heads/main'), 'release'), 'true'), True, 'NetCore1ESPool-Svc-Internal'), False, 'NetCore1ESPool-Internal')]
61 | demands: ImageOverride -equals Build.Ubuntu.2204.Amd64
62 |
63 | ${{ if ne(parameters.platform.pool, '') }}:
64 | pool: ${{ parameters.platform.pool }}
65 |
66 | workspace:
67 | clean: all
68 |
69 | steps:
70 | - ${{ if eq(parameters.enableInternalSources, true) }}:
71 | - template: /eng/common/templates/steps/enable-internal-runtimes.yml
72 | - template: /eng/common/templates/steps/source-build.yml
73 | parameters:
74 | platform: ${{ parameters.platform }}
75 |
--------------------------------------------------------------------------------
/eng/common/templates/job/source-index-stage1.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | runAsPublic: false
3 | sourceIndexUploadPackageVersion: 2.0.0-20250425.2
4 | sourceIndexProcessBinlogPackageVersion: 1.0.1-20250425.2
5 | sourceIndexPackageSource: https://pkgs.dev.azure.com/dnceng/public/_packaging/dotnet-tools/nuget/v3/index.json
6 | sourceIndexBuildCommand: powershell -NoLogo -NoProfile -ExecutionPolicy Bypass -Command "eng/common/build.ps1 -restore -build -binarylog -ci"
7 | preSteps: []
8 | binlogPath: artifacts/log/Debug/Build.binlog
9 | condition: ''
10 | dependsOn: ''
11 | pool: ''
12 |
13 | jobs:
14 | - job: SourceIndexStage1
15 | dependsOn: ${{ parameters.dependsOn }}
16 | condition: ${{ parameters.condition }}
17 | variables:
18 | - name: SourceIndexUploadPackageVersion
19 | value: ${{ parameters.sourceIndexUploadPackageVersion }}
20 | - name: SourceIndexProcessBinlogPackageVersion
21 | value: ${{ parameters.sourceIndexProcessBinlogPackageVersion }}
22 | - name: SourceIndexPackageSource
23 | value: ${{ parameters.sourceIndexPackageSource }}
24 | - name: BinlogPath
25 | value: ${{ parameters.binlogPath }}
26 | - template: /eng/common/templates/variables/pool-providers.yml
27 |
28 | ${{ if ne(parameters.pool, '') }}:
29 | pool: ${{ parameters.pool }}
30 | ${{ if eq(parameters.pool, '') }}:
31 | pool:
32 | ${{ if eq(variables['System.TeamProject'], 'public') }}:
33 | name: $(DncEngPublicBuildPool)
34 | demands: ImageOverride -equals windows.vs2019.amd64.open
35 | ${{ if eq(variables['System.TeamProject'], 'internal') }}:
36 | name: $(DncEngInternalBuildPool)
37 | demands: ImageOverride -equals windows.vs2019.amd64
38 |
39 | steps:
40 | - ${{ each preStep in parameters.preSteps }}:
41 | - ${{ preStep }}
42 |
43 | - task: UseDotNet@2
44 | displayName: Use .NET 8 SDK
45 | inputs:
46 | packageType: sdk
47 | version: 8.0.x
48 | installationPath: $(Agent.TempDirectory)/dotnet
49 | workingDirectory: $(Agent.TempDirectory)
50 |
51 | - script: |
52 | $(Agent.TempDirectory)/dotnet/dotnet tool install BinLogToSln --version $(sourceIndexProcessBinlogPackageVersion) --add-source $(SourceIndexPackageSource) --tool-path $(Agent.TempDirectory)/.source-index/tools
53 | $(Agent.TempDirectory)/dotnet/dotnet tool install UploadIndexStage1 --version $(sourceIndexUploadPackageVersion) --add-source $(SourceIndexPackageSource) --tool-path $(Agent.TempDirectory)/.source-index/tools
54 | displayName: Download Tools
55 | # Set working directory to temp directory so 'dotnet' doesn't try to use global.json and use the repo's sdk.
56 | workingDirectory: $(Agent.TempDirectory)
57 |
58 | - script: ${{ parameters.sourceIndexBuildCommand }}
59 | displayName: Build Repository
60 |
61 | - script: $(Agent.TempDirectory)/.source-index/tools/BinLogToSln -i $(BinlogPath) -r $(Build.SourcesDirectory) -n $(Build.Repository.Name) -o .source-index/stage1output
62 | displayName: Process Binlog into indexable sln
63 |
64 | - ${{ if and(eq(parameters.runAsPublic, 'false'), ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
65 | - task: AzureCLI@2
66 | displayName: Get stage 1 auth token
67 | inputs:
68 | azureSubscription: 'SourceDotNet Stage1 Publish'
69 | addSpnToEnvironment: true
70 | scriptType: 'ps'
71 | scriptLocation: 'inlineScript'
72 | inlineScript: |
73 | echo "##vso[task.setvariable variable=ARM_CLIENT_ID;issecret=true]$env:servicePrincipalId"
74 | echo "##vso[task.setvariable variable=ARM_ID_TOKEN;issecret=true]$env:idToken"
75 | echo "##vso[task.setvariable variable=ARM_TENANT_ID;issecret=true]$env:tenantId"
76 |
77 | - script: |
78 | az login --service-principal -u $(ARM_CLIENT_ID) --tenant $(ARM_TENANT_ID) --allow-no-subscriptions --federated-token $(ARM_ID_TOKEN)
79 | displayName: "Login to Azure"
80 |
81 | - script: $(Agent.TempDirectory)/.source-index/tools/UploadIndexStage1 -i .source-index/stage1output -n $(Build.Repository.Name) -s netsourceindexstage1 -b stage1
82 | displayName: Upload stage1 artifacts to source index
83 |
--------------------------------------------------------------------------------
/eng/common/templates/jobs/codeql-build.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | # See schema documentation in /Documentation/AzureDevOps/TemplateSchema.md
3 | continueOnError: false
4 | # Required: A collection of jobs to run - https://docs.microsoft.com/en-us/azure/devops/pipelines/yaml-schema?view=vsts&tabs=schema#job
5 | jobs: []
6 | # Optional: if specified, restore and use this version of Guardian instead of the default.
7 | overrideGuardianVersion: ''
8 |
9 | jobs:
10 | - template: /eng/common/templates/jobs/jobs.yml
11 | parameters:
12 | enableMicrobuild: false
13 | enablePublishBuildArtifacts: false
14 | enablePublishTestResults: false
15 | enablePublishBuildAssets: false
16 | enablePublishUsingPipelines: false
17 | enableTelemetry: true
18 |
19 | variables:
20 | - group: Publish-Build-Assets
21 | # The Guardian version specified in 'eng/common/sdl/packages.config'. This value must be kept in
22 | # sync with the packages.config file.
23 | - name: DefaultGuardianVersion
24 | value: 0.109.0
25 | - name: GuardianPackagesConfigFile
26 | value: $(Build.SourcesDirectory)\eng\common\sdl\packages.config
27 | - name: GuardianVersion
28 | value: ${{ coalesce(parameters.overrideGuardianVersion, '$(DefaultGuardianVersion)') }}
29 |
30 | jobs: ${{ parameters.jobs }}
31 |
32 |
--------------------------------------------------------------------------------
/eng/common/templates/jobs/jobs.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | # See schema documentation in /Documentation/AzureDevOps/TemplateSchema.md
3 | continueOnError: false
4 |
5 | # Optional: Include PublishBuildArtifacts task
6 | enablePublishBuildArtifacts: false
7 |
8 | # Optional: Enable publishing using release pipelines
9 | enablePublishUsingPipelines: false
10 |
11 | # Optional: Enable running the source-build jobs to build repo from source
12 | enableSourceBuild: false
13 |
14 | # Optional: Parameters for source-build template.
15 | # See /eng/common/templates/jobs/source-build.yml for options
16 | sourceBuildParameters: []
17 |
18 | graphFileGeneration:
19 | # Optional: Enable generating the graph files at the end of the build
20 | enabled: false
21 | # Optional: Include toolset dependencies in the generated graph files
22 | includeToolset: false
23 |
24 | # Required: A collection of jobs to run - https://docs.microsoft.com/en-us/azure/devops/pipelines/yaml-schema?view=vsts&tabs=schema#job
25 | jobs: []
26 |
27 | # Optional: Override automatically derived dependsOn value for "publish build assets" job
28 | publishBuildAssetsDependsOn: ''
29 |
30 | # Optional: Publish the assets as soon as the publish to BAR stage is complete, rather doing so in a separate stage.
31 | publishAssetsImmediately: false
32 |
33 | # Optional: If using publishAssetsImmediately and additional parameters are needed, can be used to send along additional parameters (normally sent to post-build.yml)
34 | artifactsPublishingAdditionalParameters: ''
35 | signingValidationAdditionalParameters: ''
36 |
37 | # Optional: should run as a public build even in the internal project
38 | # if 'true', the build won't run any of the internal only steps, even if it is running in non-public projects.
39 | runAsPublic: false
40 |
41 | enableSourceIndex: false
42 | sourceIndexParams: {}
43 |
44 | # Internal resources (telemetry, microbuild) can only be accessed from non-public projects,
45 | # and some (Microbuild) should only be applied to non-PR cases for internal builds.
46 |
47 | jobs:
48 | - ${{ each job in parameters.jobs }}:
49 | - template: ../job/job.yml
50 | parameters:
51 | # pass along parameters
52 | ${{ each parameter in parameters }}:
53 | ${{ if ne(parameter.key, 'jobs') }}:
54 | ${{ parameter.key }}: ${{ parameter.value }}
55 |
56 | # pass along job properties
57 | ${{ each property in job }}:
58 | ${{ if ne(property.key, 'job') }}:
59 | ${{ property.key }}: ${{ property.value }}
60 |
61 | name: ${{ job.job }}
62 |
63 | - ${{ if eq(parameters.enableSourceBuild, true) }}:
64 | - template: /eng/common/templates/jobs/source-build.yml
65 | parameters:
66 | allCompletedJobId: Source_Build_Complete
67 | ${{ each parameter in parameters.sourceBuildParameters }}:
68 | ${{ parameter.key }}: ${{ parameter.value }}
69 |
70 | - ${{ if eq(parameters.enableSourceIndex, 'true') }}:
71 | - template: ../job/source-index-stage1.yml
72 | parameters:
73 | runAsPublic: ${{ parameters.runAsPublic }}
74 | ${{ each parameter in parameters.sourceIndexParams }}:
75 | ${{ parameter.key }}: ${{ parameter.value }}
76 |
77 | - ${{ if and(eq(parameters.runAsPublic, 'false'), ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
78 | - ${{ if or(eq(parameters.enablePublishBuildAssets, true), eq(parameters.artifacts.publish.manifests, 'true'), ne(parameters.artifacts.publish.manifests, '')) }}:
79 | - template: ../job/publish-build-assets.yml
80 | parameters:
81 | continueOnError: ${{ parameters.continueOnError }}
82 | dependsOn:
83 | - ${{ if ne(parameters.publishBuildAssetsDependsOn, '') }}:
84 | - ${{ each job in parameters.publishBuildAssetsDependsOn }}:
85 | - ${{ job.job }}
86 | - ${{ if eq(parameters.publishBuildAssetsDependsOn, '') }}:
87 | - ${{ each job in parameters.jobs }}:
88 | - ${{ job.job }}
89 | - ${{ if eq(parameters.enableSourceBuild, true) }}:
90 | - Source_Build_Complete
91 |
92 | runAsPublic: ${{ parameters.runAsPublic }}
93 | publishUsingPipelines: ${{ parameters.enablePublishUsingPipelines }}
94 | publishAssetsImmediately: ${{ parameters.publishAssetsImmediately }}
95 | enablePublishBuildArtifacts: ${{ parameters.enablePublishBuildArtifacts }}
96 | artifactsPublishingAdditionalParameters: ${{ parameters.artifactsPublishingAdditionalParameters }}
97 | signingValidationAdditionalParameters: ${{ parameters.signingValidationAdditionalParameters }}
98 |
--------------------------------------------------------------------------------
/eng/common/templates/jobs/source-build.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | # This template adds arcade-powered source-build to CI. A job is created for each platform, as
3 | # well as an optional server job that completes when all platform jobs complete.
4 |
5 | # The name of the "join" job for all source-build platforms. If set to empty string, the job is
6 | # not included. Existing repo pipelines can use this job depend on all source-build jobs
7 | # completing without maintaining a separate list of every single job ID: just depend on this one
8 | # server job. By default, not included. Recommended name if used: 'Source_Build_Complete'.
9 | allCompletedJobId: ''
10 |
11 | # See /eng/common/templates/job/source-build.yml
12 | jobNamePrefix: 'Source_Build'
13 |
14 | # This is the default platform provided by Arcade, intended for use by a managed-only repo.
15 | defaultManagedPlatform:
16 | name: 'Managed'
17 | container: 'mcr.microsoft.com/dotnet-buildtools/prereqs:centos-stream-9-amd64'
18 |
19 | # Defines the platforms on which to run build jobs. One job is created for each platform, and the
20 | # object in this array is sent to the job template as 'platform'. If no platforms are specified,
21 | # one job runs on 'defaultManagedPlatform'.
22 | platforms: []
23 |
24 | # If set to true and running on a non-public project,
25 | # Internal nuget and blob storage locations will be enabled.
26 | # This is not enabled by default because many repositories do not need internal sources
27 | # and do not need to have the required service connections approved in the pipeline.
28 | enableInternalSources: false
29 |
30 | jobs:
31 |
32 | - ${{ if ne(parameters.allCompletedJobId, '') }}:
33 | - job: ${{ parameters.allCompletedJobId }}
34 | displayName: Source-Build Complete
35 | pool: server
36 | dependsOn:
37 | - ${{ each platform in parameters.platforms }}:
38 | - ${{ parameters.jobNamePrefix }}_${{ platform.name }}
39 | - ${{ if eq(length(parameters.platforms), 0) }}:
40 | - ${{ parameters.jobNamePrefix }}_${{ parameters.defaultManagedPlatform.name }}
41 |
42 | - ${{ each platform in parameters.platforms }}:
43 | - template: /eng/common/templates/job/source-build.yml
44 | parameters:
45 | jobNamePrefix: ${{ parameters.jobNamePrefix }}
46 | platform: ${{ platform }}
47 | enableInternalSources: ${{ parameters.enableInternalSources }}
48 |
49 | - ${{ if eq(length(parameters.platforms), 0) }}:
50 | - template: /eng/common/templates/job/source-build.yml
51 | parameters:
52 | jobNamePrefix: ${{ parameters.jobNamePrefix }}
53 | platform: ${{ parameters.defaultManagedPlatform }}
54 | enableInternalSources: ${{ parameters.enableInternalSources }}
55 |
--------------------------------------------------------------------------------
/eng/common/templates/post-build/common-variables.yml:
--------------------------------------------------------------------------------
1 | variables:
2 | - group: Publish-Build-Assets
3 |
4 | # Whether the build is internal or not
5 | - name: IsInternalBuild
6 | value: ${{ and(ne(variables['System.TeamProject'], 'public'), contains(variables['Build.SourceBranch'], 'internal')) }}
7 |
8 | # Default Maestro++ API Endpoint and API Version
9 | - name: MaestroApiEndPoint
10 | value: "https://maestro.dot.net"
11 | - name: MaestroApiAccessToken
12 | value: $(MaestroAccessToken)
13 | - name: MaestroApiVersion
14 | value: "2020-02-20"
15 |
16 | - name: SourceLinkCLIVersion
17 | value: 3.0.0
18 | - name: SymbolToolVersion
19 | value: 1.0.1
20 |
21 | - name: runCodesignValidationInjection
22 | value: false
23 |
--------------------------------------------------------------------------------
/eng/common/templates/post-build/setup-maestro-vars.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | BARBuildId: ''
3 | PromoteToChannelIds: ''
4 |
5 | steps:
6 | - ${{ if eq(coalesce(parameters.PromoteToChannelIds, 0), 0) }}:
7 | - task: DownloadBuildArtifacts@0
8 | displayName: Download Release Configs
9 | inputs:
10 | buildType: current
11 | artifactName: ReleaseConfigs
12 | checkDownloadedFiles: true
13 |
14 | - task: AzureCLI@2
15 | name: setReleaseVars
16 | displayName: Set Release Configs Vars
17 | inputs:
18 | azureSubscription: "Darc: Maestro Production"
19 | scriptType: pscore
20 | scriptLocation: inlineScript
21 | inlineScript: |
22 | try {
23 | if (!$Env:PromoteToMaestroChannels -or $Env:PromoteToMaestroChannels.Trim() -eq '') {
24 | $Content = Get-Content $(Build.StagingDirectory)/ReleaseConfigs/ReleaseConfigs.txt
25 |
26 | $BarId = $Content | Select -Index 0
27 | $Channels = $Content | Select -Index 1
28 | $IsStableBuild = $Content | Select -Index 2
29 |
30 | $AzureDevOpsProject = $Env:System_TeamProject
31 | $AzureDevOpsBuildDefinitionId = $Env:System_DefinitionId
32 | $AzureDevOpsBuildId = $Env:Build_BuildId
33 | }
34 | else {
35 | . $(Build.SourcesDirectory)\eng\common\tools.ps1
36 | $darc = Get-Darc
37 | $buildInfo = & $darc get-build `
38 | --id ${{ parameters.BARBuildId }} `
39 | --extended `
40 | --output-format json `
41 | --ci `
42 | | convertFrom-Json
43 |
44 | $BarId = ${{ parameters.BARBuildId }}
45 | $Channels = $Env:PromoteToMaestroChannels -split ","
46 | $Channels = $Channels -join "]["
47 | $Channels = "[$Channels]"
48 |
49 | $IsStableBuild = $buildInfo.stable
50 | $AzureDevOpsProject = $buildInfo.azureDevOpsProject
51 | $AzureDevOpsBuildDefinitionId = $buildInfo.azureDevOpsBuildDefinitionId
52 | $AzureDevOpsBuildId = $buildInfo.azureDevOpsBuildId
53 | }
54 |
55 | Write-Host "##vso[task.setvariable variable=BARBuildId]$BarId"
56 | Write-Host "##vso[task.setvariable variable=TargetChannels]$Channels"
57 | Write-Host "##vso[task.setvariable variable=IsStableBuild]$IsStableBuild"
58 |
59 | Write-Host "##vso[task.setvariable variable=AzDOProjectName]$AzureDevOpsProject"
60 | Write-Host "##vso[task.setvariable variable=AzDOPipelineId]$AzureDevOpsBuildDefinitionId"
61 | Write-Host "##vso[task.setvariable variable=AzDOBuildId]$AzureDevOpsBuildId"
62 | }
63 | catch {
64 | Write-Host $_
65 | Write-Host $_.Exception
66 | Write-Host $_.ScriptStackTrace
67 | exit 1
68 | }
69 | env:
70 | PromoteToMaestroChannels: ${{ parameters.PromoteToChannelIds }}
71 |
--------------------------------------------------------------------------------
/eng/common/templates/post-build/trigger-subscription.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | ChannelId: 0
3 |
4 | steps:
5 | - task: PowerShell@2
6 | displayName: Triggering subscriptions
7 | inputs:
8 | filePath: $(Build.SourcesDirectory)/eng/common/post-build/trigger-subscriptions.ps1
9 | arguments: -SourceRepo $(Build.Repository.Uri)
10 | -ChannelId ${{ parameters.ChannelId }}
11 | -MaestroApiAccessToken $(MaestroAccessToken)
12 | -MaestroApiEndPoint $(MaestroApiEndPoint)
13 | -MaestroApiVersion $(MaestroApiVersion)
14 |
--------------------------------------------------------------------------------
/eng/common/templates/steps/add-build-to-channel.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | ChannelId: 0
3 |
4 | steps:
5 | - task: PowerShell@2
6 | displayName: Add Build to Channel
7 | inputs:
8 | filePath: $(Build.SourcesDirectory)/eng/common/post-build/add-build-to-channel.ps1
9 | arguments: -BuildId $(BARBuildId)
10 | -ChannelId ${{ parameters.ChannelId }}
11 | -MaestroApiAccessToken $(MaestroApiAccessToken)
12 | -MaestroApiEndPoint $(MaestroApiEndPoint)
13 | -MaestroApiVersion $(MaestroApiVersion)
14 |
--------------------------------------------------------------------------------
/eng/common/templates/steps/build-reason.yml:
--------------------------------------------------------------------------------
1 | # build-reason.yml
2 | # Description: runs steps if build.reason condition is valid. conditions is a string of valid build reasons
3 | # to include steps (',' separated).
4 | parameters:
5 | conditions: ''
6 | steps: []
7 |
8 | steps:
9 | - ${{ if and( not(startsWith(parameters.conditions, 'not')), contains(parameters.conditions, variables['build.reason'])) }}:
10 | - ${{ parameters.steps }}
11 | - ${{ if and( startsWith(parameters.conditions, 'not'), not(contains(parameters.conditions, variables['build.reason']))) }}:
12 | - ${{ parameters.steps }}
13 |
--------------------------------------------------------------------------------
/eng/common/templates/steps/component-governance.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | disableComponentGovernance: false
3 | componentGovernanceIgnoreDirectories: ''
4 |
5 | steps:
6 | - ${{ if eq(parameters.disableComponentGovernance, 'true') }}:
7 | - script: echo "##vso[task.setvariable variable=skipComponentGovernanceDetection]true"
8 | displayName: Set skipComponentGovernanceDetection variable
9 | - ${{ if ne(parameters.disableComponentGovernance, 'true') }}:
10 | - task: ComponentGovernanceComponentDetection@0
11 | continueOnError: true
12 | inputs:
13 | ignoreDirectories: ${{ parameters.componentGovernanceIgnoreDirectories }}
--------------------------------------------------------------------------------
/eng/common/templates/steps/enable-internal-runtimes.yml:
--------------------------------------------------------------------------------
1 | # Obtains internal runtime download credentials and populates the 'dotnetbuilds-internal-container-read-token-base64'
2 | # variable with the base64-encoded SAS token, by default
3 |
4 | parameters:
5 | - name: federatedServiceConnection
6 | type: string
7 | default: 'dotnetbuilds-internal-read'
8 | - name: outputVariableName
9 | type: string
10 | default: 'dotnetbuilds-internal-container-read-token-base64'
11 | - name: expiryInHours
12 | type: number
13 | default: 1
14 | - name: base64Encode
15 | type: boolean
16 | default: true
17 |
18 | steps:
19 | - ${{ if ne(variables['System.TeamProject'], 'public') }}:
20 | - template: /eng/common/templates/steps/get-delegation-sas.yml
21 | parameters:
22 | federatedServiceConnection: ${{ parameters.federatedServiceConnection }}
23 | outputVariableName: ${{ parameters.outputVariableName }}
24 | expiryInHours: ${{ parameters.expiryInHours }}
25 | base64Encode: ${{ parameters.base64Encode }}
26 | storageAccount: dotnetbuilds
27 | container: internal
28 | permissions: rl
29 |
--------------------------------------------------------------------------------
/eng/common/templates/steps/execute-codeql.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | # Language that should be analyzed. Defaults to csharp
3 | language: csharp
4 | # Build Commands
5 | buildCommands: ''
6 | overrideParameters: '' # Optional: to override values for parameters.
7 | additionalParameters: '' # Optional: parameters that need user specific values eg: '-SourceToolsList @("abc","def") -ArtifactToolsList @("ghi","jkl")'
8 | # Optional: if specified, restore and use this version of Guardian instead of the default.
9 | overrideGuardianVersion: ''
10 | # Optional: if true, publish the '.gdn' folder as a pipeline artifact. This can help with in-depth
11 | # diagnosis of problems with specific tool configurations.
12 | publishGuardianDirectoryToPipeline: false
13 | # The script to run to execute all SDL tools. Use this if you want to use a script to define SDL
14 | # parameters rather than relying on YAML. It may be better to use a local script, because you can
15 | # reproduce results locally without piecing together a command based on the YAML.
16 | executeAllSdlToolsScript: 'eng/common/sdl/execute-all-sdl-tools.ps1'
17 | # There is some sort of bug (has been reported) in Azure DevOps where if this parameter is named
18 | # 'continueOnError', the parameter value is not correctly picked up.
19 | # This can also be remedied by the caller (post-build.yml) if it does not use a nested parameter
20 | # optional: determines whether to continue the build if the step errors;
21 | sdlContinueOnError: false
22 |
23 | steps:
24 | - template: /eng/common/templates/steps/execute-sdl.yml
25 | parameters:
26 | overrideGuardianVersion: ${{ parameters.overrideGuardianVersion }}
27 | executeAllSdlToolsScript: ${{ parameters.executeAllSdlToolsScript }}
28 | overrideParameters: ${{ parameters.overrideParameters }}
29 | additionalParameters: '${{ parameters.additionalParameters }}
30 | -CodeQLAdditionalRunConfigParams @("BuildCommands < ${{ parameters.buildCommands }}", "Language < ${{ parameters.language }}")'
31 | publishGuardianDirectoryToPipeline: ${{ parameters.publishGuardianDirectoryToPipeline }}
32 | sdlContinueOnError: ${{ parameters.sdlContinueOnError }}
--------------------------------------------------------------------------------
/eng/common/templates/steps/execute-sdl.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | overrideGuardianVersion: ''
3 | executeAllSdlToolsScript: ''
4 | overrideParameters: ''
5 | additionalParameters: ''
6 | publishGuardianDirectoryToPipeline: false
7 | sdlContinueOnError: false
8 | condition: ''
9 |
10 | steps:
11 | - task: NuGetAuthenticate@1
12 |
13 | - task: NuGetToolInstaller@1
14 | displayName: 'Install NuGet.exe'
15 |
16 | - ${{ if ne(parameters.overrideGuardianVersion, '') }}:
17 | - pwsh: |
18 | Set-Location -Path $(Build.SourcesDirectory)\eng\common\sdl
19 | . .\sdl.ps1
20 | $guardianCliLocation = Install-Gdn -Path $(Build.SourcesDirectory)\.artifacts -Version ${{ parameters.overrideGuardianVersion }}
21 | Write-Host "##vso[task.setvariable variable=GuardianCliLocation]$guardianCliLocation"
22 | displayName: Install Guardian (Overridden)
23 |
24 | - ${{ if eq(parameters.overrideGuardianVersion, '') }}:
25 | - pwsh: |
26 | Set-Location -Path $(Build.SourcesDirectory)\eng\common\sdl
27 | . .\sdl.ps1
28 | $guardianCliLocation = Install-Gdn -Path $(Build.SourcesDirectory)\.artifacts
29 | Write-Host "##vso[task.setvariable variable=GuardianCliLocation]$guardianCliLocation"
30 | displayName: Install Guardian
31 |
32 | - ${{ if ne(parameters.overrideParameters, '') }}:
33 | - powershell: ${{ parameters.executeAllSdlToolsScript }} ${{ parameters.overrideParameters }}
34 | displayName: Execute SDL (Overridden)
35 | continueOnError: ${{ parameters.sdlContinueOnError }}
36 | condition: ${{ parameters.condition }}
37 | env:
38 | GUARDIAN_DEFAULT_PACKAGE_SOURCE_SECRET: $(System.AccessToken)
39 |
40 | - ${{ if eq(parameters.overrideParameters, '') }}:
41 | - powershell: ${{ parameters.executeAllSdlToolsScript }}
42 | -GuardianCliLocation $(GuardianCliLocation)
43 | -NugetPackageDirectory $(Build.SourcesDirectory)\.packages
44 | ${{ parameters.additionalParameters }}
45 | displayName: Execute SDL
46 | continueOnError: ${{ parameters.sdlContinueOnError }}
47 | condition: ${{ parameters.condition }}
48 | env:
49 | GUARDIAN_DEFAULT_PACKAGE_SOURCE_SECRET: $(System.AccessToken)
50 |
51 | - ${{ if ne(parameters.publishGuardianDirectoryToPipeline, 'false') }}:
52 | # We want to publish the Guardian results and configuration for easy diagnosis. However, the
53 | # '.gdn' dir is a mix of configuration, results, extracted dependencies, and Guardian default
54 | # tooling files. Some of these files are large and aren't useful during an investigation, so
55 | # exclude them by simply deleting them before publishing. (As of writing, there is no documented
56 | # way to selectively exclude a dir from the pipeline artifact publish task.)
57 | - task: DeleteFiles@1
58 | displayName: Delete Guardian dependencies to avoid uploading
59 | inputs:
60 | SourceFolder: $(Agent.BuildDirectory)/.gdn
61 | Contents: |
62 | c
63 | i
64 | condition: succeededOrFailed()
65 |
66 | - publish: $(Agent.BuildDirectory)/.gdn
67 | artifact: GuardianConfiguration
68 | displayName: Publish GuardianConfiguration
69 | condition: succeededOrFailed()
70 |
71 | # Publish the SARIF files in a container named CodeAnalysisLogs to enable integration
72 | # with the "SARIF SAST Scans Tab" Azure DevOps extension
73 | - task: CopyFiles@2
74 | displayName: Copy SARIF files
75 | inputs:
76 | flattenFolders: true
77 | sourceFolder: $(Agent.BuildDirectory)/.gdn/rc/
78 | contents: '**/*.sarif'
79 | targetFolder: $(Build.SourcesDirectory)/CodeAnalysisLogs
80 | condition: succeededOrFailed()
81 |
82 | # Use PublishBuildArtifacts because the SARIF extension only checks this case
83 | # see microsoft/sarif-azuredevops-extension#4
84 | - task: PublishBuildArtifacts@1
85 | displayName: Publish SARIF files to CodeAnalysisLogs container
86 | inputs:
87 | pathToPublish: $(Build.SourcesDirectory)/CodeAnalysisLogs
88 | artifactName: CodeAnalysisLogs
89 | condition: succeededOrFailed()
--------------------------------------------------------------------------------
/eng/common/templates/steps/generate-sbom.yml:
--------------------------------------------------------------------------------
1 | # BuildDropPath - The root folder of the drop directory for which the manifest file will be generated.
2 | # PackageName - The name of the package this SBOM represents.
3 | # PackageVersion - The version of the package this SBOM represents.
4 | # ManifestDirPath - The path of the directory where the generated manifest files will be placed
5 | # IgnoreDirectories - Directories to ignore for SBOM generation. This will be passed through to the CG component detector.
6 |
7 | parameters:
8 | PackageVersion: 8.0.0
9 | BuildDropPath: '$(Build.SourcesDirectory)/artifacts'
10 | PackageName: '.NET'
11 | ManifestDirPath: $(Build.ArtifactStagingDirectory)/sbom
12 | IgnoreDirectories: ''
13 | sbomContinueOnError: true
14 |
15 | steps:
16 | - task: PowerShell@2
17 | displayName: Prep for SBOM generation in (Non-linux)
18 | condition: or(eq(variables['Agent.Os'], 'Windows_NT'), eq(variables['Agent.Os'], 'Darwin'))
19 | inputs:
20 | filePath: ./eng/common/generate-sbom-prep.ps1
21 | arguments: ${{parameters.manifestDirPath}}
22 |
23 | # Chmodding is a workaround for https://github.com/dotnet/arcade/issues/8461
24 | - script: |
25 | chmod +x ./eng/common/generate-sbom-prep.sh
26 | ./eng/common/generate-sbom-prep.sh ${{parameters.manifestDirPath}}
27 | displayName: Prep for SBOM generation in (Linux)
28 | condition: eq(variables['Agent.Os'], 'Linux')
29 | continueOnError: ${{ parameters.sbomContinueOnError }}
30 |
31 | - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
32 | displayName: 'Generate SBOM manifest'
33 | continueOnError: ${{ parameters.sbomContinueOnError }}
34 | inputs:
35 | PackageName: ${{ parameters.packageName }}
36 | BuildDropPath: ${{ parameters.buildDropPath }}
37 | PackageVersion: ${{ parameters.packageVersion }}
38 | ManifestDirPath: ${{ parameters.manifestDirPath }}
39 | ${{ if ne(parameters.IgnoreDirectories, '') }}:
40 | AdditionalComponentDetectorArgs: '--IgnoreDirectories ${{ parameters.IgnoreDirectories }}'
41 |
42 | - task: PublishPipelineArtifact@1
43 | displayName: Publish SBOM manifest
44 | continueOnError: ${{parameters.sbomContinueOnError}}
45 | inputs:
46 | targetPath: '${{parameters.manifestDirPath}}'
47 | artifactName: $(ARTIFACT_NAME)
48 |
49 |
--------------------------------------------------------------------------------
/eng/common/templates/steps/get-delegation-sas.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | - name: federatedServiceConnection
3 | type: string
4 | - name: outputVariableName
5 | type: string
6 | - name: expiryInHours
7 | type: number
8 | default: 1
9 | - name: base64Encode
10 | type: boolean
11 | default: false
12 | - name: storageAccount
13 | type: string
14 | - name: container
15 | type: string
16 | - name: permissions
17 | type: string
18 | default: 'rl'
19 |
20 | steps:
21 | - task: AzureCLI@2
22 | displayName: 'Generate delegation SAS Token for ${{ parameters.storageAccount }}/${{ parameters.container }}'
23 | inputs:
24 | azureSubscription: ${{ parameters.federatedServiceConnection }}
25 | scriptType: 'pscore'
26 | scriptLocation: 'inlineScript'
27 | inlineScript: |
28 | # Calculate the expiration of the SAS token and convert to UTC
29 | $expiry = (Get-Date).AddHours(${{ parameters.expiryInHours }}).ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ")
30 |
31 | # Temporarily work around a helix issue where SAS tokens with / in them will cause incorrect downloads
32 | # of correlation payloads. https://github.com/dotnet/dnceng/issues/3484
33 | $sas = ""
34 | do {
35 | $sas = az storage container generate-sas --account-name ${{ parameters.storageAccount }} --name ${{ parameters.container }} --permissions ${{ parameters.permissions }} --expiry $expiry --auth-mode login --as-user -o tsv
36 | if ($LASTEXITCODE -ne 0) {
37 | Write-Error "Failed to generate SAS token."
38 | exit 1
39 | }
40 | } while($sas.IndexOf('/') -ne -1)
41 |
42 | if ($LASTEXITCODE -ne 0) {
43 | Write-Error "Failed to generate SAS token."
44 | exit 1
45 | }
46 |
47 | if ('${{ parameters.base64Encode }}' -eq 'true') {
48 | $sas = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($sas))
49 | }
50 |
51 | Write-Host "Setting '${{ parameters.outputVariableName }}' with the access token value"
52 | Write-Host "##vso[task.setvariable variable=${{ parameters.outputVariableName }};issecret=true]$sas"
53 |
--------------------------------------------------------------------------------
/eng/common/templates/steps/get-federated-access-token.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | - name: federatedServiceConnection
3 | type: string
4 | - name: outputVariableName
5 | type: string
6 | - name: stepName
7 | type: string
8 | default: 'getFederatedAccessToken'
9 | - name: condition
10 | type: string
11 | default: ''
12 | # Resource to get a token for. Common values include:
13 | # - '499b84ac-1321-427f-aa17-267ca6975798' for Azure DevOps
14 | # - 'https://storage.azure.com/' for storage
15 | # Defaults to Azure DevOps
16 | - name: resource
17 | type: string
18 | default: '499b84ac-1321-427f-aa17-267ca6975798'
19 | - name: isStepOutputVariable
20 | type: boolean
21 | default: false
22 |
23 | steps:
24 | - task: AzureCLI@2
25 | displayName: 'Getting federated access token for feeds'
26 | name: ${{ parameters.stepName }}
27 | ${{ if ne(parameters.condition, '') }}:
28 | condition: ${{ parameters.condition }}
29 | inputs:
30 | azureSubscription: ${{ parameters.federatedServiceConnection }}
31 | scriptType: 'pscore'
32 | scriptLocation: 'inlineScript'
33 | inlineScript: |
34 | $accessToken = az account get-access-token --query accessToken --resource ${{ parameters.resource }} --output tsv
35 | if ($LASTEXITCODE -ne 0) {
36 | Write-Error "Failed to get access token for resource '${{ parameters.resource }}'"
37 | exit 1
38 | }
39 | Write-Host "Setting '${{ parameters.outputVariableName }}' with the access token value"
40 | Write-Host "##vso[task.setvariable variable=${{ parameters.outputVariableName }};issecret=true;isOutput=${{ parameters.isStepOutputVariable }}]$accessToken"
--------------------------------------------------------------------------------
/eng/common/templates/steps/publish-logs.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | StageLabel: ''
3 | JobLabel: ''
4 |
5 | steps:
6 | - task: Powershell@2
7 | displayName: Prepare Binlogs to Upload
8 | inputs:
9 | targetType: inline
10 | script: |
11 | New-Item -ItemType Directory $(Build.SourcesDirectory)/PostBuildLogs/${{parameters.StageLabel}}/${{parameters.JobLabel}}/
12 | Move-Item -Path $(Build.SourcesDirectory)/artifacts/log/Debug/* $(Build.SourcesDirectory)/PostBuildLogs/${{parameters.StageLabel}}/${{parameters.JobLabel}}/
13 | continueOnError: true
14 | condition: always()
15 |
16 | - task: PublishBuildArtifacts@1
17 | displayName: Publish Logs
18 | inputs:
19 | PathtoPublish: '$(Build.SourcesDirectory)/PostBuildLogs'
20 | PublishLocation: Container
21 | ArtifactName: PostBuildLogs
22 | continueOnError: true
23 | condition: always()
24 |
--------------------------------------------------------------------------------
/eng/common/templates/steps/retain-build.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | # Optional azure devops PAT with build execute permissions for the build's organization,
3 | # only needed if the build that should be retained ran on a different organization than
4 | # the pipeline where this template is executing from
5 | Token: ''
6 | # Optional BuildId to retain, defaults to the current running build
7 | BuildId: ''
8 | # Azure devops Organization URI for the build in the https://dev.azure.com/ format.
9 | # Defaults to the organization the current pipeline is running on
10 | AzdoOrgUri: '$(System.CollectionUri)'
11 | # Azure devops project for the build. Defaults to the project the current pipeline is running on
12 | AzdoProject: '$(System.TeamProject)'
13 |
14 | steps:
15 | - task: powershell@2
16 | inputs:
17 | targetType: 'filePath'
18 | filePath: eng/common/retain-build.ps1
19 | pwsh: true
20 | arguments: >
21 | -AzdoOrgUri: ${{parameters.AzdoOrgUri}}
22 | -AzdoProject ${{parameters.AzdoProject}}
23 | -Token ${{coalesce(parameters.Token, '$env:SYSTEM_ACCESSTOKEN') }}
24 | -BuildId ${{coalesce(parameters.BuildId, '$env:BUILD_ID')}}
25 | displayName: Enable permanent build retention
26 | env:
27 | SYSTEM_ACCESSTOKEN: $(System.AccessToken)
28 | BUILD_ID: $(Build.BuildId)
--------------------------------------------------------------------------------
/eng/common/templates/steps/run-on-unix.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | agentOs: ''
3 | steps: []
4 |
5 | steps:
6 | - ${{ if ne(parameters.agentOs, 'Windows_NT') }}:
7 | - ${{ parameters.steps }}
8 |
--------------------------------------------------------------------------------
/eng/common/templates/steps/run-on-windows.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | agentOs: ''
3 | steps: []
4 |
5 | steps:
6 | - ${{ if eq(parameters.agentOs, 'Windows_NT') }}:
7 | - ${{ parameters.steps }}
8 |
--------------------------------------------------------------------------------
/eng/common/templates/steps/run-script-ifequalelse.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | # if parameter1 equals parameter 2, run 'ifScript' command, else run 'elsescript' command
3 | parameter1: ''
4 | parameter2: ''
5 | ifScript: ''
6 | elseScript: ''
7 |
8 | # name of script step
9 | name: Script
10 |
11 | # display name of script step
12 | displayName: If-Equal-Else Script
13 |
14 | # environment
15 | env: {}
16 |
17 | # conditional expression for step execution
18 | condition: ''
19 |
20 | steps:
21 | - ${{ if and(ne(parameters.ifScript, ''), eq(parameters.parameter1, parameters.parameter2)) }}:
22 | - script: ${{ parameters.ifScript }}
23 | name: ${{ parameters.name }}
24 | displayName: ${{ parameters.displayName }}
25 | env: ${{ parameters.env }}
26 | condition: ${{ parameters.condition }}
27 |
28 | - ${{ if and(ne(parameters.elseScript, ''), ne(parameters.parameter1, parameters.parameter2)) }}:
29 | - script: ${{ parameters.elseScript }}
30 | name: ${{ parameters.name }}
31 | displayName: ${{ parameters.displayName }}
32 | env: ${{ parameters.env }}
33 | condition: ${{ parameters.condition }}
--------------------------------------------------------------------------------
/eng/common/templates/steps/telemetry-end.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | maxRetries: 5
3 | retryDelay: 10 # in seconds
4 |
5 | steps:
6 | - bash: |
7 | if [ "$AGENT_JOBSTATUS" = "Succeeded" ] || [ "$AGENT_JOBSTATUS" = "PartiallySucceeded" ]; then
8 | errorCount=0
9 | else
10 | errorCount=1
11 | fi
12 | warningCount=0
13 |
14 | curlStatus=1
15 | retryCount=0
16 | # retry loop to harden against spotty telemetry connections
17 | # we don't retry successes and 4xx client errors
18 | until [[ $curlStatus -eq 0 || ( $curlStatus -ge 400 && $curlStatus -le 499 ) || $retryCount -ge $MaxRetries ]]
19 | do
20 | if [ $retryCount -gt 0 ]; then
21 | echo "Failed to send telemetry to Helix; waiting $RetryDelay seconds before retrying..."
22 | sleep $RetryDelay
23 | fi
24 |
25 | # create a temporary file for curl output
26 | res=`mktemp`
27 |
28 | curlResult=`
29 | curl --verbose --output $res --write-out "%{http_code}"\
30 | -H 'Content-Type: application/json' \
31 | -H "X-Helix-Job-Token: $Helix_JobToken" \
32 | -H 'Content-Length: 0' \
33 | -X POST -G "https://helix.dot.net/api/2018-03-14/telemetry/job/build/$Helix_WorkItemId/finish" \
34 | --data-urlencode "errorCount=$errorCount" \
35 | --data-urlencode "warningCount=$warningCount"`
36 | curlStatus=$?
37 |
38 | if [ $curlStatus -eq 0 ]; then
39 | if [ $curlResult -gt 299 ] || [ $curlResult -lt 200 ]; then
40 | curlStatus=$curlResult
41 | fi
42 | fi
43 |
44 | let retryCount++
45 | done
46 |
47 | if [ $curlStatus -ne 0 ]; then
48 | echo "Failed to Send Build Finish information after $retryCount retries"
49 | vstsLogOutput="vso[task.logissue type=error;sourcepath=templates/steps/telemetry-end.yml;code=1;]Failed to Send Build Finish information: $curlStatus"
50 | echo "##$vstsLogOutput"
51 | exit 1
52 | fi
53 | displayName: Send Unix Build End Telemetry
54 | env:
55 | # defined via VSTS variables in start-job.sh
56 | Helix_JobToken: $(Helix_JobToken)
57 | Helix_WorkItemId: $(Helix_WorkItemId)
58 | MaxRetries: ${{ parameters.maxRetries }}
59 | RetryDelay: ${{ parameters.retryDelay }}
60 | condition: and(always(), ne(variables['Agent.Os'], 'Windows_NT'))
61 | - powershell: |
62 | if (($env:Agent_JobStatus -eq 'Succeeded') -or ($env:Agent_JobStatus -eq 'PartiallySucceeded')) {
63 | $ErrorCount = 0
64 | } else {
65 | $ErrorCount = 1
66 | }
67 | $WarningCount = 0
68 |
69 | # Basic retry loop to harden against server flakiness
70 | $retryCount = 0
71 | while ($retryCount -lt $env:MaxRetries) {
72 | try {
73 | Invoke-RestMethod -Uri "https://helix.dot.net/api/2018-03-14/telemetry/job/build/$env:Helix_WorkItemId/finish?errorCount=$ErrorCount&warningCount=$WarningCount" -Method Post -ContentType "application/json" -Body "" `
74 | -Headers @{ 'X-Helix-Job-Token'=$env:Helix_JobToken }
75 | break
76 | }
77 | catch {
78 | $statusCode = $_.Exception.Response.StatusCode.value__
79 | if ($statusCode -ge 400 -and $statusCode -le 499) {
80 | Write-Host "##vso[task.logissue]error Failed to send telemetry to Helix (status code $statusCode); not retrying (4xx client error)"
81 | Write-Host "##vso[task.logissue]error ", $_.Exception.GetType().FullName, $_.Exception.Message
82 | exit 1
83 | }
84 | Write-Host "Failed to send telemetry to Helix (status code $statusCode); waiting $env:RetryDelay seconds before retrying..."
85 | $retryCount++
86 | sleep $env:RetryDelay
87 | continue
88 | }
89 | }
90 |
91 | if ($retryCount -ge $env:MaxRetries) {
92 | Write-Host "##vso[task.logissue]error Failed to send telemetry to Helix after $retryCount retries."
93 | exit 1
94 | }
95 | displayName: Send Windows Build End Telemetry
96 | env:
97 | # defined via VSTS variables in start-job.ps1
98 | Helix_JobToken: $(Helix_JobToken)
99 | Helix_WorkItemId: $(Helix_WorkItemId)
100 | MaxRetries: ${{ parameters.maxRetries }}
101 | RetryDelay: ${{ parameters.retryDelay }}
102 | condition: and(always(),eq(variables['Agent.Os'], 'Windows_NT'))
103 |
--------------------------------------------------------------------------------
/eng/common/templates/variables/pool-providers.yml:
--------------------------------------------------------------------------------
1 | # Select a pool provider based off branch name. Anything with branch name containing 'release' must go into an -Svc pool,
2 | # otherwise it should go into the "normal" pools. This separates out the queueing and billing of released branches.
3 |
4 | # Motivation:
5 | # Once a given branch of a repository's output has been officially "shipped" once, it is then considered to be COGS
6 | # (Cost of goods sold) and should be moved to a servicing pool provider. This allows both separation of queueing
7 | # (allowing release builds and main PR builds to not intefere with each other) and billing (required for COGS.
8 | # Additionally, the pool provider name itself may be subject to change when the .NET Core Engineering Services
9 | # team needs to move resources around and create new and potentially differently-named pools. Using this template
10 | # file from an Arcade-ified repo helps guard against both having to update one's release/* branches and renaming.
11 |
12 | # How to use:
13 | # This yaml assumes your shipped product branches use the naming convention "release/..." (which many do).
14 | # If we find alternate naming conventions in broad usage it can be added to the condition below.
15 | #
16 | # First, import the template in an arcade-ified repo to pick up the variables, e.g.:
17 | #
18 | # variables:
19 | # - template: /eng/common/templates/variables/pool-providers.yml
20 | #
21 | # ... then anywhere specifying the pool provider use the runtime variables,
22 | # $(DncEngInternalBuildPool) and $ (DncEngPublicBuildPool), e.g.:
23 | #
24 | # pool:
25 | # name: $(DncEngInternalBuildPool)
26 | # demands: ImageOverride -equals windows.vs2019.amd64
27 |
28 | variables:
29 | # Coalesce the target and source branches so we know when a PR targets a release branch
30 | # If these variables are somehow missing, fall back to main (tends to have more capacity)
31 |
32 | # Any new -Svc alternative pools should have variables added here to allow for splitting work
33 | - name: DncEngPublicBuildPool
34 | value: $[
35 | replace(
36 | replace(
37 | eq(contains(coalesce(variables['System.PullRequest.TargetBranch'], variables['Build.SourceBranch'], 'refs/heads/main'), 'release'), 'true'),
38 | True,
39 | 'NetCore-Svc-Public'
40 | ),
41 | False,
42 | 'NetCore-Public'
43 | )
44 | ]
45 |
46 | - name: DncEngInternalBuildPool
47 | value: $[
48 | replace(
49 | replace(
50 | eq(contains(coalesce(variables['System.PullRequest.TargetBranch'], variables['Build.SourceBranch'], 'refs/heads/main'), 'release'), 'true'),
51 | True,
52 | 'NetCore1ESPool-Svc-Internal'
53 | ),
54 | False,
55 | 'NetCore1ESPool-Internal'
56 | )
57 | ]
58 |
--------------------------------------------------------------------------------
/eng/common/templates/variables/sdl-variables.yml:
--------------------------------------------------------------------------------
1 | variables:
2 | # The Guardian version specified in 'eng/common/sdl/packages.config'. This value must be kept in
3 | # sync with the packages.config file.
4 | - name: DefaultGuardianVersion
5 | value: 0.109.0
6 | - name: GuardianPackagesConfigFile
7 | value: $(Build.SourcesDirectory)\eng\common\sdl\packages.config
--------------------------------------------------------------------------------
/eng/policheck_exclusions.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 | .DOTNET
12 |
13 |
--------------------------------------------------------------------------------
/eng/update-packagesource.cmd:
--------------------------------------------------------------------------------
1 | @echo off
2 | powershell -ExecutionPolicy ByPass -NoProfile -command "& """%~dp0update-packagesource.ps1""" %*"
3 |
--------------------------------------------------------------------------------
/eng/update-packagesource.ps1:
--------------------------------------------------------------------------------
1 | Param(
2 | [string] $barToken,
3 | [string] $gitHubPat,
4 | [string] $packagesSource
5 | )
6 |
7 | $ErrorActionPreference = "Stop"
8 | . $PSScriptRoot\common\tools.ps1
9 |
10 | # Batch and executable files exit and define $LASTEXITCODE. Powershell commands exit and define $?
11 | function CheckExitCode ([string]$stage, [bool]$commandExitCode = $True)
12 | {
13 | $exitCode = 0
14 | if($commandExitCode -eq -$False) {
15 | $exitCode = 1
16 | }
17 | else {
18 | if ( Test-Path "LASTEXITCODE" -ErrorAction SilentlyContinue)
19 | {
20 | $exitCode = $LASTEXITCODE
21 | }
22 | }
23 |
24 | if ($exitCode -ne 0) {
25 | Write-PipelineTelemetryError -Category "UpdatePackageSource" -Message "Something failed in stage: '$stage'. Check for errors above. Exiting now with exit code $exitCode..."
26 | ExitWithExitCode $exitCode
27 | }
28 | }
29 |
30 | function StopDotnetIfRunning
31 | {
32 | $dotnet = Get-Process "dotnet" -ErrorAction SilentlyContinue
33 | if ($dotnet) {
34 | stop-process $dotnet
35 | }
36 | }
37 |
38 | function AddSourceToNugetConfig([string]$nugetConfigPath, [string]$source)
39 | {
40 | Write-Host "Adding '$source' to '$nugetConfigPath'..."
41 | $nugetConfig = New-Object XML
42 | $nugetConfig.PreserveWhitespace = $true
43 | $nugetConfig.Load($nugetConfigPath)
44 | $packageSources = $nugetConfig.SelectSingleNode("//packageSources")
45 | $keyAttribute = $nugetConfig.CreateAttribute("key")
46 | $keyAttribute.Value = "arcade-local"
47 | $valueAttribute = $nugetConfig.CreateAttribute("value")
48 | $valueAttribute.Value = $source
49 | $newSource = $nugetConfig.CreateElement("add")
50 | $newSource.Attributes.Append($keyAttribute) | Out-Null
51 | $newSource.Attributes.Append($valueAttribute) | Out-Null
52 | $packageSources.AppendChild($newSource) | Out-Null
53 | $nugetConfig.Save($nugetConfigPath)
54 | }
55 |
56 | try {
57 | Push-Location $PSScriptRoot
58 | $nugetConfigPath = Join-Path $RepoRoot "NuGet.config"
59 |
60 | Write-Host "Adding local source to NuGet.config"
61 | AddSourceToNugetConfig $nugetConfigPath $packagesSource
62 | CheckExitCode "Adding source to NuGet.config" $?
63 |
64 | Write-Host "Updating dependencies using Darc..."
65 | $dotnetRoot = InitializeDotNetCli -install:$true
66 | $DarcExe = "$dotnetRoot\tools"
67 | Create-Directory $DarcExe
68 | $DarcExe = Resolve-Path $DarcExe
69 | . .\common\darc-init.ps1 -toolpath $DarcExe
70 | CheckExitCode "Running darc-init"
71 |
72 | $Env:dotnet_root = $dotnetRoot
73 | & $DarcExe\darc.exe update-dependencies --packages-folder $packagesSource --password $barToken --github-pat $gitHubPat --channel ".NET Tools - Latest"
74 | CheckExitCode "Updating dependencies"
75 | }
76 | catch {
77 | Write-Host $_.ScriptStackTrace
78 | Write-PipelineTelemetryError -Category "UpdatePackageSource" -Message $_
79 | ExitWithExitCode 1
80 | }
81 | finally {
82 | Write-Host "Cleaning up workspace..."
83 | StopDotnetIfRunning
84 | Pop-Location
85 | }
86 | ExitWithExitCode 0
--------------------------------------------------------------------------------
/eng/validate-sdk.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 | buildArgs: ''
3 | validateBlobFeedUrl: https://dotnetfeed.blob.core.windows.net/dotnet-core-test/index.json
4 | buildConfig: Release
5 |
6 | jobs:
7 | - template: /eng/common/templates/job/job.yml
8 | parameters:
9 | name: ValidateArcadeSDK
10 | displayName: Validate Arcade SDK
11 | enableMicrobuild: true
12 | artifacts:
13 | download:
14 | path: build_stage_artifacts
15 | publish:
16 | artifacts:
17 | name: Artifacts_ValidateSdk_Windows_NT_Release
18 | logs:
19 | name: Logs_ValidateSdk_Windows_NT_Release
20 | timeoutInMinutes: 90
21 | pool:
22 | name: NetCore1ESPool-Internal
23 | demands: ImageOverride -equals Build.Server.Amd64.VS2017
24 | variables:
25 | - group: Publish-Build-Assets
26 | - _BuildConfig: ${{ parameters.buildConfig }}
27 | - _BuildArgs: ${{ parameters.buildArgs }}
28 | - _ValidateBlobFeedUrl: ${{ parameters.validateBlobFeedUrl }}
29 | preSteps:
30 | - checkout: self
31 | clean: true
32 | steps:
33 | - task: AzureCLI@2
34 | displayName: Update package source
35 | inputs:
36 | azureSubscription: "Darc: Maestro Production"
37 | scriptType: ps
38 | scriptLocation: inlineScript
39 | inlineScript: >
40 | .\eng\update-packagesource.ps1
41 | -gitHubPat $(BotAccount-dotnet-maestro-bot-PAT)
42 | -packagesSource $(Build.SourcesDirectory)/build_stage_artifacts
43 | - script: eng\common\cibuild.cmd
44 | $(_BuildArgs)
45 | /p:DotNetPublishBlobFeedUrl=$(_ValidateBlobFeedUrl)
46 | displayName: Build / Validate
47 |
--------------------------------------------------------------------------------
/global.json:
--------------------------------------------------------------------------------
1 | {
2 | "tools": {
3 | "dotnet": "8.0.115"
4 | },
5 | "msbuild-sdks": {
6 | "Microsoft.DotNet.Arcade.Sdk": "8.0.0-beta.25263.1",
7 | "Microsoft.DotNet.Helix.Sdk": "8.0.0-beta.25263.1"
8 | }
9 | }
10 |
--------------------------------------------------------------------------------
/src/.vscode/launch.json:
--------------------------------------------------------------------------------
1 | //debug bash
2 | {
3 | // Use IntelliSense to learn about possible attributes.
4 | // Hover to view descriptions of existing attributes.
5 | // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
6 | "version": "0.2.0",
7 | "configurations": [
8 | {
9 | "type": "bashdb",
10 | "request": "launch",
11 | "name": "Bash-Debug (hardcoded script name)",
12 | "cwd": "${workspaceFolder}",
13 | // specify path to script file
14 | "program": {workspaceRoot}/dotnet-install.sh",
15 | "args": ["-Channel", "current", "-Verbose"]
16 | },
17 | {
18 | "type": "bashdb",
19 | "request": "launch",
20 | "name": "Bash-Debug (simplest configuration)",
21 | "program": "${file}"
22 | }
23 | ]
24 |
--------------------------------------------------------------------------------
/src/Signing/SignScripts.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 | net6.0
4 | false
5 | false
6 | false
7 | false
8 | true
9 | UNUSED
10 |
11 |
12 |
13 |
14 | all
15 | runtime; build; native; contentfiles; analyzers; buildtransitive
16 |
17 |
18 |
19 |
20 |
21 | Always
22 |
23 |
24 | Always
25 |
26 |
27 | Microsoft400
28 |
29 |
30 | Linux500046PGPDetached
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
--------------------------------------------------------------------------------
/testEnvironments.json:
--------------------------------------------------------------------------------
1 | {
2 | "version": "1",
3 | "environments": [
4 | // See https://aka.ms/remotetesting for more details
5 | // about how to configure remote environments.
6 | {
7 | "name": "WSL Ubuntu",
8 | "type": "wsl",
9 | "wslDistribution": "Ubuntu"
10 | }
11 | ]
12 | }
--------------------------------------------------------------------------------
/tests/.gitignore:
--------------------------------------------------------------------------------
1 | *.received.*
2 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Assets/.gitattributes:
--------------------------------------------------------------------------------
1 | InstallationScriptTestsWithWindowsLineEndings.json text eol=crlf
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Assets/GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToBash_version=1.0.5_runtime=dotnet.verified.txt:
--------------------------------------------------------------------------------
1 | dotnet_install: Warning: Use of --runtime-id is obsolete and should be limited to the versions below 2.1. To override architecture, use --architecture option instead. To override OS, use --os option instead.
2 | dotnet-install: Payload URLs:
3 | dotnet-install: URL #0 - primary: https://builds.dotnet.microsoft.com/dotnet/Runtime/1.0.5/dotnet-runtime-1.0.5-osx-x64.tar.gz
4 | dotnet-install: URL #1 - legacy: https://builds.dotnet.microsoft.com/dotnet/Runtime/1.0.5/dotnet-osx-x64.1.0.5.tar.gz
5 | dotnet-install: URL #2 - primary: https://ci.dot.net/public/Runtime/1.0.5/dotnet-runtime-1.0.5-osx-x64.tar.gz
6 | dotnet-install: URL #3 - legacy: https://ci.dot.net/public/Runtime/1.0.5/dotnet-osx-x64.1.0.5.tar.gz
7 | dotnet-install: Repeatable invocation: ./dotnet-install.sh --version "1.0.5" --install-dir "dotnet-sdk" --architecture "x64" --os "osx" --runtime "dotnet" -runtimeid "osx"
8 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Assets/GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToBash_version=2.1.0_runtime=aspnetcore.verified.txt:
--------------------------------------------------------------------------------
1 | dotnet_install: Warning: Use of --runtime-id is obsolete and should be limited to the versions below 2.1. To override architecture, use --architecture option instead. To override OS, use --os option instead.
2 | dotnet-install: Payload URLs:
3 | dotnet-install: URL #0 - primary: https://builds.dotnet.microsoft.com/dotnet/aspnetcore/Runtime/2.1.0/aspnetcore-runtime-2.1.0-osx-x64.tar.gz
4 | dotnet-install: URL #1 - primary: https://ci.dot.net/public/aspnetcore/Runtime/2.1.0/aspnetcore-runtime-2.1.0-osx-x64.tar.gz
5 | dotnet-install: Repeatable invocation: ./dotnet-install.sh --version "2.1.0" --install-dir "dotnet-sdk" --architecture "x64" --os "osx" --runtime "aspnetcore" -runtimeid "osx"
6 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Assets/GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToBash_version=6.0.100_runtime=null.verified.txt:
--------------------------------------------------------------------------------
1 | dotnet_install: Warning: Use of --runtime-id is obsolete and should be limited to the versions below 2.1. To override architecture, use --architecture option instead. To override OS, use --os option instead.
2 | dotnet-install: Payload URLs:
3 | dotnet-install: URL #0 - primary: https://builds.dotnet.microsoft.com/dotnet/Sdk/6.0.100/dotnet-sdk-6.0.100-osx-x64.tar.gz
4 | dotnet-install: URL #1 - legacy: https://builds.dotnet.microsoft.com/dotnet/Sdk/6.0.100/dotnet-dev-osx-x64.6.0.100.tar.gz
5 | dotnet-install: URL #2 - primary: https://ci.dot.net/public/Sdk/6.0.100/dotnet-sdk-6.0.100-osx-x64.tar.gz
6 | dotnet-install: URL #3 - legacy: https://ci.dot.net/public/Sdk/6.0.100/dotnet-dev-osx-x64.6.0.100.tar.gz
7 | dotnet-install: Repeatable invocation: ./dotnet-install.sh --version "6.0.100" --install-dir "dotnet-sdk" --architecture "x64" --os "osx" -runtimeid "osx"
8 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Assets/GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToBash_version=8.0.303_runtime=null.verified.txt:
--------------------------------------------------------------------------------
1 | dotnet_install: Warning: Use of --runtime-id is obsolete and should be limited to the versions below 2.1. To override architecture, use --architecture option instead. To override OS, use --os option instead.
2 | dotnet-install: Payload URLs:
3 | dotnet-install: URL #0 - primary: https://builds.dotnet.microsoft.com/dotnet/Sdk/8.0.303/dotnet-sdk-8.0.303-osx-x64.tar.gz
4 | dotnet-install: URL #1 - legacy: https://builds.dotnet.microsoft.com/dotnet/Sdk/8.0.303/dotnet-dev-osx-x64.8.0.303.tar.gz
5 | dotnet-install: URL #2 - primary: https://ci.dot.net/public/Sdk/8.0.303/dotnet-sdk-8.0.303-osx-x64.tar.gz
6 | dotnet-install: URL #3 - legacy: https://ci.dot.net/public/Sdk/8.0.303/dotnet-dev-osx-x64.8.0.303.tar.gz
7 | dotnet-install: Repeatable invocation: ./dotnet-install.sh --version "8.0.303" --install-dir "dotnet-sdk" --architecture "x64" --os "osx" -runtimeid "osx"
8 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Assets/GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToBash_version=9.0.100_runtime=null.verified.txt:
--------------------------------------------------------------------------------
1 | dotnet_install: Warning: Use of --runtime-id is obsolete and should be limited to the versions below 2.1. To override architecture, use --architecture option instead. To override OS, use --os option instead.
2 | dotnet-install: Payload URLs:
3 | dotnet-install: URL #0 - primary: https://builds.dotnet.microsoft.com/dotnet/Sdk/9.0.100/dotnet-sdk-9.0.100-osx-x64.tar.gz
4 | dotnet-install: URL #1 - legacy: https://builds.dotnet.microsoft.com/dotnet/Sdk/9.0.100/dotnet-dev-osx-x64.9.0.100.tar.gz
5 | dotnet-install: URL #2 - primary: https://ci.dot.net/public/Sdk/9.0.100/dotnet-sdk-9.0.100-osx-x64.tar.gz
6 | dotnet-install: URL #3 - legacy: https://ci.dot.net/public/Sdk/9.0.100/dotnet-dev-osx-x64.9.0.100.tar.gz
7 | dotnet-install: Repeatable invocation: ./dotnet-install.sh --version "9.0.100" --install-dir "dotnet-sdk" --architecture "x64" --os "osx" -runtimeid "osx"
8 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Assets/GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToPowershell_version=1.0.5_runtime=dotnet.verified.txt:
--------------------------------------------------------------------------------
1 | dotnet-install: Payload URLs:
2 | dotnet-install: URL #0 - primary: https://builds.dotnet.microsoft.com/dotnet/Runtime/1.0.5/dotnet-runtime-1.0.5-win-x64.zip
3 | dotnet-install: URL #1 - legacy: https://builds.dotnet.microsoft.com/dotnet/Runtime/1.0.5/dotnet-win-x64.1.0.5.zip
4 | dotnet-install: URL #2 - primary: https://ci.dot.net/public/Runtime/1.0.5/dotnet-runtime-1.0.5-win-x64.zip
5 | dotnet-install: URL #3 - legacy: https://ci.dot.net/public/Runtime/1.0.5/dotnet-win-x64.1.0.5.zip
6 | dotnet-install: Repeatable invocation: .\dotnet-install.ps1 -Version "1.0.5" -InstallDir "dotnet-sdk" -Architecture "x64" -Runtime "dotnet"
7 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Assets/GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToPowershell_version=2.1.0_runtime=aspnetcore.verified.txt:
--------------------------------------------------------------------------------
1 | dotnet-install: Payload URLs:
2 | dotnet-install: URL #0 - primary: https://builds.dotnet.microsoft.com/dotnet/aspnetcore/Runtime/2.1.0/aspnetcore-runtime-2.1.0-win-x64.zip
3 | dotnet-install: URL #1 - primary: https://ci.dot.net/public/aspnetcore/Runtime/2.1.0/aspnetcore-runtime-2.1.0-win-x64.zip
4 | dotnet-install: Repeatable invocation: .\dotnet-install.ps1 -Version "2.1.0" -InstallDir "dotnet-sdk" -Architecture "x64" -Runtime "aspnetcore"
5 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Assets/GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToPowershell_version=6.0.100_runtime=null.verified.txt:
--------------------------------------------------------------------------------
1 | dotnet-install: Payload URLs:
2 | dotnet-install: URL #0 - primary: https://builds.dotnet.microsoft.com/dotnet/Sdk/6.0.100/dotnet-sdk-6.0.100-win-x64.zip
3 | dotnet-install: URL #1 - legacy: https://builds.dotnet.microsoft.com/dotnet/Sdk/6.0.100/dotnet-dev-win-x64.6.0.100.zip
4 | dotnet-install: URL #2 - primary: https://ci.dot.net/public/Sdk/6.0.100/dotnet-sdk-6.0.100-win-x64.zip
5 | dotnet-install: URL #3 - legacy: https://ci.dot.net/public/Sdk/6.0.100/dotnet-dev-win-x64.6.0.100.zip
6 | dotnet-install: Repeatable invocation: .\dotnet-install.ps1 -Version "6.0.100" -InstallDir "dotnet-sdk" -Architecture "x64"
7 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Assets/GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToPowershell_version=8.0.303_runtime=null.verified.txt:
--------------------------------------------------------------------------------
1 | dotnet-install: Payload URLs:
2 | dotnet-install: URL #0 - primary: https://builds.dotnet.microsoft.com/dotnet/Sdk/8.0.303/dotnet-sdk-8.0.303-win-x64.zip
3 | dotnet-install: URL #1 - legacy: https://builds.dotnet.microsoft.com/dotnet/Sdk/8.0.303/dotnet-dev-win-x64.8.0.303.zip
4 | dotnet-install: URL #2 - primary: https://ci.dot.net/public/Sdk/8.0.303/dotnet-sdk-8.0.303-win-x64.zip
5 | dotnet-install: URL #3 - legacy: https://ci.dot.net/public/Sdk/8.0.303/dotnet-dev-win-x64.8.0.303.zip
6 | dotnet-install: Repeatable invocation: .\dotnet-install.ps1 -Version "8.0.303" -InstallDir "dotnet-sdk" -Architecture "x64"
7 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Assets/GivenThatIWantToGetTheSdkLinksFromAScript.WhenAnExactVersionIsPassedToPowershell_version=9.0.100_runtime=null.verified.txt:
--------------------------------------------------------------------------------
1 | dotnet-install: Payload URLs:
2 | dotnet-install: URL #0 - primary: https://builds.dotnet.microsoft.com/dotnet/Sdk/9.0.100/dotnet-sdk-9.0.100-win-x64.zip
3 | dotnet-install: URL #1 - legacy: https://builds.dotnet.microsoft.com/dotnet/Sdk/9.0.100/dotnet-dev-win-x64.9.0.100.zip
4 | dotnet-install: URL #2 - primary: https://ci.dot.net/public/Sdk/9.0.100/dotnet-sdk-9.0.100-win-x64.zip
5 | dotnet-install: URL #3 - legacy: https://ci.dot.net/public/Sdk/9.0.100/dotnet-dev-win-x64.9.0.100.zip
6 | dotnet-install: Repeatable invocation: .\dotnet-install.ps1 -Version "9.0.100" -InstallDir "dotnet-sdk" -Architecture "x64"
7 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Assets/GivenThatIWantToGetTheSdkLinksFromAScript.WhenMacosIsPassedToBash.verified.txt:
--------------------------------------------------------------------------------
1 | dotnet-install: Payload URLs:
2 | dotnet-install: URL #0 - aka.ms: https://builds.dotnet.microsoft.com/dotnet/Sdk/%VERSION%/dotnet-sdk-%VERSION%-osx-x64.tar.gz
3 | dotnet-install: Repeatable invocation: ./dotnet-install.sh --version "%VERSION%" --install-dir "dotnet-sdk" --architecture "x64" --os "osx"
4 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Assets/InstallationScriptTests.json:
--------------------------------------------------------------------------------
1 | {
2 | "sdk": {
3 | "version": "1.0.0-beta.19463.3"
4 | }
5 | }
6 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Assets/InstallationScriptTestsWithMultipleSdkFields.json:
--------------------------------------------------------------------------------
1 | {
2 | "sdk": {
3 | "version": "1.0.0-beta.19463.3",
4 | "allowPrerelease": true,
5 | "rollForward": "major"
6 | }
7 | }
8 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Assets/InstallationScriptTestsWithVersionFieldInTheMiddle.json:
--------------------------------------------------------------------------------
1 | {
2 | "sdk": {
3 | "allowPrerelease": true, "version" : "1.0.0-beta.19463.3" , "rollForward": "major"
4 | }
5 | }
6 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Assets/InstallationScriptTestsWithWindowsLineEndings.json:
--------------------------------------------------------------------------------
1 | {
2 | "sdk": {
3 | "version": "1.0.0-beta.19463.3",
4 | "rollForward": "latestFeature"
5 | }
6 | }
7 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Install-Scripts.Test.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | net8.0
5 | Install_Scripts.Test
6 | false
7 | enable
8 |
9 |
10 |
11 |
12 |
13 | Always
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 | runtime; build; native; contentfiles; analyzers; buildtransitive
24 | all
25 |
26 |
27 | runtime; build; native; contentfiles; analyzers; buildtransitive
28 | all
29 |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/TestBase.cs:
--------------------------------------------------------------------------------
1 | using System.IO;
2 | using System.Runtime.CompilerServices;
3 | using VerifyTests;
4 | using VerifyXunit;
5 |
6 | namespace Microsoft.DotNet.InstallationScript.Tests
7 | {
8 | public abstract class TestBase : VerifyBase
9 | {
10 | // It's needed to resolve the path to test assest for verification.
11 | protected TestBase(VerifySettings? settings = null, [CallerFilePath] string sourceFile = "")
12 | : base(settings, Path.Combine(Path.GetDirectoryName(sourceFile) ?? "", "Assets", "foo.cs")) { }
13 | }
14 | }
15 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/TestUtils.cs:
--------------------------------------------------------------------------------
1 | using Install_Scripts.Test.Utils;
2 | using System.Collections.Generic;
3 | using System.IO;
4 |
5 | namespace Microsoft.DotNet.InstallationScript.Tests
6 | {
7 | internal static class TestUtils
8 | {
9 | internal static DotNetCommand CreateDotnetCommand(IEnumerable args) => new DotNetCommand(args);
10 |
11 | internal static DotNetCommand CreateInstallCommand(IEnumerable args) => new DotNetCommand(args);
12 | }
13 | }
14 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Utils/CommandResultExtensions.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Microsoft. All rights reserved.
2 | // Taken from https://github.com/dotnet/sdk/
3 |
4 | using static Install_Scripts.Test.Utils.DotNetCommand;
5 |
6 | namespace Microsoft.NET.TestFramework.Assertions
7 | {
8 | internal static class CommandResultExtensions
9 | {
10 | internal static CommandResultAssertions Should(this CommandResult commandResult) => new CommandResultAssertions(commandResult);
11 | }
12 | }
13 |
--------------------------------------------------------------------------------
/tests/Install-Scripts.Test/Utils/Quality.cs:
--------------------------------------------------------------------------------
1 | #nullable disable
2 |
3 | using System;
4 |
5 | namespace Install_Scripts.Test.Utils
6 | {
7 | [Flags]
8 | public enum Quality
9 | {
10 | None = 0,
11 | Daily = 1,
12 | Preview = 8,
13 | Ga = 16,
14 | All = Daily | Preview | Ga,
15 | }
16 | }
17 |
--------------------------------------------------------------------------------