Fix/tweak CI Files (#9)

* Re-add missing CI files
* Tweak AzureAuth build options

Author: reillysiemens

bin/azureauth.cmd

@@ -0,0 +1,5 @@
+:: Copyright (c) Microsoft Corporation.
+:: Licensed under the MIT License.
+
+@ECHO OFF
+CALL dotnet run --project src\AzureAuth -- %* --debug

bin/mac_esrp_signing/dll_signing.py

@@ -0,0 +1,141 @@
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+
+import json
+import os
+import glob
+import pprint
+import subprocess
+import sys
+from pathlib import Path
+
+AAD_ID = os.environ['AZURE_AAD_ID']
+WORKSPACE = Path(os.environ["WORKSPACE"])
+TENANT_ID = os.environ['TENANT_ID']
+KEY_CODE = os.environ['KEY_CODE']
+
+esrp_tool = os.path.join("esrp", "tools", "EsrpClient.exe")
+SOURCE = WORKSPACE / "osx-x64"
+DESTINATION = WORKSPACE
+
+files = []
+extensions = [".dll"]
+for path in Path(SOURCE).iterdir():
+    if path.suffix in extensions and path.is_file():
+        files.append(path)
+
+#empty list check
+if not files: 
+	sys.exit("Error: cannot find files to sign")
+	
+print(f"Found {len(files)} files:")
+pprint.pp(files)
+
+files_to_sign = [os.path.basename(f) for f in files] 
+
+auth_json = {
+	"Version": "1.0.0",
+	"AuthenticationType": "AAD_CERT",
+	"TenantId": TENANT_ID,
+	"ClientId": AAD_ID, 
+	"AuthCert": {
+		"SubjectName": f"CN={AAD_ID}.microsoft.com", 
+		"StoreLocation": "CurrentUser", 
+		"StoreName": "My",
+	},
+	"RequestSigningCert": {
+		"SubjectName": f"CN={AAD_ID}", 
+		"StoreLocation": "CurrentUser",
+		"StoreName": "My",
+	}
+}
+
+input_json = {
+	"Version": "1.0.0",
+	"SignBatches": [
+		{
+			"SourceLocationType": "UNC",
+			"SourceRootDirectory": SOURCE,
+			"DestinationLocationType": "UNC",
+			"DestinationRootDirectory": DESTINATION,
+			"SignRequestFiles": [
+				{
+					"CustomerCorrelationId": "01A7F55F-6CDD-4123-B255-77E6F212CDAD", 
+					"SourceLocation": f, 
+					"DestinationLocation": os.path.join("Mac_signed", f),
+				}
+				for f in files_to_sign
+			],
+			"SigningInfo": {
+				"Operations": [
+					{
+						"KeyCode": KEY_CODE, 
+						"OperationCode": "SigntoolSign", 
+						"Parameters" : {
+							"OpusName" : "Microsoft",
+							"OpusInfo" : "http://www.microsoft.com",
+							"FileDigest" : "/fd \"SHA256\"",
+							"PageHash" : "/NPH",
+							"TimeStamp" : "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
+           				 },
+						"ToolName": "sign",
+						"ToolVersion": "1.0", 
+					},
+                    {
+                        "KeyCode" : KEY_CODE,
+                        "OperationCode" : "SigntoolVerify",
+                        "Parameters" : {},
+                        "ToolName" : "sign",
+                        "ToolVersion" : "1.0"
+                    }
+				]
+			}
+		}
+	]
+}
+
+policy_json = { 
+	"Version": "1.0.0",
+	"Intent": "production release", 
+	"ContentType": "Signed Binaries",
+}
+
+configs = [
+	("auth.json", auth_json),
+	("input.json", input_json),
+	("policy.json", policy_json),
+]
+
+for filename, data in configs:
+	with open(filename, 'w') as fp:
+		json.dump(data, fp)
+
+# Run ESRP Client
+esrp_out = "esrp_out.json"
+result = subprocess.run(
+	[esrp_tool, "sign",
+	"-a", "auth.json",
+	"-i", "input.json",
+	"-p", "policy.json",
+	"-o", esrp_out,
+	"-l", "Verbose"],
+	cwd=WORKSPACE) 
+
+if result.returncode != 0:
+	sys.exit("Failed to run ESRPClient.exe")
+
+if os.path.isfile(esrp_out):
+	print("ESRP output json:")
+	with open(esrp_out, 'r') as fp:
+		pprint.pp(json.load(fp))
+
+signed_files_location = os.path.join(DESTINATION, "Mac_signed")
+
+signed_files = glob.glob(signed_files_location + '**/*')
+signed_files = [f for f in signed_files if os.path.isfile(f)]
+
+if not signed_files: 
+	sys.exit("Error: no signed files found")
+   
+print(f"Signed {len(signed_files)} files:")
+pprint.pp(signed_files)

bin/mac_esrp_signing/dylibs_signing.py

@@ -0,0 +1,146 @@
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+
+import json
+import os
+import glob
+import pprint
+import subprocess
+import sys
+from pathlib import Path
+import zipfile
+
+AAD_ID = os.environ['AZURE_AAD_ID']
+WORKSPACE = Path(os.environ["WORKSPACE"])
+TENANT_ID = os.environ['TENANT_ID']
+KEY_CODE = os.environ['KEY_CODE']
+
+esrp_tool = os.path.join("esrp", "tools", "EsrpClient.exe")
+SOURCE =  WORKSPACE / "osx-x64"
+DESTINATION = WORKSPACE / "Mac_signed"
+
+zip_file = SOURCE / "mac_dylibs.zip"
+extensions = [".dylib",".a",".Cli"]
+
+ # zipping the files
+with zipfile.ZipFile(zip_file, 'w', zipfile.ZIP_DEFLATED) as zip_obj:
+    for path in Path(SOURCE).iterdir():
+        if path.suffix in extensions and path.is_file():
+            zip_obj.write(path, path.relative_to(SOURCE))
+
+if not zip_file.exists(): 
+	sys.exit("Error: cannot find file to sign")
+else:
+    print(f"Found file: {zip_file}")
+
+
+auth_json = {
+	"Version": "1.0.0",
+	"AuthenticationType": "AAD_CERT",
+	"TenantId": TENANT_ID,
+	"ClientId": AAD_ID, 
+	"AuthCert": {
+		"SubjectName": f"CN={AAD_ID}.microsoft.com", 
+		"StoreLocation": "CurrentUser", 
+		"StoreName": "My",
+	},
+	"RequestSigningCert": {
+		"SubjectName": f"CN={AAD_ID}", 
+		"StoreLocation": "CurrentUser",
+		"StoreName": "My",
+	}
+}
+
+input_json = {
+	"Version": "1.0.0",
+	"SignBatches": [
+		{
+			"SourceLocationType": "UNC",
+			"SourceRootDirectory": SOURCE,
+			"DestinationLocationType": "UNC",
+			"DestinationRootDirectory": DESTINATION,
+			"SignRequestFiles": [
+				{
+					"CustomerCorrelationId": "01A7F55F-6CDD-4123-B255-77E6F212CDAD", 
+					"SourceLocation": str(zip_file), 
+					"DestinationLocation": str(DESTINATION / "mac_dylibs.zip"),
+				}
+			],
+			"SigningInfo": {
+				"Operations": [
+					{
+						"KeyCode": KEY_CODE, 
+						"OperationCode": "MacAppDeveloperSign", 
+						"Parameters" : {
+							"OpusName" : "Microsoft",
+							"OpusInfo" : "http://www.microsoft.com",
+							"FileDigest" : "/fd \"SHA256\"",
+							"PageHash" : "/NPH",
+							"TimeStamp" : "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
+           				 },
+						"ToolName": "sign",
+						"ToolVersion": "1.0", 
+					}
+				]
+
+			}
+		}
+	]
+}
+
+policy_json = { 
+	"Version": "1.0.0",
+	"Intent": "production release", 
+	"ContentType": "Signed Binaries",
+}
+
+configs = [
+	("auth.json", auth_json),
+	("input.json", input_json),
+	("policy.json", policy_json),
+]
+
+for filename, data in configs:
+	with open(filename, 'w') as fp:
+		json.dump(data, fp)
+
+# Run ESRP Client
+esrp_out = "esrp_out.json"
+result = subprocess.run(
+	[esrp_tool, "sign",
+	"-a", "auth.json",
+	"-i", "input.json",
+	"-p", "policy.json",
+	"-o", esrp_out,
+	"-l", "Verbose"],
+	cwd=WORKSPACE) 
+
+if result.returncode != 0:
+	sys.exit("Failed to run ESRPClient.exe")
+
+if os.path.isfile(esrp_out):
+	print("ESRP output json:")
+	with open(esrp_out, 'r') as fp:
+		pprint.pp(json.load(fp))
+
+signed_zip_file = os.path.join(DESTINATION, "mac_dylibs.zip")
+
+if not signed_zip_file: 
+	sys.exit("Error: no signed file found")
+else:
+    print(f"The Zipped file with signed binaries: {signed_zip_file}")
+
+#Extracting all the signed file and removing the zip file to cleanup temporary files
+with zipfile.ZipFile(signed_zip_file, 'r') as zipObj:
+   zipObj.extractall(DESTINATION)
+
+signed_zip_file.unlink()
+
+#list of signed files
+signed_binaries = [f for f in DESTINATION if os.path.isfile(f)]
+
+if not signed_binaries: 
+	sys.exit("Error: no signed files found")
+   
+print(f"Signed {len(signed_binaries)} files:")
+pprint.pp(signed_binaries)

bin/package.cmd

@@ -0,0 +1,5 @@
+:: Copyright (c) Microsoft Corporation.
+:: Licensed under the MIT License.
+
+@ECHO OFF
+python ci\package.py AzureAuth Microsoft.Authentication.AzureAuth win10-x64

bin/package.py

@@ -0,0 +1,61 @@
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+
+import sys
+import os
+import shutil
+from subprocess import run
+from versioning import get_version, print_header
+
+WIN_RID = "win10-x64"
+OSX_RID = "osx-x64"
+
+
+def generate_nuspec(nuspec: str, gen_nuspec: str, id: str, rid: str) -> None:
+    with open(nuspec, 'r', encoding='utf-8') as in_f:
+        nuspec_content = in_f.read()
+
+    nuspec_content = nuspec_content \
+        .replace('<id></id>', f"<id>{id}</id>") \
+        .replace('<!--insert-dist-->', f'<file src="dist\\{rid}\\" target="dist\\{rid}\\" />')
+
+    print(f"Generating nuspec to use at '{gen_nuspec}'", flush=True)
+    with open(gen_nuspec, 'w', encoding='utf-8') as out_f:
+        out_f.write(nuspec_content)
+
+
+def package_up(project: str, nuspec: str, package_name: str, rid: str) -> int:
+    id = f"{package_name}.{rid}"
+    version = get_version()
+    print_header(f"\nPackaging {id} @ {version}")
+
+    gen_nuspec = os.path.join(project, f"{project}.gen.{rid}.nuspec")
+    generate_nuspec(nuspec, gen_nuspec, id, rid)
+    result = run(["nuget", "pack", gen_nuspec, "-NoPackageAnalysis", "-Version", version],
+                 stdout=sys.stdout, stderr=sys.stderr)
+
+    os.remove(gen_nuspec)
+
+    return result.returncode == 0
+
+
+def main():
+    if len(sys.argv) < 4:
+        print(
+            f"Error: Usage: {sys.argv[0]} CSPROJ_FOLDER PACKAGE_NAME_BASE RUNTIME")
+        sys.exit(1)
+
+    project = sys.argv[1].strip()
+    package_name = sys.argv[2].strip()
+    runtime = sys.argv[3].strip()
+
+    nuspec = os.path.join(project, f"{project}.template.nuspec")
+
+    if package_up(project, nuspec, package_name, runtime):
+        return 0
+    else:
+        return 1
+
+
+if __name__ == "__main__":
+    exit(main())

bin/publish.cmd

@@ -0,0 +1,5 @@
+:: Copyright (c) Microsoft Corporation.
+:: Licensed under the MIT License.
+
+@ECHO OFF
+python ci\publish.py AzureAuth win10-x64