fix conditional build

Author: SteveL-MSFT

dsc_lib/Cargo.toml

@@ -49,6 +49,8 @@ tree-sitter-rust = "0.24"
 tree-sitter-dscexpression = { path = "../tree-sitter-dscexpression" }
 uuid = { version = "1.18", features = ["v4"] }
 which = "8.0"
+
+[target.'cfg(windows)'.dependencies]
 windows = { version = "0.62", features = [
     "Win32_Foundation",
     "Win32_Security",

dsc_lib/src/security/authenticode.rs

@@ -9,8 +9,10 @@ use std::{
     mem::size_of,
     path::Path,
     ptr::{from_ref, null_mut},
-    os::windows::ffi::OsStrExt,
 };
+#[cfg(windows)]
+use std::os::windows::ffi::OsStrExt;
+#[cfg(windows)]
 use windows::{
     core::{PCWSTR, PWSTR, GUID},
     Win32::{
@@ -32,19 +34,21 @@ use windows::{
         }
     }
 };
+#[cfg(windows)]
 use windows_result::HRESULT;
 
 /// Check the Authenticode signature of a file.
-/// 
+///
 /// # Arguments
-/// 
+///
 /// * `file_path` - The path to the file to check.
-/// 
+///
 /// # Returns
-/// 
+///
 /// * `Ok(())` if the file is signed and the signature is valid.
 /// * `Err(DscError)` if the file is not signed or the signature is invalid
-/// 
+///
+#[cfg(windows)]
 pub fn check_authenticode(file_path: &Path) -> Result<(), DscError> {
     if is_file_checked(file_path) {
         return Ok(());

dsc_lib/src/security/mod.rs

@@ -1,16 +1,21 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT License.
 
+#[cfg(windows)]
 use authenticode::check_authenticode;
-use std::{path::Path, sync::LazyLock};
+use std::path::Path;
+#[cfg(windows)]
+use std::sync::LazyLock;
 
 use crate::dscerror::DscError;
 
 #[cfg(windows)]
 mod authenticode;
 
+#[cfg(windows)]
 static CHECKED_FILES: LazyLock<std::sync::Mutex<Vec<String>>> = LazyLock::new(|| std::sync::Mutex::new(vec![]));
 
+#[cfg(windows)]
 fn add_file_as_checked(file_path: &Path) {
     let file_str = file_path.to_string_lossy().to_string();
     let mut checked_files = CHECKED_FILES.lock().unwrap();
@@ -19,6 +24,7 @@ fn add_file_as_checked(file_path: &Path) {
     }
 }
 
+#[cfg(windows)]
 fn is_file_checked(file_path: &Path) -> bool {
     let file_str = file_path.to_string_lossy().to_string();
     let checked_files = CHECKED_FILES.lock().unwrap();
@@ -28,26 +34,25 @@ fn is_file_checked(file_path: &Path) -> bool {
 /// Check the security of a file.
 ///
 /// # Arguments
-/// 
+///
 /// * `file_path` - The path to the file to check.
-/// 
+///
 /// # Returns
-/// 
+///
 /// * `Ok(())` if the file passes the security checks.
 /// * `Err(DscError)` if the file fails the security checks.
-/// 
+///
 /// # Errors
-/// 
+///
 /// This function will return an error if the Authenticode check fails on Windows.
+#[cfg(windows)]
 pub fn check_file_security(file_path: &Path) -> Result<(), DscError> {
-    #[cfg(windows)]
-    {
-        check_authenticode(file_path)?;
-        Ok(())
-    }
-    #[cfg(not(windows))]
-    {
-        // On non-Windows platforms, we skip the Authenticode check.
-        Ok(())
-    }
+    check_authenticode(file_path)?;
+    Ok(())
+}
+
+/// On non-Windows platforms, this function is a no-op.
+#[cfg(not(windows))]
+pub fn check_file_security(_file_path: &Path) -> Result<(), DscError> {
+    Ok(())
 }