Skip to content

Commit 0b598a9

Browse files
authored
Enable 2.1 official builds in AzDO (#28829)
* Try some internal props * Pass envs to dockerbuild * Fix job name * Re-pin * Set env vars * Set defaults
1 parent 3df5da1 commit 0b598a9

File tree

13 files changed

+894
-119
lines changed

13 files changed

+894
-119
lines changed

.azure/pipelines/ci.yml

Lines changed: 704 additions & 10 deletions
Large diffs are not rendered by default.

.azure/pipelines/jobs/default-build.yml

Lines changed: 32 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
# poolName: string
99
# The name of the Azure DevOps agent pool to use.
1010
# agentOs: string
11-
# Used in templates to define variables which are OS specific. Typically from the set { Windows, Linux, macOS }
11+
# Used in templates to define variables which are OS specific. Typically from the set { Windows, Linux, MacOS }
1212
# buildArgs: string
1313
# Additional arguments to pass to the build.sh/cmd script.
1414
# Note: -ci is always passed
@@ -41,7 +41,6 @@
4141
parameters:
4242
agentOs: 'Windows'
4343
poolName: ''
44-
buildArgs: ''
4544
configuration: 'Release'
4645
beforeBuild: []
4746
afterBuild: []
@@ -72,7 +71,7 @@ jobs:
7271
pool:
7372
${{ if ne(parameters.poolName, '') }}:
7473
name: ${{ parameters.poolName }}
75-
${{ if and(eq(parameters.poolName, ''), eq(parameters.agentOs, 'macOS')) }}:
74+
${{ if and(eq(parameters.poolName, ''), eq(parameters.agentOs, 'MacOS')) }}:
7675
vmImage: macOS-10.14
7776
${{ if and(eq(parameters.poolName, ''), eq(parameters.agentOs, 'Linux')) }}:
7877
vmImage: ubuntu-16.04
@@ -85,20 +84,22 @@ jobs:
8584
queue: BuildPool.Server.Amd64.VS2017
8685
variables:
8786
AgentOsName: ${{ parameters.agentOs }}
88-
ASPNETCORE_TEST_LOG_MAXPATH: "200" # Keep test log file name length low enough for artifact zipping
89-
DOTNET_HOME: $(Agent.BuildDirectory)/.dotnet
9087
BuildScript: ${{ parameters.buildScript }}
91-
BuildScriptArgs: ${{ parameters.buildArgs }}
9288
BuildConfiguration: ${{ parameters.configuration }}
9389
BuildDirectory: ${{ parameters.buildDirectory }}
94-
TeamName: AspNetCore
90+
BinlogArg: /bl:artifacts/logs/${{ parameters.agentOs }}.binlog
9591
${{ if eq(parameters.agentOs, 'Windows') }}:
9692
JAVA_HOME: $(Agent.BuildDirectory)\.tools\jdk
9793
${{ if or(ne(parameters.codeSign, 'true'), ne(variables['System.TeamProject'], 'internal'), in(variables['Build.Reason'], 'PullRequest')) }}:
9894
_SignType:
9995
${{ if and(eq(parameters.codeSign, 'true'), eq(variables['System.TeamProject'], 'internal'), notin(variables['Build.Reason'], 'PullRequest')) }}:
10096
_SignType: real
10197
${{ insert }}: ${{ parameters.variables }}
98+
${{ if eq(variables['System.TeamProject'], 'public') }}:
99+
PB_PackageVersionPropsUrl: ''
100+
PB_AssetRootUrl: ''
101+
PB_RestoreSource: ''
102+
PB_PublishBlobFeedKey: ''
102103
steps:
103104
- checkout: self
104105
clean: true
@@ -116,7 +117,7 @@ jobs:
116117
command: custom
117118
arguments: 'locals all -clear'
118119
- ${{ if and(eq(variables['System.TeamProject'], 'internal'), eq(parameters.agentOs, 'Windows'), eq(parameters.codeSign, 'true')) }}:
119-
- task: MicroBuildSigningPlugin@1
120+
- task: MicroBuildSigningPlugin@2
120121
displayName: Install MicroBuild Signing plugin
121122
condition: and(succeeded(), in(variables['_SignType'], 'test', 'real'))
122123
inputs:
@@ -125,13 +126,33 @@ jobs:
125126
feedSource: https://dnceng.pkgs.visualstudio.com/_packaging/MicroBuildToolset/nuget/v3/index.json
126127
- ${{ parameters.beforeBuild }}
127128
- ${{ if eq(parameters.agentOs, 'Windows') }}:
128-
- script: .\$(BuildDirectory)\build.cmd -ci /p:SignType=$(_SignType) /p:Configuration=$(BuildConfiguration) $(BuildScriptArgs)
129+
- script: .\$(BuildDirectory)\build.cmd
130+
-ci
131+
/p:SignType=$(_SignType)
132+
/p:Configuration=$(BuildConfiguration)
133+
/p:DisableSignCheck=true
134+
$(BuildScriptArgs)
135+
$(BinlogArg)
136+
env:
137+
PB_PackageVersionPropsUrl: $(PB_PackageVersionPropsUrl)
138+
PB_AssetRootUrl: $(PB_AssetRootUrl)
139+
PB_RestoreSource: $(PB_RestoreSource)
140+
PB_PublishBlobFeedKey: $(PB_PublishBlobFeedKey)
129141
displayName: Run build.cmd
130142
- powershell: eng\scripts\KillProcesses.ps1
131143
displayName: Kill processes
132144
condition: always()
133145
- ${{ if ne(parameters.agentOs, 'Windows') }}:
134-
- script: ./$(BuildDirectory)/build.sh -ci -p:Configuration=$(BuildConfiguration) $(BuildScriptArgs)
146+
- script: ./$(BuildDirectory)/build.sh
147+
-ci
148+
-p:Configuration=$(BuildConfiguration)
149+
$(BuildScriptArgs)
150+
$(BinlogArg)
151+
env:
152+
PB_PackageVersionPropsUrl: $(PB_PackageVersionPropsUrl)
153+
PB_AssetRootUrl: $(PB_AssetRootUrl)
154+
PB_RestoreSource: $(PB_RestoreSource)
155+
PB_PublishBlobFeedKey: $(PB_PublishBlobFeedKey)
135156
displayName: Run build.sh
136157
- script: eng/scripts/KillProcesses.sh
137158
displayName: Kill processes
@@ -165,4 +186,4 @@ jobs:
165186
- ${{ if and(eq(variables['System.TeamProject'], 'internal'), eq(parameters.agentOs, 'Windows')) }}:
166187
- task: MicroBuildCleanup@1
167188
displayName: Cleanup MicroBuild tasks
168-
condition: always()
189+
condition: always()

build/dependencies.props

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,6 @@
44
<!-- MicrosoftNETCoreApp21PackageVersion is assigned at the bottom so it can automatically pick up MicrosoftNETCoreAppPackageVersion in an orchestrated build. -->
55
<MicrosoftNETCoreAppPackageVersion>2.1.23</MicrosoftNETCoreAppPackageVersion>
66
<MicrosoftNETCoreDotNetAppHostPackageVersion>2.1.23</MicrosoftNETCoreDotNetAppHostPackageVersion>
7-
<MicrosoftExtensionsConfigurationAzureKeyVaultPackageVersion>2.1.1</MicrosoftExtensionsConfigurationAzureKeyVaultPackageVersion>
87
</PropertyGroup>
98

109
<Import Project="$(DotNetPackageVersionPropsPath)" Condition="'$(DotNetPackageVersionPropsPath)' != ''" />
@@ -16,7 +15,7 @@
1615
<!-- Determined by build tools -->
1716
<InternalAspNetCoreSdkPackageVersion>$(KoreBuildVersion)</InternalAspNetCoreSdkPackageVersion>
1817
<InternalAspNetCoreSiteExtensionSdkPackageVersion>$(KoreBuildVersion)</InternalAspNetCoreSiteExtensionSdkPackageVersion>
19-
<InternalAspNetCoreSdkPackageVersion Condition=" '$(KoreBuildVersion)' == '' ">2.1.7-build-20201119.1</InternalAspNetCoreSdkPackageVersion>
18+
<InternalAspNetCoreSdkPackageVersion Condition=" '$(KoreBuildVersion)' == '' ">2.1.7-build-20201218.2</InternalAspNetCoreSdkPackageVersion>
2019
</PropertyGroup>
2120

2221
<!-- These are package versions that should not be overridden or updated by automation. -->
@@ -31,6 +30,7 @@
3130
<MicrosoftExtensionsCachingSqlServerPackageVersion>2.1.2</MicrosoftExtensionsCachingSqlServerPackageVersion>
3231
<MicrosoftExtensionsCommandLineUtilsSourcesPackageVersion>2.1.1</MicrosoftExtensionsCommandLineUtilsSourcesPackageVersion>
3332
<MicrosoftExtensionsConfigurationAbstractionsPackageVersion>2.1.1</MicrosoftExtensionsConfigurationAbstractionsPackageVersion>
33+
<MicrosoftExtensionsConfigurationAzureKeyVaultPackageVersion>2.1.1</MicrosoftExtensionsConfigurationAzureKeyVaultPackageVersion>
3434
<MicrosoftExtensionsConfigurationBinderPackageVersion>2.1.10</MicrosoftExtensionsConfigurationBinderPackageVersion>
3535
<MicrosoftExtensionsConfigurationCommandLinePackageVersion>2.1.1</MicrosoftExtensionsConfigurationCommandLinePackageVersion>
3636
<MicrosoftExtensionsConfigurationEnvironmentVariablesPackageVersion>2.1.1</MicrosoftExtensionsConfigurationEnvironmentVariablesPackageVersion>

build/repo.props

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,8 @@
2020
</PropertyGroup>
2121

2222
<ItemGroup>
23-
<SharedSourceDirectories Include="$(SharedSourcesFolder)Hosting.WebHostBuilderFactory\" />
23+
<!-- Don't populate SharedSourceDirectories while doing Code Signing, otherwise we'll try to sign this nonexistant package -->
24+
<SharedSourceDirectories Include="$(SharedSourcesFolder)Hosting.WebHostBuilderFactory\" Condition="'$(SkipArtifactInfoTargets)' != 'true'" />
2425
</ItemGroup>
2526

2627
<ItemGroup>

build/repo.targets

Lines changed: 63 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -21,9 +21,9 @@
2121
<PackageDependsOn Condition="'$(TestOnly)' != 'true' AND '$(_ProjectsOnly)' != 'true'">$(PackageDependsOn);BuildMetapackages;BuildSiteExtension;CheckExpectedPackagesExist</PackageDependsOn>
2222
<TestDependsOn>$(TestDependsOn);TestProjects</TestDependsOn>
2323
<TestDependsOn Condition="'$(_ProjectsOnly)' != 'true'">$(TestDependsOn);_TestRepositories</TestDependsOn>
24-
<GetArtifactInfoDependsOn>$(GetArtifactInfoDependsOn);GetProjectArtifactInfo</GetArtifactInfoDependsOn>
25-
<GetArtifactInfoDependsOn>$(GetArtifactInfoDependsOn);ResolveSharedSourcesPackageInfo</GetArtifactInfoDependsOn>
26-
<GetArtifactInfoDependsOn Condition="'$(_ProjectsOnly)' != 'true'">$(GetArtifactInfoDependsOn);ResolveRepoInfo</GetArtifactInfoDependsOn>
24+
<GetArtifactInfoDependsOn Condition="'$(SkipArtifactInfoTargets)' != 'true'">$(GetArtifactInfoDependsOn);GetProjectArtifactInfo</GetArtifactInfoDependsOn>
25+
<GetArtifactInfoDependsOn Condition="'$(SkipArtifactInfoTargets)' != 'true'">$(GetArtifactInfoDependsOn);ResolveSharedSourcesPackageInfo</GetArtifactInfoDependsOn>
26+
<GetArtifactInfoDependsOn Condition="'$(SkipArtifactInfoTargets)' != 'true' AND '$(_ProjectsOnly)' != 'true'">$(GetArtifactInfoDependsOn);ResolveRepoInfo</GetArtifactInfoDependsOn>
2727
</PropertyGroup>
2828

2929
<Target Name="PrepareOutputPaths">
@@ -274,4 +274,63 @@
274274
Text="Repository %(Repository.Identity) is missing NuGetPackageVerifier.json. Expected file to exist in %(Repository.RootPath)NuGetPackageVerifier.json" />
275275
</Target>
276276

277-
</Project>
277+
<Target Name="DoCodeSigning" DependsOnTargets="_SetupCodeSign;CodeSign;_CopySignedFilesToArtifacts" />
278+
279+
<Target Name="_SetupCodeSign">
280+
<PropertyGroup>
281+
<!-- Make sure we're not disabling code signing -->
282+
<DisableCodeSigning>false</DisableCodeSigning>
283+
</PropertyGroup>
284+
285+
<ItemGroup>
286+
<!-- We're passing a custom list of files - clear out the exclusion list so it doesn't interfere -->
287+
<FilesToExcludeFromSigning Remove="@(FilesToExcludeFromSigning)" />
288+
289+
<!-- Make sure 3rd party binaries get 3rd party certificate -->
290+
<CustomFileSignInfo Include="MsgPack.dll" CertificateName="3PartySHA2" />
291+
<CustomFileSignInfo Include="MessagePack.dll" CertificateName="3PartySHA2" />
292+
<CustomFileSignInfo Include="Newtonsoft.Json.Bson.dll" CertificateName="3PartySHA2" />
293+
<CustomFileSignInfo Include="Newtonsoft.Json.dll" CertificateName="3PartySHA2" />
294+
<CustomFileSignInfo Include="Remotion.Linq.dll" CertificateName="3PartySHA2" />
295+
<CustomFileSignInfo Include="SQLitePCLRaw.batteries_green.dll" CertificateName="3PartySHA2" />
296+
<CustomFileSignInfo Include="SQLitePCLRaw.batteries_v2.dll" CertificateName="3PartySHA2" />
297+
<CustomFileSignInfo Include="SQLitePCLRaw.core.dll" CertificateName="3PartySHA2" />
298+
<CustomFileSignInfo Include="SQLitePCLRaw.provider.e_sqlite3.dll" CertificateName="3PartySHA2" />
299+
<CustomFileSignInfo Include="e_sqlite3.dll" CertificateName="3PartySHA2" />
300+
<CustomFileSignInfo Include="StackExchange.Redis.StrongName.dll" CertificateName="3PartySHA2" />
301+
<CustomFileSignInfo Include="System.Interactive.Async.dll" CertificateName="3PartySHA2" />
302+
<!--
303+
Map file extensions to a code-sign cert.
304+
"None" means don't sign the file itself, but still scan the contents for signable files.
305+
-->
306+
<CustomFileExtensionSignInfo Include=".ps1;.psd1;.psm1;.psc1" CertificateName="Microsoft400" />
307+
<CustomFileExtensionSignInfo Include=".dll;.exe" CertificateName="MicrosoftSHA2" />
308+
<CustomFileExtensionSignInfo Include=".cab" CertificateName="None" />
309+
<!-- We don't need to code sign .js files because they are not used in Windows Script Host. -->
310+
<CustomFileExtensionSignInfo Include=".js" CertificateName="None" />
311+
<!-- We don't produce font files. We rebundle some for using the web brower, so they do not need to be signed. -->
312+
<CustomFileExtensionSignInfo Include=".otf" CertificateName="None" />
313+
<CustomFileExtensionSignInfo Include=".ttf" CertificateName="None" />
314+
<!-- This is a text file which doesn't need to be code signed, even though some .mof files can be signed. -->
315+
<CustomFileSignInfo Include="ancm.mof" CertificateName="None" />
316+
<!-- Exclude the apphost because this is expected to be code-signed by customers after the SDK modifies it. -->
317+
<CustomFileSignInfo Include="apphost.exe" CertificateName="None" />
318+
319+
<FilesToSign Include="$(DependencyPackageDir)**\*.nupkg" Certificate="NuGet" />
320+
<FilesToSign Include="$(DependencyPackageDir)**\*.mpack" Certificate="None" />
321+
<FilesToSign Include="$(DependencyPackageDir)**\*.vsix" Certificate="VsixSHA2" />
322+
<FilesToSign Include="$(DependencyPackageDir)**\*.jar" Certificate="MicrosoftJARSHA2" />
323+
<FilesToSign Include="$(ArtifactsDir)symbols\**\*.nupkg" Certificate="NuGet" />
324+
<FilesToSign Include="$(SharedFxOutputPath)**\*.zip" Certificate="None" />
325+
</ItemGroup>
326+
</Target>
327+
328+
<Target Name="_CopySignedFilesToArtifacts">
329+
<Copy SourceFiles="%(FilesToSign.Identity)" DestinationFiles="$(ArtifactsDir)Signed\MPacks\%(FilesToSign.Filename)%(FilesToSign.Extension)" Condition="'%(FilesToSign.Extension)' == '.mpack'" />
330+
<Copy SourceFiles="%(FilesToSign.Identity)" DestinationFiles="$(ArtifactsDir)Signed\Packages\%(FilesToSign.Filename)%(FilesToSign.Extension)" Condition="'%(FilesToSign.Extension)' == '.nupkg'" />
331+
<Copy SourceFiles="%(FilesToSign.Identity)" DestinationFiles="$(ArtifactsDir)Signed\Packages\%(FilesToSign.Filename)%(FilesToSign.Extension)" Condition="'%(FilesToSign.Extension)' == '.jar'" />
332+
<Copy SourceFiles="%(FilesToSign.Identity)" DestinationFiles="$(ArtifactsDir)Signed\VSIX\%(FilesToSign.Filename)%(FilesToSign.Extension)" Condition="'%(FilesToSign.Extension)' == '.vsix'" />
333+
<Copy SourceFiles="%(FilesToSign.Identity)" DestinationFiles="$(ArtifactsDir)Signed\SharedFx\%(FilesToSign.Filename)%(FilesToSign.Extension)" Condition="'%(FilesToSign.Extension)' == '.zip'" />
334+
</Target>
335+
336+
</Project>

dockerbuild.sh

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -104,6 +104,15 @@ docker run \
104104
-e TEAMCITY_VERSION \
105105
-e DOTNET_CLI_TELEMETRY_OPTOUT \
106106
-e Configuration \
107+
-e PB_RESTORESOURCE \
108+
-e PB_PUBLISHBLOBFEEDURL \
109+
-e PB_PUBLISHTYPE \
110+
-e PB_SKIPTESTS \
111+
-e PB_ISFINALBUILD \
112+
-e PB_ACCESSTOKENSUFFIX \
113+
-e PB_PACKAGEVERSIONPROPSURL\
114+
-e PB_ASSETROOTURL \
115+
-e PRODUCTBUILDID \
107116
-v "$DIR:/code/build" \
108117
${docker_args[@]+"${docker_args[@]}"} \
109118
$tagname \

korebuild-lock.txt

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,2 @@
1-
version:2.1.7-build-20201119.1
2-
commithash:8212674c2abff7b51f99422c9bdb1a81b90d9dc1
1+
version:2.1.7-build-20201218.2
2+
commithash:26d5fca2ed53577d072f0c7a00c188a2fe826f7f

run.ps1

Lines changed: 18 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -94,8 +94,8 @@ param(
9494
[string]$ConfigFile = $null,
9595
[switch]$CI,
9696
[string]$Projects,
97-
[string]$PackageVersionPropsUrl = $null,
98-
[string]$AccessTokenSuffix = $null,
97+
[string]$PackageVersionPropsUrl = $env:PB_PackageVersionPropsUrl,
98+
[string]$AccessTokenSuffix = $env:PB_AccessTokenSuffix,
9999
[string]$RestoreSources = $null,
100100
[string]$AssetRootUrl = $null,
101101
[string]$ProductBuildId = $null,
@@ -218,43 +218,44 @@ if (!$LockFile) { $LockFile = Join-Path $Path 'korebuild-lock.txt' }
218218
if (!$Channel) { $Channel = 'master' }
219219
if (!$ToolsSource) { $ToolsSource = 'https://aspnetcore.blob.core.windows.net/buildtools' }
220220

221+
[string[]] $ProdConArgs = @()
222+
221223
if ($PackageVersionPropsUrl) {
222224
$IntermediateDir = Join-Path $PSScriptRoot 'obj'
223225
$PropsFilePath = Join-Path $IntermediateDir 'external-dependencies.props'
224226
New-Item -ItemType Directory $IntermediateDir -ErrorAction Ignore | Out-Null
225227
Get-RemoteFile "${PackageVersionPropsUrl}${AccessTokenSuffix}" $PropsFilePath
226-
$MSBuildArguments += "-p:DotNetPackageVersionPropsPath=$PropsFilePath"
227-
}
228-
229-
if ($RestoreSources) {
230-
$MSBuildArguments += "-p:DotNetAdditionalRestoreSources=$RestoreSources"
231-
}
232-
233-
if ($AssetRootUrl) {
234-
$MSBuildArguments += "-p:DotNetAssetRootUrl=$AssetRootUrl"
228+
$ProdConArgs += "-p:DotNetPackageVersionPropsPath=$PropsFilePath"
235229
}
236230

237231
if ($AccessTokenSuffix) {
238-
$MSBuildArguments += "-p:DotNetAssetRootAccessTokenSuffix=$AccessTokenSuffix"
239-
}
240-
241-
if ($ProductBuildId) {
242-
$MSBuildArguments += "-p:DotNetProductBuildId=$ProductBuildId"
232+
$ProdConArgs += "-p:DotNetAssetRootAccessTokenSuffix=$AccessTokenSuffix"
243233
}
244234

245235
if ($Projects) {
246236
$MSBuildArguments += "-p:Projects=$Projects"
247237
$MSBuildArguments += "-p:_ProjectsOnly=true"
248238
}
249239

240+
# PipeBuild parameters
241+
$ProdConArgs += "-p:DotNetAssetRootUrl=${env:PB_AssetRootUrl}"
242+
$ProdConArgs += "-p:DotNetAdditionalRestoreSources=${env:PB_RestoreSource}"
243+
$ProdConArgs += "-p:DotNetProductBuildId=${env:ProductBuildId}"
244+
$ProdConArgs += "-p:PublishBlobFeedUrl=${env:PB_PublishBlobFeedUrl}"
245+
$ProdConArgs += "-p:PublishType=${env:PB_PublishType}"
246+
$ProdConArgs += "-p:SkipTests=${env:PB_SkipTests}"
247+
$ProdConArgs += "-p:IsFinalBuild=${env:PB_IsFinalBuild}"
248+
$ProdConArgs += "-p:SignType=${env:PB_SignType}"
249+
$ProdConArgs += "-p:PublishBlobFeedKey=${env:PB_PublishBlobFeedKey}"
250+
250251
# Execute
251252

252253
$korebuildPath = Get-KoreBuild
253254
Import-Module -Force -Scope Local (Join-Path $korebuildPath 'KoreBuild.psd1')
254255

255256
try {
256257
Set-KoreBuildSettings -ToolsSource $ToolsSource -DotNetHome $DotNetHome -RepoPath $Path -ConfigFile $ConfigFile -CI:$CI
257-
Invoke-KoreBuildCommand $Command @MSBuildArguments
258+
Invoke-KoreBuildCommand $Command @ProdConArgs @MSBuildArguments
258259
}
259260
finally {
260261
Remove-Module 'KoreBuild' -ErrorAction Ignore

0 commit comments

Comments
 (0)