diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
index 3674e182..6952a419 100644
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@@ -1,5 +1,5 @@
# Refer to https://hub.docker.com/_/microsoft-dotnet-sdk for available versions
-FROM mcr.microsoft.com/dotnet/sdk:9.0.101-noble
+FROM mcr.microsoft.com/dotnet/sdk:9.0.102-noble
# Installing mono makes `dotnet test` work without errors even for net472.
# But installing it takes a long time, so it's excluded by default.
diff --git a/azure-pipelines/Install-NuGetPackage.ps1 b/azure-pipelines/Install-NuGetPackage.ps1
index 9afde055..f1db577a 100644
--- a/azure-pipelines/Install-NuGetPackage.ps1
+++ b/azure-pipelines/Install-NuGetPackage.ps1
@@ -33,7 +33,7 @@ Param(
[string]$Verbosity='normal'
)
-$nugetPath = & "$PSScriptRoot\Get-NuGetTool.ps1"
+$nugetPath = & "$PSScriptRoot\..\tools\Get-NuGetTool.ps1"
try {
Write-Verbose "Installing $PackageId..."
diff --git a/azure-pipelines/apiscan.yml b/azure-pipelines/apiscan.yml
index af78f15c..c3c8aed1 100644
--- a/azure-pipelines/apiscan.yml
+++ b/azure-pipelines/apiscan.yml
@@ -1,6 +1,8 @@
parameters:
- name: windowsPool
type: object
+- name: RealSign
+ type: boolean
jobs:
- job: apiscan
@@ -9,6 +11,12 @@ jobs:
pool: ${{ parameters.windowsPool }}
timeoutInMinutes: 120
templateContext:
+ ${{ if not(parameters.RealSign) }}:
+ mb:
+ signing: # if the build is test-signed, install the signing plugin so that CSVTestSignPolicy.xml is available
+ enabled: true
+ zipSources: false
+ signType: test
outputs:
- output: pipelineArtifact
displayName: 📢 collect apiscan artifact
diff --git a/azure-pipelines/build.yml b/azure-pipelines/build.yml
index d325a872..55c0b97a 100644
--- a/azure-pipelines/build.yml
+++ b/azure-pipelines/build.yml
@@ -309,3 +309,4 @@ jobs:
- template: apiscan.yml
parameters:
windowsPool: ${{ parameters.windowsPool }}
+ RealSign: ${{ parameters.RealSign }}
diff --git a/azure-pipelines/official.yml b/azure-pipelines/official.yml
index 63c38a06..e3240ca5 100644
--- a/azure-pipelines/official.yml
+++ b/azure-pipelines/official.yml
@@ -1,19 +1,5 @@
-trigger:
- batch: true
- branches:
- include:
- - main
- - 'v*'
- - 'validate/*'
- paths:
- exclude:
- - doc/
- - '*.md'
- - .vscode/
- - azure-pipelines/release.yml
- - azure-pipelines/vs-insertion.yml
-# Disable automatic real-signed builds and insertions
-# because we mostly just maintain the repo compliance and freshness without making any shipping changes.
+trigger: none # We only want to trigger manually or based on a schedule
+pr: none
#schedules:
#- cron: "0 3 * * *" # Daily @ 8 PM PST
# displayName: Daily vs-insertion
@@ -27,10 +13,6 @@ parameters:
# As an entrypoint pipeline yml file, all parameters here show up in the Queue Run dialog.
# If any paramaters should NOT be queue-time options, they should be removed from here
# and references to them in this file replaced with hard-coded values.
-- name: ForceOfficialBuild
- displayName: Official build (sign, compliance, etc.)
- type: boolean
- default: false # this should remain false so PR builds using this pipeline are unofficial
# - name: ShouldSkipOptimize # Uncomment this and references to it below when setting EnableOptProf to true in build.yml.
# displayName: Skip OptProf optimization
# type: boolean
@@ -59,75 +41,44 @@ variables:
- template: GlobalVariables.yml
extends:
- ${{ if or(parameters.ForceOfficialBuild, eq(variables['Build.Reason'],'Schedule')) }}:
- template: azure-pipelines/MicroBuild.1ES.Official.yml@MicroBuildTemplate
- parameters:
- sdl:
- sourceAnalysisPool: VSEngSS-MicroBuild2022-1ES
- codeSignValidation:
- enabled: true
- break: true
- additionalTargetsGlobPattern: -|Variables-*\*.ps1;-|APIScanInputs-*\**;-|test_symbols-*\**;-|MicroBuild\**
- policheck:
- enabled: true
- exclusionsFile: $(System.DefaultWorkingDirectory)\azure-pipelines\PoliCheckExclusions.xml
- suppression:
- suppressionFile: $(System.DefaultWorkingDirectory)\azure-pipelines\falsepositives.gdnsuppress
- sbom:
- enabled: true
- stages:
- - stage: Build
- variables:
- - template: /azure-pipelines/BuildStageVariables.yml@self
- jobs:
- - template: /azure-pipelines/build.yml@self
- parameters:
- Is1ESPT: true
- RealSign: true
- # ShouldSkipOptimize: ${{ parameters.ShouldSkipOptimize }}
- EnableAPIScan: ${{ and(parameters.EnableAPIScan, ne(variables['Build.Reason'], 'pullRequest')) }}
- windowsPool: VSEngSS-MicroBuild2022-1ES
- linuxPool:
- name: AzurePipelines-EO
- demands:
- - ImageOverride -equals 1ESPT-Ubuntu22.04
- os: Linux
- macOSPool:
- name: Azure Pipelines
- vmImage: macOS-14
- os: macOS
- EnableMacOSBuild: ${{ parameters.EnableMacOSBuild }}
- RunTests: ${{ parameters.RunTests }}
- - template: /azure-pipelines/prepare-insertion-stages.yml@self
+ template: azure-pipelines/MicroBuild.1ES.Official.yml@MicroBuildTemplate
+ parameters:
+ sdl:
+ sourceAnalysisPool: VSEngSS-MicroBuild2022-1ES
+ codeSignValidation:
+ enabled: true
+ break: true
+ additionalTargetsGlobPattern: -|Variables-*\*.ps1;-|APIScanInputs-*\**;-|test_symbols-*\**;-|MicroBuild\**
+ policheck:
+ enabled: true
+ exclusionsFile: $(System.DefaultWorkingDirectory)\azure-pipelines\PoliCheckExclusions.xml
+ suppression:
+ suppressionFile: $(System.DefaultWorkingDirectory)\azure-pipelines\falsepositives.gdnsuppress
+ sbom:
+ enabled: true
+ stages:
+ - stage: Build
+ variables:
+ - template: /azure-pipelines/BuildStageVariables.yml@self
+ jobs:
+ - template: /azure-pipelines/build.yml@self
parameters:
+ Is1ESPT: true
RealSign: true
- ${{ else }}:
- template: azure-pipelines/MicroBuild.1ES.Unofficial.yml@MicroBuildTemplate
- parameters:
- sdl:
- sourceAnalysisPool: VSEngSS-MicroBuild2022-1ES
- suppression:
- suppressionFile: $(System.DefaultWorkingDirectory)\azure-pipelines\falsepositives.gdnsuppress
- stages:
- - stage: Build
- variables:
- - template: /azure-pipelines/BuildStageVariables.yml@self
- jobs:
- - template: /azure-pipelines/build.yml@self
- parameters:
- Is1ESPT: true
- RealSign: false
- # ShouldSkipOptimize: ${{ parameters.ShouldSkipOptimize }}
- EnableAPIScan: false
- windowsPool: VSEngSS-MicroBuild2022-1ES
- linuxPool:
- name: AzurePipelines-EO
- demands:
- - ImageOverride -equals 1ESPT-Ubuntu22.04
- os: Linux
- macOSPool:
- name: Azure Pipelines
- vmImage: macOS-14
- os: macOS
- EnableMacOSBuild: ${{ parameters.EnableMacOSBuild }}
- RunTests: ${{ parameters.RunTests }}
+ # ShouldSkipOptimize: ${{ parameters.ShouldSkipOptimize }}
+ EnableAPIScan: ${{ parameters.EnableAPIScan }}
+ windowsPool: VSEngSS-MicroBuild2022-1ES
+ linuxPool:
+ name: AzurePipelines-EO
+ demands:
+ - ImageOverride -equals 1ESPT-Ubuntu22.04
+ os: Linux
+ macOSPool:
+ name: Azure Pipelines
+ vmImage: macOS-14
+ os: macOS
+ EnableMacOSBuild: ${{ parameters.EnableMacOSBuild }}
+ RunTests: ${{ parameters.RunTests }}
+ - template: /azure-pipelines/prepare-insertion-stages.yml@self
+ parameters:
+ RealSign: true
diff --git a/azure-pipelines/unofficial.yml b/azure-pipelines/unofficial.yml
new file mode 100644
index 00000000..ff3c2b5d
--- /dev/null
+++ b/azure-pipelines/unofficial.yml
@@ -0,0 +1,91 @@
+trigger:
+ batch: true
+ branches:
+ include:
+ - main
+ - microbuild
+ - 'validate/*'
+ paths:
+ exclude:
+ - doc/
+ - '*.md'
+ - .vscode/
+ - azure-pipelines/release.yml
+ - azure-pipelines/vs-insertion.yml
+
+parameters:
+# As an entrypoint pipeline yml file, all parameters here show up in the Queue Run dialog.
+# If any paramaters should NOT be queue-time options, they should be removed from here
+# and references to them in this file replaced with hard-coded values.
+# - name: ShouldSkipOptimize # Uncomment this and references to it below when setting EnableOptProf to true in build.yml.
+# displayName: Skip OptProf optimization
+# type: boolean
+# default: false
+- name: EnableMacOSBuild
+ displayName: Build on macOS
+ type: boolean
+ default: false # macOS is often bogged down in Azure Pipelines
+- name: RunTests
+ displayName: Run tests
+ type: boolean
+ default: true
+- name: EnableAPIScan
+ displayName: Include APIScan with compliance tools
+ type: boolean
+ default: false
+- name: EnableProductionSDL
+ displayName: Enable Production SDL
+ type: boolean
+ default: false
+
+resources:
+ repositories:
+ - repository: MicroBuildTemplate
+ type: git
+ name: 1ESPipelineTemplates/MicroBuildTemplate
+ ref: refs/tags/release
+
+variables:
+- template: GlobalVariables.yml
+
+extends:
+ template: azure-pipelines/MicroBuild.1ES.Unofficial.yml@MicroBuildTemplate
+ parameters:
+ sdl:
+ sourceAnalysisPool: VSEngSS-MicroBuild2022-1ES
+ suppression:
+ suppressionFile: $(System.DefaultWorkingDirectory)\azure-pipelines\falsepositives.gdnsuppress
+ enableProductionSDL: ${{ parameters.EnableProductionSDL }}
+ codeSignValidation:
+ enabled: ${{ parameters.EnableProductionSDL }}
+ break: true
+ additionalTargetsGlobPattern: -|Variables-*\*.ps1;-|APIScanInputs-*\**;-|test_symbols-*\**;-|MicroBuild\**
+ policyFile: $(MBSIGN_APPFOLDER)\CSVTestSignPolicy.xml
+ policheck:
+ enabled: ${{ parameters.EnableProductionSDL }}
+ exclusionsFile: $(System.DefaultWorkingDirectory)\azure-pipelines\PoliCheckExclusions.xml
+ sbom:
+ enabled: ${{ parameters.EnableProductionSDL }}
+ stages:
+ - stage: Build
+ variables:
+ - template: /azure-pipelines/BuildStageVariables.yml@self
+ jobs:
+ - template: /azure-pipelines/build.yml@self
+ parameters:
+ Is1ESPT: true
+ RealSign: false
+ # ShouldSkipOptimize: ${{ parameters.ShouldSkipOptimize }}
+ EnableAPIScan: ${{ parameters.EnableAPIScan }}
+ windowsPool: VSEngSS-MicroBuild2022-1ES
+ linuxPool:
+ name: AzurePipelines-EO
+ demands:
+ - ImageOverride -equals 1ESPT-Ubuntu22.04
+ os: Linux
+ macOSPool:
+ name: Azure Pipelines
+ vmImage: macOS-14
+ os: macOS
+ EnableMacOSBuild: ${{ parameters.EnableMacOSBuild }}
+ RunTests: ${{ parameters.RunTests }}
diff --git a/global.json b/global.json
index 74cf35a7..20b589f8 100644
--- a/global.json
+++ b/global.json
@@ -1,6 +1,6 @@
{
"sdk": {
- "version": "9.0.101",
+ "version": "9.0.102",
"rollForward": "patch",
"allowPrerelease": false
},
diff --git a/test/Directory.Build.targets b/test/Directory.Build.targets
index a6e0f4ac..9f32cd06 100644
--- a/test/Directory.Build.targets
+++ b/test/Directory.Build.targets
@@ -1,4 +1,8 @@
+
+
+
+
diff --git a/test/Microsoft.VisualStudio.Validation.Tests/App.config b/test/Microsoft.VisualStudio.Validation.Tests/App.config
deleted file mode 100644
index 35252b96..00000000
--- a/test/Microsoft.VisualStudio.Validation.Tests/App.config
+++ /dev/null
@@ -1,6 +0,0 @@
-
-
-
-
-
-
diff --git a/test/Microsoft.VisualStudio.Validation.Tests/xunit.runner.json b/test/Microsoft.VisualStudio.Validation.Tests/xunit.runner.json
new file mode 100644
index 00000000..8465a454
--- /dev/null
+++ b/test/Microsoft.VisualStudio.Validation.Tests/xunit.runner.json
@@ -0,0 +1,4 @@
+{
+ "$schema": "https://xunit.net/schema/current/xunit.runner.schema.json",
+ "shadowCopy": false
+}