From 4ffb200ffa6113d939327810428d6774df465d74 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 5 Aug 2024 11:20:46 -0700 Subject: [PATCH 01/42] Fix code PATs --- tools/releaseBuild/azureDevOps/releasePipeline.yml | 2 +- .../azureDevOps/templates/release-PublishPackageMsftCom.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/releaseBuild/azureDevOps/releasePipeline.yml b/tools/releaseBuild/azureDevOps/releasePipeline.yml index 505de7684f5..d094d4e75e2 100644 --- a/tools/releaseBuild/azureDevOps/releasePipeline.yml +++ b/tools/releaseBuild/azureDevOps/releasePipeline.yml @@ -400,7 +400,7 @@ stages: variables: - group: 'AzDevOpsArtifacts' - group: 'packages.microsoft.com' - - group: 'mscodehub-feed-read-akv' + - group: 'mscodehub-code-read-akv' steps: - template: templates/release-PublishPackageMsftCom.yml parameters: diff --git a/tools/releaseBuild/azureDevOps/templates/release-PublishPackageMsftCom.yml b/tools/releaseBuild/azureDevOps/templates/release-PublishPackageMsftCom.yml index 7039b64b7ed..861cf48c35a 100644 --- a/tools/releaseBuild/azureDevOps/templates/release-PublishPackageMsftCom.yml +++ b/tools/releaseBuild/azureDevOps/templates/release-PublishPackageMsftCom.yml @@ -19,7 +19,7 @@ steps: "--verbose", "--branch", "$branch", - "https://$(mscodehubPackageReadPat)@mscodehub.visualstudio.com/PowerShellCore/_git/Internal-PowerShellTeam-Tools", + "https://$(mscodehubCodeReadPat)@mscodehub.visualstudio.com/PowerShellCore/_git/Internal-PowerShellTeam-Tools", '$(Pipeline.Workspace)/tools' $gitArgs | Write-Verbose -Verbose git $gitArgs From dbdae767612073055b1412a924f6534a654bfa95 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 5 Aug 2024 11:21:03 -0700 Subject: [PATCH 02/42] Fix feed PATs --- .pipelines/templates/insert-nuget-config-azfeed.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.pipelines/templates/insert-nuget-config-azfeed.yml b/.pipelines/templates/insert-nuget-config-azfeed.yml index fef9f3f4012..a394fe004e3 100644 --- a/.pipelines/templates/insert-nuget-config-azfeed.yml +++ b/.pipelines/templates/insert-nuget-config-azfeed.yml @@ -8,7 +8,7 @@ steps: $powerShellPublicPackages = New-NugetPackageSource -Url '$(PowerShellCore_PublicPackages)' -Name 'AzDevOpsFeed' - New-NugetConfigFile -NugetPackageSource $powerShellPublicPackages -UserName $(AzDevopsFeedUserNameKVPAT) -ClearTextPAT $(mscodehubPackageReadPat) -Destination "${env:NugetConfigDir}" + New-NugetConfigFile -NugetPackageSource $powerShellPublicPackages -UserName $(AzDevopsFeedUserNameKVPAT) -ClearTextPAT $(powershellPackageReadPat) -Destination "${env:NugetConfigDir}" if(-not (Test-Path $configPath)) { throw "nuget.config is not created" @@ -26,7 +26,7 @@ steps: $powerShellPublicPackages = New-NugetPackageSource -Url '$(PowerShellCore_PublicPackages)' -Name 'AzDevOpsFeed' - New-NugetConfigFile -NugetPackageSource $powerShellPublicPackages -UserName $(AzDevopsFeedUserNameKVPAT) -ClearTextPAT $(mscodehubPackageReadPat) -Destination "${env:NugetConfigDir}" + New-NugetConfigFile -NugetPackageSource $powerShellPublicPackages -UserName $(AzDevopsFeedUserNameKVPAT) -ClearTextPAT $(powershellPackageReadPat) -Destination "${env:NugetConfigDir}" if (-not (Test-Path $configPath)) { throw "nuget.config is not created" From eec598ec79273b6319e4f3b449b80bf22442023b Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 5 Aug 2024 15:29:59 -0700 Subject: [PATCH 03/42] remove gallery commit --- .../AzArtifactFeed/PSGalleryToAzArtifacts.yml | 6 - .../SyncGalleryToAzArtifacts.psm1 | 186 ------------------ 2 files changed, 192 deletions(-) delete mode 100644 tools/releaseBuild/azureDevOps/AzArtifactFeed/SyncGalleryToAzArtifacts.psm1 diff --git a/tools/releaseBuild/azureDevOps/AzArtifactFeed/PSGalleryToAzArtifacts.yml b/tools/releaseBuild/azureDevOps/AzArtifactFeed/PSGalleryToAzArtifacts.yml index ff8dbd6d720..da26ea6d348 100644 --- a/tools/releaseBuild/azureDevOps/AzArtifactFeed/PSGalleryToAzArtifacts.yml +++ b/tools/releaseBuild/azureDevOps/AzArtifactFeed/PSGalleryToAzArtifacts.yml @@ -19,12 +19,6 @@ steps: displayName: Update PSGet and PackageManagement condition: succeededOrFailed() - - pwsh: | - Import-Module -Force "$(Build.SourcesDirectory)/tools/releaseBuild/azureDevOps/AzArtifactFeed/SyncGalleryToAzArtifacts.psm1" - SyncGalleryToAzArtifacts -AzDevOpsFeedUserName $(AzDevOpsFeedUserName) -AzDevOpsPAT $(AzDevOpsFeedPAT2) -Destination $(Build.ArtifactStagingDirectory) - displayName: Download packages from PSGallery that need to be updated - condition: succeededOrFailed() - - pwsh: | Write-Verbose -Verbose "Packages to upload" if(Test-Path $(Build.ArtifactStagingDirectory)) { Get-ChildItem "$(Build.ArtifactStagingDirectory)/*.nupkg" | ForEach-Object { $_.FullName }} diff --git a/tools/releaseBuild/azureDevOps/AzArtifactFeed/SyncGalleryToAzArtifacts.psm1 b/tools/releaseBuild/azureDevOps/AzArtifactFeed/SyncGalleryToAzArtifacts.psm1 deleted file mode 100644 index d0aeac9da54..00000000000 --- a/tools/releaseBuild/azureDevOps/AzArtifactFeed/SyncGalleryToAzArtifacts.psm1 +++ /dev/null @@ -1,186 +0,0 @@ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. - -<# -.SYNOPSIS -Downloads to packages from PowerShell Gallery which are missing from the Azure DevOps Artifacts feed. - -.PARAMETER AzureDevOpsPAT -PAT for the username used for authenticating to the Azure DevOps Artifacts feed. - -.PARAMETER Destination -Path to the folder where the packages should be stored for uploading to Azure DevOps Artifacts feed. - -#> -function SyncGalleryToAzArtifacts { - param( - [Parameter(Mandatory = $true)] [string] $AzDevOpsFeedUserName, - [Parameter(Mandatory = $true)] [string] $AzDevOpsPAT, - [Parameter(Mandatory = $true)] [string] $Destination - ) - - $csproj = [xml] (Get-Content 'src/Modules/PSGalleryModules.csproj') - $packages = @($csproj.Project.ItemGroup.PackageReference | ForEach-Object { [ordered] @{Name = $_.Include; Version = $_.Version }}) - - $galleryPackages = @() - $azArtifactsPackages = @() - $modulesToUpdate = @() - - $galleryUrl = 'https://www.powershellgallery.com/api/v2/' - $azArtifactsUrl = 'https://mscodehub.pkgs.visualstudio.com/_packaging/pscore-release/nuget/v2' - - $azDevOpsCreds = [pscredential]::new($AzDevOpsFeedUserName, (ConvertTo-SecureString -String $AzDevOpsPAT -AsPlainText -Force)) - - foreach ($package in $packages) { - try { - # Get module from gallery - $foundPackageOnGallery = Find-Package -ProviderName NuGet -Source $galleryUrl -AllVersions -Name $package.Name -Force -AllowPreReleaseVersion | SortPackage | Select-Object -First 1 - Write-Verbose -Verbose "Found module $($package.Name) - $($foundPackageOnGallery.Version) in gallery" - $galleryPackages += $foundPackageOnGallery - } catch { - if ($_.FullyQualifiedErrorId -eq 'NoMatchFoundForCriteria,Microsoft.PowerShell.PackageManagement.Cmdlets.FindPackage') { - # Log and ignore failure is required version is not found on gallery. - Write-Warning "Module not found on gallery $($package.Name) - $($package.Version)" - } - else { - Write-Error $_ - } - } - - try { - # Get module from Az Artifacts - # There seems to be a bug in the feed with RequiredVersion matching. Adding workaround with post filtering. - # Issue: https://github.com/OneGet/oneget/issues/397 - $foundPackageOnAz = Find-Package -ProviderName NuGet -Source $azArtifactsUrl -AllVersions -Name $package.Name -Force -Credential $azDevOpsCreds -AllowPreReleaseVersion | SortPackage | Select-Object -First 1 - Write-Verbose -Verbose "Found module $($package.Name) - $($foundPackageOnAz.Version) in azArtifacts" - $azArtifactsPackages += $foundPackageOnAz - } catch { - if ($_.FullyQualifiedErrorId -eq 'NoMatchFoundForCriteria,Microsoft.PowerShell.PackageManagement.Cmdlets.FindPackage') { - # Log and add the module to update list. - Write-Verbose -Verbose "Az Artifacts Module needs update to - $($package.Name) - $($package.Version)" - $modulesToUpdate += $package - } - else { - Write-Error $_ - } - } - - # Check if Az package version is less that gallery version - $pkgOnAzVersion = [semver]::new($foundPackageOnAz.Version) - $pkgOnGalleryVersion = [semver]::new($foundPackageOnGallery.Version) - - if ($pkgOnAzVersion -lt $pkgOnGalleryVersion) { - Write-Verbose -Verbose "Module needs to be updated $($package.Name) - $($foundPackageOnGallery.Version)" - $modulesToUpdate += $foundPackageOnGallery - } elseif ($pkgOnGalleryVersion -lt $pkgOnAzVersion) { - Write-Warning "Newer version found on Az Artifacts - $($foundPackageOnAz.Name) - $($foundPackageOnAz.Version)" - } else { - Write-Verbose -Verbose "Module is in sync - $($package.Name)" - } - } - - "`nGallery Packages:" - $galleryPackages - - "`nAz Artifacts Packages:`n" - $azArtifactsPackages - - "`nModules to update:`n" - $modulesToUpdate - - foreach ($package in $modulesToUpdate) { - Write-Verbose -Verbose "Saving package $($package.Name) - $($package.Version)" - Save-Package -Provider NuGet -Source $galleryUrl -Name $package.Name -RequiredVersion $package.Version -Path $Destination - } - - if ($modulesToUpdate.Length -gt 0) - { - # Remove dependent packages downloaded by Save-Package if there are already present in AzArtifacts feed. - try { - $null = Register-PackageSource -Name local -Location $Destination -ProviderName NuGet -Force - $packageNamesToKeep = @() - $savedPackages = Find-Package -Source local -AllVersions -AllowPreReleaseVersion - - Write-Verbose -Verbose "Saved packages:" - $savedPackages | Out-String | Write-Verbose -Verbose - - foreach($package in $savedPackages) { - $pkgVersion = NormalizeVersion -version $package.Version - $foundMatch = $azArtifactsPackages | Where-Object { $_.Name -eq $package.Name -and (NormalizeVersion -version $_.Version) -eq $pkgVersion } - - if(-not $foundMatch) { - Write-Verbose "Keeping package $($package.PackageFileName)" -Verbose - $packageNamesToKeep += "{0}*.nupkg" -f $package.Name - } - } - - if ($packageNamesToKeep.Length -gt 0) { - ## Removing only if we do have some packages to keep, - ## otherwise the '$Destination' folder will be removed. - Remove-Item -Path $Destination -Exclude $packageNamesToKeep -Recurse -Force -Verbose - } - - Write-Verbose -Verbose "Packages kept for upload" - Get-ChildItem $Destination | Out-String | Write-Verbose -Verbose - } - finally { - Unregister-PackageSource -Name local -Force -ErrorAction SilentlyContinue - } - } -} - -Function SortPackage { - param( - [Parameter(ValueFromPipeline = $true)] - [Microsoft.PackageManagement.Packaging.SoftwareIdentity[]] - $packages - ) - - Begin { - $allPackages = @() - } - - Process { - $allPackages += $packages - } - - End { - $versions = $allPackages.Version | - ForEach-Object { ($_ -split '-')[0] } | - Select-Object -Unique | - Sort-Object -Descending -Property Version - - foreach ($version in $versions) { - $exactMatch = $allPackages | Where-Object { - Write-Verbose "testing $($_.version) -eq $version" - $_.version -eq $version - } - - if ($exactMatch) { - Write-Output $exactMatch - } - - $allPackages | Where-Object { - $_.version -like "${version}-*" - } | Sort-Object -Descending -Property Version | Write-Output - } - } -} - - -function NormalizeVersion { - param ([string] $version) - - $sVer = if ($version -match "(\d+.\d+.\d+).0") { - $Matches[1] - } elseif ($version -match "^\d+.\d+$") { - # Two digit versions are stored as three digit versions - "$version.0" - } else { - $version - } - - $sVer -} - -Export-ModuleMember -Function 'SyncGalleryToAzArtifacts', 'SortPackage' From 98cd531fac37beaff3187c282af8cae7caa6216f Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 5 Aug 2024 15:32:54 -0700 Subject: [PATCH 04/42] update feed url --- build.psm1 | 2 +- nuget.config | 2 +- src/Modules/nuget.config | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/build.psm1 b/build.psm1 index 112034fba17..53950df7355 100644 --- a/build.psm1 +++ b/build.psm1 @@ -741,7 +741,7 @@ function Switch-PSNugetConfig { New-NugetConfigFile -NugetPackageSource $nugetorg, $dotnetSdk -Destination "$PSScriptRoot/" New-NugetConfigFile -NugetPackageSource $gallery -Destination "$PSScriptRoot/src/Modules/" } elseif ( $Source -eq 'Private') { - $powerShellPackages = [NugetPackageSource] @{Url = 'https://pkgs.dev.azure.com/powershell/PowerShell/_packaging/powershell/nuget/v3/index.json'; Name = 'powershell' } + $powerShellPackages = [NugetPackageSource] @{Url = 'https://pkgs.dev.azure.com/powershell/PowerShell/_packaging/powershell-dotnet-9/nuget/v3/index.json'; Name = 'powershell' } New-NugetConfigFile -NugetPackageSource $powerShellPackages -Destination "$PSScriptRoot/" New-NugetConfigFile -NugetPackageSource $powerShellPackages -Destination "$PSScriptRoot/src/Modules/" diff --git a/nuget.config b/nuget.config index fc6b5ff4e6c..db65daa061e 100644 --- a/nuget.config +++ b/nuget.config @@ -2,7 +2,7 @@ - + diff --git a/src/Modules/nuget.config b/src/Modules/nuget.config index fc6b5ff4e6c..db65daa061e 100644 --- a/src/Modules/nuget.config +++ b/src/Modules/nuget.config @@ -2,7 +2,7 @@ - + From f64c3607b8dff0e0b7b007827404e2d215098632 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 5 Aug 2024 15:40:45 -0700 Subject: [PATCH 05/42] Update to new variable groups --- .../PowerShell-Coordinated_Packages-Official.yml | 4 ++-- .pipelines/templates/insert-nuget-config-azfeed.yml | 8 ++++---- .pipelines/templates/mac.yml | 2 +- .pipelines/templates/nupkg.yml | 7 ++++--- .pipelines/templates/release-validate-sdk.yml | 3 ++- .vsts-ci/templates/ci-build.yml | 2 +- tools/releaseBuild/azureDevOps/releasePipeline.yml | 6 ++++-- .../azureDevOps/templates/compliance/apiscan.yml | 3 ++- .../templates/insert-nuget-config-azfeed.yml | 10 +++++----- tools/releaseBuild/azureDevOps/templates/mac.yml | 2 +- .../azureDevOps/templates/nuget-pkg-sbom.yml | 4 ++-- .../azureDevOps/templates/release-SDKTests.yml | 5 +++-- 12 files changed, 31 insertions(+), 25 deletions(-) diff --git a/.pipelines/PowerShell-Coordinated_Packages-Official.yml b/.pipelines/PowerShell-Coordinated_Packages-Official.yml index 5c537781b17..10b06074bfd 100644 --- a/.pipelines/PowerShell-Coordinated_Packages-Official.yml +++ b/.pipelines/PowerShell-Coordinated_Packages-Official.yml @@ -70,8 +70,8 @@ variables: value: ${{ parameters.ReleaseTagVar }} - name: SKIP_SIGNING value: ${{ parameters.SKIP_SIGNING }} - - group: 'AzDevOpsArtifacts' - - group: 'mscodehub-feed-read-akv' + - group: mscodehub-feed-read-general + - group: mscodehub-feed-read-akv - name: ENABLE_MSBUILD_BINLOGS value: ${{ parameters.ENABLE_MSBUILD_BINLOGS }} diff --git a/.pipelines/templates/insert-nuget-config-azfeed.yml b/.pipelines/templates/insert-nuget-config-azfeed.yml index a394fe004e3..3d726ff1f37 100644 --- a/.pipelines/templates/insert-nuget-config-azfeed.yml +++ b/.pipelines/templates/insert-nuget-config-azfeed.yml @@ -6,7 +6,7 @@ steps: $configPath = "${env:NugetConfigDir}/nuget.config" Import-Module ${{ parameters.repoRoot }}/build.psm1 -Force - $powerShellPublicPackages = New-NugetPackageSource -Url '$(PowerShellCore_PublicPackages)' -Name 'AzDevOpsFeed' + $powerShellPublicPackages = New-NugetPackageSource -Url '$(AzDevOpsPackageFeed)' -Name 'AzDevOpsFeed' New-NugetConfigFile -NugetPackageSource $powerShellPublicPackages -UserName $(AzDevopsFeedUserNameKVPAT) -ClearTextPAT $(powershellPackageReadPat) -Destination "${env:NugetConfigDir}" if(-not (Test-Path $configPath)) @@ -15,7 +15,7 @@ steps: } Get-Content $configPath | Write-Verbose -Verbose displayName: 'Add nuget.config for Azure DevOps feed for PSGallery modules' - condition: and(succeededOrFailed(), ne(variables['AzDevOpsFeed'], '')) + condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) env: NugetConfigDir: ${{ parameters.repoRoot }}/src/Modules ob_restore_phase: true # This ensures checkout is done at the beginning of the restore phase @@ -24,7 +24,7 @@ steps: $configPath = "${env:NugetConfigDir}/nuget.config" Import-Module ${{ parameters.repoRoot }}/build.psm1 -Force - $powerShellPublicPackages = New-NugetPackageSource -Url '$(PowerShellCore_PublicPackages)' -Name 'AzDevOpsFeed' + $powerShellPublicPackages = New-NugetPackageSource -Url '$(AzDevOpsPackageFeed)' -Name 'AzDevOpsFeed' New-NugetConfigFile -NugetPackageSource $powerShellPublicPackages -UserName $(AzDevopsFeedUserNameKVPAT) -ClearTextPAT $(powershellPackageReadPat) -Destination "${env:NugetConfigDir}" if (-not (Test-Path $configPath)) @@ -33,7 +33,7 @@ steps: } Get-Content $configPath | Write-Verbose -Verbose displayName: 'Add nuget.config for Azure DevOps feed for packages' - condition: and(succeededOrFailed(), ne(variables['PSInternalNugetFeed'], '')) + condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) env: NugetConfigDir: ${{ parameters.repoRoot }} ob_restore_phase: true # This ensures checkout is done at the beginning of the restore phase diff --git a/.pipelines/templates/mac.yml b/.pipelines/templates/mac.yml index b71e83dd81d..9a9f58969dc 100644 --- a/.pipelines/templates/mac.yml +++ b/.pipelines/templates/mac.yml @@ -51,7 +51,7 @@ jobs: parameters: repoRoot: $(PowerShellRoot) - pwsh: | - $env:AzDevOpsFeedPAT2 = '$(AzDevOpsFeedPAT2)' + $env:AzDevOpsFeedPAT2 = '$(powershellPackageReadPat)' # Add -SkipReleaseChecks as a mitigation to unblock release. # macos-10.15 does not allow creating a folder under root. Hence, moving the folder. diff --git a/.pipelines/templates/nupkg.yml b/.pipelines/templates/nupkg.yml index 9b666d4e578..0e9dd643e70 100644 --- a/.pipelines/templates/nupkg.yml +++ b/.pipelines/templates/nupkg.yml @@ -22,7 +22,8 @@ jobs: value: $(Build.SourcesDirectory)\PowerShell\.config\tsaoptions.json - name: ob_sdl_credscan_suppressionsFile value: $(Build.SourcesDirectory)\PowerShell\.config\suppress.json - - group: 'AzDevOpsArtifacts' + - group: mscodehub-feed-read-general + - group: mscodehub-feed-read-akv - group: DotNetPrivateBuildAccess steps: @@ -95,7 +96,7 @@ jobs: $configPath = "$repoRoot/nuget.config" Import-Module "$repoRoot/build.psm1" -Force - New-NugetConfigFile -NugetFeedUrl $(PowerShellCore_PublicPackages) -UserName $(AzDevOpsFeedUserName) -ClearTextPAT $(AzDevOpsFeedPAT2) -FeedName AzDevOpsFeed -Destination "$(PowerShellRoot)" + New-NugetConfigFile -NugetFeedUrl $(AzDevOpsFeedPreview) -UserName $(AzDevopsFeedUserNameKVPAT) -ClearTextPAT $(powershellPackageReadPat) -FeedName AzDevOpsFeed -Destination "$(PowerShellRoot)" if(-not (Test-Path $configPath)) { @@ -103,7 +104,7 @@ jobs: } Get-Content $configPath | Write-Verbose -Verbose displayName: 'Add nuget.config for Azure DevOps feed for packages' - condition: and(succeededOrFailed(), ne(variables['PowerShellCore_PublicPackages'], '')) + condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) env: ob_restore_phase: true # This ensures this done in restore phase to workaround signing issue diff --git a/.pipelines/templates/release-validate-sdk.yml b/.pipelines/templates/release-validate-sdk.yml index 8a73fe6f1e2..4903f78d57f 100644 --- a/.pipelines/templates/release-validate-sdk.yml +++ b/.pipelines/templates/release-validate-sdk.yml @@ -16,7 +16,8 @@ jobs: type: ${{ parameters.jobtype }} variables: - - group: AzDevOpsArtifacts + - group: mscodehub-feed-read-general + - group: mscodehub-feed-read-akv - group: DotNetPrivateBuildAccess - name: ob_outputDirectory value: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT' diff --git a/.vsts-ci/templates/ci-build.yml b/.vsts-ci/templates/ci-build.yml index c502a9a3d46..59d63002567 100644 --- a/.vsts-ci/templates/ci-build.yml +++ b/.vsts-ci/templates/ci-build.yml @@ -54,7 +54,7 @@ jobs: displayName: Set Build Name for Non-PR condition: ne(variables['Build.Reason'], 'PullRequest') - - ${{ if ne(variables['AzDevOpsFeed'], '') }}: + - ${{ if ne(variables['UseAzDevOpsFeed'], '') }}: - template: /tools/releaseBuild/azureDevOps/templates/insert-nuget-config-azfeed.yml - pwsh: | diff --git a/tools/releaseBuild/azureDevOps/releasePipeline.yml b/tools/releaseBuild/azureDevOps/releasePipeline.yml index d094d4e75e2..e21f6d590fe 100644 --- a/tools/releaseBuild/azureDevOps/releasePipeline.yml +++ b/tools/releaseBuild/azureDevOps/releasePipeline.yml @@ -356,7 +356,8 @@ stages: variables: - group: 'Azure Blob variable group' - - group: 'AzDevOpsArtifacts' + - group: mscodehub-feed-read-general + - group: mscodehub-feed-read-akv - group: ReleasePipelineSecrets steps: - template: templates/release-CreateGitHubDraft.yml @@ -398,7 +399,8 @@ stages: - ImageOverride -equals PSMMSUbuntu20.04-Secure variables: - - group: 'AzDevOpsArtifacts' + - group: mscodehub-feed-read-general + - group: mscodehub-feed-read-akv - group: 'packages.microsoft.com' - group: 'mscodehub-code-read-akv' steps: diff --git a/tools/releaseBuild/azureDevOps/templates/compliance/apiscan.yml b/tools/releaseBuild/azureDevOps/templates/compliance/apiscan.yml index 0091ed29095..585b640d48f 100644 --- a/tools/releaseBuild/azureDevOps/templates/compliance/apiscan.yml +++ b/tools/releaseBuild/azureDevOps/templates/compliance/apiscan.yml @@ -19,7 +19,8 @@ jobs: - group: DotNetPrivateBuildAccess - group: Azure Blob variable group - group: ReleasePipelineSecrets - - group: AzDevOpsArtifacts + - group: mscodehub-feed-read-general + - group: mscodehub-feed-read-akv pool: name: PowerShell1ES diff --git a/tools/releaseBuild/azureDevOps/templates/insert-nuget-config-azfeed.yml b/tools/releaseBuild/azureDevOps/templates/insert-nuget-config-azfeed.yml index 3ff723be6ed..be1a8524b6a 100644 --- a/tools/releaseBuild/azureDevOps/templates/insert-nuget-config-azfeed.yml +++ b/tools/releaseBuild/azureDevOps/templates/insert-nuget-config-azfeed.yml @@ -6,7 +6,7 @@ steps: - pwsh: | $configPath = "${env:NugetConfigDir}/nuget.config" Import-Module ${{ parameters.repoRoot }}/build.psm1 -Force - New-NugetConfigFile -NugetFeedUrl $(AzDevOpsFeed) -UserName $(AzDevOpsFeedUserName) -ClearTextPAT $(AzDevOpsFeedPAT2) -FeedName AzDevOpsFeed -Destination "${env:NugetConfigDir}" + New-NugetConfigFile -NugetFeedUrl $(AzDevOpsFeedPreview) -UserName $(AzDevopsFeedUserNameKVPAT) -ClearTextPAT $(powershellPackageReadPat) -FeedName AzDevOpsFeed -Destination "${env:NugetConfigDir}" if(-not (Test-Path $configPath)) { @@ -14,14 +14,14 @@ steps: } Get-Content $configPath | Write-Verbose -Verbose displayName: 'Add nuget.config for Azure DevOps feed for PSGallery modules' - condition: and(succeededOrFailed(), ne(variables['AzDevOpsFeed'], '')) + condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) env: NugetConfigDir: ${{ parameters.repoRoot }}/src/Modules - pwsh: | $configPath = "${env:NugetConfigDir}/nuget.config" Import-Module ${{ parameters.repoRoot }}/build.psm1 -Force - New-NugetConfigFile -NugetFeedUrl $(PSInternalNugetFeed) -UserName $(PSInternalNugetFeedUserName) -ClearTextPAT $(PSInternalNugetFeedPAT) -FeedName AzDevOpsFeed -Destination "${env:NugetConfigDir}" + New-NugetConfigFile -NugetFeedUrl $(AzDevOpsFeedPreview) -UserName $(AzDevopsFeedUserNameKVPAT) -ClearTextPAT $(powershellPackageReadPat) -FeedName AzDevOpsFeed -Destination "${env:NugetConfigDir}" if(-not (Test-Path $configPath)) { @@ -29,10 +29,10 @@ steps: } Get-Content $configPath | Write-Verbose -Verbose displayName: 'Add nuget.config for Azure DevOps feed for packages' - condition: and(succeededOrFailed(), ne(variables['PSInternalNugetFeed'], '')) + condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) env: NugetConfigDir: ${{ parameters.repoRoot }} - task: nuget-security-analysis@0 displayName: 'Run Secure Supply Chain analysis' - condition: and(succeededOrFailed(), ne(variables['PSInternalNugetFeed'], ''), ne(variables['AzDevOpsFeed'], '')) + condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) diff --git a/tools/releaseBuild/azureDevOps/templates/mac.yml b/tools/releaseBuild/azureDevOps/templates/mac.yml index 892064fbbba..d173e900434 100644 --- a/tools/releaseBuild/azureDevOps/templates/mac.yml +++ b/tools/releaseBuild/azureDevOps/templates/mac.yml @@ -50,7 +50,7 @@ jobs: repoRoot: $(PowerShellRoot) - pwsh: | - $env:AzDevOpsFeedPAT2 = '$(AzDevOpsFeedPAT2)' + $env:AzDevOpsFeedPAT2 = '$(powershellPackageReadPat)' # Add -SkipReleaseChecks as a mitigation to unblock release. # macos-10.15 does not allow creating a folder under root. Hence, moving the folder. $(Build.SourcesDirectory)/tools/releaseBuild/macOS/PowerShellPackageVsts.ps1 -ReleaseTag $(ReleaseTagVar) -Destination $(System.ArtifactsDirectory) -Symbols -location $(PowerShellRoot) -Build -ArtifactName macosBinResults -Runtime 'osx-${{ parameters.buildArchitecture }}' -SkipReleaseChecks diff --git a/tools/releaseBuild/azureDevOps/templates/nuget-pkg-sbom.yml b/tools/releaseBuild/azureDevOps/templates/nuget-pkg-sbom.yml index 64fc70e0dcd..80545e11c6f 100644 --- a/tools/releaseBuild/azureDevOps/templates/nuget-pkg-sbom.yml +++ b/tools/releaseBuild/azureDevOps/templates/nuget-pkg-sbom.yml @@ -23,7 +23,7 @@ steps: - pwsh: | $configPath = "$(REPOROOT)/nuget.config" Import-Module '$(REPOROOT)/build.psm1' -Force - New-NugetConfigFile -NugetFeedUrl $(PSInternalNugetFeed) -UserName $(PSInternalNugetFeedUserName) -ClearTextPAT $(PSInternalNugetFeedPAT) -FeedName AzDevOpsFeed -Destination "$(REPOROOT)" + New-NugetConfigFile -NugetFeedUrl $(AzDevOpsPackageFeed) -UserName $(AzDevOpsFeedUserName) -ClearTextPAT $(AzDevopsFeedUserNameKVPAT) -FeedName AzDevOpsFeed -Destination "$(REPOROOT)" if(-not (Test-Path $configPath)) { @@ -31,7 +31,7 @@ steps: } Get-Content $configPath | Write-Verbose -Verbose displayName: 'Add nuget.config for Azure DevOps feed for packages' - condition: and(succeededOrFailed(), ne(variables['PSInternalNugetFeed'], '')) + condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) - pwsh: | Import-Module "$env:REPOROOT/build.psm1" -Force diff --git a/tools/releaseBuild/azureDevOps/templates/release-SDKTests.yml b/tools/releaseBuild/azureDevOps/templates/release-SDKTests.yml index 9b6c77063ad..08338443392 100644 --- a/tools/releaseBuild/azureDevOps/templates/release-SDKTests.yml +++ b/tools/releaseBuild/azureDevOps/templates/release-SDKTests.yml @@ -10,7 +10,8 @@ jobs: # testing vmImage: ${{ parameters.imageName }} variables: - - group: AzDevOpsArtifacts + - group: mscodehub-feed-read-general + - group: mscodehub-feed-read-akv - group: DotNetPrivateBuildAccess steps: - checkout: self @@ -41,7 +42,7 @@ jobs: - pwsh: | Import-Module "$(Build.SourcesDirectory)/build.psm1" -Force - New-NugetConfigFile -NugetFeedUrl $(PSInternalNugetFeed) -UserName $(PSInternalNugetFeedUserName) -ClearTextPAT $(PSInternalNugetFeedPAT) -FeedName AzDevOpsFeed -Destination '$(Build.SourcesDirectory)/test/hosting' + New-NugetConfigFile -NugetFeedUrl $(UseAzDevOpsFeed) -UserName $(AzDevOpsFeedUserName) -ClearTextPAT $(AzDevopsFeedUserNameKVPAT) -FeedName AzDevOpsFeed -Destination '$(Build.SourcesDirectory)/test/hosting' Write-Verbose -Verbose "Capture hosting folder files" Get-ChildItem '$(Build.SourcesDirectory)/test/hosting' From 91c0a744360ce84c4ea3078a21ee8f62fc89c890 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 5 Aug 2024 16:04:59 -0700 Subject: [PATCH 06/42] Fix Variable name --- .pipelines/PowerShell-Packages-Official.yml | 1 + .pipelines/templates/insert-nuget-config-azfeed.yml | 4 ++-- tools/releaseBuild/azureDevOps/templates/nuget-pkg-sbom.yml | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.pipelines/PowerShell-Packages-Official.yml b/.pipelines/PowerShell-Packages-Official.yml index 0dadf2f8f5f..a39b4e866fc 100644 --- a/.pipelines/PowerShell-Packages-Official.yml +++ b/.pipelines/PowerShell-Packages-Official.yml @@ -52,6 +52,7 @@ variables: value: 'onebranch.azurecr.io/windows/ltsc2019/vse2022:latest' # Docker image which is used to build the project - name: LinuxContainerImage value: mcr.microsoft.com/onebranch/cbl-mariner/build:2.0 + - group: mscodehub-feed-read-general - group: mscodehub-feed-read-akv - name: branchCounterKey value: $[format('{0:yyyyMMdd}-{1}', pipeline.startTime,variables['Build.SourceBranch'])] diff --git a/.pipelines/templates/insert-nuget-config-azfeed.yml b/.pipelines/templates/insert-nuget-config-azfeed.yml index 3d726ff1f37..a31b127bca4 100644 --- a/.pipelines/templates/insert-nuget-config-azfeed.yml +++ b/.pipelines/templates/insert-nuget-config-azfeed.yml @@ -6,7 +6,7 @@ steps: $configPath = "${env:NugetConfigDir}/nuget.config" Import-Module ${{ parameters.repoRoot }}/build.psm1 -Force - $powerShellPublicPackages = New-NugetPackageSource -Url '$(AzDevOpsPackageFeed)' -Name 'AzDevOpsFeed' + $powerShellPublicPackages = New-NugetPackageSource -Url '$(AzDevOpsFeed)' -Name 'AzDevOpsFeed' New-NugetConfigFile -NugetPackageSource $powerShellPublicPackages -UserName $(AzDevopsFeedUserNameKVPAT) -ClearTextPAT $(powershellPackageReadPat) -Destination "${env:NugetConfigDir}" if(-not (Test-Path $configPath)) @@ -24,7 +24,7 @@ steps: $configPath = "${env:NugetConfigDir}/nuget.config" Import-Module ${{ parameters.repoRoot }}/build.psm1 -Force - $powerShellPublicPackages = New-NugetPackageSource -Url '$(AzDevOpsPackageFeed)' -Name 'AzDevOpsFeed' + $powerShellPublicPackages = New-NugetPackageSource -Url '$(AzDevOpsFeed)' -Name 'AzDevOpsFeed' New-NugetConfigFile -NugetPackageSource $powerShellPublicPackages -UserName $(AzDevopsFeedUserNameKVPAT) -ClearTextPAT $(powershellPackageReadPat) -Destination "${env:NugetConfigDir}" if (-not (Test-Path $configPath)) diff --git a/tools/releaseBuild/azureDevOps/templates/nuget-pkg-sbom.yml b/tools/releaseBuild/azureDevOps/templates/nuget-pkg-sbom.yml index 80545e11c6f..aaca1565957 100644 --- a/tools/releaseBuild/azureDevOps/templates/nuget-pkg-sbom.yml +++ b/tools/releaseBuild/azureDevOps/templates/nuget-pkg-sbom.yml @@ -23,7 +23,7 @@ steps: - pwsh: | $configPath = "$(REPOROOT)/nuget.config" Import-Module '$(REPOROOT)/build.psm1' -Force - New-NugetConfigFile -NugetFeedUrl $(AzDevOpsPackageFeed) -UserName $(AzDevOpsFeedUserName) -ClearTextPAT $(AzDevopsFeedUserNameKVPAT) -FeedName AzDevOpsFeed -Destination "$(REPOROOT)" + New-NugetConfigFile -NugetFeedUrl $(AzDevOpsFeed) -UserName $(AzDevOpsFeedUserName) -ClearTextPAT $(AzDevopsFeedUserNameKVPAT) -FeedName AzDevOpsFeed -Destination "$(REPOROOT)" if(-not (Test-Path $configPath)) { From 83313796e6b4354e8f3eee5004c8789da010a4f6 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Tue, 6 Aug 2024 09:22:18 -0700 Subject: [PATCH 07/42] Fix credential template --- build.psm1 | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/build.psm1 b/build.psm1 index 53950df7355..b0c687ad407 100644 --- a/build.psm1 +++ b/build.psm1 @@ -3511,17 +3511,18 @@ function New-NugetConfigFile { $content = $nugetConfigHeaderTemplate [NugetPackageSource]$source = $null + $newLine = [Environment]::NewLine foreach ($source in $NugetPackageSource) { - $content += $nugetPackageSourceTemplate.Replace('[FEED]', $source.Url).Replace('[FEEDNAME]', $source.Name) + $content += $newLine + $nugetPackageSourceTemplate.Replace('[FEED]', $source.Url).Replace('[FEEDNAME]', $source.Name) } - $content += $nugetPackageSourceFooterTemplate + $content += $newLine + $nugetPackageSourceFooterTemplate if ($UserName -or $ClearTextPAT) { - $content += $nugetCredentialsTemplate.Replace('[USERNAME]', $UserName).Replace('[PASSWORD]', $ClearTextPAT) + $content += $newLine + $nugetCredentialsTemplate.Replace('[FEEDNAME]', $source.Name).Replace('[USERNAME]', $UserName).Replace('[PASSWORD]', $ClearTextPAT) } - $content += $nugetConfigFooterTemplate + $content += $newLine + $nugetConfigFooterTemplate Set-Content -Path (Join-Path $Destination 'nuget.config') -Value $content -Force } From 7432f7f0ee6387256bc559f65ac44ce0f41cfc5d Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Tue, 6 Aug 2024 11:45:28 -0700 Subject: [PATCH 08/42] Disable Signing setup in prep stage --- .pipelines/PowerShell-Coordinated_Packages-Official.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.pipelines/PowerShell-Coordinated_Packages-Official.yml b/.pipelines/PowerShell-Coordinated_Packages-Official.yml index 10b06074bfd..f0be91a607b 100644 --- a/.pipelines/PowerShell-Coordinated_Packages-Official.yml +++ b/.pipelines/PowerShell-Coordinated_Packages-Official.yml @@ -130,6 +130,8 @@ extends: value: true - name: ob_outputDirectory value: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT/BuildJson' + - name: ob_signing_setup_enabled + value: false steps: - checkout: self From 32f67ec275e9d1fd4ba5fbf5c2b812382b211790 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Tue, 6 Aug 2024 11:46:14 -0700 Subject: [PATCH 09/42] Capture nuget source list --- build.psm1 | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/build.psm1 b/build.psm1 index b0c687ad407..f7b2774eacf 100644 --- a/build.psm1 +++ b/build.psm1 @@ -2359,6 +2359,12 @@ function Start-PSBootstrap { Install-Wix -arm64:$isArm64 } } + + if ($env:TF_BUILD) { + Write-Verbose -Verbose "--- Start - Capturing nuget sources" + dotnet nuget list source --format detailed + Write-Verbose -Verbose "--- End - Capturing nuget sources" + } } finally { Pop-Location } From 3c7994e2b89d40fe1a5c486e0e1ef98810cbdc47 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Wed, 7 Aug 2024 11:25:00 -0700 Subject: [PATCH 10/42] lock down the firewall --- .pipelines/PowerShell-Coordinated_Packages-Official.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.pipelines/PowerShell-Coordinated_Packages-Official.yml b/.pipelines/PowerShell-Coordinated_Packages-Official.yml index f0be91a607b..4c5a677e882 100644 --- a/.pipelines/PowerShell-Coordinated_Packages-Official.yml +++ b/.pipelines/PowerShell-Coordinated_Packages-Official.yml @@ -79,6 +79,11 @@ extends: template: v2/OneBranch.Official.CrossPlat.yml@onebranchTemplates parameters: customTags: 'ES365AIMigrationTooling' + featureFlags: + LinuxHostVersion: + Network: KS3 + WindowsHostVersion: + Network: KS3 globalSdl: disableLegacyManifest: true # disabled Armorty as we dont have any ARM templates to scan. It fails on some sample ARM templates. From f7bc4966bda0294cd070f2766e38abf59d8280a0 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Thu, 8 Aug 2024 12:43:18 -0700 Subject: [PATCH 11/42] Add creds to feed switch to allow single switch location --- .../templates/insert-nuget-config-azfeed.yml | 24 ++++++++++------- build.psm1 | 26 +++++++++++++++---- 2 files changed, 36 insertions(+), 14 deletions(-) diff --git a/.pipelines/templates/insert-nuget-config-azfeed.yml b/.pipelines/templates/insert-nuget-config-azfeed.yml index a31b127bca4..7000d7f2bb0 100644 --- a/.pipelines/templates/insert-nuget-config-azfeed.yml +++ b/.pipelines/templates/insert-nuget-config-azfeed.yml @@ -3,18 +3,24 @@ parameters: default: $(REPOROOT) steps: - pwsh: | - $configPath = "${env:NugetConfigDir}/nuget.config" - Import-Module ${{ parameters.repoRoot }}/build.psm1 -Force + try { + $configPath = "${env:NugetConfigDir}/nuget.config" + Import-Module ${{ parameters.repoRoot }}/build.psm1 -Force - $powerShellPublicPackages = New-NugetPackageSource -Url '$(AzDevOpsFeed)' -Name 'AzDevOpsFeed' + Write-Verbose -Verbose "Running: Switch-PSNugetConfig -Source Private -UserName '$(AzDevopsFeedUserNameKVPAT)' -ClearTextPAT '$(powershellPackageReadPat)'" + Switch-PSNugetConfig -Source Private -UserName '$(AzDevopsFeedUserNameKVPAT)' -ClearTextPAT '$(powershellPackageReadPat)' - New-NugetConfigFile -NugetPackageSource $powerShellPublicPackages -UserName $(AzDevopsFeedUserNameKVPAT) -ClearTextPAT $(powershellPackageReadPat) -Destination "${env:NugetConfigDir}" - if(-not (Test-Path $configPath)) - { - throw "nuget.config is not created" + if(-not (Test-Path $configPath)) + { + throw "nuget.config is not created" + } + Get-Content $configPath | Write-Verbose -Verbose } - Get-Content $configPath | Write-Verbose -Verbose - displayName: 'Add nuget.config for Azure DevOps feed for PSGallery modules' + catch { + Get-Error + throw + } + displayName: 'Switch to production Azure DevOps feed for all nuget.configs' condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) env: NugetConfigDir: ${{ parameters.repoRoot }}/src/Modules diff --git a/build.psm1 b/build.psm1 index f7b2774eacf..b916ad7234c 100644 --- a/build.psm1 +++ b/build.psm1 @@ -729,22 +729,38 @@ Fix steps: function Switch-PSNugetConfig { param( + [Parameter(Mandatory = $true, ParameterSetName = 'user')] + [Parameter(Mandatory = $true, ParameterSetName = 'nouser')] [ValidateSet('Public', 'Private')] - [string] $Source = 'Public' + [string] $Source = 'Public', + + [Parameter(Mandatory = $true, ParameterSetName = 'user')] + [string] $UserName, + + [Parameter(Mandatory = $true, ParameterSetName = 'user')] + [string] $ClearTextPAT ) + $extraParams = @() + if ($UserName) { + $extraParams = @{ + UserName = $UserName + ClearTextPAT = $ClearTextPAT + } + } + if ( $Source -eq 'Public') { $dotnetSdk = [NugetPackageSource] @{Url = 'https://pkgs.dev.azure.com/dnceng/public/_packaging/dotnet9/nuget/v2'; Name = 'dotnet' } $gallery = [NugetPackageSource] @{Url = 'https://www.powershellgallery.com/api/v2/'; Name = 'psgallery' } $nugetorg = [NugetPackageSource] @{Url = 'https://api.nuget.org/v3/index.json'; Name = 'nuget.org' } - New-NugetConfigFile -NugetPackageSource $nugetorg, $dotnetSdk -Destination "$PSScriptRoot/" - New-NugetConfigFile -NugetPackageSource $gallery -Destination "$PSScriptRoot/src/Modules/" + New-NugetConfigFile -NugetPackageSource $nugetorg, $dotnetSdk -Destination "$PSScriptRoot/" @extraParams + New-NugetConfigFile -NugetPackageSource $gallery -Destination "$PSScriptRoot/src/Modules/" @extraParams } elseif ( $Source -eq 'Private') { $powerShellPackages = [NugetPackageSource] @{Url = 'https://pkgs.dev.azure.com/powershell/PowerShell/_packaging/powershell-dotnet-9/nuget/v3/index.json'; Name = 'powershell' } - New-NugetConfigFile -NugetPackageSource $powerShellPackages -Destination "$PSScriptRoot/" - New-NugetConfigFile -NugetPackageSource $powerShellPackages -Destination "$PSScriptRoot/src/Modules/" + New-NugetConfigFile -NugetPackageSource $powerShellPackages -Destination "$PSScriptRoot/" @extraParams + New-NugetConfigFile -NugetPackageSource $powerShellPackages -Destination "$PSScriptRoot/src/Modules/" @extraParams } else { throw "Unknown source: $Source" } From 61f6b34068218eba5c3c751c0955cd153fef4fe2 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Thu, 8 Aug 2024 12:43:45 -0700 Subject: [PATCH 12/42] Use switch from build.psm1 --- .../templates/insert-nuget-config-azfeed.yml | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/.pipelines/templates/insert-nuget-config-azfeed.yml b/.pipelines/templates/insert-nuget-config-azfeed.yml index 7000d7f2bb0..4216fa049c1 100644 --- a/.pipelines/templates/insert-nuget-config-azfeed.yml +++ b/.pipelines/templates/insert-nuget-config-azfeed.yml @@ -27,19 +27,12 @@ steps: ob_restore_phase: true # This ensures checkout is done at the beginning of the restore phase - pwsh: | - $configPath = "${env:NugetConfigDir}/nuget.config" - Import-Module ${{ parameters.repoRoot }}/build.psm1 -Force - - $powerShellPublicPackages = New-NugetPackageSource -Url '$(AzDevOpsFeed)' -Name 'AzDevOpsFeed' - - New-NugetConfigFile -NugetPackageSource $powerShellPublicPackages -UserName $(AzDevopsFeedUserNameKVPAT) -ClearTextPAT $(powershellPackageReadPat) -Destination "${env:NugetConfigDir}" - if (-not (Test-Path $configPath)) - { - throw "nuget.config is not created" + Get-ChildItem ${{ parameters.repoRoot }}/nuget.config -Recurse | Foreach-Object { + Write-Verbose -Verbose "--- START $($_.fullname) ---" + get-content $_.fullname | Out-String -width 9999 -Stream | write-Verbose -Verbose + Write-Verbose -Verbose "--- END $($_.fullname) ---" } - Get-Content $configPath | Write-Verbose -Verbose - displayName: 'Add nuget.config for Azure DevOps feed for packages' + displayName: 'Capture all nuget.config files' condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) env: - NugetConfigDir: ${{ parameters.repoRoot }} ob_restore_phase: true # This ensures checkout is done at the beginning of the restore phase From e9a597de0572e01f3edb13896db6f8370ebf9414 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Thu, 8 Aug 2024 12:44:10 -0700 Subject: [PATCH 13/42] Use switch template instead of commands --- .pipelines/templates/nupkg.yml | 20 ++-------- .../templates/insert-nuget-config-azfeed.yml | 40 +++---------------- .../azureDevOps/templates/nuget-pkg-sbom.yml | 15 ++----- .../templates/release-SDKTests.yml | 5 ++- 4 files changed, 15 insertions(+), 65 deletions(-) diff --git a/.pipelines/templates/nupkg.yml b/.pipelines/templates/nupkg.yml index 0e9dd643e70..f9238bb09e8 100644 --- a/.pipelines/templates/nupkg.yml +++ b/.pipelines/templates/nupkg.yml @@ -90,23 +90,9 @@ jobs: env: ob_restore_phase: true # This ensures this done in restore phase to workaround signing issue - - pwsh: | - $repoRoot = "$(PowerShellRoot)" - Write-Verbose -Verbose "repoRoot: $repoRoot" - - $configPath = "$repoRoot/nuget.config" - Import-Module "$repoRoot/build.psm1" -Force - New-NugetConfigFile -NugetFeedUrl $(AzDevOpsFeedPreview) -UserName $(AzDevopsFeedUserNameKVPAT) -ClearTextPAT $(powershellPackageReadPat) -FeedName AzDevOpsFeed -Destination "$(PowerShellRoot)" - - if(-not (Test-Path $configPath)) - { - throw "nuget.config is not created" - } - Get-Content $configPath | Write-Verbose -Verbose - displayName: 'Add nuget.config for Azure DevOps feed for packages' - condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) - env: - ob_restore_phase: true # This ensures this done in restore phase to workaround signing issue + - template: /.pipelines/templates/insert-nuget-config-azfeed.yml@self + parameters: + repoRoot: $(PowerShellRoot) - task: NuGetToolInstaller@1 displayName: 'Install NuGet.exe' diff --git a/tools/releaseBuild/azureDevOps/templates/insert-nuget-config-azfeed.yml b/tools/releaseBuild/azureDevOps/templates/insert-nuget-config-azfeed.yml index be1a8524b6a..61b9df6c342 100644 --- a/tools/releaseBuild/azureDevOps/templates/insert-nuget-config-azfeed.yml +++ b/tools/releaseBuild/azureDevOps/templates/insert-nuget-config-azfeed.yml @@ -1,38 +1,8 @@ parameters: - - name: "repoRoot" - default: $(REPOROOT) - +- name: "repoRoot" + default: $(REPOROOT) steps: -- pwsh: | - $configPath = "${env:NugetConfigDir}/nuget.config" - Import-Module ${{ parameters.repoRoot }}/build.psm1 -Force - New-NugetConfigFile -NugetFeedUrl $(AzDevOpsFeedPreview) -UserName $(AzDevopsFeedUserNameKVPAT) -ClearTextPAT $(powershellPackageReadPat) -FeedName AzDevOpsFeed -Destination "${env:NugetConfigDir}" - - if(-not (Test-Path $configPath)) - { - throw "nuget.config is not created" - } - Get-Content $configPath | Write-Verbose -Verbose - displayName: 'Add nuget.config for Azure DevOps feed for PSGallery modules' - condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) - env: - NugetConfigDir: ${{ parameters.repoRoot }}/src/Modules - -- pwsh: | - $configPath = "${env:NugetConfigDir}/nuget.config" - Import-Module ${{ parameters.repoRoot }}/build.psm1 -Force - New-NugetConfigFile -NugetFeedUrl $(AzDevOpsFeedPreview) -UserName $(AzDevopsFeedUserNameKVPAT) -ClearTextPAT $(powershellPackageReadPat) -FeedName AzDevOpsFeed -Destination "${env:NugetConfigDir}" - - if(-not (Test-Path $configPath)) - { - throw "nuget.config is not created" - } - Get-Content $configPath | Write-Verbose -Verbose - displayName: 'Add nuget.config for Azure DevOps feed for packages' - condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) - env: - NugetConfigDir: ${{ parameters.repoRoot }} + - template: /.pipelines/templates/insert-nuget-config-azfeed.yml@self + parameters: + repoRoot: $(REPOROOT) -- task: nuget-security-analysis@0 - displayName: 'Run Secure Supply Chain analysis' - condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) diff --git a/tools/releaseBuild/azureDevOps/templates/nuget-pkg-sbom.yml b/tools/releaseBuild/azureDevOps/templates/nuget-pkg-sbom.yml index aaca1565957..0a0e3b96cc1 100644 --- a/tools/releaseBuild/azureDevOps/templates/nuget-pkg-sbom.yml +++ b/tools/releaseBuild/azureDevOps/templates/nuget-pkg-sbom.yml @@ -20,18 +20,9 @@ parameters: steps: -- pwsh: | - $configPath = "$(REPOROOT)/nuget.config" - Import-Module '$(REPOROOT)/build.psm1' -Force - New-NugetConfigFile -NugetFeedUrl $(AzDevOpsFeed) -UserName $(AzDevOpsFeedUserName) -ClearTextPAT $(AzDevopsFeedUserNameKVPAT) -FeedName AzDevOpsFeed -Destination "$(REPOROOT)" - - if(-not (Test-Path $configPath)) - { - throw "nuget.config is not created" - } - Get-Content $configPath | Write-Verbose -Verbose - displayName: 'Add nuget.config for Azure DevOps feed for packages' - condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) +- template: /.pipelines/templates/insert-nuget-config-azfeed.yml@self + parameters: + repoRoot: $(REPOROOT) - pwsh: | Import-Module "$env:REPOROOT/build.psm1" -Force diff --git a/tools/releaseBuild/azureDevOps/templates/release-SDKTests.yml b/tools/releaseBuild/azureDevOps/templates/release-SDKTests.yml index 08338443392..93fb0bf07cb 100644 --- a/tools/releaseBuild/azureDevOps/templates/release-SDKTests.yml +++ b/tools/releaseBuild/azureDevOps/templates/release-SDKTests.yml @@ -40,9 +40,12 @@ jobs: artifact: metadata path: '$(Pipeline.Workspace)/releasePipeline/metadata' + - template: /.pipelines/templates/insert-nuget-config-azfeed.yml@self + parameters: + repoRoot: $(Build.SourcesDirectory) + - pwsh: | Import-Module "$(Build.SourcesDirectory)/build.psm1" -Force - New-NugetConfigFile -NugetFeedUrl $(UseAzDevOpsFeed) -UserName $(AzDevOpsFeedUserName) -ClearTextPAT $(AzDevopsFeedUserNameKVPAT) -FeedName AzDevOpsFeed -Destination '$(Build.SourcesDirectory)/test/hosting' Write-Verbose -Verbose "Capture hosting folder files" Get-ChildItem '$(Build.SourcesDirectory)/test/hosting' From 4d3cc603dcfe111322ad2eab37d153af8f86d424 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Thu, 8 Aug 2024 12:45:51 -0700 Subject: [PATCH 14/42] update to test feed --- build.psm1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.psm1 b/build.psm1 index b916ad7234c..88939d022df 100644 --- a/build.psm1 +++ b/build.psm1 @@ -757,7 +757,7 @@ function Switch-PSNugetConfig { New-NugetConfigFile -NugetPackageSource $nugetorg, $dotnetSdk -Destination "$PSScriptRoot/" @extraParams New-NugetConfigFile -NugetPackageSource $gallery -Destination "$PSScriptRoot/src/Modules/" @extraParams } elseif ( $Source -eq 'Private') { - $powerShellPackages = [NugetPackageSource] @{Url = 'https://pkgs.dev.azure.com/powershell/PowerShell/_packaging/powershell-dotnet-9/nuget/v3/index.json'; Name = 'powershell' } + $powerShellPackages = [NugetPackageSource] @{Url = 'https://pkgs.dev.azure.com/powershell/PowerShell/_packaging/powershell-preview-7-5-test/nuget/v3/index.json'; Name = 'powershell' } New-NugetConfigFile -NugetPackageSource $powerShellPackages -Destination "$PSScriptRoot/" @extraParams New-NugetConfigFile -NugetPackageSource $powerShellPackages -Destination "$PSScriptRoot/src/Modules/" @extraParams From 4cd8413fde1296edf417640b41a22e1b4df689a0 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Thu, 8 Aug 2024 13:32:29 -0700 Subject: [PATCH 15/42] disable codeql in jobs where we don't compile --- .pipelines/PowerShell-Coordinated_Packages-Official.yml | 5 ++--- .pipelines/templates/checkAzureContainer.yml | 5 ++--- .pipelines/templates/release-MakeBlobPublic.yml | 5 ++--- .pipelines/templates/uploadToAzure.yml | 5 ++--- 4 files changed, 8 insertions(+), 12 deletions(-) diff --git a/.pipelines/PowerShell-Coordinated_Packages-Official.yml b/.pipelines/PowerShell-Coordinated_Packages-Official.yml index 4c5a677e882..8c5bd357b68 100644 --- a/.pipelines/PowerShell-Coordinated_Packages-Official.yml +++ b/.pipelines/PowerShell-Coordinated_Packages-Official.yml @@ -130,9 +130,8 @@ extends: value: $(Build.SourcesDirectory)\PowerShell\.config\tsaoptions.json - name: ob_sdl_credscan_suppressionsFile value: $(Build.SourcesDirectory)\PowerShell\.config\suppress.json - - ${{ if eq(variables['Build.SourceBranch'], 'refs/heads/master') }}: - - name: ob_sdl_codeql_compiled_enabled - value: true + - name: ob_sdl_codeql_compiled_enabled + value: false - name: ob_outputDirectory value: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT/BuildJson' - name: ob_signing_setup_enabled diff --git a/.pipelines/templates/checkAzureContainer.yml b/.pipelines/templates/checkAzureContainer.yml index dae78a7e66a..a5ce2b1c666 100644 --- a/.pipelines/templates/checkAzureContainer.yml +++ b/.pipelines/templates/checkAzureContainer.yml @@ -13,9 +13,8 @@ jobs: value: $(Build.SourcesDirectory)\PowerShell\.config\tsaoptions.json - name: ob_sdl_credscan_suppressionsFile value: $(Build.SourcesDirectory)\PowerShell\.config\suppress.json - - ${{ if eq(variables['Build.SourceBranch'], 'refs/heads/master') }}: - - name: ob_sdl_codeql_compiled_enabled - value: true + - name: ob_sdl_codeql_compiled_enabled + value: false displayName: Delete blob is exists pool: diff --git a/.pipelines/templates/release-MakeBlobPublic.yml b/.pipelines/templates/release-MakeBlobPublic.yml index 11b45733270..1e3789b207a 100644 --- a/.pipelines/templates/release-MakeBlobPublic.yml +++ b/.pipelines/templates/release-MakeBlobPublic.yml @@ -30,9 +30,8 @@ jobs: value: $(Build.SourcesDirectory)\PowerShell\.config\tsaoptions.json - name: ob_sdl_credscan_suppressionsFile value: $(Build.SourcesDirectory)\PowerShell\.config\suppress.json - - ${{ if eq(variables['Build.SourceBranch'], 'refs/heads/master') }}: - - name: ob_sdl_codeql_compiled_enabled - value: true + - name: ob_sdl_codeql_compiled_enabled + value: false steps: - checkout: self diff --git a/.pipelines/templates/uploadToAzure.yml b/.pipelines/templates/uploadToAzure.yml index e9c2b839208..2bb48767ae4 100644 --- a/.pipelines/templates/uploadToAzure.yml +++ b/.pipelines/templates/uploadToAzure.yml @@ -21,9 +21,8 @@ jobs: value: $(Build.SourcesDirectory)\PowerShell\.config\tsaoptions.json - name: ob_sdl_credscan_suppressionsFile value: $(Build.SourcesDirectory)\PowerShell\.config\suppress.json - - ${{ if eq(variables['Build.SourceBranch'], 'refs/heads/master') }}: - - name: ob_sdl_codeql_compiled_enabled - value: true + - name: ob_sdl_codeql_compiled_enabled + value: false steps: - checkout: self From be224defd76278735edfd33e2eb432711d04a9e1 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Thu, 8 Aug 2024 13:46:14 -0700 Subject: [PATCH 16/42] disable code sign validation for prep --- .../PowerShell-Coordinated_Packages-Official.yml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/.pipelines/PowerShell-Coordinated_Packages-Official.yml b/.pipelines/PowerShell-Coordinated_Packages-Official.yml index 8c5bd357b68..a5984f2b6d6 100644 --- a/.pipelines/PowerShell-Coordinated_Packages-Official.yml +++ b/.pipelines/PowerShell-Coordinated_Packages-Official.yml @@ -126,14 +126,16 @@ extends: type: windows variables: - - name: ob_sdl_tsa_configFile - value: $(Build.SourcesDirectory)\PowerShell\.config\tsaoptions.json - - name: ob_sdl_credscan_suppressionsFile - value: $(Build.SourcesDirectory)\PowerShell\.config\suppress.json - - name: ob_sdl_codeql_compiled_enabled - value: false - name: ob_outputDirectory value: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT/BuildJson' + - name: ob_sdl_codeSignValidation_enabled + value: false + - name: ob_sdl_codeql_compiled_enabled + value: false + - name: ob_sdl_credscan_suppressionsFile + value: $(Build.SourcesDirectory)\PowerShell\.config\suppress.json + - name: ob_sdl_tsa_configFile + value: $(Build.SourcesDirectory)\PowerShell\.config\tsaoptions.json - name: ob_signing_setup_enabled value: false From 0118e88066d713ac7360a516729d5b9fe458b61f Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Thu, 8 Aug 2024 13:46:45 -0700 Subject: [PATCH 17/42] move capture steps to restore phase to see if it speeds things up --- .pipelines/PowerShell-Coordinated_Packages-Official.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.pipelines/PowerShell-Coordinated_Packages-Official.yml b/.pipelines/PowerShell-Coordinated_Packages-Official.yml index a5984f2b6d6..d478f351252 100644 --- a/.pipelines/PowerShell-Coordinated_Packages-Official.yml +++ b/.pipelines/PowerShell-Coordinated_Packages-Official.yml @@ -148,6 +148,8 @@ extends: - pwsh: | Get-ChildItem Env: displayName: Capture environment variables + env: + ob_restore_phase: true # This ensures checkout is done at the beginning of the restore phase - template: /.pipelines/templates/SetVersionVariables.yml@self parameters: From 3f57d1e2ad7eafba80dadf3e216560e13c14e707 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Thu, 8 Aug 2024 15:13:34 -0700 Subject: [PATCH 18/42] remove duplicate capture of nuget config --- .pipelines/templates/insert-nuget-config-azfeed.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.pipelines/templates/insert-nuget-config-azfeed.yml b/.pipelines/templates/insert-nuget-config-azfeed.yml index 4216fa049c1..916a5d71c70 100644 --- a/.pipelines/templates/insert-nuget-config-azfeed.yml +++ b/.pipelines/templates/insert-nuget-config-azfeed.yml @@ -14,7 +14,6 @@ steps: { throw "nuget.config is not created" } - Get-Content $configPath | Write-Verbose -Verbose } catch { Get-Error From 258151566a69d43cc52c351150140b0e3ed99503 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Thu, 8 Aug 2024 17:30:06 -0700 Subject: [PATCH 19/42] update test service --- test/tools/TestService/TestService.csproj | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/tools/TestService/TestService.csproj b/test/tools/TestService/TestService.csproj index 5612cc769a1..bfddc1b74c3 100644 --- a/test/tools/TestService/TestService.csproj +++ b/test/tools/TestService/TestService.csproj @@ -13,7 +13,7 @@ - + From 39b898a4ee845f81c6c37a320c3acec26e86c88e Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Fri, 9 Aug 2024 11:43:18 -0700 Subject: [PATCH 20/42] Only build windows test service on windows --- build.psm1 | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/build.psm1 b/build.psm1 index 88939d022df..42efa25b248 100644 --- a/build.psm1 +++ b/build.psm1 @@ -1247,11 +1247,15 @@ function Publish-PSTestTools { $tools = @( @{ Path="${PSScriptRoot}/test/tools/TestAlc"; Output="library" } @{ Path="${PSScriptRoot}/test/tools/TestExe"; Output="exe" } - @{ Path="${PSScriptRoot}/test/tools/TestService"; Output="exe" } @{ Path="${PSScriptRoot}/test/tools/UnixSocket"; Output="exe" } @{ Path="${PSScriptRoot}/test/tools/WebListener"; Output="exe" } ) + # This is a windows service, so it only works on windows + if ($environment.IsWindows) { + $tools += @{ Path = "${PSScriptRoot}/test/tools/TestService"; Output = "exe" } + } + $Options = Get-PSOptions -DefaultToNew # Publish tools so it can be run by tests From c093b64657bb5b11ecd97be82a8afc1570b9ba1c Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Fri, 9 Aug 2024 14:46:25 -0700 Subject: [PATCH 21/42] warn when no config is generated --- build.psm1 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/build.psm1 b/build.psm1 index 42efa25b248..548aff107fc 100644 --- a/build.psm1 +++ b/build.psm1 @@ -708,6 +708,8 @@ Fix steps: if ($config.Count -gt 0) { $configPublishPath = Join-Path -Path $publishPath -ChildPath "powershell.config.json" Set-Content -Path $configPublishPath -Value ($config | ConvertTo-Json) -Force -ErrorAction Stop + } else { + Write-Warning "No powershell.config.json generated for $publishPath" } # Restore the Pester module From 597efe3150683573d7c527a5bf1b70d18836db94 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Fri, 9 Aug 2024 14:46:58 -0700 Subject: [PATCH 22/42] try to fix test service --- test/tools/TestService/TestService.csproj | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/tools/TestService/TestService.csproj b/test/tools/TestService/TestService.csproj index bfddc1b74c3..38deb50c615 100644 --- a/test/tools/TestService/TestService.csproj +++ b/test/tools/TestService/TestService.csproj @@ -10,6 +10,8 @@ true true win-x86;win-x64 + Windows + 8.0 From 8bec6b8b33dee834f816540c928c7f9c2b5fe814 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Fri, 9 Aug 2024 14:59:46 -0700 Subject: [PATCH 23/42] fix web listener refs --- test/tools/WebListener/WebListener.csproj | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/tools/WebListener/WebListener.csproj b/test/tools/WebListener/WebListener.csproj index b742b0f6566..57c0f511965 100644 --- a/test/tools/WebListener/WebListener.csproj +++ b/test/tools/WebListener/WebListener.csproj @@ -12,7 +12,7 @@ - + From c651e0513fca584159923d94aba50454f6df66a7 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Fri, 9 Aug 2024 15:38:29 -0700 Subject: [PATCH 24/42] try removing dotnet tool --- test/tools/WebListener/WebListener.csproj | 5 ----- 1 file changed, 5 deletions(-) diff --git a/test/tools/WebListener/WebListener.csproj b/test/tools/WebListener/WebListener.csproj index 57c0f511965..fee1940c249 100644 --- a/test/tools/WebListener/WebListener.csproj +++ b/test/tools/WebListener/WebListener.csproj @@ -10,9 +10,4 @@ - - - - - From de0933d9ad68df281c7e1f0022104507547c2994 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 12 Aug 2024 09:11:09 -0700 Subject: [PATCH 25/42] update feedname with user info --- build.psm1 | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/build.psm1 b/build.psm1 index 548aff107fc..4b541c288f3 100644 --- a/build.psm1 +++ b/build.psm1 @@ -3537,17 +3537,21 @@ function New-NugetConfigFile { '@ $content = $nugetConfigHeaderTemplate + $feedNamePostfix = '' + if($UserName) { + $feedNamePostfix += '-' + $UserName.Replace('@','-').Replace('.','-') + } [NugetPackageSource]$source = $null $newLine = [Environment]::NewLine foreach ($source in $NugetPackageSource) { - $content += $newLine + $nugetPackageSourceTemplate.Replace('[FEED]', $source.Url).Replace('[FEEDNAME]', $source.Name) + $content += $newLine + $nugetPackageSourceTemplate.Replace('[FEED]', $source.Url).Replace('[FEEDNAME]', $source.Name + $feedNamePostfix) } $content += $newLine + $nugetPackageSourceFooterTemplate if ($UserName -or $ClearTextPAT) { - $content += $newLine + $nugetCredentialsTemplate.Replace('[FEEDNAME]', $source.Name).Replace('[USERNAME]', $UserName).Replace('[PASSWORD]', $ClearTextPAT) + $content += $newLine + $nugetCredentialsTemplate.Replace('[FEEDNAME]', $source.Name + $feedNamePostfix).Replace('[USERNAME]', $UserName).Replace('[PASSWORD]', $ClearTextPAT) } $content += $newLine + $nugetConfigFooterTemplate From bf3626beeacc9d1a4070f0931bfe7e42e1714111 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 12 Aug 2024 10:56:54 -0700 Subject: [PATCH 26/42] update package version that is not found --- test/tools/WebListener/WebListener.csproj | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/tools/WebListener/WebListener.csproj b/test/tools/WebListener/WebListener.csproj index fee1940c249..1b2d48dd22c 100644 --- a/test/tools/WebListener/WebListener.csproj +++ b/test/tools/WebListener/WebListener.csproj @@ -7,7 +7,7 @@ - + From 0a2ac5d52d09c2addb252dcfcd2900e18500cc76 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 12 Aug 2024 10:57:10 -0700 Subject: [PATCH 27/42] try moving failing jobs to restore phase --- .pipelines/templates/testartifacts.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.pipelines/templates/testartifacts.yml b/.pipelines/templates/testartifacts.yml index d3e2f254887..a86ba93adb5 100644 --- a/.pipelines/templates/testartifacts.yml +++ b/.pipelines/templates/testartifacts.yml @@ -84,6 +84,8 @@ jobs: displayName: Bootstrap env: __DOTNET_RUNTIME_FEED_KEY: $(RUNTIME_SOURCEFEED_KEY) + ob_restore_phase: true # This ensures this done in restore phase to workaround signing issue + - pwsh: | New-Item -Path '$(ob_outputDirectory)' -ItemType Directory -Force Import-Module $(Build.SourcesDirectory)/PowerShell/build.psm1 @@ -113,3 +115,5 @@ jobs: BuildTestPackage -runtime linux-musl-x64 displayName: Build test package and upload retryCountOnTaskFailure: 1 + env: + ob_restore_phase: true # This ensures this done in restore phase to workaround signing issue From 6e84c3830a84b217e350c638b7251b1a3dd1fbb5 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 12 Aug 2024 13:05:12 -0700 Subject: [PATCH 28/42] allow nuget inset in either phase --- .pipelines/templates/insert-nuget-config-azfeed.yml | 8 ++++++-- .pipelines/templates/testartifacts.yml | 7 ++++--- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/.pipelines/templates/insert-nuget-config-azfeed.yml b/.pipelines/templates/insert-nuget-config-azfeed.yml index 916a5d71c70..b2e4efe1222 100644 --- a/.pipelines/templates/insert-nuget-config-azfeed.yml +++ b/.pipelines/templates/insert-nuget-config-azfeed.yml @@ -1,6 +1,10 @@ parameters: - name: "repoRoot" default: $(REPOROOT) +- name: "ob_restore_phase" + type: boolean + default: true + steps: - pwsh: | try { @@ -23,7 +27,7 @@ steps: condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) env: NugetConfigDir: ${{ parameters.repoRoot }}/src/Modules - ob_restore_phase: true # This ensures checkout is done at the beginning of the restore phase + ob_restore_phase: ${{ parameters.ob_restore_phase }} - pwsh: | Get-ChildItem ${{ parameters.repoRoot }}/nuget.config -Recurse | Foreach-Object { @@ -34,4 +38,4 @@ steps: displayName: 'Capture all nuget.config files' condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) env: - ob_restore_phase: true # This ensures checkout is done at the beginning of the restore phase + ob_restore_phase: ${{ parameters.ob_restore_phase }} diff --git a/.pipelines/templates/testartifacts.yml b/.pipelines/templates/testartifacts.yml index a86ba93adb5..d32ecc52195 100644 --- a/.pipelines/templates/testartifacts.yml +++ b/.pipelines/templates/testartifacts.yml @@ -25,6 +25,8 @@ jobs: - template: /.pipelines/templates/insert-nuget-config-azfeed.yml@self parameters: repoRoot: $(Build.SourcesDirectory) + ob_restore_phase: false + - pwsh: | Import-Module $(Build.SourcesDirectory)/PowerShell/build.psm1 Start-PSBootstrap @@ -78,13 +80,14 @@ jobs: - template: /.pipelines/templates/insert-nuget-config-azfeed.yml@self parameters: repoRoot: $(Build.SourcesDirectory) + ob_restore_phase: false + - pwsh: | Import-Module $(Build.SourcesDirectory)/PowerShell/build.psm1 Start-PSBootstrap displayName: Bootstrap env: __DOTNET_RUNTIME_FEED_KEY: $(RUNTIME_SOURCEFEED_KEY) - ob_restore_phase: true # This ensures this done in restore phase to workaround signing issue - pwsh: | New-Item -Path '$(ob_outputDirectory)' -ItemType Directory -Force @@ -115,5 +118,3 @@ jobs: BuildTestPackage -runtime linux-musl-x64 displayName: Build test package and upload retryCountOnTaskFailure: 1 - env: - ob_restore_phase: true # This ensures this done in restore phase to workaround signing issue From f5f19610edee076f7d41d48a776b0812fbb4b93c Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 12 Aug 2024 13:05:23 -0700 Subject: [PATCH 29/42] update package ref --- test/tools/WebListener/WebListener.csproj | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/tools/WebListener/WebListener.csproj b/test/tools/WebListener/WebListener.csproj index 1b2d48dd22c..c6cd9d4c6eb 100644 --- a/test/tools/WebListener/WebListener.csproj +++ b/test/tools/WebListener/WebListener.csproj @@ -8,6 +8,6 @@ - + From 9280a77a3d258d1333cc704ed63e5dfa0bfc701b Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 12 Aug 2024 14:16:20 -0700 Subject: [PATCH 30/42] use the right reporoot --- .pipelines/templates/testartifacts.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.pipelines/templates/testartifacts.yml b/.pipelines/templates/testartifacts.yml index d32ecc52195..a66063f55a9 100644 --- a/.pipelines/templates/testartifacts.yml +++ b/.pipelines/templates/testartifacts.yml @@ -24,7 +24,7 @@ jobs: clean: true - template: /.pipelines/templates/insert-nuget-config-azfeed.yml@self parameters: - repoRoot: $(Build.SourcesDirectory) + repoRoot: $(Build.SourcesDirectory)/PowerShell ob_restore_phase: false - pwsh: | @@ -79,8 +79,8 @@ jobs: clean: true - template: /.pipelines/templates/insert-nuget-config-azfeed.yml@self parameters: - repoRoot: $(Build.SourcesDirectory) - ob_restore_phase: false + repoRoot: $(Build.SourcesDirectory)/PowerShell + ob_restore_phase: true - pwsh: | Import-Module $(Build.SourcesDirectory)/PowerShell/build.psm1 From 65446da2a8400d4753e08b593f36ec798230af82 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Tue, 13 Aug 2024 09:33:52 -0700 Subject: [PATCH 31/42] Move everything to restore --- .pipelines/templates/testartifacts.yml | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/.pipelines/templates/testartifacts.yml b/.pipelines/templates/testartifacts.yml index a66063f55a9..2ff6685b58a 100644 --- a/.pipelines/templates/testartifacts.yml +++ b/.pipelines/templates/testartifacts.yml @@ -22,10 +22,13 @@ jobs: steps: - checkout: self clean: true + env: + ob_restore_phase: true + - template: /.pipelines/templates/insert-nuget-config-azfeed.yml@self parameters: repoRoot: $(Build.SourcesDirectory)/PowerShell - ob_restore_phase: false + ob_restore_phase: true - pwsh: | Import-Module $(Build.SourcesDirectory)/PowerShell/build.psm1 @@ -33,6 +36,8 @@ jobs: displayName: Bootstrap env: __DOTNET_RUNTIME_FEED_KEY: $(RUNTIME_SOURCEFEED_KEY) + ob_restore_phase: true + - pwsh: | New-Item -Path '$(ob_outputDirectory)' -ItemType Directory -Force Import-Module $(Build.SourcesDirectory)/PowerShell/build.psm1 @@ -60,6 +65,9 @@ jobs: BuildTestPackage -runtime win-arm64 displayName: Build test package and upload retryCountOnTaskFailure: 1 + env: + ob_restore_phase: true + - job: build_testartifacts_nonwin variables: @@ -77,6 +85,9 @@ jobs: steps: - checkout: self clean: true + env: + ob_restore_phase: true + - template: /.pipelines/templates/insert-nuget-config-azfeed.yml@self parameters: repoRoot: $(Build.SourcesDirectory)/PowerShell @@ -88,6 +99,7 @@ jobs: displayName: Bootstrap env: __DOTNET_RUNTIME_FEED_KEY: $(RUNTIME_SOURCEFEED_KEY) + ob_restore_phase: true - pwsh: | New-Item -Path '$(ob_outputDirectory)' -ItemType Directory -Force @@ -118,3 +130,5 @@ jobs: BuildTestPackage -runtime linux-musl-x64 displayName: Build test package and upload retryCountOnTaskFailure: 1 + env: + ob_restore_phase: true From 0875678f7507f5c7961a07ddb0ac38e3999b2613 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Tue, 13 Aug 2024 10:35:51 -0700 Subject: [PATCH 32/42] Try adding build phase --- .pipelines/templates/testartifacts.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.pipelines/templates/testartifacts.yml b/.pipelines/templates/testartifacts.yml index 2ff6685b58a..039e9336d7c 100644 --- a/.pipelines/templates/testartifacts.yml +++ b/.pipelines/templates/testartifacts.yml @@ -68,6 +68,10 @@ jobs: env: ob_restore_phase: true + - pwsh: | + Write-Host "This doesn't do anything but make the build phase run." + displayName: Dummy build task + - job: build_testartifacts_nonwin variables: @@ -132,3 +136,7 @@ jobs: retryCountOnTaskFailure: 1 env: ob_restore_phase: true + + - pwsh: | + Write-Host "This doesn't do anything but make the build phase run." + displayName: Dummy build task From 7d49cd2cbece65b40e6f5db245bdff199e631e77 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Tue, 13 Aug 2024 11:20:28 -0700 Subject: [PATCH 33/42] put nuget files in the right place --- .pipelines/templates/mac.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.pipelines/templates/mac.yml b/.pipelines/templates/mac.yml index 9a9f58969dc..0882af7da6c 100644 --- a/.pipelines/templates/mac.yml +++ b/.pipelines/templates/mac.yml @@ -24,6 +24,9 @@ jobs: value: true - name: ob_sdl_credscan_suppressionsfileforartifacts value: $(Build.SourcesDirectory)/PowerShell/.config/suppress.json + - name: PowerShellRoot + value: $(Build.SourcesDirectory)/PowerShell + steps: - checkout: self clean: true @@ -39,9 +42,7 @@ jobs: # make the current user the owner sudo chown $env:USER "$(Agent.TempDirectory)/PowerShell" displayName: 'Create $(Agent.TempDirectory)/PowerShell' - - template: /.pipelines/templates/cloneToOfficialPath.yml@self - parameters: - nativePathRoot: '$(Agent.TempDirectory)' + - pwsh: | tools/releaseBuild/macOS/PowerShellPackageVsts.ps1 -location $(PowerShellRoot) -BootStrap displayName: 'Bootstrap VM' @@ -76,6 +77,7 @@ jobs: displayName: 'Build' env: __DOTNET_RUNTIME_FEED_KEY: $(RUNTIME_SOURCEFEED_KEY) + - template: /.pipelines/templates/step/finalize.yml@self - job: sign_${{ parameters.buildArchitecture }} From feff5c849827d57c29c21ef42007dbd94639c443 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Tue, 13 Aug 2024 11:24:04 -0700 Subject: [PATCH 34/42] move bootstrap into yaml --- .pipelines/templates/mac.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.pipelines/templates/mac.yml b/.pipelines/templates/mac.yml index 0882af7da6c..d9b0a044886 100644 --- a/.pipelines/templates/mac.yml +++ b/.pipelines/templates/mac.yml @@ -44,10 +44,12 @@ jobs: displayName: 'Create $(Agent.TempDirectory)/PowerShell' - pwsh: | - tools/releaseBuild/macOS/PowerShellPackageVsts.ps1 -location $(PowerShellRoot) -BootStrap + Import-Module $(PowerShellRoot)/build.psm1 -Force + Start-PSBootstrap -Package displayName: 'Bootstrap VM' env: __DOTNET_RUNTIME_FEED_KEY: $(RUNTIME_SOURCEFEED_KEY) + - template: /.pipelines/templates/insert-nuget-config-azfeed.yml@self parameters: repoRoot: $(PowerShellRoot) From 9eda73fa4a5c22443a9a5c9ed56ae7d1740a6ed1 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Tue, 13 Aug 2024 11:29:03 -0700 Subject: [PATCH 35/42] remove onebranch agent items from macos build --- .pipelines/templates/mac.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.pipelines/templates/mac.yml b/.pipelines/templates/mac.yml index d9b0a044886..4f9604ea100 100644 --- a/.pipelines/templates/mac.yml +++ b/.pipelines/templates/mac.yml @@ -20,12 +20,8 @@ jobs: - group: DotNetPrivateBuildAccess - name: ob_outputDirectory value: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT' - - name: ob_sdl_binskim_enabled - value: true - - name: ob_sdl_credscan_suppressionsfileforartifacts - value: $(Build.SourcesDirectory)/PowerShell/.config/suppress.json - name: PowerShellRoot - value: $(Build.SourcesDirectory)/PowerShell + value: $(Build.SourcesDirectory) steps: - checkout: self From 36d1a6946b11e97d35bf435dffb65e5d1489ecac Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Tue, 13 Aug 2024 15:46:54 -0700 Subject: [PATCH 36/42] switch to environment variable --- .../templates/insert-nuget-config-azfeed.yml | 7 +++ build.psm1 | 51 ++++++++++++++++++- 2 files changed, 57 insertions(+), 1 deletion(-) diff --git a/.pipelines/templates/insert-nuget-config-azfeed.yml b/.pipelines/templates/insert-nuget-config-azfeed.yml index b2e4efe1222..734f070b586 100644 --- a/.pipelines/templates/insert-nuget-config-azfeed.yml +++ b/.pipelines/templates/insert-nuget-config-azfeed.yml @@ -39,3 +39,10 @@ steps: condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) env: ob_restore_phase: ${{ parameters.ob_restore_phase }} + +- pwsh: | + Get-ChildItem -Path env:VSS* | Out-String -width 9999 -Stream | write-Verbose -Verbose + displayName: Capture VSS* Environment + condition: and(succeededOrFailed(), ne(variables['UseAzDevOpsFeed'], '')) + env: + ob_restore_phase: ${{ parameters.ob_restore_phase }} diff --git a/build.psm1 b/build.psm1 index 4b541c288f3..7338d8a9640 100644 --- a/build.psm1 +++ b/build.psm1 @@ -743,6 +743,8 @@ function Switch-PSNugetConfig { [string] $ClearTextPAT ) + Clear-PipelineNugetAuthentication + $extraParams = @() if ($UserName) { $extraParams = @{ @@ -766,6 +768,10 @@ function Switch-PSNugetConfig { } else { throw "Unknown source: $Source" } + + if ($UserName -or $ClearTextPAT) { + Set-PipelineNugetAuthentication + } } function Test-ShouldGenerateExperimentalFeatures @@ -3494,6 +3500,7 @@ function New-NugetPackageSource { return [NugetPackageSource] @{Url = $Url; Name = $Name } } +$script:NuGetEndpointCredentials = [System.Collections.Generic.Dictionary[String,System.Object]]::new() function New-NugetConfigFile { param( [Parameter(Mandatory = $true, ParameterSetName ='user')] @@ -3551,7 +3558,16 @@ function New-NugetConfigFile { $content += $newLine + $nugetPackageSourceFooterTemplate if ($UserName -or $ClearTextPAT) { - $content += $newLine + $nugetCredentialsTemplate.Replace('[FEEDNAME]', $source.Name + $feedNamePostfix).Replace('[USERNAME]', $UserName).Replace('[PASSWORD]', $ClearTextPAT) + foreach ($source in $NugetPackageSource) { + if(!$script:NuGetEndpointCredentials.ContainsKey($source.Url)) { + $script:NuGetEndpointCredentials.Add($source.Url, @{ + endpoint = $source.Url + username = $UserName + password = $ClearTextPAT + }) + } + } + # $content += $newLine + $nugetCredentialsTemplate.Replace('[FEEDNAME]', $source.Name + $feedNamePostfix).Replace('[USERNAME]', $UserName).Replace('[PASSWORD]', $ClearTextPAT) } $content += $newLine + $nugetConfigFooterTemplate @@ -3559,6 +3575,23 @@ function New-NugetConfigFile { Set-Content -Path (Join-Path $Destination 'nuget.config') -Value $content -Force } +function Clear-PipelineNugetAuthentication { + $script:NuGetEndpointCredentials.Clear() +} + +function Set-PipelineNugetAuthentication { + $endpointcredentials = @() + + foreach ($key in $script:NuGetEndpointCredentials.Keys) { + $endpointcredentials += $script:NuGetEndpointCredentials[$key] + } + + $json = @{ + endpointCredentials = $endpointcredentials + } | convertto-json -Compress + Set-PipelineVariable -Name 'VSS_NUGET_EXTERNAL_FEED_ENDPOINTS' -Value $json +} + function Set-CorrectLocale { if (-not $IsLinux) @@ -3692,3 +3725,19 @@ function Update-DotNetSdkVersion { $dotnetRuntimeMeta.sdk.sdkImageVersion = $version $dotnetRuntimeMeta | ConvertTo-Json | Out-File $dotnetRuntimeMetaPath } + +function Set-PipelineVariable { + param( + [parameter(Mandatory)] + [string] $Name, + [parameter(Mandatory)] + [string] $Value + ) + + $vstsCommandString = "vso[task.setvariable variable=$Name]$Value" + Write-Verbose -Verbose -Message ("sending " + $vstsCommandString) + Write-Host "##$vstsCommandString" + + # also set in the current session + Set-Item -Path "env:$Name" -Value $Value +} From ed351ad6336c795614782fe9fdf55ebf44a6079b Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Tue, 13 Aug 2024 16:42:52 -0700 Subject: [PATCH 37/42] bump a couple of packages --- .../Microsoft.PowerShell.Commands.Utility.csproj | 2 +- src/Microsoft.PowerShell.SDK/Microsoft.PowerShell.SDK.csproj | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Microsoft.PowerShell.Commands.Utility/Microsoft.PowerShell.Commands.Utility.csproj b/src/Microsoft.PowerShell.Commands.Utility/Microsoft.PowerShell.Commands.Utility.csproj index a950973b6db..9dd33935fc2 100644 --- a/src/Microsoft.PowerShell.Commands.Utility/Microsoft.PowerShell.Commands.Utility.csproj +++ b/src/Microsoft.PowerShell.Commands.Utility/Microsoft.PowerShell.Commands.Utility.csproj @@ -35,7 +35,7 @@ - + diff --git a/src/Microsoft.PowerShell.SDK/Microsoft.PowerShell.SDK.csproj b/src/Microsoft.PowerShell.SDK/Microsoft.PowerShell.SDK.csproj index 074b0e6c13f..4bc37fa3d11 100644 --- a/src/Microsoft.PowerShell.SDK/Microsoft.PowerShell.SDK.csproj +++ b/src/Microsoft.PowerShell.SDK/Microsoft.PowerShell.SDK.csproj @@ -17,7 +17,7 @@ - + From 2792e582a3998ad92a77bcb6538d833132e40ab8 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Tue, 13 Aug 2024 16:45:09 -0700 Subject: [PATCH 38/42] fix formatting --- build.psm1 | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/build.psm1 b/build.psm1 index 7338d8a9640..45bb27ec77c 100644 --- a/build.psm1 +++ b/build.psm1 @@ -3545,8 +3545,8 @@ function New-NugetConfigFile { '@ $content = $nugetConfigHeaderTemplate $feedNamePostfix = '' - if($UserName) { - $feedNamePostfix += '-' + $UserName.Replace('@','-').Replace('.','-') + if ($UserName) { + $feedNamePostfix += '-' + $UserName.Replace('@', '-').Replace('.', '-') } [NugetPackageSource]$source = $null @@ -3559,15 +3559,14 @@ function New-NugetConfigFile { if ($UserName -or $ClearTextPAT) { foreach ($source in $NugetPackageSource) { - if(!$script:NuGetEndpointCredentials.ContainsKey($source.Url)) { + if (!$script:NuGetEndpointCredentials.ContainsKey($source.Url)) { $script:NuGetEndpointCredentials.Add($source.Url, @{ - endpoint = $source.Url - username = $UserName - password = $ClearTextPAT - }) + endpoint = $source.Url + username = $UserName + password = $ClearTextPAT + }) } } - # $content += $newLine + $nugetCredentialsTemplate.Replace('[FEEDNAME]', $source.Name + $feedNamePostfix).Replace('[USERNAME]', $UserName).Replace('[PASSWORD]', $ClearTextPAT) } $content += $newLine + $nugetConfigFooterTemplate From f8166088dcf487951a51a56a1f57843d18310325 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Tue, 13 Aug 2024 17:15:25 -0700 Subject: [PATCH 39/42] Fix static analysis issue --- build.psm1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.psm1 b/build.psm1 index 45bb27ec77c..dbdcd19ed98 100644 --- a/build.psm1 +++ b/build.psm1 @@ -734,7 +734,7 @@ function Switch-PSNugetConfig { [Parameter(Mandatory = $true, ParameterSetName = 'user')] [Parameter(Mandatory = $true, ParameterSetName = 'nouser')] [ValidateSet('Public', 'Private')] - [string] $Source = 'Public', + [string] $Source, [Parameter(Mandatory = $true, ParameterSetName = 'user')] [string] $UserName, From 0fad547930af58e70d3a7023c36607febf424805 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Wed, 14 Aug 2024 10:53:51 -0700 Subject: [PATCH 40/42] update feed url to test restoring everything --- build.psm1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.psm1 b/build.psm1 index dbdcd19ed98..8c89c055a42 100644 --- a/build.psm1 +++ b/build.psm1 @@ -761,7 +761,7 @@ function Switch-PSNugetConfig { New-NugetConfigFile -NugetPackageSource $nugetorg, $dotnetSdk -Destination "$PSScriptRoot/" @extraParams New-NugetConfigFile -NugetPackageSource $gallery -Destination "$PSScriptRoot/src/Modules/" @extraParams } elseif ( $Source -eq 'Private') { - $powerShellPackages = [NugetPackageSource] @{Url = 'https://pkgs.dev.azure.com/powershell/PowerShell/_packaging/powershell-preview-7-5-test/nuget/v3/index.json'; Name = 'powershell' } + $powerShellPackages = [NugetPackageSource] @{Url = 'https://pkgs.dev.azure.com/powershell/PowerShell/_packaging/PowerShell-7-5-preview-test-2/nuget/v3/index.json'; Name = 'powershell' } New-NugetConfigFile -NugetPackageSource $powerShellPackages -Destination "$PSScriptRoot/" @extraParams New-NugetConfigFile -NugetPackageSource $powerShellPackages -Destination "$PSScriptRoot/src/Modules/" @extraParams From 6a9d9731209014b83e4d077238d1ef0098fec75b Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Wed, 14 Aug 2024 11:19:39 -0700 Subject: [PATCH 41/42] install the AzFeed cred provider --- .pipelines/templates/insert-nuget-config-azfeed.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.pipelines/templates/insert-nuget-config-azfeed.yml b/.pipelines/templates/insert-nuget-config-azfeed.yml index 734f070b586..20057440c00 100644 --- a/.pipelines/templates/insert-nuget-config-azfeed.yml +++ b/.pipelines/templates/insert-nuget-config-azfeed.yml @@ -6,6 +6,11 @@ parameters: default: true steps: +- task: NuGetAuthenticate@1 + displayName: Install Azure Artifacts Credential Provider + inputs: + forceReinstallCredentialProvider: true + - pwsh: | try { $configPath = "${env:NugetConfigDir}/nuget.config" From e31d16132bddb5465d618a2b0188449c42d0f4b8 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Wed, 14 Aug 2024 12:06:03 -0700 Subject: [PATCH 42/42] fix binlog issues --- build.psm1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build.psm1 b/build.psm1 index 8c89c055a42..36f958bab84 100644 --- a/build.psm1 +++ b/build.psm1 @@ -877,7 +877,7 @@ function Restore-PSPackage $RestoreArguments += "--interactive" } - if ($env:ENABLE_MSBUILD_BINLOGS) { + if ($env:ENABLE_MSBUILD_BINLOGS -eq 'true') { $RestoreArguments += '-bl' } @@ -898,7 +898,7 @@ function Restore-PSPackage $retryCount++ if($retryCount -ge $maxTries) { - if ($env:ENABLE_MSBUILD_BINLOGS) { + if ($env:ENABLE_MSBUILD_BINLOGS -eq 'true') { if ( Test-Path ./msbuild.binlog ) { if (!(Test-Path $env:OB_OUTPUTDIRECTORY -PathType Container)) { $null = New-Item -path $env:OB_OUTPUTDIRECTORY -ItemType Directory -Force -Verbose