From: Morgan Brown Date: Sat, 15 Dec 2018 02:45:55 +0000 (-0800) Subject: Add Azure DevOps signing support (dotnet/coreclr#21545) X-Git-Tag: submit/tizen/20210909.063632~11030^2~3064 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=775633180431f39c21d82ab80aec423414bae801;p=platform%2Fupstream%2Fdotnet%2Fruntime.git Add Azure DevOps signing support (dotnet/coreclr#21545) Add signing support for Azure DevOps pipelines. This uses the arcade signing step, but with custom logic to find files to sign while we're not using arcade for the rest of the build. Commit migrated from https://github.com/dotnet/coreclr/commit/e763e8302028edb4a49e22b7e18b888b3145d48c --- diff --git a/eng/build-job.yml b/eng/build-job.yml index d8a5f61..064db09 100644 --- a/eng/build-job.yml +++ b/eng/build-job.yml @@ -14,6 +14,7 @@ jobs: archType: ${{ parameters.archType }} osGroup: ${{ parameters.osGroup }} osIdentifier: ${{ parameters.osIdentifier }} + enableMicrobuild: true # Compute job name from template parameters name: ${{ format('build_{0}_{1}_{2}', parameters.osIdentifier, parameters.archType, parameters.buildConfig) }} @@ -68,6 +69,19 @@ jobs: - script: set __TestIntermediateDir=int&&build.cmd $(buildConfig) $(archType) -skiptests -skipbuildpackages displayName: Build product + # Sign on Windows + - ${{ if and(ne(variables['System.TeamProject'], 'public'), ne(variables['Build.Reason'], 'PullRequest'), eq(parameters.osGroup, 'Windows_NT')) }}: + - script: powershell eng\common\build.ps1 -ci -sign -restore -configuration:$(buildConfig) -warnaserror:0 /p:ArcadeBuild=true /p:OfficialBuild=true /p:BuildOS=$(osGroup) /p:BuildArch=$(archType) /p:BuildType=$(buildConfig) /p:DotNetSignType=%_SignType% + displayName: Sign Binaries + + - task: PublishBuildArtifacts@1 + displayName: Publish Signing Logs to VSTS + inputs: + PathtoPublish: '$(Build.SourcesDirectory)/artifacts/' + PublishLocation: Container + ArtifactName: $(Agent.Os)_$(Agent.JobName)_$(archType) + continueOnError: true + condition: always() # Upload build as pipeline artifact - ${{ if ne(parameters.osGroup, 'Windows_NT') }}: @@ -83,13 +97,6 @@ jobs: artifactName: ${{ format('{0}_{1}_{2}_build', parameters.osIdentifier, parameters.archType, parameters.buildConfig) }} targetPath: $(Build.SourcesDirectory)\bin\Product\$(osGroup).$(archType).$(buildConfigUpper) - - # TODO: Sign - - ${{ if and(ne(variables['System.TeamProject'], 'public'), ne(variables['Build.Reason'], 'PullRequest')) }}: - - script: echo Sign! - displayName: Sign Binaries (empty for now) - - # Get key vault secrets for publishing - ${{ if and(ne(variables['System.TeamProject'], 'public'), ne(variables['Build.Reason'], 'PullRequest')) }}: - task: AzureKeyVault@1 diff --git a/eng/xplat-job.yml b/eng/xplat-job.yml index 8b25175..a59dcef 100644 --- a/eng/xplat-job.yml +++ b/eng/xplat-job.yml @@ -11,6 +11,7 @@ parameters: timeoutInMinutes: '' helixType: '' crossrootfsDir: '' + enableMicrobuild: '' # arcade-specific parameters gatherAssetManifests: false @@ -31,6 +32,8 @@ jobs: helixRepo: 'dotnet/coreclr' helixType: ${{ parameters.helixType }} + enableMicrobuild: ${{ parameters.enableMicrobuild }} + pool: ${{ if and(eq(parameters.osGroup, 'Linux'), eq(variables['System.TeamProject'], 'public')) }}: name: Hosted Ubuntu 1604 diff --git a/src/coreclr/Directory.Build.props b/src/coreclr/Directory.Build.props index 2082362..63bb6d6 100644 --- a/src/coreclr/Directory.Build.props +++ b/src/coreclr/Directory.Build.props @@ -1,4 +1,5 @@ + $(NumberOfCores) diff --git a/src/coreclr/Directory.Build.targets b/src/coreclr/Directory.Build.targets new file mode 100644 index 0000000..29123fe --- /dev/null +++ b/src/coreclr/Directory.Build.targets @@ -0,0 +1,4 @@ + + + + \ No newline at end of file