From 3584b32963b1e86c15b4e1e9905d608f1aec0f41 Mon Sep 17 00:00:00 2001
From: andystaples <77818326+andystaples@users.noreply.github.com>
Date: Fri, 31 May 2024 15:04:34 -0700
Subject: [PATCH 1/8] Add code-mirror.yml
---
eng/ci/code-mirror.yml | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
create mode 100644 eng/ci/code-mirror.yml
diff --git a/eng/ci/code-mirror.yml b/eng/ci/code-mirror.yml
new file mode 100644
index 00000000..7c77fe20
--- /dev/null
+++ b/eng/ci/code-mirror.yml
@@ -0,0 +1,21 @@
+trigger:
+ branches:
+ include:
+ # Below branches are examples for Azure/azure-functions-host. Replace with appropriate branches for your repository.
+ # Keep this set limited as appropriate (don't mirror individual user branches).
+ - dev
+ - v4.x/*
+ - v3.x/*
+
+resources:
+ repositories:
+ - repository: eng
+ type: git
+ name: engineering
+ ref: refs/tags/release
+
+variables:
+ - template: ci/variables/cfs.yml@eng
+
+extends:
+ template: ci/code-mirror.yml@eng
\ No newline at end of file
From f1e9677a09e34f666f472fff7ee984e8e6ee3ab8 Mon Sep 17 00:00:00 2001
From: andystaples <77818326+andystaples@users.noreply.github.com>
Date: Thu, 20 Jun 2024 11:35:30 -0600
Subject: [PATCH 2/8] Convert build pipeline to 1ES (#1061)
- Convert build pipeline to 1ES
- Remove old pipeline
- Changes to build.ps1 for new pipeline
---
azure-pipelines.yml | 110 -------------------------------------
build.ps1 | 33 ++---------
eng/ci/official.yml | 48 ++++++++++++++++
eng/ci/public.yml | 45 +++++++++++++++
eng/ci/templates/build.yml | 38 +++++++++++++
eng/ci/templates/test.yml | 34 ++++++++++++
6 files changed, 169 insertions(+), 139 deletions(-)
delete mode 100644 azure-pipelines.yml
create mode 100644 eng/ci/official.yml
create mode 100644 eng/ci/public.yml
create mode 100644 eng/ci/templates/build.yml
create mode 100644 eng/ci/templates/test.yml
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
deleted file mode 100644
index 0a6082bc..00000000
--- a/azure-pipelines.yml
+++ /dev/null
@@ -1,110 +0,0 @@
-# Starter pipeline
-# Start with a minimal pipeline that you can customize to build and deploy your code.
-# Add steps that build, run tests, deploy, and more:
-# https://aka.ms/yaml
-
-#trigger:
-#- master
-#- dev
-
-strategy:
- matrix:
- linux:
- imageName: 'MMSUbuntu20.04TLS'
- windows:
- imageName: 'MMS2019TLS'
-
-pool:
- name: '1ES-Hosted-AzFunc'
- demands:
- - ImageOverride -equals $(imageName)
-
-variables:
- Configuration: Release
- buildNumber: $[ counter('build', 400) ] # Start higher than our AppVeyor versions. Every build (pr or branch) will increment.
-
-steps:
-- task: AzureKeyVault@2
- inputs:
- azureSubscription: 'Simple Batch(0b894477-1614-4c8d-8a9b-a697a24596b8)'
- KeyVaultName: 'powershell-worker'
- SecretsFilter: '*'
- RunAsPreJob: true
-
-- pwsh: |
- $releaseBranches = @('v4.x/ps7.2', 'v4.x/ps7.0', 'v3.x/ps7', 'v3.x/ps6', 'v2.x')
-
- Write-Host "BuildSourceBranch: $($env:BuildSourceBranch)"
- $branchName = $env:BuildSourceBranch.Replace("refs/heads/", "")
- Write-Host "BranchName: $branchName"
-
- $isReleaseBuild = ($releaseBranches -contains $branchName)
- Write-Host "##vso[task.setvariable variable=IsReleaseBuild]$isReleaseBuild"
- Write-Host "IsReleaseBuild: $isReleaseBuild"
- displayName: 'Set IsReleaseBuild variable'
- env:
- BuildSourceBranch: $(Build.SourceBranch)
-
-- pwsh: ./build.ps1 -NoBuild -Bootstrap
- displayName: 'Running ./build.ps1 -NoBuild -Bootstrap'
-
-- pwsh: |
- $ErrorActionPreference = "Stop"
- $shouldAddSBOM = [bool]"$(IsReleaseBuild)"
-
- ./build.ps1 -Clean -Configuration Release -BuildNumber "$(buildNumber)" -AddSBOM:$shouldAddSBOM -SBOMUtilSASUrl "$(SBOMUtilSASUrl)"
- displayName: 'Build worker code'
-
-- pwsh: ./build.ps1 -NoBuild -Test
- displayName: 'Running UnitTest'
-
-- pwsh: ./test/E2E/Start-E2ETest.ps1
- env:
- AzureWebJobsStorage: $(AzureWebJobsStorage)
- AzureWebJobsCosmosDBConnectionString: $(AzureWebJobsCosmosDBConnectionString)
- AzureWebJobsServiceBus: $(AzureWebJobsServiceBus)
- AzureWebJobsEventHubSender: $(AzureWebJobsEventHubSender)
- FUNCTIONS_WORKER_RUNTIME : "powershell"
- displayName: 'Running E2ETest'
-
-- task: PublishTestResults@2
- inputs:
- testResultsFormat: 'VSTest'
- testResultsFiles: '**/*.trx'
- failTaskOnFailedTests: true
- condition: succeededOrFailed()
- displayName: 'Publish tests results'
-
-- task: CopyFiles@2
- inputs:
- SourceFolder: '$(System.DefaultWorkingDirectory)/package'
- Contents: '**/*.nupkg'
- TargetFolder: '$(Build.ArtifactStagingDirectory)'
- displayName: 'Copy package to artifacts directory'
-
-- task: NuGetCommand@2
- condition: and(ne(variables['Build.Reason'], 'PullRequest'), eq(variables['IsReleaseBuild'], 'true'), eq(variables['UPLOADPACKAGETOPRERELEASEFEED'], 'false'))
- inputs:
- command: 'push'
- packagesToPush: '$(Build.ArtifactStagingDirectory)/**/*.nupkg;!$(Build.ArtifactStagingDirectory)/**/*.symbols.nupkg'
- nuGetFeedType: 'internal'
- publishVstsFeed: 'e6a70c92-4128-439f-8012-382fe78d6396/c0493cce-bc63-4e11-9fc9-e7c45291f151'
- allowPackageConflicts: true
- displayName: 'Push NuGet package'
-
-- task: NuGetCommand@2
- condition: eq(variables['UPLOADPACKAGETOPRERELEASEFEED'], 'true')
- inputs:
- command: 'push'
- packagesToPush: '$(Build.ArtifactStagingDirectory)/**/*.nupkg;!$(Build.ArtifactStagingDirectory)/**/*.symbols.nupkg'
- nuGetFeedType: 'internal'
- publishVstsFeed: 'e6a70c92-4128-439f-8012-382fe78d6396/f37f760c-aebd-443e-9714-ce725cd427df'
- allowPackageConflicts: true
- displayName: 'Push NuGet package to the AzureFunctionsPreRelease feed'
-
-- task: PublishBuildArtifacts@1
- inputs:
- PathtoPublish: '$(Build.ArtifactStagingDirectory)'
- ArtifactName: 'drop'
- publishLocation: 'Container'
- displayName: 'Publish build artifacts'
diff --git a/build.ps1 b/build.ps1
index 60d1a8fb..4b82ee3e 100644
--- a/build.ps1
+++ b/build.ps1
@@ -28,13 +28,7 @@ param(
$Configuration = "Debug",
[string]
- $BuildNumber = '0',
-
- [switch]
- $AddSBOM,
-
- [string]
- $SBOMUtilSASUrl
+ $BuildNumber = '0'
)
#Requires -Version 6.0
@@ -68,6 +62,7 @@ function Get-FunctionsCoreToolsDir {
}
}
+<<<<<<< HEAD
function Install-SBOMUtil
{
if ([string]::IsNullOrEmpty($SBOMUtilSASUrl))
@@ -97,6 +92,8 @@ function Install-SBOMUtil
return $manifestToolPath
}
+=======
+>>>>>>> f0a96f5 (Convert build pipeline to 1ES (#1061))
function Deploy-PowerShellWorker {
$ErrorActionPreference = 'Stop'
@@ -170,28 +167,6 @@ if (!$NoBuild.IsPresent) {
dotnet publish -c $Configuration "/p:BuildNumber=$BuildNumber" $PSScriptRoot
- if ($AddSBOM)
- {
- # Install manifest tool
- $manifestTool = Install-SBOMUtil
- Write-Log "manifestTool: $manifestTool "
-
- # Generate manifest
- $buildPath = "$PSScriptRoot/src/bin/$Configuration/$TargetFramework/publish"
- $telemetryFilePath = Join-Path $PSScriptRoot ((New-Guid).Guid + ".json")
- $packageName = "Microsoft.Azure.Functions.PowerShellWorker.nuspec"
-
- # Delete the manifest folder if it exists
- $manifestFolderPath = Join-Path $buildPath "_manifest"
- if (Test-Path $manifestFolderPath)
- {
- Remove-Item $manifestFolderPath -Recurse -Force -ErrorAction Ignore
- }
-
- Write-Log "Running: dotnet $manifestTool generate -BuildDropPath $buildPath -BuildComponentPath $buildPath -Verbosity Information -t $telemetryFilePath"
- & { dotnet $manifestTool generate -BuildDropPath $buildPath -BuildComponentPath $buildPath -Verbosity Information -t $telemetryFilePath -PackageName $packageName }
- }
-
dotnet pack -c $Configuration "/p:BuildNumber=$BuildNumber" "$PSScriptRoot/package"
}
diff --git a/eng/ci/official.yml b/eng/ci/official.yml
new file mode 100644
index 00000000..4ff1b052
--- /dev/null
+++ b/eng/ci/official.yml
@@ -0,0 +1,48 @@
+trigger:
+ batch: true
+ branches:
+ include:
+ - v4.x/*
+ - v3.x/*
+
+# CI only, does not trigger on PRs.
+pr: none
+
+resources:
+ repositories:
+ - repository: 1es
+ type: git
+ name: 1ESPipelineTemplates/1ESPipelineTemplates
+ ref: refs/tags/release
+
+variables:
+ Configuration: Release
+ buildNumber: $[ counter('build', 4000) ] # Start higher than the versions from the previous pipeline. Every build (pr or branch) will increment.
+
+extends:
+ template: v1/1ES.Official.PipelineTemplate.yml@1es
+ parameters:
+ pool:
+ name: 1es-pool-azfunc
+ image: 1es-windows-2022
+ os: windows
+
+ stages:
+ - stage: WindowsUnitTests
+ dependsOn: []
+ jobs:
+ - template: /eng/ci/templates/test.yml@self
+
+ - stage: LinuxUnitTests
+ dependsOn: []
+ jobs:
+ - template: /eng/ci/templates/test.yml@self
+ pool:
+ name: 1es-pool-azfunc
+ image: 1es-ubuntu-22.04
+ os: linux
+
+ - stage: Build
+ dependsOn: [WindowsUnitTests, LinuxUnitTests]
+ jobs:
+ - template: /eng/ci/templates/build.yml@self
diff --git a/eng/ci/public.yml b/eng/ci/public.yml
new file mode 100644
index 00000000..726f8db0
--- /dev/null
+++ b/eng/ci/public.yml
@@ -0,0 +1,45 @@
+trigger:
+ batch: true
+ branches:
+ include:
+ - dev
+ - v4.x/*
+ - v3.x/*
+
+# Only run the tests on PR to official branches - do we want to run them on all PRs?
+pr:
+ branches:
+ include:
+ - '*'
+
+resources:
+ repositories:
+ - repository: 1es
+ type: git
+ name: 1ESPipelineTemplates/1ESPipelineTemplates
+ ref: refs/tags/release
+
+extends:
+ template: v1/1ES.Unofficial.PipelineTemplate.yml
+ parameters:
+ pool:
+ name: 1es-pool-azfunc-public
+ image: 1es-windows-2022
+ os: windows
+
+ stages:
+ - stage: WindowsUnitTests
+ dependsOn: []
+ jobs:
+ - template: /eng/ci/templates/test.yml@self
+ pool:
+ name: 1es-pool-azfunc-public
+
+ - stage: LinuxUnitTests
+ dependsOn: []
+ jobs:
+ - template: /eng/ci/templates/test.yml@self
+ pool:
+ name: 1es-pool-azfunc-public
+ image: 1es-ubuntu-22.04
+ os: linux
diff --git a/eng/ci/templates/build.yml b/eng/ci/templates/build.yml
new file mode 100644
index 00000000..f40e066a
--- /dev/null
+++ b/eng/ci/templates/build.yml
@@ -0,0 +1,38 @@
+jobs:
+ - job:
+ templateContext:
+ outputs:
+ - output: nuget
+ packagesToPush: "$(Build.ArtifactStagingDirectory)/*.nupkg"
+ packageParentPath: "$(Build.ArtifactStagingDirectory)"
+ nuGetFeedType: internal
+ publishVstsFeed: "e6a70c92-4128-439f-8012-382fe78d6396/c0493cce-bc63-4e11-9fc9-e7c45291f151"
+ sbomPackageName: "Azure Functions PowerShell Worker"
+ sbomBuildComponentPath: "$(Build.SourcesDirectory)"
+ allowPackageConflicts: true
+ # - output: nuget
+ # condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/dev'), eq(variables['UPLOADPACKAGETOPRERELEASEFEED'], true))
+ # packagesToPush: '$(Build.ArtifactStagingDirectory)/*.nupkg'
+ # packageParentPath: '$(Build.ArtifactStagingDirectory)'
+ # nuGetFeedType: 'internal'
+ # publishVstsFeed: 'e6a70c92-4128-439f-8012-382fe78d6396/f37f760c-aebd-443e-9714-ce725cd427df' # AzureFunctionsPreRelease feed
+ # allowPackageConflicts: true
+ steps:
+ - pwsh: ./build.ps1 -NoBuild -Bootstrap
+ displayName: "Running ./build.ps1 -NoBuild -Bootstrap"
+
+ - pwsh: |
+ $ErrorActionPreference = "Stop"
+
+ ./build.ps1 -Clean -Configuration Release -BuildNumber "$(buildNumber)"
+ displayName: "Build worker code"
+
+ - task: CopyFiles@2
+ inputs:
+ SourceFolder: "$(System.DefaultWorkingDirectory)/package"
+ Contents: |
+ **/*.nuspec
+ **/*.nupkg
+ TargetFolder: "$(Build.ArtifactStagingDirectory)"
+ flattenFolders: true
+ displayName: "Copy package to artifacts directory"
diff --git a/eng/ci/templates/test.yml b/eng/ci/templates/test.yml
new file mode 100644
index 00000000..07a36ebf
--- /dev/null
+++ b/eng/ci/templates/test.yml
@@ -0,0 +1,34 @@
+jobs:
+ - job: UnitTests
+ steps:
+ - pwsh: ./build.ps1 -NoBuild -Bootstrap
+ displayName: "Running ./build.ps1 -NoBuild -Bootstrap"
+
+ - pwsh: ./Check-CsprojVulnerabilities.ps1
+ displayName: "Check for security vulnerabilities"
+
+ - pwsh: |
+ $ErrorActionPreference = "Stop"
+
+ ./build.ps1 -Clean -Configuration Release -BuildNumber "$(buildNumber)"
+ displayName: "Build worker code"
+
+ - pwsh: ./build.ps1 -NoBuild -Test
+ displayName: "Running UnitTest"
+
+ # - pwsh: ./test/E2E/Start-E2ETest.ps1
+ # env:
+ # AzureWebJobsStorage: $(AzureWebJobsStorage)
+ # AzureWebJobsCosmosDBConnectionString: $(AzureWebJobsCosmosDBConnectionString)
+ # AzureWebJobsServiceBus: $(AzureWebJobsServiceBus)
+ # AzureWebJobsEventHubSender: $(AzureWebJobsEventHubSender)
+ # FUNCTIONS_WORKER_RUNTIME: "powershell"
+ # displayName: "Running E2ETest"
+
+ - task: PublishTestResults@2
+ inputs:
+ testResultsFormat: "VSTest"
+ testResultsFiles: "**/*.trx"
+ failTaskOnFailedTests: true
+ condition: succeededOrFailed()
+ displayName: "Publish tests results"
From fae08ffa890d1b54abb5274203f56b0fd3ffe1d1 Mon Sep 17 00:00:00 2001
From: andystaples <77818326+andystaples@users.noreply.github.com>
Date: Thu, 20 Jun 2024 15:08:07 -0600
Subject: [PATCH 3/8] Fix public pipeline (#1069)
---
eng/ci/public.yml | 4 ++--
eng/ci/templates/test.yml | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/eng/ci/public.yml b/eng/ci/public.yml
index 726f8db0..e26de4ad 100644
--- a/eng/ci/public.yml
+++ b/eng/ci/public.yml
@@ -6,7 +6,7 @@ trigger:
- v4.x/*
- v3.x/*
-# Only run the tests on PR to official branches - do we want to run them on all PRs?
+# Run this pipeline on all PRs
pr:
branches:
include:
@@ -16,7 +16,7 @@ resources:
repositories:
- repository: 1es
type: git
- name: 1ESPipelineTemplates/1ESPipelineTemplates
+ name: 1ESPipelineTemplates/1ESPipelineTemplates@1es
ref: refs/tags/release
extends:
diff --git a/eng/ci/templates/test.yml b/eng/ci/templates/test.yml
index 07a36ebf..7e4d9e09 100644
--- a/eng/ci/templates/test.yml
+++ b/eng/ci/templates/test.yml
@@ -10,7 +10,7 @@ jobs:
- pwsh: |
$ErrorActionPreference = "Stop"
- ./build.ps1 -Clean -Configuration Release -BuildNumber "$(buildNumber)"
+ ./build.ps1 -Clean -Configuration Release
displayName: "Build worker code"
- pwsh: ./build.ps1 -NoBuild -Test
From 820176bee98db400d86f2c03b0cb7b7d68c80ef7 Mon Sep 17 00:00:00 2001
From: andystaples <77818326+andystaples@users.noreply.github.com>
Date: Thu, 20 Jun 2024 15:27:04 -0600
Subject: [PATCH 4/8] Move pipeline suffix to correct line (#1070)
---
eng/ci/public.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/eng/ci/public.yml b/eng/ci/public.yml
index e26de4ad..6e207620 100644
--- a/eng/ci/public.yml
+++ b/eng/ci/public.yml
@@ -20,7 +20,7 @@ resources:
ref: refs/tags/release
extends:
- template: v1/1ES.Unofficial.PipelineTemplate.yml
+ template: v1/1ES.Unofficial.PipelineTemplate.yml@1es
parameters:
pool:
name: 1es-pool-azfunc-public
From 828af0e91a8bd097c7c81933b76e89e12fd79943 Mon Sep 17 00:00:00 2001
From: andystaples <77818326+andystaples@users.noreply.github.com>
Date: Fri, 21 Jun 2024 11:39:47 -0600
Subject: [PATCH 5/8] Remove suffix from resources (#1073)
* Remove suffix from resources
* Fix PR trigger logic
---
eng/ci/public.yml | 10 +---------
1 file changed, 1 insertion(+), 9 deletions(-)
diff --git a/eng/ci/public.yml b/eng/ci/public.yml
index 6e207620..df070eed 100644
--- a/eng/ci/public.yml
+++ b/eng/ci/public.yml
@@ -3,20 +3,12 @@ trigger:
branches:
include:
- dev
- - v4.x/*
- - v3.x/*
-
-# Run this pipeline on all PRs
-pr:
- branches:
- include:
- - '*'
resources:
repositories:
- repository: 1es
type: git
- name: 1ESPipelineTemplates/1ESPipelineTemplates@1es
+ name: 1ESPipelineTemplates/1ESPipelineTemplates
ref: refs/tags/release
extends:
From 413f8f98ab18424d7f10025853deb15d3f18827a Mon Sep 17 00:00:00 2001
From: andystaples <77818326+andystaples@users.noreply.github.com>
Date: Fri, 21 Jun 2024 11:59:34 -0600
Subject: [PATCH 6/8] Remove NuGet Config (#1074)
---
NuGet.config | 8 --------
1 file changed, 8 deletions(-)
delete mode 100644 NuGet.config
diff --git a/NuGet.config b/NuGet.config
deleted file mode 100644
index 4538c7d8..00000000
--- a/NuGet.config
+++ /dev/null
@@ -1,8 +0,0 @@
-
-
-
-
-
-
-
-
From 2b48ae845dabf46dc995043043b1241ed2997a30 Mon Sep 17 00:00:00 2001
From: Andy Staples
Date: Fri, 21 Jun 2024 15:52:39 -0600
Subject: [PATCH 7/8] Cleanup merge comments
---
build.ps1 | 32 --------------------------------
1 file changed, 32 deletions(-)
diff --git a/build.ps1 b/build.ps1
index 4b82ee3e..2b827979 100644
--- a/build.ps1
+++ b/build.ps1
@@ -62,38 +62,6 @@ function Get-FunctionsCoreToolsDir {
}
}
-<<<<<<< HEAD
-function Install-SBOMUtil
-{
- if ([string]::IsNullOrEmpty($SBOMUtilSASUrl))
- {
- throw "The `$SBOMUtilSASUrl parameter cannot be null or empty when specifying the `$AddSBOM switch"
- }
-
- $MANIFESTOOLNAME = "ManifestTool"
- Write-Host "Installing $MANIFESTOOLNAME..."
-
- $MANIFESTOOL_DIRECTORY = Join-Path $PSScriptRoot $MANIFESTOOLNAME
- Remove-Item -Recurse -Force $MANIFESTOOL_DIRECTORY -ErrorAction Ignore
-
- Invoke-RestMethod -Uri $SBOMUtilSASUrl -OutFile "$MANIFESTOOL_DIRECTORY.zip"
- Expand-Archive "$MANIFESTOOL_DIRECTORY.zip" -DestinationPath $MANIFESTOOL_DIRECTORY
-
- $dllName = "Microsoft.ManifestTool.dll"
- $manifestToolPath = "$MANIFESTOOL_DIRECTORY/$dllName"
-
- if (-not (Test-Path $manifestToolPath))
- {
- throw "$MANIFESTOOL_DIRECTORY does not contain '$dllName'"
- }
-
- Write-Host 'Done.'
-
- return $manifestToolPath
-}
-
-=======
->>>>>>> f0a96f5 (Convert build pipeline to 1ES (#1061))
function Deploy-PowerShellWorker {
$ErrorActionPreference = 'Stop'
From 5d4b7f8b82a86ba6cd819f943154cf3d04024450 Mon Sep 17 00:00:00 2001
From: Francisco Gamino
Date: Fri, 8 Dec 2023 22:50:26 -0800
Subject: [PATCH 8/8] Updating build to check for vulnerabilities (#1026)
* Add Check-CsprojVulnerabilities.ps1 script
* Do not print report by default
* Add check for security vulnerabilities stage in the pipeline
* Update test projects dependencies
---
Check-CsprojVulnerabilities.ps1 | 62 +++++++++++++++++++
...ft.Azure.Functions.PowerShellWorker.csproj | 1 +
...zure.Functions.PowerShellWorker.E2E.csproj | 4 ++
...ure.Functions.PowerShellWorker.Test.csproj | 2 +
4 files changed, 69 insertions(+)
create mode 100644 Check-CsprojVulnerabilities.ps1
diff --git a/Check-CsprojVulnerabilities.ps1 b/Check-CsprojVulnerabilities.ps1
new file mode 100644
index 00000000..92f62cfd
--- /dev/null
+++ b/Check-CsprojVulnerabilities.ps1
@@ -0,0 +1,62 @@
+param
+(
+ [String[]]
+ $CsprojFilePath,
+
+ [switch]
+ $PrintReport
+)
+
+if (-not $CsprojFilePath)
+{
+ $CsprojFilePath = @(
+ "$PSScriptRoot/src/Microsoft.Azure.Functions.PowerShellWorker.csproj"
+ "$PSScriptRoot/test/Unit/Microsoft.Azure.Functions.PowerShellWorker.Test.csproj"
+ "$PSScriptRoot/test/E2E/Azure.Functions.PowerShellWorker.E2E/Azure.Functions.PowerShellWorker.E2E/Azure.Functions.PowerShellWorker.E2E.csproj"
+ )
+}
+
+$logFilePath = "$PSScriptRoot/build.log"
+
+try
+{
+ foreach ($projectFilePath in $CsprojFilePath)
+ {
+ Write-Host "Analyzing '$projectFilePath' for vulnerabilities..."
+
+ $projectFolder = Split-Path $projectFilePath
+
+ Push-Location $projectFolder
+ & { dotnet restore $projectFilePath }
+ & { dotnet list $projectFilePath package --include-transitive --vulnerable } 3>&1 2>&1 > $logFilePath
+ Pop-Location
+
+ # Check and report if vulnerabilities are found
+ $report = Get-Content $logFilePath -Raw
+ $result = $report | Select-String "has no vulnerable packages given the current sources"
+
+ if ($result)
+ {
+ Write-Host "No vulnerabilities found"
+ }
+ else
+ {
+ $output = [System.Environment]::NewLine + "Vulnerabilities found!"
+ if ($PrintReport.IsPresent)
+ {
+ $output += $report
+ }
+
+ Write-Host $output -ForegroundColor Red
+ Exit 1
+ }
+ Write-Host ""
+ }
+}
+finally
+{
+ if (Test-Path $logFilePath)
+ {
+ Remove-Item $logFilePath -Force
+ }
+}
diff --git a/src/Microsoft.Azure.Functions.PowerShellWorker.csproj b/src/Microsoft.Azure.Functions.PowerShellWorker.csproj
index bdd8f454..ceeace4d 100644
--- a/src/Microsoft.Azure.Functions.PowerShellWorker.csproj
+++ b/src/Microsoft.Azure.Functions.PowerShellWorker.csproj
@@ -26,6 +26,7 @@ Licensed under the MIT license. See LICENSE file in the project root for full li
+
diff --git a/test/E2E/Azure.Functions.PowerShellWorker.E2E/Azure.Functions.PowerShellWorker.E2E/Azure.Functions.PowerShellWorker.E2E.csproj b/test/E2E/Azure.Functions.PowerShellWorker.E2E/Azure.Functions.PowerShellWorker.E2E/Azure.Functions.PowerShellWorker.E2E.csproj
index 1c2add1c..752f65bc 100644
--- a/test/E2E/Azure.Functions.PowerShellWorker.E2E/Azure.Functions.PowerShellWorker.E2E/Azure.Functions.PowerShellWorker.E2E.csproj
+++ b/test/E2E/Azure.Functions.PowerShellWorker.E2E/Azure.Functions.PowerShellWorker.E2E/Azure.Functions.PowerShellWorker.E2E.csproj
@@ -10,9 +10,13 @@
+
+
+
+
diff --git a/test/Unit/Microsoft.Azure.Functions.PowerShellWorker.Test.csproj b/test/Unit/Microsoft.Azure.Functions.PowerShellWorker.Test.csproj
index 844639e5..d8602a6c 100644
--- a/test/Unit/Microsoft.Azure.Functions.PowerShellWorker.Test.csproj
+++ b/test/Unit/Microsoft.Azure.Functions.PowerShellWorker.Test.csproj
@@ -9,6 +9,8 @@
+
+