diff --git a/.vsts-ci/azure-pipelines-release.yml b/.vsts-ci/azure-pipelines-release.yml
index 0e5f301..d330c5b 100644
--- a/.vsts-ci/azure-pipelines-release.yml
+++ b/.vsts-ci/azure-pipelines-release.yml
@@ -1,3 +1,6 @@
+# NOTE:
+# We stop signing GraphicalTools now since we aren't doing anymore work on it until MAUI
+
name: PR-$(System.PullRequest.PullRequestNumber)-$(Date:yyyyMMdd)$(Rev:.rr)
variables:
@@ -31,155 +34,136 @@ trigger:
- /LICENSE.txt
- /CODE_OF_CONDUCT.md
-jobs:
-- job: 'ReleaseBuild'
- displayName: Release Build
- pool:
- vmImage: 'vs2017-win2016'
- steps:
- - template: templates/ci-general.yml
-
-- job: 'SignBuild'
- displayName: Signing Build
- dependsOn: 'ReleaseBuild'
- pool:
- name: 'Package ES CodeHub Lab E'
- demands: DotNetFramework
- steps:
- - powershell: |
- Get-ChildItem -Path env:
- displayName: Capture environment
- condition: succeededOrFailed()
-
- - task: PkgESSetupBuild@10
- displayName: 'Package ES - Setup Build'
- inputs:
- productName: GraphicalTools
-
- - task: DownloadBuildArtifacts@0
- displayName: 'Download Build Artifacts'
- inputs:
- downloadType: specific
-
- - task: PowerShell@1
- displayName: 'Extract build zip'
- inputs:
- scriptType: inlineScript
- inlineScript: |
- Expand-Archive -Path "$env:BUILD_ARTIFACTSTAGINGDIRECTORY\GraphicalTools\Microsoft.PowerShell.GraphicalTools-Windows_NT.zip" -DestinationPath "$env:BUILD_ARTIFACTSTAGINGDIRECTORY\Microsoft.PowerShell.GraphicalTools"
+resources:
+ repositories:
+ - repository: ComplianceRepo
+ type: github
+ endpoint: ComplianceGHRepo
+ name: PowerShell/compliance
+
+stages:
+- stage: Build
+ displayName: Build
+ jobs:
+ - job: 'ReleaseBuild'
+ displayName: Release Build
+ pool:
+ vmImage: 'windows-latest'
+ steps:
+ - template: templates/ci-general.yml
+ - pwsh: |
+ Get-ChildItem -Recurse '$(Build.SourcesDirectory)'
+ displayName: Capture downloaded artifacts
+ - publish: '$(Build.SourcesDirectory)\src\Microsoft.PowerShell.ConsoleGuiTools\obj\project.assets.json'
+ artifact: ConsoleGuiToolsAssetsJson
+ displayName: Publish ConsoleGuiTools project.assets.json
+
+ - job: 'SignBuild'
+ displayName: Signing Build
+ dependsOn: 'ReleaseBuild'
+ pool:
+ name: 'Package ES Standard Build'
+ demands: DotNetFramework
+ variables:
+ - group: ESRP
+ steps:
+ - powershell: |
+ Get-ChildItem -Path env:
+ displayName: Capture environment
+ condition: succeededOrFailed()
+
+ - task: DownloadBuildArtifacts@0
+ displayName: 'Download Build Artifacts'
+ inputs:
+ downloadType: specific
+
+ - pwsh: |
Expand-Archive -Path "$env:BUILD_ARTIFACTSTAGINGDIRECTORY\GraphicalTools\Microsoft.PowerShell.ConsoleGuiTools-Windows_NT.zip" -DestinationPath "$env:BUILD_ARTIFACTSTAGINGDIRECTORY\Microsoft.PowerShell.ConsoleGuiTools"
-
- - task: PkgESCodeSign@10
- displayName: 'CodeSign tools/releaseBuild/signing.xml'
- env:
- SYSTEM_ACCESSTOKEN: $(System.AccessToken)
- inputs:
- signConfigXml: tools/releaseBuild/signing.xml
- inPathRoot: '$(Build.ArtifactStagingDirectory)'
- outPathRoot: '$(Build.ArtifactStagingDirectory)\Signed'
-
- - task: PowerShell@1
- displayName: 'Copy signed files to unsigned folder'
- inputs:
- scriptType: inlineScript
- inlineScript: |
- $signed="$env:BUILD_ARTIFACTSTAGINGDIRECTORY\Signed\*"
- $notSigned="$env:BUILD_ARTIFACTSTAGINGDIRECTORY"
- Copy-Item $signed $notSigned -Recurse -Force
-
- - task: PowerShell@1
- displayName: 'Create catalog file'
- inputs:
- scriptType: inlineScript
- inlineScript: |
- $signedDir = "$env:BUILD_ARTIFACTSTAGINGDIRECTORY\Microsoft.PowerShell.GraphicalTools\Microsoft.PowerShell.GraphicalTools"
- New-FileCatalog -CatalogFilePath "$env:BUILD_ARTIFACTSTAGINGDIRECTORY\Microsoft.PowerShell.GraphicalTools\Microsoft.PowerShell.GraphicalTools.cat" -Path "$signedDir"
- $signedDir = "$env:BUILD_ARTIFACTSTAGINGDIRECTORY\Microsoft.PowerShell.ConsoleGuiTools\Microsoft.PowerShell.ConsoleGuiTools"
- New-FileCatalog -CatalogFilePath "$env:BUILD_ARTIFACTSTAGINGDIRECTORY\Microsoft.PowerShell.ConsoleGuiTools\Microsoft.PowerShell.ConsoleGuiTools.cat" -Path "$signedDir"
-
- - task: PkgESCodeSign@10
- displayName: 'CodeSign tools/releaseBuild/FileCatalogSigning.xml'
- env:
- SYSTEM_ACCESSTOKEN: $(System.AccessToken)
- inputs:
- signConfigXml: tools/releaseBuild/FileCatalogSigning.xml
- inPathRoot: '$(Build.ArtifactStagingDirectory)'
- outPathRoot: '$(Build.ArtifactStagingDirectory)'
-
- - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
- displayName: 'Component Detection'
-
- - task: AntiMalware@3
- inputs:
- InputType: 'Basic'
- ScanType: 'CustomScan'
- FileDirPath: '$(Build.ArtifactStagingDirectory)'
- EnableServices: false
- SupportLogOnError: false
- TreatSignatureUpdateFailureAs: 'Warning'
- SignatureFreshness: 'UpToDate'
- TreatStaleSignatureAs: 'Error'
-
- - task: PoliCheck@1
- condition: succeededOrFailed()
- inputs:
- targetType: F
- optionsFC: 0
- optionsXS: 0
- optionsPE: '1|2|3|4'
- optionsHMENABLE: 0
- optionsFTPATH: '$(Build.SourcesDirectory)\tools\terms\FileTypeSet.xml'
- # toolVersion: 5.8.2.1
-
- - task: CredScan@2
- condition: succeededOrFailed()
-
- - task: BinSkim@3
- condition: succeededOrFailed()
- inputs:
- InputType: 'Basic'
- Function: 'analyze'
- AnalyzeRecurse: true
- AnalyzeTarget: '$(Build.ArtifactStagingDirectory)\Microsoft.PowerShell.*Tools.dll;$(Build.ArtifactStagingDirectory)\OutGridView*.dll'
-
- # Publish results as artifacts
- - task: PublishSecurityAnalysisLogs@3
- condition: succeededOrFailed()
- inputs:
- ArtifactName: 'CodeAnalysisLogs'
- ArtifactType: 'Container'
-
- # Publish to TSA server
- - task: TSAUpload@1
- condition: succeededOrFailed()
- continueOnError: true
- inputs:
- tsaVersion: 'TsaV2'
- codebase: 'Existing'
- tsaEnvironment: 'PROD'
- codeBaseName: 'PowerShell_GraphicalTools_20190809'
- uploadAPIScan: false
- uploadBinSkim: true
- uploadCredScan: true
- uploadFortifySCA: false
- uploadFxCop: false
- uploadModernCop: false
- uploadPoliCheck: true
- uploadPREfast: false
- uploadRoslyn: false
- uploadTSLint: false
- uploadAsync: true
-
- - task: PowerShell@1
- displayName: 'Upload Artifacts'
- condition: succeededOrFailed()
- inputs:
- scriptType: inlineScript
- inlineScript: 'Write-Host "##vso[artifact.upload containerfolder=Microsoft.PowerShell.GraphicalTools-Signed;artifactname=Microsoft.PowerShell.GraphicalTools-Signed]$(Build.ArtifactStagingDirectory)\Microsoft.PowerShell.GraphicalTools\Microsoft.PowerShell.GraphicalTools"'
-
- - task: PowerShell@1
- displayName: 'Upload Artifacts'
- condition: succeededOrFailed()
- inputs:
- scriptType: inlineScript
- inlineScript: 'Write-Host "##vso[artifact.upload containerfolder=Microsoft.PowerShell.ConsoleGuiTools-Signed;artifactname=Microsoft.PowerShell.ConsoleGuiTools-Signed]$(Build.ArtifactStagingDirectory)\Microsoft.PowerShell.ConsoleGuiTools\Microsoft.PowerShell.ConsoleGuiTools"'
+ displayName: 'Extract build zip'
+
+ - template: EsrpSign.yml@ComplianceRepo
+ parameters:
+ # the folder which contains the binaries to sign
+ buildOutputPath: $(Build.ArtifactStagingDirectory)\Microsoft.PowerShell.ConsoleGuiTools
+ # the location to put the signed output
+ signOutputPath: $(Build.ArtifactStagingDirectory)\Microsoft.PowerShell.ConsoleGuiTools-Signed
+ # the certificate ID to use
+ certificateId: "CP-230012"
+ # The file pattern to use
+ # If not using minimatch: comma separated, with * supported
+ # If using minimatch: newline separated, with !, **, and * supported.
+ # See link in the useMinimatch comments.
+ pattern: 'Microsoft.PowerShell.*.dll,Microsoft.PowerShell.*.psd1,Microsoft.PowerShell.*.psm1'
+ # decides if the task should use minimatch for the pattern matching.
+ # https://github.com/isaacs/minimatch#features
+ useMinimatch: false
+
+ - pwsh: |
+ $signed="$env:BUILD_ARTIFACTSTAGINGDIRECTORY\Microsoft.PowerShell.ConsoleGuiTools-Signed\*"
+ $notSigned="$env:BUILD_ARTIFACTSTAGINGDIRECTORY\Microsoft.PowerShell.ConsoleGuiTools"
+ Copy-Item $signed $notSigned -Recurse -Force -Verbose
+ displayName: 'Copy signed files to unsigned folder'
+
+ - template: EsrpSign.yml@ComplianceRepo
+ parameters:
+ # the folder which contains the binaries to sign
+ buildOutputPath: $(Build.ArtifactStagingDirectory)\Microsoft.PowerShell.ConsoleGuiTools
+ # the location to put the signed output
+ signOutputPath: $(Build.ArtifactStagingDirectory)\Microsoft.PowerShell.ConsoleGuiTools-Signed
+ # the certificate ID to use
+ certificateId: "CP-231522"
+ # The file pattern to use
+ # If not using minimatch: comma separated, with * supported
+ # If using minimatch: newline separated, with !, **, and * supported.
+ # See link in the useMinimatch comments.
+ pattern: 'NStack.dll,Terminal.Gui.dll'
+ # decides if the task should use minimatch for the pattern matching.
+ # https://github.com/isaacs/minimatch#features
+ useMinimatch: false
+
+ - pwsh: |
+ $signed="$(Build.ArtifactStagingDirectory)\Microsoft.PowerShell.ConsoleGuiTools-Signed\*"
+ $notSigned="$(Build.ArtifactStagingDirectory)\Microsoft.PowerShell.ConsoleGuiTools"
+ Copy-Item $signed $notSigned -Recurse -Force -Verbose
+ displayName: 'Copy signed files to unsigned folder'
+
+ - publish: $(Build.ArtifactStagingDirectory)\Microsoft.PowerShell.ConsoleGuiTools
+ artifact: Microsoft.PowerShell.ConsoleGuiTools-Signed
+ displayName: 'Upload Artifacts'
+ condition: succeededOrFailed()
+
+- stage: compliance
+ displayName: Compliance
+ dependsOn: Build
+ jobs:
+ - job: Compliance_Job
+ pool:
+ name: Package ES Standard Build
+ steps:
+ - checkout: self
+ - checkout: ComplianceRepo
+ - download: current
+ artifact: Microsoft.PowerShell.ConsoleGuiTools-Signed
+ - download: current
+ artifact: ConsoleGuiToolsAssetsJson
+
+ - pwsh: |
+ Get-ChildItem -Recurse '$(Pipeline.Workspace)'
+ displayName: Capture downloaded artifacts
+
+ - template: assembly-module-compliance.yml@ComplianceRepo
+ parameters:
+ # binskim
+ AnalyzeTarget: '$(Pipeline.Workspace)\Microsoft.PowerShell.ConsoleGuiTools-Signed\*.dll'
+ AnalyzeSymPath: 'SRV*'
+ # component-governance
+ sourceScanPath: '$(Pipeline.Workspace)\ConsoleGuiToolsAssetsJson'
+ # credscan
+ suppressionsFile: ''
+ # TermCheck
+ optionsRulesDBPath: ''
+ optionsFTPath: ''
+ # tsa-upload
+ codeBaseName: 'PSGraphicalTools_20201123'
+ # selections
+ APIScan: false # set to false when not using Windows APIs.
diff --git a/.vsts-ci/misc-analysis.yml b/.vsts-ci/misc-analysis.yml
index e8ccba8..c9dc67b 100644
--- a/.vsts-ci/misc-analysis.yml
+++ b/.vsts-ci/misc-analysis.yml
@@ -12,8 +12,19 @@ pr:
- master
resources:
-- repo: self
- clean: true
+ repositories:
+ - repository: ComplianceRepo
+ type: github
+ endpoint: ComplianceGHRepo
+ name: PowerShell/compliance
jobs:
-- template: templates/credscan.yml
+- job: Compliance_Job
+ pool:
+ vmImage: windows-latest
+ steps:
+ - checkout: self
+ clean: true
+ - checkout: ComplianceRepo
+ clean: true
+ - template: ci-compliance.yml@ComplianceRepo
diff --git a/.vsts-ci/templates/credscan.yml b/.vsts-ci/templates/credscan.yml
deleted file mode 100644
index eb711c8..0000000
--- a/.vsts-ci/templates/credscan.yml
+++ /dev/null
@@ -1,31 +0,0 @@
-parameters:
- pool: 'Hosted VS2017'
- jobName: 'credscan'
- displayName: Secret Scan
-
-jobs:
-- job: ${{ parameters.jobName }}
- pool:
- name: ${{ parameters.pool }}
-
- displayName: ${{ parameters.displayName }}
-
- steps:
- - powershell: Write-Host "##vso[build.updatebuildnumber]$env:BUILD_SOURCEBRANCHNAME-$env:BUILD_SOURCEVERSION-$((get-date).ToString("yyyyMMddhhmmss"))"
- displayName: Set Build Name for Non-PR
- condition: ne(variables['Build.Reason'], 'PullRequest')
-
- - task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2
- displayName: 'Scan for secrets'
- inputs:
- debugMode: false
-
- - task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@2
- displayName: 'Publish Secret Scan Logs to Build Artifacts'
- continueOnError: true
-
- - task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@1
- displayName: 'Check for failures'
- inputs:
- CredScan: true
- ToolLogsNotFoundAction: Error
diff --git a/src/Microsoft.PowerShell.ConsoleGuiTools/Microsoft.PowerShell.ConsoleGuiTools.csproj b/src/Microsoft.PowerShell.ConsoleGuiTools/Microsoft.PowerShell.ConsoleGuiTools.csproj
index 897219a..8bedf20 100644
--- a/src/Microsoft.PowerShell.ConsoleGuiTools/Microsoft.PowerShell.ConsoleGuiTools.csproj
+++ b/src/Microsoft.PowerShell.ConsoleGuiTools/Microsoft.PowerShell.ConsoleGuiTools.csproj
@@ -11,7 +11,7 @@
-
+
diff --git a/src/Microsoft.PowerShell.ConsoleGuiTools/ModuleLayout.psd1 b/src/Microsoft.PowerShell.ConsoleGuiTools/ModuleLayout.psd1
index 80e976a..48c9432 100644
--- a/src/Microsoft.PowerShell.ConsoleGuiTools/ModuleLayout.psd1
+++ b/src/Microsoft.PowerShell.ConsoleGuiTools/ModuleLayout.psd1
@@ -8,9 +8,9 @@
'publish/NStack.dll'
)
- 'OutGridView.Models' = @(
- 'publish/OutGridView.Models.dll',
- 'publish/OutGridView.Models.pdb'
+ 'Microsoft.PowerShell.OutGridView.Models' = @(
+ 'publish/Microsoft.PowerShell.OutGridView.Models.dll',
+ 'publish/Microsoft.PowerShell.OutGridView.Models.pdb'
)
}
diff --git a/src/Microsoft.PowerShell.GraphicalTools/Microsoft.PowerShell.GraphicalTools.csproj b/src/Microsoft.PowerShell.GraphicalTools/Microsoft.PowerShell.GraphicalTools.csproj
index 8c3e9e2..45b17d0 100644
--- a/src/Microsoft.PowerShell.GraphicalTools/Microsoft.PowerShell.GraphicalTools.csproj
+++ b/src/Microsoft.PowerShell.GraphicalTools/Microsoft.PowerShell.GraphicalTools.csproj
@@ -9,7 +9,7 @@
-
+
diff --git a/src/Microsoft.PowerShell.GraphicalTools/ModuleLayout.psd1 b/src/Microsoft.PowerShell.GraphicalTools/ModuleLayout.psd1
index 2de7f61..dddfb29 100644
--- a/src/Microsoft.PowerShell.GraphicalTools/ModuleLayout.psd1
+++ b/src/Microsoft.PowerShell.GraphicalTools/ModuleLayout.psd1
@@ -7,9 +7,9 @@
"publish/Microsoft.PowerShell.GraphicalTools.psm1"
)
- 'OutGridView.Models' = @(
- 'publish/OutGridView.Models.dll',
- 'publish/OutGridView.Models.pdb'
+ 'Microsoft.PowerShell.OutGridView.Models' = @(
+ 'publish/Microsoft.PowerShell.OutGridView.Models.dll',
+ 'publish/Microsoft.PowerShell.OutGridView.Models.pdb'
)
}
diff --git a/src/OutGridView.Models/ApplicationData.cs b/src/Microsoft.PowerShell.OutGridView.Models/ApplicationData.cs
similarity index 100%
rename from src/OutGridView.Models/ApplicationData.cs
rename to src/Microsoft.PowerShell.OutGridView.Models/ApplicationData.cs
diff --git a/src/OutGridView.Models/DataTable.cs b/src/Microsoft.PowerShell.OutGridView.Models/DataTable.cs
similarity index 100%
rename from src/OutGridView.Models/DataTable.cs
rename to src/Microsoft.PowerShell.OutGridView.Models/DataTable.cs
diff --git a/src/OutGridView.Models/DataTableColumn.cs b/src/Microsoft.PowerShell.OutGridView.Models/DataTableColumn.cs
similarity index 100%
rename from src/OutGridView.Models/DataTableColumn.cs
rename to src/Microsoft.PowerShell.OutGridView.Models/DataTableColumn.cs
diff --git a/src/OutGridView.Models/DataTableRow.cs b/src/Microsoft.PowerShell.OutGridView.Models/DataTableRow.cs
similarity index 100%
rename from src/OutGridView.Models/DataTableRow.cs
rename to src/Microsoft.PowerShell.OutGridView.Models/DataTableRow.cs
diff --git a/src/OutGridView.Models/OutGridView.Models.csproj b/src/Microsoft.PowerShell.OutGridView.Models/Microsoft.PowerShell.OutGridView.Models.csproj
similarity index 100%
rename from src/OutGridView.Models/OutGridView.Models.csproj
rename to src/Microsoft.PowerShell.OutGridView.Models/Microsoft.PowerShell.OutGridView.Models.csproj
diff --git a/src/OutGridView.Models/OutputModeOptions.cs b/src/Microsoft.PowerShell.OutGridView.Models/OutputModeOptions.cs
similarity index 100%
rename from src/OutGridView.Models/OutputModeOptions.cs
rename to src/Microsoft.PowerShell.OutGridView.Models/OutputModeOptions.cs
diff --git a/src/OutGridView.Models/Serializers.cs b/src/Microsoft.PowerShell.OutGridView.Models/Serializers.cs
similarity index 100%
rename from src/OutGridView.Models/Serializers.cs
rename to src/Microsoft.PowerShell.OutGridView.Models/Serializers.cs
diff --git a/src/OutGridView.Gui/OutGridView.Gui.csproj b/src/OutGridView.Gui/OutGridView.Gui.csproj
index f17c0c1..e8e8818 100644
--- a/src/OutGridView.Gui/OutGridView.Gui.csproj
+++ b/src/OutGridView.Gui/OutGridView.Gui.csproj
@@ -24,7 +24,7 @@
-
+