[release/v7.2.16]Add mariner arm64 package build to release build

tools/packaging/packaging.psm1

@@ -533,6 +533,48 @@ function Start-PSPackage {
                     }
                 }
             }
+            'rpm-fxdependent-arm64' {
+                $Arguments = @{
+                    Type = 'rpm'
+                    PackageSourcePath = $Source
+                    Name = $Name
+                    Version = $Version
+                    Force = $Force
+                    NoSudo = $NoSudo
+                    LTS = $LTS
+                    HostArchitecture = "aarch64"
+                }
+                foreach ($Distro in $Script:RedhatFddDistributions) {
+                    $Arguments["Distribution"] = $Distro
+                    if ($PSCmdlet.ShouldProcess("Create RPM Package for $Distro")) {
+                        Write-Verbose -Verbose "Creating RPM Package for $Distro"
+                        New-UnixPackage @Arguments
+                    }
+                }
+            }
+            'osxpkg' {
+                $HostArchitecture = "x86_64"
+                if ($MacOSRuntime -match "-arm64") {
+                    $HostArchitecture = "arm64"
+                }
+                Write-Verbose "HostArchitecture = $HostArchitecture" -Verbose
+
+                $Arguments = @{
+                    Type = 'osxpkg'
+                    PackageSourcePath = $Source
+                    Name = $Name
+                    Version = $Version
+                    Force = $Force
+                    NoSudo = $NoSudo
+                    LTS = $LTS
+                    HostArchitecture = $HostArchitecture
+                }
+
+
+                if ($PSCmdlet.ShouldProcess("Create macOS Package")) {
+                    New-UnixPackage @Arguments
+                }
+            }
             default {
                 $Arguments = @{
                     Type = $_
@@ -3949,6 +3991,7 @@ ${minSizeLinuxBuildFolder} = 'pwshLinuxBuildMinSize'
 ${arm32LinuxBuildFolder} = 'pwshLinuxBuildArm32'
 ${arm64LinuxBuildFolder} = 'pwshLinuxBuildArm64'
 ${amd64MarinerBuildFolder} = 'pwshMarinerBuildAmd64'
+${arm64MarinerBuildFolder} = 'pwshMarinerBuildArm64'
 
 <#
     Used in Azure DevOps Yaml to package all the linux packages for a channel.
@@ -4028,6 +4071,8 @@ function Invoke-AzDevOpsLinuxPackageCreation {
             Set-LinuxFilePermission -FilePath $filePermissionFile -RootPath "${env:SYSTEM_ARTIFACTSDIRECTORY}\${arm64LinuxBuildFolder}"
             Start-PSPackage -Type tar-arm64 @releaseTagParam -LTS:$LTS
         } elseif ($BuildType -eq 'rpm') {
+            # Generate mariner amd64 package
+            Write-Verbose -Verbose "Generating mariner amd64 package"
             Restore-PSOptions -PSOptionsPath "${env:SYSTEM_ARTIFACTSDIRECTORY}\${amd64MarinerBuildFolder}-meta\psoptions.json"
             $filePermissionFile = "${env:SYSTEM_ARTIFACTSDIRECTORY}\${amd64MarinerBuildFolder}-meta\linuxFilePermission.json"
             Set-LinuxFilePermission -FilePath $filePermissionFile -RootPath "${env:SYSTEM_ARTIFACTSDIRECTORY}\${amd64MarinerBuildFolder}"
@@ -4037,6 +4082,18 @@ function Invoke-AzDevOpsLinuxPackageCreation {
             Write-Verbose -Verbose "options.Top $($options.Top)"
 
             Start-PSPackage -Type rpm-fxdependent @releaseTagParam -LTS:$LTS
+
+            # Generate mariner arm64 package
+            Write-Verbose -Verbose "Generating mariner arm64 package"
+            Restore-PSOptions -PSOptionsPath "${env:SYSTEM_ARTIFACTSDIRECTORY}\${arm64MarinerBuildFolder}-meta\psoptions.json"
+            $filePermissionFile = "${env:SYSTEM_ARTIFACTSDIRECTORY}\${arm64MarinerBuildFolder}-meta\linuxFilePermission.json"
+            Set-LinuxFilePermission -FilePath $filePermissionFile -RootPath "${env:SYSTEM_ARTIFACTSDIRECTORY}\${arm64MarinerBuildFolder}"
+
+            Write-Verbose -Verbose "---- rpm-fxdependent-arm64 ----"
+            Write-Verbose -Verbose "options.Output: $($options.Output)"
+            Write-Verbose -Verbose "options.Top $($options.Top)"
+
+            Start-PSPackage -Type rpm-fxdependent-arm64 @releaseTagParam -LTS:$LTS
         }
     }
     catch {
@@ -4121,14 +4178,14 @@ function Invoke-AzDevOpsLinuxPackageBuild {
             Remove-Item "${buildFolder}\*.pdb" -Force
             Get-ChildItem -Path $buildFolder -Recurse -File | Export-LinuxFilePermission -FilePath "${buildFolder}-meta/linuxFilePermission.json" -RootPath ${buildFolder} -Force
         } elseif ($BuildType -eq 'rpm') {
-            ## Build for Mariner
+            ## Build for Mariner amd64
             $options = Get-PSOptions
-            Write-Verbose -Verbose "---- Mariner ----"
+            Write-Verbose -Verbose "---- Mariner x64 ----"
             Write-Verbose -Verbose "options.Output: $($options.Output)"
             Write-Verbose -Verbose "options.Top $($options.Top)"
             $binDir = Join-Path -Path $options.Top -ChildPath 'bin'
             if (Test-Path -Path $binDir) {
-                Write-Verbose -Verbose "Remove $binDir, to get a clean build for Mariner package"
+                Write-Verbose -Verbose "Remove $binDir, to get a clean build for Mariner x64 package"
                 Remove-Item -Path $binDir -Recurse -Force
             }
 
@@ -4138,6 +4195,24 @@ function Invoke-AzDevOpsLinuxPackageBuild {
             # Remove symbol files, xml document files.
             Remove-Item "${buildFolder}\*.pdb", "${buildFolder}\*.xml" -Force
             Get-ChildItem -Path $buildFolder -Recurse -File | Export-LinuxFilePermission -FilePath "${buildFolder}-meta/linuxFilePermission.json" -RootPath ${buildFolder} -Force
+
+            ## Build for Mariner arm64
+            $options = Get-PSOptions
+            Write-Verbose -Verbose "---- Mariner arm64 ----"
+            Write-Verbose -Verbose "options.Output: $($options.Output)"
+            Write-Verbose -Verbose "options.Top $($options.Top)"
+            $binDir = Join-Path -Path $options.Top -ChildPath 'bin'
+            if (Test-Path -Path $binDir) {
+                Write-Verbose -Verbose "Remove $binDir, to get a clean build for Mariner arm64 package"
+                Remove-Item -Path $binDir -Recurse -Force
+            }
+
+            $buildParams['Runtime'] = 'fxdependent-linux-arm64'
+            $buildFolder = "${env:SYSTEM_ARTIFACTSDIRECTORY}/${arm64MarinerBuildFolder}"
+            Start-PSBuild -Clean @buildParams @releaseTagParam -Output $buildFolder -PSOptionsPath "${buildFolder}-meta/psoptions.json"
+            # Remove symbol files, xml document files.
+            Remove-Item "${buildFolder}\*.pdb", "${buildFolder}\*.xml" -Force
+            Get-ChildItem -Path $buildFolder -Recurse -File | Export-LinuxFilePermission -FilePath "${buildFolder}-meta/linuxFilePermission.json" -RootPath ${buildFolder} -Force
         }
     }
     catch {

tools/releaseBuild/azureDevOps/releaseBuild.yml

@@ -192,6 +192,12 @@ stages:
             unsignedBuildArtifactName: pwshMarinerBuildAmd64.tar.gz
             signedBuildArtifactName: pwshMarinerBuildAmd64.tar.gz
             signedArtifactContainer: authenticode-signed
+          linux-arm64-mariner:
+            runtime: linux-arm64-mariner
+            unsignedBuildArtifactContainer: pwshMarinerBuildArm64.tar.gz
+            unsignedBuildArtifactName: pwshMarinerBuildArm64.tar.gz
+            signedBuildArtifactName: pwshMarinerBuildArm64.tar.gz
+            signedArtifactContainer: authenticode-signed
           linux-minsize:
             runtime: linux-minsize
             unsignedBuildArtifactContainer: pwshLinuxBuildMinSize.tar.gz

tools/releaseBuild/azureDevOps/templates/linux-authenticode-sign.yml

@@ -0,0 +1,169 @@
+jobs:
+- job: sign_linux_builds
+  displayName: Sign all linux builds
+  condition: succeeded()
+  pool:
+    name: PowerShell1ES
+    demands:
+    - ImageOverride -equals PSMMS2019-Secure
+  dependsOn: ['build_fxdependent', 'build_rpm']
+  variables:
+    - name: runCodesignValidationInjection
+      value: false
+    - name: NugetSecurityAnalysisWarningLevel
+      value: none
+    - group: ESRP
+
+  steps:
+  - checkout: self
+    clean: true
+
+  - task: DownloadPipelineArtifact@2
+    inputs:
+      artifact: pwshLinuxBuild.tar.gz
+      path: $(Build.ArtifactStagingDirectory)/linuxTars
+    displayName: Download deb build
+
+  - task: DownloadPipelineArtifact@2
+    inputs:
+      artifact: pwshLinuxBuildMinSize.tar.gz
+      path: $(Build.ArtifactStagingDirectory)/linuxTars
+    displayName: Download min-size build
+
+  - task: DownloadPipelineArtifact@2
+    inputs:
+      artifact: pwshLinuxBuildArm32.tar.gz
+      path: $(Build.ArtifactStagingDirectory)/linuxTars
+    displayName: Download arm32 build
+
+  - task: DownloadPipelineArtifact@2
+    inputs:
+      artifact: pwshLinuxBuildArm64.tar.gz
+      path: $(Build.ArtifactStagingDirectory)/linuxTars
+    displayName: Download arm64 build
+
+  - task: DownloadPipelineArtifact@2
+    inputs:
+      artifact: pwshMarinerBuildAmd64.tar.gz
+      path: $(Build.ArtifactStagingDirectory)/linuxTars
+    displayName: Download mariner build
+
+  - task: DownloadPipelineArtifact@2
+    inputs:
+      artifact: pwshMarinerBuildArm64.tar.gz
+      path: $(Build.ArtifactStagingDirectory)/linuxTars
+    displayName: Download mariner arm64 build
+
+  - task: DownloadPipelineArtifact@2
+    inputs:
+      artifact: pwshLinuxBuildAlpine.tar.gz
+      path: $(Build.ArtifactStagingDirectory)/linuxTars/pwshLinuxBuildAlpine.tar.gz
+    displayName: Download alpine build
+
+  - task: DownloadPipelineArtifact@2
+    inputs:
+      artifact: pwshLinuxBuildFxdependent.tar.gz
+      path: $(Build.ArtifactStagingDirectory)/linuxTars/pwshLinuxBuildFxdependent.tar.gz
+    displayName: Download fxdependent build
+
+  - pwsh: |
+      Get-ChildItem -Path $(Build.ArtifactStagingDirectory)/linuxTars
+    displayName: Capture downloaded tars
+
+  - pwsh: |
+      Write-Verbose -Verbose -Message "Expanding $(Build.ArtifactStagingDirectory)/linuxTars/pwshLinuxBuild.tar.gz to $(Build.ArtifactStagingDirectory)/pwshLinuxBuild"
+      New-Item -Path $(Build.ArtifactStagingDirectory)/pwshLinuxBuild -ItemType Directory
+      tar -xf $(Build.ArtifactStagingDirectory)/linuxTars/pwshLinuxBuild.tar.gz -C $(Build.ArtifactStagingDirectory)/pwshLinuxBuild
+      Write-Verbose -Verbose "File permisions after expanding"
+      Get-ChildItem -Path $(Build.ArtifactStagingDirectory)/pwshLinuxBuild/pwsh | Select-Object -Property 'unixmode', 'size', 'name'
+
+      Write-Verbose -Verbose -Message "Expanding $(Build.ArtifactStagingDirectory)/linuxTars/pwshLinuxBuildMinSize.tar.gz to $(Build.ArtifactStagingDirectory)/pwshLinuxBuildMinSize"
+      New-Item -Path $(Build.ArtifactStagingDirectory)/pwshLinuxBuildMinSize -ItemType Directory
+      tar -xf $(Build.ArtifactStagingDirectory)/linuxTars/pwshLinuxBuildMinSize.tar.gz -C $(Build.ArtifactStagingDirectory)/pwshLinuxBuildMinSize
+
+      Write-Verbose -Verbose -Message "Expanding $(Build.ArtifactStagingDirectory)/linuxTars/pwshLinuxBuildArm32.tar.gz to $(Build.ArtifactStagingDirectory)/pwshLinuxBuildArm32"
+      New-Item -Path $(Build.ArtifactStagingDirectory)/pwshLinuxBuildArm32 -ItemType Directory
+      tar -xf $(Build.ArtifactStagingDirectory)/linuxTars/pwshLinuxBuildArm32.tar.gz -C $(Build.ArtifactStagingDirectory)/pwshLinuxBuildArm32
+
+      Write-Verbose -Verbose -Message "Expanding $(Build.ArtifactStagingDirectory)/linuxTars/pwshLinuxBuildArm64.tar.gz to $(Build.ArtifactStagingDirectory)/pwshLinuxBuildArm64"
+      New-Item -Path $(Build.ArtifactStagingDirectory)/pwshLinuxBuildArm64 -ItemType Directory
+      tar -xf $(Build.ArtifactStagingDirectory)/linuxTars/pwshLinuxBuildArm64.tar.gz -C $(Build.ArtifactStagingDirectory)/pwshLinuxBuildArm64
+
+      Write-Verbose -Verbose -Message "Expanding $(Build.ArtifactStagingDirectory)/linuxTars/pwshMarinerBuildAmd64.tar.gz to $(Build.ArtifactStagingDirectory)/pwshMarinerBuildAmd64"
+      New-Item -Path $(Build.ArtifactStagingDirectory)/pwshMarinerBuildAmd64 -ItemType Directory
+      tar -xf $(Build.ArtifactStagingDirectory)/linuxTars/pwshMarinerBuildAmd64.tar.gz -C $(Build.ArtifactStagingDirectory)/pwshMarinerBuildAmd64
+
+      Write-Verbose -Verbose -Message "Expanding $(Build.ArtifactStagingDirectory)/linuxTars/pwshMarinerBuildArm64.tar.gz to $(Build.ArtifactStagingDirectory)/pwshMarinerBuildArm64"
+      New-Item -Path $(Build.ArtifactStagingDirectory)/pwshMarinerBuildArm64 -ItemType Directory
+      tar -xf $(Build.ArtifactStagingDirectory)/linuxTars/pwshMarinerBuildArm64.tar.gz -C $(Build.ArtifactStagingDirectory)/pwshMarinerBuildArm64
+
+      Write-Verbose -Verbose -Message "Expanding $(Build.ArtifactStagingDirectory)/linuxTars/pwshLinuxBuildAlpine.tar.gz/pwshLinuxBuild.tar.gz to $(Build.ArtifactStagingDirectory)/pwshLinuxBuildAlpine"
+      New-Item -Path $(Build.ArtifactStagingDirectory)/pwshLinuxBuildAlpine -ItemType Directory
+      tar -xf $(Build.ArtifactStagingDirectory)/linuxTars/pwshLinuxBuildAlpine.tar.gz/pwshLinuxBuild.tar.gz -C $(Build.ArtifactStagingDirectory)/pwshLinuxBuildAlpine
+
+      Write-Verbose -Verbose -Message "Expanding $(Build.ArtifactStagingDirectory)/linuxTars/pwshLinuxBuildFxdependent.tar.gz/pwshLinuxBuild.tar.gz to $(Build.ArtifactStagingDirectory)/pwshLinuxBuildFxdependent"
+      New-Item -Path $(Build.ArtifactStagingDirectory)/pwshLinuxBuildFxdependent -ItemType Directory
+      tar -xf $(Build.ArtifactStagingDirectory)/linuxTars/pwshLinuxBuildFxdependent.tar.gz/pwshLinuxBuild.tar.gz -C $(Build.ArtifactStagingDirectory)/pwshLinuxBuildFxdependent
+    displayName: Expand builds
+
+  - template: SetVersionVariables.yml
+    parameters:
+      ReleaseTagVar: $(ReleaseTagVar)
+
+  - template: cloneToOfficialPath.yml
+
+  - template: insert-nuget-config-azfeed.yml
+    parameters:
+      repoRoot: $(PowerShellRoot)
+
+  - pwsh: |
+      Set-Location $env:POWERSHELLROOT
+      import-module "$env:POWERSHELLROOT/build.psm1"
+      Sync-PSTags -AddRemoteIfMissing
+    displayName: SyncTags
+    condition: and(succeeded(), ne(variables['SkipBuild'], 'true'))
+
+  - checkout: ComplianceRepo
+    clean: true
+
+  - template: shouldSign.yml
+
+  - template: signBuildFiles.yml
+    parameters:
+      binLocation: pwshLinuxBuild
+      buildPrefixName: 'PowerShell Linux'
+
+  - template: signBuildFiles.yml
+    parameters:
+      binLocation: pwshLinuxBuildMinSize
+      buildPrefixName: 'PowerShell Linux Minimum Size'
+
+  - template: signBuildFiles.yml
+    parameters:
+      binLocation: pwshLinuxBuildArm32
+      buildPrefixName: 'PowerShell Linux Arm32'
+
+  - template: signBuildFiles.yml
+    parameters:
+      binLocation: pwshLinuxBuildArm64
+      buildPrefixName: 'PowerShell Linux Arm64'
+
+  - template: signBuildFiles.yml
+    parameters:
+      binLocation: pwshMarinerBuildAmd64
+      buildPrefixName: 'PowerShell Linux x64 (Mariner) Framework Dependent'
+
+  - template: signBuildFiles.yml
+    parameters:
+      binLocation: pwshMarinerBuildArm64
+      buildPrefixName: 'PowerShell Linux arm64 (Mariner) Framework Dependent'
+
+  - template: signBuildFiles.yml
+    parameters:
+      binLocation: pwshLinuxBuildAlpine
+      buildPrefixName: 'PowerShell Linux Alpine x64'
+
+  - template: signBuildFiles.yml
+    parameters:
+      binLocation: pwshLinuxBuildFxdependent
+      buildPrefixName: 'PowerShell Linux Framework Dependent'

tools/releaseBuild/azureDevOps/templates/linux-packaging.yml

@@ -58,7 +58,15 @@ jobs:
         artifact: authenticode-signed
         path: $(Build.ArtifactStagingDirectory)/pwshMarinerBuildAmd64-signed
         pattern: '**/pwshMarinerBuildAmd64.tar.gz'
-      displayName: Download mariner build
+      displayName: Download mariner amd64 build
+
+  - ${{ if eq(variables.build,'rpm') }} :
+    - task: DownloadPipelineArtifact@2
+      inputs:
+        artifact: authenticode-signed
+        path: $(Build.ArtifactStagingDirectory)/pwshMarinerBuildArm64-signed
+        pattern: '**/pwshMarinerBuildArm64.tar.gz'
+      displayName: Download mariner arm64 build
 
   - ${{ if eq(variables.build,'alpine') }} :
     - task: DownloadPipelineArtifact@2
@@ -109,7 +117,14 @@ jobs:
       inputs:
         artifact: pwshMarinerBuildAmd64-meta
         path: $(Build.ArtifactStagingDirectory)/pwshMarinerBuildAmd64-meta
-      displayName: Download mariner build meta
+      displayName: Download mariner x64 build meta
+
+  - ${{ if eq(variables.build,'rpm') }} :
+    - task: DownloadPipelineArtifact@2
+      inputs:
+        artifact: pwshMarinerBuildArm64-meta
+        path: $(Build.ArtifactStagingDirectory)/pwshMarinerBuildArm64-meta
+      displayName: Download mariner arm64 build meta
 
   - ${{ if eq(variables.build,'alpine') }} :
     - task: DownloadPipelineArtifact@2
@@ -151,9 +166,15 @@ jobs:
       }
 
       if ('$(build)' -eq 'rpm') {
+        # for mariner x64
         Write-Verbose -Verbose "Expanding $(Build.ArtifactStagingDirectory)/pwshMarinerBuildAmd64-signed/pwshMarinerBuildAmd64.tar.gz to $(Build.ArtifactStagingDirectory)/pwshMarinerBuildAmd64"
         New-Item -Path $(Build.ArtifactStagingDirectory)/pwshMarinerBuildAmd64 -ItemType Directory
         tar -xf $(Build.ArtifactStagingDirectory)/pwshMarinerBuildAmd64-signed/pwshMarinerBuildAmd64.tar.gz -C $(Build.ArtifactStagingDirectory)/pwshMarinerBuildAmd64
+
+        # for mariner arm64
+        Write-Verbose -Verbose "Expanding $(Build.ArtifactStagingDirectory)/pwshMarinerBuildArm64-signed/pwshMarinerBuildArm64.tar.gz to $(Build.ArtifactStagingDirectory)/pwshMarinerBuildArm64"
+        New-Item -Path $(Build.ArtifactStagingDirectory)/pwshMarinerBuildArm64 -ItemType Directory
+        tar -xf $(Build.ArtifactStagingDirectory)/pwshMarinerBuildArm64-signed/pwshMarinerBuildArm64.tar.gz -C $(Build.ArtifactStagingDirectory)/pwshMarinerBuildArm64
       }
 
       if ('$(build)' -eq 'alpine') {