Skip to content

Commit 4f2cbbb

Browse files
dotnet-maestro[bot]dotnet-maestro[bot]
authored
Update dependencies from https://github.com/dotnet/dotnet build 291616 (#64463)
[main] Source code updates from dotnet/dotnet
1 parent c61ff67 commit 4f2cbbb

18 files changed

+484
-317
lines changed

eng/Version.Details.props

Lines changed: 92 additions & 92 deletions
Large diffs are not rendered by default.

eng/Version.Details.xml

Lines changed: 185 additions & 185 deletions
Large diffs are not rendered by default.

eng/common/core-templates/job/job.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@ parameters:
3131
testRunTitle: ''
3232
testResultsFormat: ''
3333
name: ''
34+
componentGovernanceSteps: []
3435
preSteps: []
3536
artifactPublishSteps: []
3637
runAsPublic: false
@@ -149,6 +150,9 @@ jobs:
149150
- ${{ each step in parameters.steps }}:
150151
- ${{ step }}
151152

153+
- ${{ each step in parameters.componentGovernanceSteps }}:
154+
- ${{ step }}
155+
152156
- ${{ if and(eq(parameters.runAsPublic, 'false'), ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
153157
- template: /eng/common/core-templates/steps/cleanup-microbuild.yml
154158
parameters:

eng/common/core-templates/job/publish-build-assets.yml

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -122,8 +122,9 @@ jobs:
122122

123123
# Populate internal runtime variables.
124124
- template: /eng/common/templates/steps/enable-internal-sources.yml
125-
parameters:
126-
legacyCredential: $(dn-bot-dnceng-artifact-feeds-rw)
125+
${{ if eq(variables['System.TeamProject'], 'DevDiv') }}:
126+
parameters:
127+
legacyCredential: $(dn-bot-dnceng-artifact-feeds-rw)
127128

128129
- template: /eng/common/templates/steps/enable-internal-runtimes.yml
129130

@@ -172,7 +173,7 @@ jobs:
172173
artifactName: AssetManifests
173174
displayName: 'Publish Merged Manifest'
174175
retryCountOnTaskFailure: 10 # for any logs being locked
175-
isProduction: false
176+
sbomEnabled: false # we don't need SBOM for logs
176177

177178
- template: /eng/common/core-templates/steps/publish-build-artifacts.yml
178179
parameters:

eng/common/core-templates/job/source-build.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@ jobs:
6060
pool:
6161
${{ if eq(variables['System.TeamProject'], 'public') }}:
6262
name: $[replace(replace(eq(contains(coalesce(variables['System.PullRequest.TargetBranch'], variables['Build.SourceBranch'], 'refs/heads/main'), 'release'), 'true'), True, 'NetCore-Svc-Public' ), False, 'NetCore-Public')]
63-
demands: ImageOverride -equals build.ubuntu.2004.amd64
63+
demands: ImageOverride -equals build.ubuntu.2204.amd64
6464
${{ if eq(variables['System.TeamProject'], 'internal') }}:
6565
name: $[replace(replace(eq(contains(coalesce(variables['System.PullRequest.TargetBranch'], variables['Build.SourceBranch'], 'refs/heads/main'), 'release'), 'true'), True, 'NetCore1ESPool-Svc-Internal'), False, 'NetCore1ESPool-Internal')]
6666
image: 1es-mariner-2

eng/common/core-templates/post-build/post-build.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -305,8 +305,9 @@ stages:
305305
PromoteToChannelIds: ${{ parameters.PromoteToChannelIds }}
306306
is1ESPipeline: ${{ parameters.is1ESPipeline }}
307307

308-
- task: NuGetAuthenticate@1 # Populate internal runtime variables.
308+
- task: NuGetAuthenticate@1
309309

310+
# Populate internal runtime variables.
310311
- template: /eng/common/templates/steps/enable-internal-sources.yml
311312
parameters:
312313
legacyCredential: $(dn-bot-dnceng-artifact-feeds-rw)

eng/common/core-templates/steps/component-governance.yml

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
parameters:
2+
disableComponentGovernance: false
3+
componentGovernanceIgnoreDirectories: ''
4+
is1ESPipeline: false
5+
displayName: 'Component Detection'
6+
7+
steps:
8+
- ${{ if eq(parameters.disableComponentGovernance, 'true') }}:
9+
- script: echo "##vso[task.setvariable variable=skipComponentGovernanceDetection]true"
10+
displayName: Set skipComponentGovernanceDetection variable
11+
- ${{ if ne(parameters.disableComponentGovernance, 'true') }}:
12+
- task: ComponentGovernanceComponentDetection@0
13+
continueOnError: true
14+
displayName: ${{ parameters.displayName }}
15+
inputs:
16+
ignoreDirectories: ${{ parameters.componentGovernanceIgnoreDirectories }}

eng/common/core-templates/steps/generate-sbom.yml

Lines changed: 50 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,54 @@
1+
# BuildDropPath - The root folder of the drop directory for which the manifest file will be generated.
2+
# PackageName - The name of the package this SBOM represents.
3+
# PackageVersion - The version of the package this SBOM represents.
4+
# ManifestDirPath - The path of the directory where the generated manifest files will be placed
5+
# IgnoreDirectories - Directories to ignore for SBOM generation. This will be passed through to the CG component detector.
6+
17
parameters:
2-
PackageVersion: unused
3-
BuildDropPath: unused
4-
PackageName: unused
5-
ManifestDirPath: unused
6-
IgnoreDirectories: unused
7-
sbomContinueOnError: unused
8-
is1ESPipeline: unused
9-
publishArtifacts: unused
8+
PackageVersion: 11.0.0
9+
BuildDropPath: '$(System.DefaultWorkingDirectory)/artifacts'
10+
PackageName: '.NET'
11+
ManifestDirPath: $(Build.ArtifactStagingDirectory)/sbom
12+
IgnoreDirectories: ''
13+
sbomContinueOnError: true
14+
is1ESPipeline: false
15+
# disable publishArtifacts if some other step is publishing the artifacts (like job.yml).
16+
publishArtifacts: true
1017

1118
steps:
19+
- task: PowerShell@2
20+
displayName: Prep for SBOM generation in (Non-linux)
21+
condition: or(eq(variables['Agent.Os'], 'Windows_NT'), eq(variables['Agent.Os'], 'Darwin'))
22+
inputs:
23+
filePath: ./eng/common/generate-sbom-prep.ps1
24+
arguments: ${{parameters.manifestDirPath}}
25+
26+
# Chmodding is a workaround for https://github.com/dotnet/arcade/issues/8461
1227
- script: |
13-
echo "##vso[task.logissue type=warning]Including generate-sbom.yml is deprecated, SBOM generation is handled 1ES PT now. Remove this include."
14-
displayName: Issue generate-sbom.yml deprecation warning
28+
chmod +x ./eng/common/generate-sbom-prep.sh
29+
./eng/common/generate-sbom-prep.sh ${{parameters.manifestDirPath}}
30+
displayName: Prep for SBOM generation in (Linux)
31+
condition: eq(variables['Agent.Os'], 'Linux')
32+
continueOnError: ${{ parameters.sbomContinueOnError }}
33+
34+
- task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
35+
displayName: 'Generate SBOM manifest'
36+
continueOnError: ${{ parameters.sbomContinueOnError }}
37+
inputs:
38+
PackageName: ${{ parameters.packageName }}
39+
BuildDropPath: ${{ parameters.buildDropPath }}
40+
PackageVersion: ${{ parameters.packageVersion }}
41+
ManifestDirPath: ${{ parameters.manifestDirPath }}/$(ARTIFACT_NAME)
42+
${{ if ne(parameters.IgnoreDirectories, '') }}:
43+
AdditionalComponentDetectorArgs: '--IgnoreDirectories ${{ parameters.IgnoreDirectories }}'
44+
45+
- ${{ if eq(parameters.publishArtifacts, 'true')}}:
46+
- template: /eng/common/core-templates/steps/publish-pipeline-artifacts.yml
47+
parameters:
48+
is1ESPipeline: ${{ parameters.is1ESPipeline }}
49+
args:
50+
displayName: Publish SBOM manifest
51+
continueOnError: ${{parameters.sbomContinueOnError}}
52+
targetPath: '${{ parameters.manifestDirPath }}'
53+
artifactName: $(ARTIFACT_NAME)
54+

eng/common/core-templates/steps/source-build.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -62,4 +62,4 @@ steps:
6262
artifactName: BuildLogs_SourceBuild_${{ parameters.platform.name }}_Attempt$(System.JobAttempt)
6363
continueOnError: true
6464
condition: succeededOrFailed()
65-
isProduction: false
65+
sbomEnabled: false # we don't need SBOM for logs

eng/common/generate-sbom-prep.ps1

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
Param(
2+
[Parameter(Mandatory=$true)][string] $ManifestDirPath # Manifest directory where sbom will be placed
3+
)
4+
5+
. $PSScriptRoot\pipeline-logging-functions.ps1
6+
7+
# Normally - we'd listen to the manifest path given, but 1ES templates will overwrite if this level gets uploaded directly
8+
# with their own overwriting ours. So we create it as a sub directory of the requested manifest path.
9+
$ArtifactName = "${env:SYSTEM_STAGENAME}_${env:AGENT_JOBNAME}_SBOM"
10+
$SafeArtifactName = $ArtifactName -replace '["/:<>\\|?@*"() ]', '_'
11+
$SbomGenerationDir = Join-Path $ManifestDirPath $SafeArtifactName
12+
13+
Write-Host "Artifact name before : $ArtifactName"
14+
Write-Host "Artifact name after : $SafeArtifactName"
15+
16+
Write-Host "Creating dir $ManifestDirPath"
17+
18+
# create directory for sbom manifest to be placed
19+
if (!(Test-Path -path $SbomGenerationDir))
20+
{
21+
New-Item -ItemType Directory -path $SbomGenerationDir
22+
Write-Host "Successfully created directory $SbomGenerationDir"
23+
}
24+
else{
25+
Write-PipelineTelemetryError -category 'Build' "Unable to create sbom folder."
26+
}
27+
28+
Write-Host "Updating artifact name"
29+
Write-Host "##vso[task.setvariable variable=ARTIFACT_NAME]$SafeArtifactName"

0 commit comments

Comments
 (0)