new signing pipeline (part1) (#2476)

* testing pipelines * testing collecting build output * test nupkg * testing different path * testing bin directory * test: do artifacts support wildcards? * testing signing DLLs * add missing build flags * testing two part build/pack * testing pack cmd * testing pack in package step * testing different signing profile * testing external_distribution * cleanup * testing placeholder for testing * testing multiple pipelines * rename everything * update pipelines with custom hello world for runtime logging * fix args * testing unique build params * one more to fix pack for buddy * testing consolidating cmd files * cleanup * changing slashes
microsoft · Nov 19, 2021 · 4feb2cf · 4feb2cf
1 parent e8eb520
commit 4feb2cf
Show file tree

Hide file tree

Showing 11 changed files with 267 additions and 1 deletion.
diff --git a/.pipelines/00_helloworld.cmd b/.pipelines/00_helloworld.cmd
@@ -0,0 +1,3 @@
+cd /D "%~dp0..\"
+
+echo hello world: %* || exit /b 1
diff --git a/.pipelines/00_list_versions.cmd b/.pipelines/00_list_versions.cmd
@@ -0,0 +1,3 @@
+cd /D "%~dp0..\"
+
+dotnet --version && dotnet --list-sdks && dotnet --list-runtimes || exit /b 1
diff --git a/.pipelines/01_restore.cmd b/.pipelines/01_restore.cmd
@@ -0,0 +1,3 @@
+cd /D "%~dp0..\"
+
+dotnet restore .\ProjectsForSigning.sln || exit /b 1
diff --git a/.pipelines/02_build.cmd b/.pipelines/02_build.cmd
@@ -0,0 +1,3 @@
+cd /D "%~dp0..\"
+
+dotnet build .\ProjectsForSigning.sln %* --configuration Release --no-restore || exit /b 1
diff --git a/.pipelines/03_pack.cmd b/.pipelines/03_pack.cmd
@@ -0,0 +1,3 @@
+cd /D "%~dp0..\"
+
+dotnet pack .\ProjectsForSigning.sln %* --configuration Release --no-restore --no-build || exit /b 1
diff --git a/.pipelines/04_test.cmd b/.pipelines/04_test.cmd
@@ -0,0 +1,4 @@
+cd /D "%~dp0..\"
+
+echo "TODO: VALIDATE SIGNED DLLs."
+echo "TODO: VALIDATE SIGNED NUPKGs."
diff --git a/.pipelines/pipeline.user.windows.buddy.yml b/.pipelines/pipeline.user.windows.buddy.yml
@@ -0,0 +1,80 @@
+environment:
+  host:
+    os: 'windows'
+    flavor: 'server'
+    version: '2019'
+  runtime:
+    provider: 'appcontainer'
+    image: 'cdpxwin1809.azurecr.io/global/vse2019:latest'
+    source_mode: 'link'
+
+version:
+  name: 'ApplicationInsights-dotnet'
+  major: 0
+  minor: 0
+  system: 'custom'
+
+signing_options:
+  profile: 'external_distribution'
+
+restore:
+  commands:
+    - !!defaultcommand
+      name: 'Hello World'
+      command: '.pipelines/00_helloworld.cmd'
+      arguments: 'buddy'
+      fail_on_stderr: false
+    - !!defaultcommand
+      name: 'Show .NET versions'
+      command: '.pipelines/00_list_versions.cmd'
+      fail_on_stderr: false
+    - !!defaultcommand
+      name: 'Install dependencies'
+      command: '.pipelines/01_restore.cmd'
+      fail_on_stderr: false
+
+build:
+  commands:
+    - !!buildcommand
+      name: 'Dotnet Build'
+      command: '.pipelines/02_build.cmd'
+      arguments: '-p:OfficialRelease=True'
+      fail_on_stderr: false
+      artifacts:
+        - from: './bin/Release/src'
+          include:
+            - '**/*.dll'
+          signing_options: 
+            sign_inline: true
+
+package:
+  commands:
+    - !!buildcommand
+      name: 'Dotnet Pack'
+      command: '.pipelines/03_pack.cmd'
+      arguments: '-p:OfficialRelease=True'
+      fail_on_stderr: false
+      artifacts:
+        - from: './bin/Release/NuGet'
+          include:
+            - '*.*'
+          signing_options: 
+            sign_inline: true
+
+test:
+  commands:
+    - !!defaultcommand
+      name: 'Custom tests'
+      command: '.pipelines/04_test.cmd'
+      fail_on_stderr: false
+
+static_analysis_options:
+  credscan_options:
+    fail_on_error: true
+  binskim_options:
+    fail_on_error: true
+    files_to_scan:
+      - from: 'src'
+  policheck_options:
+    scan_comments: true
+    fail_on_error: true
diff --git a/.pipelines/pipeline.user.windows.official.redfield.yml b/.pipelines/pipeline.user.windows.official.redfield.yml
@@ -0,0 +1,80 @@
+environment:
+  host:
+    os: 'windows'
+    flavor: 'server'
+    version: '2019'
+  runtime:
+    provider: 'appcontainer'
+    image: 'cdpxwin1809.azurecr.io/global/vse2019:latest'
+    source_mode: 'link'
+
+version:
+  name: 'ApplicationInsights-dotnet'
+  major: 0
+  minor: 0
+  system: 'custom'
+
+signing_options:
+  profile: 'external_distribution'
+
+restore:
+  commands:
+    - !!defaultcommand
+      name: 'Hello World'
+      command: '.pipelines/00_helloworld.cmd'
+      arguments: 'official redfield'
+      fail_on_stderr: false
+    - !!defaultcommand
+      name: 'Show .NET versions'
+      command: '.pipelines/00_list_versions.cmd'
+      fail_on_stderr: false
+    - !!defaultcommand
+      name: 'Install dependencies'
+      command: '.pipelines/01_restore.cmd'
+      fail_on_stderr: false
+
+build:
+  commands:
+    - !!buildcommand
+      name: 'Dotnet Build'
+      command: '.pipelines/02_build.cmd'
+      arguments: '-p:PublicRelease=True -p:StableRelease=True -p:OfficialRelease=True -p:Redfield=True'
+      fail_on_stderr: false
+      artifacts:
+        - from: './bin/Release/src'
+          include:
+            - '**/*.dll'
+          signing_options: 
+            sign_inline: true
+
+package:
+  commands:
+    - !!buildcommand
+      name: 'Dotnet Pack'
+      command: '.pipelines/03_pack.cmd'
+      arguments: '-p:PublicRelease=True -p:StableRelease=True -p:OfficialRelease=True -p:Redfield=True'
+      fail_on_stderr: false
+      artifacts:
+        - from: './bin/Release/NuGet'
+          include:
+            - '*.*'
+          signing_options: 
+            sign_inline: true
+
+test:
+  commands:
+    - !!defaultcommand
+      name: 'Custom tests'
+      command: '.pipelines/04_test.cmd'
+      fail_on_stderr: false
+
+static_analysis_options:
+  credscan_options:
+    fail_on_error: true
+  binskim_options:
+    fail_on_error: true
+    files_to_scan:
+      - from: 'src'
+  policheck_options:
+    scan_comments: true
+    fail_on_error: true
diff --git a/.pipelines/pipeline.user.windows.official.yml b/.pipelines/pipeline.user.windows.official.yml
@@ -0,0 +1,80 @@
+environment:
+  host:
+    os: 'windows'
+    flavor: 'server'
+    version: '2019'
+  runtime:
+    provider: 'appcontainer'
+    image: 'cdpxwin1809.azurecr.io/global/vse2019:latest'
+    source_mode: 'link'
+
+version:
+  name: 'ApplicationInsights-dotnet'
+  major: 0
+  minor: 0
+  system: 'custom'
+
+signing_options:
+  profile: 'external_distribution'
+
+restore:
+  commands:
+    - !!defaultcommand
+      name: 'Hello World'
+      command: '.pipelines/00_helloworld.cmd'
+      arguments: 'official'
+      fail_on_stderr: false
+    - !!defaultcommand
+      name: 'Show .NET versions'
+      command: '.pipelines/00_list_versions.cmd'
+      fail_on_stderr: false
+    - !!defaultcommand
+      name: 'Install dependencies'
+      command: '.pipelines/01_restore.cmd'
+      fail_on_stderr: false
+
+build:
+  commands:
+    - !!buildcommand
+      name: 'Dotnet Build'
+      command: '.pipelines/02_build.cmd'
+      arguments: '-p:PublicRelease=True -p:StableRelease=True -p:OfficialRelease=True'
+      fail_on_stderr: false
+      artifacts:
+        - from: './bin/Release/src'
+          include:
+            - '**/*.dll'
+          signing_options: 
+            sign_inline: true
+
+package:
+  commands:
+    - !!buildcommand
+      name: 'Dotnet Pack'
+      command: '.pipelines/03_pack.cmd'
+      arguments: '-p:PublicRelease=True -p:StableRelease=True -p:OfficialRelease=True'
+      fail_on_stderr: false
+      artifacts:
+        - from: './bin/Release/NuGet'
+          include:
+            - '*.*'
+          signing_options: 
+            sign_inline: true
+
+test:
+  commands:
+    - !!defaultcommand
+      name: 'Custom tests'
+      command: '.pipelines/04_test.cmd'
+      fail_on_stderr: false
+
+static_analysis_options:
+  credscan_options:
+    fail_on_error: true
+  binskim_options:
+    fail_on_error: true
+    files_to_scan:
+      - from: 'src'
+  policheck_options:
+    scan_comments: true
+    fail_on_error: true
diff --git a/.pipelines/pipeline.user.yml b/.pipelines/pipeline.user.yml
@@ -0,0 +1,4 @@
+artifact_publish_options:
+  publish_to_legacy_artifacts: false
+  publish_to_pipeline_artifacts: true
+  publish_to_cloudvault_artifacts: false
diff --git a/.props/_Nupkg.props b/.props/_Nupkg.props
@@ -8,7 +8,10 @@
 
   <PropertyGroup Condition="$(OS) == 'Windows_NT'">
     <!-- Automatically generate package on build https://docs.microsoft.com/en-us/nuget/quickstart/create-and-publish-a-package-using-the-dotnet-cli#automatically-generate-package-on-build -->
+    <!-- We want developer and nightly build to generate nupkg. Official releases need to sign DLLs before packaging. -->
     <GeneratePackageOnBuild>True</GeneratePackageOnBuild>
+    <GeneratePackageOnBuild Condition="$(OfficialRelease) == 'true'">False</GeneratePackageOnBuild>
+
 
     <!-- Documenting your code with XML comments https://docs.microsoft.com/en-us/dotnet/csharp/codedoc -->
     <GenerateDocumentationFile>true</GenerateDocumentationFile>
@@ -48,7 +51,7 @@
     <None Include="$(EnlistmentRoot)\.images\icon.png" Pack="true" PackagePath="\"/>
   </ItemGroup>
 
-  <PropertyGroup Condition="$(BuildServer) == 'true'">
+  <PropertyGroup Condition="$(OfficialRelease) == 'true'">
     <!-- indicate that the build executes on a build/CI server -->
     <ContinuousIntegrationBuild>true</ContinuousIntegrationBuild>