diff --git a/.pipelines/azure-pipelines-nocet.yml b/.pipelines/azure-pipelines-nocet.yml new file mode 100644 index 0000000000..867e951cc5 --- /dev/null +++ b/.pipelines/azure-pipelines-nocet.yml @@ -0,0 +1,105 @@ +# Copy of starter pipeline, to publish packages with CET disabled +# Start with a minimal pipeline that you can customize to build and deploy your code. +# Add steps that build, run tests, deploy, and more: +# https://aka.ms/yaml +# ADO link: https://msazure.visualstudio.com/One/_apps/hub/ms.vss-build-web.ci-designer-hub?pipelineId=297462&branch=main + +trigger: + branches: + include: + - main + paths: + exclude: + - website + +pr: none + +pool: + vmImage: windows-latest + +variables: + ROOT: $(Build.SourcesDirectory) + CDP_DEFINITION_BUILD_COUNT: $[counter('', 0)] # needed for onebranch.pipeline.version task https://aka.ms/obpipelines/versioning + ENABLE_PRS_DELAYSIGN: 1 + + +steps: +- task: UseDotNet@2 + continueOnError: false + inputs: + packageType: 'sdk' + version: '2.1.x' + +- task: UseDotNet@2 + continueOnError: false + inputs: + packageType: 'sdk' + version: '9.0.x' + useGlobalJson: false + performMultiLevelLookup: true + workingDirectory: '$(Build.SourcesDirectory)' + +- powershell: | + # Read the content of VERSION + $version=Get-Content $(Build.SourcesDirectory)\VERSION + $version + # Set the file content as a pipeline variable + # Write-Host "##vso[task.setvariable variable=VcVersion]$version" + Write-Host "Build Version = $version" + displayName: 'Show VC Build Version' + + # Ensure the artifact output/bin/obj directories are clean. +- script: $(Build.SourcesDirectory)\clean.cmd + displayName: 'Clean Output Directories' + + # Build the repo with CET disabled. +- script: $(Build.SourcesDirectory)\build.cmd --disablecet + displayName: 'Build Solutions' + + # Build NuGet packages for the services/agents in the repo. +- script: $(Build.SourcesDirectory)\build-packages.cmd --suffix $(VersionSuffix) --disablecet + displayName: 'Build NuGet Packages' + +- task: EsrpCodeSigning@5 + inputs: + ConnectedServiceName: 'virtualclient-esrp-ame' + AppRegistrationClientId: '0225fe5c-2a99-4459-af16-27a7dcd1c14a' + AppRegistrationTenantId: '33e01921-4d64-4f8c-a055-5bdaffd5e33d' + AuthAKVName: 'virtualclient-vault-esrp' + AuthCertName: 'virtualclient-esrp-cert-auth' + AuthSignCertName: 'virtualclient-esrp-cert-sign' + FolderPath: '$(System.DefaultWorkingDirectory)' + Pattern: '*.nupkg' + signConfigType: 'inlineSignParams' + inlineOperation: | + [ + { + "KeyCode": "CP-401405", + "OperationCode": "NuGetSign", + "Parameters": {}, + "ToolName": "sign", + "ToolVersion": "1.0" + }, + { + "KeyCode": "CP-401405", + "OperationCode": "NuGetVerify", + "Parameters": {}, + "ToolName": "sign", + "ToolVersion": "1.0" + } + ] + SessionTimeout: '60' + MaxConcurrency: '50' + MaxRetryAttempts: '5' + PendingAnalysisWaitTimeoutMinutes: '5' + +- task: NuGetAuthenticate@1 + displayName: 'Authenticate with NuGet feed' + +- script: dotnet nuget push $(Build.SourcesDirectory)\out\packages\*.nupkg --api-key VSTS --timeout 1200 --source https://msazure.pkgs.visualstudio.com/_packaging/CRC-VC/nuget/v3/index.json --skip-duplicate + displayName: 'Publish NuGet to ADO Artifact Packages as temporary workaround to ADO lagging behind in package availability' + +- script: $(Build.SourcesDirectory)\upload-packages.cmd $(Build.SourcesDirectory)\out\packages $(NUGETORGAPIKEY) + displayName: 'Publish NuGet Packages' + + diff --git a/build-packages.cmd b/build-packages.cmd index e24092f9b3..3bd9baaf79 100644 --- a/build-packages.cmd +++ b/build-packages.cmd @@ -15,6 +15,13 @@ if /i "%~1" == "-?" Goto :Usage if /i "%~1" == "--help" Goto :Usage for %%a in (%*) do ( + if /i "%%a" == "--disablecet" ( + if not defined PACKAGE_SUFFIX ( + set PACKAGE_SUFFIX=nocet + ) else ( + set PACKAGE_SUFFIX=!PACKAGE_SUFFIX!-nocet + ) + ) if defined SUFFIX_FOUND ( set SUFFIX_FOUND=!! @@ -96,12 +103,6 @@ echo ---------------------------------------------------------- call dotnet pack %PACKAGES_PROJECT% --force --no-restore --no-build -c Debug -v Detailed ^ -p:Version=%PACKAGE_VERSION% -p:NuspecFile=%PACKAGE_DIR%\nuspec\VirtualClient.TestFramework.nuspec && echo: || Goto :Error -echo: -echo [Create NuGet Package] VirtualClient.linux-arm64.%PACKAGE_VERSION% -echo ---------------------------------------------------------- -call dotnet pack %PACKAGES_PROJECT% --force --no-restore --no-build -c %BUILD_CONFIGURATION% -v Detailed ^ --p:Version=%PACKAGE_VERSION% -p:NuspecFile=%PACKAGE_DIR%\nuspec\VirtualClient.linux-arm64.nuspec && echo: || Goto :Error - echo: echo [Create NuGet Package] VirtualClient.linux-x64.%PACKAGE_VERSION% echo ---------------------------------------------------------- @@ -109,10 +110,10 @@ call dotnet pack %PACKAGES_PROJECT% --force --no-restore --no-build -c %BUILD_CO -p:Version=%PACKAGE_VERSION% -p:NuspecFile=%PACKAGE_DIR%\nuspec\VirtualClient.linux-x64.nuspec && echo: || Goto :Error echo: -echo [Create NuGet Package] VirtualClient.win-arm64.%PACKAGE_VERSION% +echo [Create NuGet Package] VirtualClient.linux-arm64.%PACKAGE_VERSION% echo ---------------------------------------------------------- call dotnet pack %PACKAGES_PROJECT% --force --no-restore --no-build -c %BUILD_CONFIGURATION% -v Detailed ^ --p:Version=%PACKAGE_VERSION% -p:NuspecFile=%PACKAGE_DIR%\nuspec\VirtualClient.win-arm64.nuspec && echo: || Goto :Error +-p:Version=%PACKAGE_VERSION% -p:NuspecFile=%PACKAGE_DIR%\nuspec\VirtualClient.linux-arm64.nuspec && echo: || Goto :Error echo: echo [Create NuGet Package] VirtualClient.win-x64.%PACKAGE_VERSION% @@ -120,6 +121,12 @@ echo ---------------------------------------------------------- call dotnet pack %PACKAGES_PROJECT% --force --no-restore --no-build -c %BUILD_CONFIGURATION% -v Detailed ^ -p:Version=%PACKAGE_VERSION% -p:NuspecFile=%PACKAGE_DIR%\nuspec\VirtualClient.win-x64.nuspec && echo: || Goto :Error +echo: +echo [Create NuGet Package] VirtualClient.win-arm64.%PACKAGE_VERSION% +echo ---------------------------------------------------------- +call dotnet pack %PACKAGES_PROJECT% --force --no-restore --no-build -c %BUILD_CONFIGURATION% -v Detailed ^ +-p:Version=%PACKAGE_VERSION% -p:NuspecFile=%PACKAGE_DIR%\nuspec\VirtualClient.win-arm64.nuspec && echo: || Goto :Error + Goto :End @@ -134,7 +141,7 @@ echo --suffix - Defines a suffix to place on the package names. Valid values in echo: echo Usage: echo --------------------- -echo build-packages.cmd [--suffix ^] +echo build-packages.cmd [--suffix ^] [--disablecet] echo: echo Examples: echo --------------------- diff --git a/build.cmd b/build.cmd index 45040d250a..a22bc7eed9 100644 --- a/build.cmd +++ b/build.cmd @@ -3,6 +3,7 @@ set EXIT_CODE=0 set SCRIPT_DIR=%~dp0 set SCRIPT_DIR=%SCRIPT_DIR:~0,-1% +set CET_PROPS= set BUILD_CONFIGURATION= set BUILD_FLAGS= set BUILD_VERSION= @@ -18,6 +19,9 @@ if /i "%~1" == "-?" Goto :Usage if /i "%~1" == "--help" Goto :Usage for %%a in (%*) do ( + if /i "%%a" == "--disablecet" ( + set CET_PROPS=-p:DisableCET=true + ) if /i "%%a" == "--trim" set BUILD_FLAGS=-p:PublishTrimmed=true if /i "%%a" == "--linux-x64" ( @@ -74,7 +78,7 @@ echo !!! Note that the solution is be built with 'Debug' configuration in order echo !!! echo: call dotnet build "%VC_SOLUTION_DIR%\VirtualClient.sln" -c Debug -v Detailed ^ --p:AssemblyVersion=%BUILD_VERSION% && echo: || Goto :Error +-p:AssemblyVersion=%BUILD_VERSION% %CET_PROPS% && echo: || Goto :Error if /i "%BUILD_ALL%" == "true" ( set BUILD_LINUX_X64=true @@ -87,32 +91,48 @@ if /i "%BUILD_LINUX_X64%" == "true" ( echo: echo [Build Virtual Client: linux-x64] echo ---------------------------------------------------------------------- - call dotnet publish "%VC_SOLUTION_DIR%\VirtualClient.Main\VirtualClient.Main.csproj" -r linux-x64 -c %BUILD_CONFIGURATION% -v Detailed --self-contained ^ - -p:AssemblyVersion=%BUILD_VERSION% -p:InvariantGlobalization=true %BUILD_FLAGS% && echo: || Goto :Error + call dotnet publish "%VC_SOLUTION_DIR%\VirtualClient.Main\VirtualClient.Main.csproj" ^ + -r linux-x64 -c %BUILD_CONFIGURATION% -v Detailed --self-contained ^ + -p:AssemblyVersion=%BUILD_VERSION% ^ + -p:InvariantGlobalization=true ^ + %CET_PROPS% %BUILD_FLAGS% ^ + && echo: || Goto :Error ) if /i "%BUILD_LINUX_ARM64%" == "true" ( echo: echo [Build Virtual Client: linux-arm64] echo ---------------------------------------------------------------------- - call dotnet publish "%VC_SOLUTION_DIR%\VirtualClient.Main\VirtualClient.Main.csproj" -r linux-arm64 -c %BUILD_CONFIGURATION% -v Detailed --self-contained ^ - -p:AssemblyVersion=%BUILD_VERSION% -p:InvariantGlobalization=true %BUILD_FLAGS% && echo: || Goto :Error + call dotnet publish "%VC_SOLUTION_DIR%\VirtualClient.Main\VirtualClient.Main.csproj" ^ + -r linux-arm64 -c %BUILD_CONFIGURATION% -v Detailed --self-contained ^ + -p:AssemblyVersion=%BUILD_VERSION% ^ + -p:InvariantGlobalization=true ^ + %CET_PROPS% %BUILD_FLAGS% ^ + && echo: || Goto :Error ) if /i "%BUILD_WIN_X64%" == "true" ( echo: echo [Build Virtual Client: win-x64] echo ---------------------------------------------------------------------- - call dotnet publish "%VC_SOLUTION_DIR%\VirtualClient.Main\VirtualClient.Main.csproj" -r win-x64 -c %BUILD_CONFIGURATION% -v Detailed --self-contained ^ - -p:AssemblyVersion=%BUILD_VERSION% %BUILD_FLAGS% && echo: || Goto :Error + call dotnet publish "%VC_SOLUTION_DIR%\VirtualClient.Main\VirtualClient.Main.csproj" ^ + -r win-x64 -c %BUILD_CONFIGURATION% -v Detailed --self-contained ^ + -p:AssemblyVersion=%BUILD_VERSION% ^ + -p:InvariantGlobalization=true ^ + %CET_PROPS% %BUILD_FLAGS% ^ + && echo: || Goto :Error ) if /i "%BUILD_WIN_ARM64%" == "true" ( echo: echo [Build Virtual Client: win-arm64] - echo ---------------------------------------------------------------------- - call dotnet publish "%VC_SOLUTION_DIR%\VirtualClient.Main\VirtualClient.Main.csproj" -r win-arm64 -c %BUILD_CONFIGURATION% -v Detailed --self-contained ^ - -p:AssemblyVersion=%BUILD_VERSION% %BUILD_FLAGS% && echo: || Goto :Error + echo ---------------------------------------------------------------------- + call dotnet publish "%VC_SOLUTION_DIR%\VirtualClient.Main\VirtualClient.Main.csproj" ^ + -r win-arm64 -c %BUILD_CONFIGURATION% -v Detailed --self-contained ^ + -p:AssemblyVersion=%BUILD_VERSION% ^ + -p:InvariantGlobalization=true ^ + %CET_PROPS% %BUILD_FLAGS% ^ + && echo: || Goto :Error ) Goto :End @@ -124,7 +144,7 @@ echo Builds the source code in the repo. echo: echo Usage: echo --------------------- -echo build.cmd [--win-x64] [--win-arm64] [--linux-x64] [--linux-arm64] [--trim] +echo build.cmd [--win-x64] [--win-arm64] [--linux-x64] [--linux-arm64] [--trim] [--disablecet] echo: echo Examples: echo --------------------- @@ -152,6 +172,7 @@ set BUILD_FLAGS= set BUILD_CONFIGURATION= set BUILD_VERSION= set SCRIPT_DIR= +set CET_PROPS= set VC_SOLUTION_DIR= set BUILD_ALL= set BUILD_LINUX_X64= diff --git a/build.sh b/build.sh index 83fcdca993..a2155e31d1 100644 --- a/build.sh +++ b/build.sh @@ -5,6 +5,8 @@ BUILD_CONFIGURATION="Release" BUILD_FLAGS="" BUILD_VERSION="" SCRIPT_DIR="$(dirname $(readlink -f "${BASH_SOURCE[0]}"))" +CET_PROPS="" +PACKAGE_SUFFIX="" # Runtime build flags BUILD_ALL=true @@ -19,15 +21,16 @@ Usage() { echo "" echo "Options:" echo "---------------------" - echo "--trim Enables trimming for publish output." - echo "--linux-x64 Build only for linux-x64 runtime." - echo "--linux-arm64 Build only for linux-arm64 runtime." - echo "--win-x64 Build only for win-x64 runtime." - echo "--win-arm64 Build only for win-arm64 runtime." + echo "--disablecet Disables CET during build." + echo "--trim Enables trimming for publish output." + echo "--linux-x64 Build only for linux-x64 runtime." + echo "--linux-arm64 Build only for linux-arm64 runtime." + echo "--win-x64 Build only for win-x64 runtime." + echo "--win-arm64 Build only for win-arm64 runtime." echo "" echo "Usage:" echo "---------------------" - echo "./build.sh [--trim] [--linux-x64] [--linux-arm64] [--win-x64] [--win-arm64]" + echo "./build.sh [--disablecet] [--trim] [--linux-x64] [--linux-arm64] [--win-x64] [--win-arm64]" echo "" echo "Examples:" echo "---------------------" @@ -60,6 +63,10 @@ while [[ $# -gt 0 ]]; do "/?"|"-?"|"--help") Usage ;; + "--disablecet") + CET_PROPS="-p:DisableCET=true" + PACKAGE_SUFFIX=".nocet" + ;; "--trim") BUILD_FLAGS="-p:PublishTrimmed=true" ;; @@ -134,7 +141,7 @@ if [[ "$BUILD_LINUX_X64" == true ]]; then echo "[Build Virtual Client: linux-x64]" echo "----------------------------------------------------------------------" dotnet publish "$SCRIPT_DIR/src/VirtualClient/VirtualClient.Main/VirtualClient.Main.csproj" -r linux-x64 -c $BUILD_CONFIGURATION -v Detailed --self-contained \ - -p:AssemblyVersion=$BUILD_VERSION -p:InvariantGlobalization=true $BUILD_FLAGS || Error + -p:AssemblyVersion=$BUILD_VERSION -p:InvariantGlobalization=true $CET_PROPS $BUILD_FLAGS || Error fi if [[ "$BUILD_LINUX_ARM64" == true ]]; then @@ -142,7 +149,7 @@ if [[ "$BUILD_LINUX_ARM64" == true ]]; then echo "[Build Virtual Client: linux-arm64]" echo "----------------------------------------------------------------------" dotnet publish "$SCRIPT_DIR/src/VirtualClient/VirtualClient.Main/VirtualClient.Main.csproj" -r linux-arm64 -c $BUILD_CONFIGURATION -v Detailed --self-contained \ - -p:AssemblyVersion=$BUILD_VERSION -p:InvariantGlobalization=true $BUILD_FLAGS || Error + -p:AssemblyVersion=$BUILD_VERSION -p:InvariantGlobalization=true $CET_PROPS $BUILD_FLAGS || Error fi if [[ "$BUILD_WIN_X64" == true ]]; then @@ -150,7 +157,7 @@ if [[ "$BUILD_WIN_X64" == true ]]; then echo "[Build Virtual Client: win-x64]" echo "----------------------------------------------------------------------" dotnet publish "$SCRIPT_DIR/src/VirtualClient/VirtualClient.Main/VirtualClient.Main.csproj" -r win-x64 -c $BUILD_CONFIGURATION -v Detailed --self-contained \ - -p:AssemblyVersion=$BUILD_VERSION $BUILD_FLAGS || Error + -p:AssemblyVersion=$BUILD_VERSION $CET_PROPS $BUILD_FLAGS || Error fi if [[ "$BUILD_WIN_ARM64" == true ]]; then @@ -158,7 +165,7 @@ if [[ "$BUILD_WIN_ARM64" == true ]]; then echo "[Build Virtual Client: win-arm64]" echo "----------------------------------------------------------------------" dotnet publish "$SCRIPT_DIR/src/VirtualClient/VirtualClient.Main/VirtualClient.Main.csproj" -r win-arm64 -c $BUILD_CONFIGURATION -v Detailed --self-contained \ - -p:AssemblyVersion=$BUILD_VERSION $BUILD_FLAGS || Error + -p:AssemblyVersion=$BUILD_VERSION $CET_PROPS $BUILD_FLAGS || Error fi End diff --git a/src/VirtualClient/VERSIONING.md b/src/VirtualClient/VERSIONING.md index dfe9051891..741463fd16 100644 --- a/src/VirtualClient/VERSIONING.md +++ b/src/VirtualClient/VERSIONING.md @@ -1,10 +1,10 @@ # Versioning The following sections describe the versioning process for projects/libraries within the Virtual Client platform/core repo. -Projects versioned using the version defined by the Official build pipeline. This version is defined in the in the [OneBranch.Official.yml](https://github.com/Azure/AzureVirtualClient/blob/main/.pipelines/OneBranch.Official.yml) -file found in the root of the repo in the **.pipeline** directory. The team only ever changes the 'major' or 'minor' versions in this -file. Furthermore,tThe team follows the 'semantic versioning' process to determine versions. You can learn more about semantic versioning at the -link below. +Projects versioned using the version defined by the Official build pipeline. This version is defined in the in the [VERSION](https://github.com/microsoft/VirtualClient/blob/main/VERSION) +file found in the root of the repo. The team only ever changes the 'major' or 'minor' versions in this +file. Furthermore, the team follows the 'semantic versioning' process to determine versions. You can learn more about semantic versioning at the +links below. * [Semantic Versioning](https://semver.org/) * [Semantic Versioning in .NET](https://docs.microsoft.com/en-us/dotnet/core/versions/#semantic-versioning) diff --git a/src/VirtualClient/VirtualClient.Main/VirtualClient.Main.csproj b/src/VirtualClient/VirtualClient.Main/VirtualClient.Main.csproj index e4d7627d2c..0a3366007d 100644 --- a/src/VirtualClient/VirtualClient.Main/VirtualClient.Main.csproj +++ b/src/VirtualClient/VirtualClient.Main/VirtualClient.Main.csproj @@ -10,6 +10,7 @@ CA1416;NU5100;NU5118;NU5128;SA1118;NU5110;NU5111;IL2026;IL2104;IL2072 en true + false