From 3cdee0c2e7c85011773806555acee0dfe6c526a9 Mon Sep 17 00:00:00 2001 From: Dongbo Wang Date: Mon, 2 Nov 2020 15:58:31 -0800 Subject: [PATCH 1/4] Update the pool to use --- .vsts-ci/releaseBuild.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.vsts-ci/releaseBuild.yml b/.vsts-ci/releaseBuild.yml index 9340e780..41323c3b 100644 --- a/.vsts-ci/releaseBuild.yml +++ b/.vsts-ci/releaseBuild.yml @@ -17,7 +17,7 @@ resources: jobs: - job: build_windows - pool: Package ES Lab A + pool: Package ES Standard Build # APIScan can take a long time timeoutInMinutes: 240 From d51d5cde56de803e18fd3fe6c5ce5dc09729e061 Mon Sep 17 00:00:00 2001 From: Dongbo Wang Date: Tue, 3 Nov 2020 21:14:32 -0800 Subject: [PATCH 2/4] Update release build to: 1. Update the signing xml file 2. Remove catalog related steps --- .vsts-ci/releaseBuild.yml | 35 ++-------------------------------- .vsts-ci/sign-catalog.xml | 8 -------- .vsts-ci/sign-module-files.xml | 2 ++ PSReadLine.build.ps1 | 12 ------------ 4 files changed, 4 insertions(+), 53 deletions(-) delete mode 100644 .vsts-ci/sign-catalog.xml diff --git a/.vsts-ci/releaseBuild.yml b/.vsts-ci/releaseBuild.yml index 41323c3b..efb68f01 100644 --- a/.vsts-ci/releaseBuild.yml +++ b/.vsts-ci/releaseBuild.yml @@ -86,39 +86,14 @@ jobs: - pwsh: | # Show the signed files Get-ChildItem -Path $(Signed) - Copy-Item -Path $(Signed)\* -Destination $(PSReadLine) -Force + Copy-Item -Path $(Signed)\* -Destination $(PSReadLine) -Recurse -Force displayName: 'Replace unsigned files with signed ones' - # Create catalog file from the signed modules files - - pwsh: | - New-FileCatalog -CatalogFilePath $(PSReadLine)\PSReadLine.cat -Path $(PSReadLine) -CatalogVersion 2.0 | ` - ForEach-Object -MemberName FullName - displayName: 'Create catalog file' - - # Sign the catalog file - - task: PkgESCodeSign@10 - displayName: 'CodeSign - catalog file' - env: - SYSTEM_ACCESSTOKEN: $(System.AccessToken) - inputs: - signConfigXml: '$(Build.SourcesDirectory)\.vsts-ci\sign-catalog.xml' - inPathRoot: '$(PSReadLine)' - outPathRoot: '$(Signed)' - binVersion: Production - binVersionOverride: '' - - # Copy the signed catalog file over - - pwsh: | - # Show the signed files - Get-ChildItem -Path $(Signed) - Copy-Item -Path $(Signed)\PSReadLine.cat -Destination $(PSReadLine) -Force - displayName: 'Replace catalog file with the signed one' - # Verify the signatures - pwsh: | $HasInvalidFiles = $false $WrongCert = @{} - Get-ChildItem -Path $(PSReadLine) -Recurse -Include "*.dll","*.ps*1*","*.cat" | ` + Get-ChildItem -Path $(PSReadLine) -Recurse -Include "*.dll","*.ps*1*" | ` Get-AuthenticodeSignature | ForEach-Object { $_ | Select-Object Path, Status if ($_.Status -ne 'Valid') { $HasInvalidFiles = $true } @@ -134,12 +109,6 @@ jobs: } displayName: 'Verify the signed files' - - pwsh: | - $CatInfo = Test-FileCatalog -Path $(PSReadLine) -CatalogFilePath $(PSReadLine)\PSReadLine.cat -Detailed - $CatInfo | Format-List - if ($CatInfo.Status -ne "Valid") { throw "Catalog file is invalid." } - displayName: 'Verify the catalog file' - - pwsh: | try { $RepoName = "PSRLLocal" diff --git a/.vsts-ci/sign-catalog.xml b/.vsts-ci/sign-catalog.xml deleted file mode 100644 index 45ffaba8..00000000 --- a/.vsts-ci/sign-catalog.xml +++ /dev/null @@ -1,8 +0,0 @@ - - - - - - - - diff --git a/.vsts-ci/sign-module-files.xml b/.vsts-ci/sign-module-files.xml index 946a6b5e..617e021a 100644 --- a/.vsts-ci/sign-module-files.xml +++ b/.vsts-ci/sign-module-files.xml @@ -10,5 +10,7 @@ + + diff --git a/PSReadLine.build.ps1 b/PSReadLine.build.ps1 index 80bb0664..b07930b5 100644 --- a/PSReadLine.build.ps1 +++ b/PSReadLine.build.ps1 @@ -91,18 +91,6 @@ task BuildMockPSConsole @mockPSConsoleParams { exec { dotnet publish -f $Framework -c $Configuration MockPSConsole } } -<# -Synopsis: Generate the file catalog -#> -task GenerateCatalog { - exec { - Remove-Item -ea Ignore $PSScriptRoot/bin/$Configuration/PSReadLine/PSReadLine.cat - $null = New-FileCatalog -CatalogFilePath $PSScriptRoot/bin/$Configuration/PSReadLine/PSReadLine.cat ` - -Path $PSScriptRoot/bin/$Configuration/PSReadLine ` - -CatalogVersion 2.0 - } -} - <# Synopsis: Run the unit tests #> From 62adf3f150dc9c5a5f5f61bb2d2ea0feb98357ee Mon Sep 17 00:00:00 2001 From: Dongbo Wang Date: Tue, 3 Nov 2020 21:26:27 -0800 Subject: [PATCH 3/4] Update pool name again --- .vsts-ci/releaseBuild.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.vsts-ci/releaseBuild.yml b/.vsts-ci/releaseBuild.yml index efb68f01..f7e62ff2 100644 --- a/.vsts-ci/releaseBuild.yml +++ b/.vsts-ci/releaseBuild.yml @@ -17,7 +17,7 @@ resources: jobs: - job: build_windows - pool: Package ES Standard Build + pool: Package ES CodeHub Lab E # APIScan can take a long time timeoutInMinutes: 240 From e3093595872d2430aea96fe20df692207c4682f1 Mon Sep 17 00:00:00 2001 From: Dongbo Wang Date: Wed, 4 Nov 2020 11:47:18 -0800 Subject: [PATCH 4/4] Skip signing 'System.Runtime.InteropServices.RuntimeInformation.dll' as it's already signed --- .vsts-ci/sign-module-files.xml | 1 - 1 file changed, 1 deletion(-) diff --git a/.vsts-ci/sign-module-files.xml b/.vsts-ci/sign-module-files.xml index 617e021a..53f88b52 100644 --- a/.vsts-ci/sign-module-files.xml +++ b/.vsts-ci/sign-module-files.xml @@ -9,7 +9,6 @@ -