From 1eb0ca23131a0b5269adedf138e0f0c858dfea8a Mon Sep 17 00:00:00 2001 From: scbedd <45376673+scbedd@users.noreply.github.com> Date: Thu, 22 Jul 2021 13:17:20 -0700 Subject: [PATCH 01/16] consume fixed exposed header fix --- tools/test-proxy/docker/dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/test-proxy/docker/dockerfile b/tools/test-proxy/docker/dockerfile index 2ae3636253d..c33d750b3e9 100644 --- a/tools/test-proxy/docker/dockerfile +++ b/tools/test-proxy/docker/dockerfile @@ -29,7 +29,7 @@ RUN chmod +x $CERT_FOLDER/$CERT_IMPORT_SH \ RUN dotnet tool install azure.sdk.tools.testproxy \ --global \ --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk/nuget/v3/index.json \ - --version 1.0.0-dev.20210721.2 \ + --version 1.0.0-dev.20210722.1 \ && mkdir /etc/testproxy EXPOSE 5001 From 0d7fdc581ff426d656c38b974a7b311d116d4de3 Mon Sep 17 00:00:00 2001 From: scbedd <45376673+scbedd@users.noreply.github.com> Date: Tue, 3 Aug 2021 13:00:53 -0700 Subject: [PATCH 02/16] newer image --- tools/test-proxy/docker/dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/test-proxy/docker/dockerfile b/tools/test-proxy/docker/dockerfile index c33d750b3e9..8c79f4d5109 100644 --- a/tools/test-proxy/docker/dockerfile +++ b/tools/test-proxy/docker/dockerfile @@ -29,7 +29,7 @@ RUN chmod +x $CERT_FOLDER/$CERT_IMPORT_SH \ RUN dotnet tool install azure.sdk.tools.testproxy \ --global \ --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk/nuget/v3/index.json \ - --version 1.0.0-dev.20210722.1 \ + --version 1.0.0-dev.20210729.1 \ && mkdir /etc/testproxy EXPOSE 5001 From 35dd9b5de9987ec2d5a050f49da5190903c78fc3 Mon Sep 17 00:00:00 2001 From: scbedd <45376673+scbedd@users.noreply.github.com> Date: Wed, 11 Aug 2021 16:04:46 -0700 Subject: [PATCH 03/16] update targeted tool version --- tools/test-proxy/docker/dockerfile | 2 +- tools/test-proxy/docker/dockerfile-win | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/test-proxy/docker/dockerfile b/tools/test-proxy/docker/dockerfile index 8c79f4d5109..cf55fdcdb30 100644 --- a/tools/test-proxy/docker/dockerfile +++ b/tools/test-proxy/docker/dockerfile @@ -29,7 +29,7 @@ RUN chmod +x $CERT_FOLDER/$CERT_IMPORT_SH \ RUN dotnet tool install azure.sdk.tools.testproxy \ --global \ --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk/nuget/v3/index.json \ - --version 1.0.0-dev.20210729.1 \ + --version 1.0.0-dev.20210811.2 \ && mkdir /etc/testproxy EXPOSE 5001 diff --git a/tools/test-proxy/docker/dockerfile-win b/tools/test-proxy/docker/dockerfile-win index 6c4e4b3bb1d..7d0a0a5739b 100644 --- a/tools/test-proxy/docker/dockerfile-win +++ b/tools/test-proxy/docker/dockerfile-win @@ -84,7 +84,7 @@ RUN mkdir -p etc/testproxy RUN dotnet tool install azure.sdk.tools.testproxy \ --tool-path /proxyserver \ --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk/nuget/v3/index.json \ - --version 1.0.0-dev.20210729.1 + --version 1.0.0-dev.20210811.2 EXPOSE 5001 EXPOSE 5000 From 3b087fd3ddd14c66fa0bbd99ca28c41227446fab Mon Sep 17 00:00:00 2001 From: scbedd <45376673+scbedd@users.noreply.github.com> Date: Wed, 11 Aug 2021 16:51:19 -0700 Subject: [PATCH 04/16] consume new package location --- .../pipelines/templates/steps/install-pipeline-generation.yml | 2 +- tools/http-fault-injector/README.md | 4 ++-- tools/test-proxy/Azure.Sdk.Tools.TestProxy/README.md | 2 +- tools/test-proxy/docker/dockerfile | 2 +- tools/test-proxy/docker/dockerfile-win | 2 +- tools/test-proxy/documentation/using-in-devops.md | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/eng/common/pipelines/templates/steps/install-pipeline-generation.yml b/eng/common/pipelines/templates/steps/install-pipeline-generation.yml index d368d52595b..b19093b0aaa 100644 --- a/eng/common/pipelines/templates/steps/install-pipeline-generation.yml +++ b/eng/common/pipelines/templates/steps/install-pipeline-generation.yml @@ -10,7 +10,7 @@ steps: dotnet tool install Azure.Sdk.Tools.PipelineGenerator --version 1.0.2-dev.20210621.4 - --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk/nuget/v3/index.json + --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk-for-net/nuget/v3/index.json --tool-path ${{parameters.ToolPath}} workingDirectory: $(Pipeline.Workspace)/pipeline-generator displayName: 'Install pipeline generator tool' diff --git a/tools/http-fault-injector/README.md b/tools/http-fault-injector/README.md index 6b6b15f05de..3a66fd0f28f 100644 --- a/tools/http-fault-injector/README.md +++ b/tools/http-fault-injector/README.md @@ -11,7 +11,7 @@ 2. Install http-fault-injector ``` -> dotnet tool install azure.sdk.tools.httpfaultinjector --global --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk/nuget/v3/index.json +> dotnet tool install azure.sdk.tools.httpfaultinjector --global --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk-for-net/nuget/v3/index.json You can invoke the tool using the following command: http-fault-injector Tool 'azure.sdk.tools.httpfaultinjector' (version '0.1.0') was successfully installed. @@ -19,7 +19,7 @@ Tool 'azure.sdk.tools.httpfaultinjector' (version '0.1.0') was successfully inst ## Updating ``` -> dotnet tool update azure.sdk.tools.httpfaultinjector --global --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk/nuget/v3/index.json +> dotnet tool update azure.sdk.tools.httpfaultinjector --global --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk-for-net/nuget/v3/index.json Tool 'azure.sdk.tools.httpfaultinjector' was successfully updated from version '0.1.0' to version '0.1.1'. ``` diff --git a/tools/test-proxy/Azure.Sdk.Tools.TestProxy/README.md b/tools/test-proxy/Azure.Sdk.Tools.TestProxy/README.md index b06395bcf61..16ddf4eb67c 100644 --- a/tools/test-proxy/Azure.Sdk.Tools.TestProxy/README.md +++ b/tools/test-proxy/Azure.Sdk.Tools.TestProxy/README.md @@ -10,7 +10,7 @@ For a detailed explanation, check the README.md one level up from this one. This 2. Install test-proxy ```powershell -> dotnet tool install azure.sdk.tools.testproxy --global --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk/nuget/v3/index.json +> dotnet tool install azure.sdk.tools.testproxy --global --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk-for-net/nuget/v3/index.json ``` This feed is available in [the public azure-sdk project.](https://dev.azure.com/azure-sdk/public/_packaging?_a=feed&feed=azure-sdk) diff --git a/tools/test-proxy/docker/dockerfile b/tools/test-proxy/docker/dockerfile index cf55fdcdb30..a86b88ec11a 100644 --- a/tools/test-proxy/docker/dockerfile +++ b/tools/test-proxy/docker/dockerfile @@ -28,7 +28,7 @@ RUN chmod +x $CERT_FOLDER/$CERT_IMPORT_SH \ # install the package RUN dotnet tool install azure.sdk.tools.testproxy \ --global \ - --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk/nuget/v3/index.json \ + --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk-for-net/nuget/v3/index.json \ --version 1.0.0-dev.20210811.2 \ && mkdir /etc/testproxy diff --git a/tools/test-proxy/docker/dockerfile-win b/tools/test-proxy/docker/dockerfile-win index 7d0a0a5739b..79870dbdc39 100644 --- a/tools/test-proxy/docker/dockerfile-win +++ b/tools/test-proxy/docker/dockerfile-win @@ -83,7 +83,7 @@ RUN mkdir -p etc/testproxy # install the package RUN dotnet tool install azure.sdk.tools.testproxy \ --tool-path /proxyserver \ - --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk/nuget/v3/index.json \ + --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk-for-net/nuget/v3/index.json \ --version 1.0.0-dev.20210811.2 EXPOSE 5001 diff --git a/tools/test-proxy/documentation/using-in-devops.md b/tools/test-proxy/documentation/using-in-devops.md index 120bdc7a2aa..e58ca8a61f9 100644 --- a/tools/test-proxy/documentation/using-in-devops.md +++ b/tools/test-proxy/documentation/using-in-devops.md @@ -40,7 +40,7 @@ Something along the lines of... dotnet tool install ` azure.sdk.tools.testproxy ` --tool-path $(Build.BinariesDirectory)/test-proxy ` - --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk/nuget/v3/index.json ` + --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk-for-net/nuget/v3/index.json ` --version displayName: "Install TestProxy" From d14f93b32fb2ff2a7840e37e6550c9bb92fe78ce Mon Sep 17 00:00:00 2001 From: scbedd <45376673+scbedd@users.noreply.github.com> Date: Fri, 13 Aug 2021 15:52:01 -0700 Subject: [PATCH 05/16] updates to eng common, moving proxy tools to location --- eng/common/scripts/common.ps1 | 1 + eng/common/testproxy/docker-start-proxy.ps1 | 83 +++++++++++++++++++++ eng/common/testproxy/dotnet-devcert.crt | 20 +++++ eng/common/testproxy/invoke-proxy.sh | 1 + eng/common/testproxy/test-proxy-docker.yml | 20 +++++ eng/common/testproxy/test-proxy-tool.yml | 52 +++++++++++++ 6 files changed, 177 insertions(+) create mode 100644 eng/common/testproxy/docker-start-proxy.ps1 create mode 100644 eng/common/testproxy/dotnet-devcert.crt create mode 100644 eng/common/testproxy/invoke-proxy.sh create mode 100644 eng/common/testproxy/test-proxy-docker.yml create mode 100644 eng/common/testproxy/test-proxy-tool.yml diff --git a/eng/common/scripts/common.ps1 b/eng/common/scripts/common.ps1 index 4e0b0847cdb..4f31c92c3d2 100644 --- a/eng/common/scripts/common.ps1 +++ b/eng/common/scripts/common.ps1 @@ -44,3 +44,4 @@ $GetDocsMsMetadataForPackageFn = "Get-${Language}-DocsMsMetadataForPackage" $GetDocsMsDevLanguageSpecificPackageInfoFn = "Get-${Language}-DocsMsDevLanguageSpecificPackageInfo" $GetGithubIoDocIndexFn = "Get-${Language}-GithubIoDocIndex" $FindArtifactForApiReviewFn = "Find-${Language}-Artifacts-For-Apireview" +$TestProxyTrustCertFn = "Import-Dev-Cert-${Language}" diff --git a/eng/common/testproxy/docker-start-proxy.ps1 b/eng/common/testproxy/docker-start-proxy.ps1 new file mode 100644 index 00000000000..4e5da37278a --- /dev/null +++ b/eng/common/testproxy/docker-start-proxy.ps1 @@ -0,0 +1,83 @@ + #!/usr/bin/env pwsh -c + +<# +.DESCRIPTION +Start the docker proxy container. If it is already running, quietly exit. Any other error should fail. +.PARAMETER Mode +"start" or "stop" to start up or stop the test-proxy instance. +.PARAMETER TargetFolder +The folder in which context the test proxy will be started. Defaults to current working directory. +#> +[CmdletBinding(SupportsShouldProcess = $true)] +param( + [ValidateSet("start", "stop")] + [String] + $Mode, + [String] + $TargetFolder = "." +) + +try { + docker --version | Out-Null +} +catch { + Write-Error "A invocation of docker --version failed. This indicates that docker is not properly installed or running." + Write-Error "Please check your docker invocation and try running the script again." +} + +$SELECTED_IMAGE_TAG = "1037115" +$CONTAINER_NAME = "ambitious_azsdk_test_proxy" +$LINUX_IMAGE_SOURCE = "azsdkengsys.azurecr.io/engsys/testproxy-lin:${SELECTED_IMAGE_TAG}" +$WINDOWS_IMAGE_SOURCE = "azsdkengsys.azurecr.io/engsys/testproxy-win:${SELECTED_IMAGE_TAG}" +$root = (Resolve-Path $TargetFolder).Path.Replace("`\", "/") + +function Get-Proxy-Container(){ + return (docker container ls -a --format "{{ json . }}" --filter "name=$CONTAINER_NAME" ` + | ConvertFrom-Json ` + | Select-Object -First 1) +} + + +$SelectedImage = $LINUX_IMAGE_SOURCE +$Initial = "" + +# most of the time, running this script on a windows machine will work just fine, as docker defaults to linux containers +# however, in CI, windows images default to _windows_ containers. We cannot swap them. We can tell if we're in a CI build by +# checking for the environment variable TF_BUILD. +if ($IsWindows -and $env:TF_BUILD){ + $SelectedImage = $WINDOWS_IMAGE_SOURCE + $Initial = "C:" +} + +if ($Mode -eq "start"){ + $proxyContainer = Get-Proxy-Container + + # if we already have one, we just need to check the state + if($proxyContainer){ + if ($proxyContainer.State -eq "running") + { + Write-Host "Discovered an already running instance of the test-proxy!. Exiting" + exit(0) + } + } + # else we need to create it + else { + Write-Host "Attempting creation of Docker host $CONTAINER_NAME" + Write-Host "docker container create -v `"${root}:${Initial}/etc/testproxy`" -p 5001:5001 -p 5000:5000 --name $CONTAINER_NAME $SelectedImage" + docker container create -v "${root}:${Initial}/etc/testproxy" -p 5001:5001 -p 5000:5000 --name $CONTAINER_NAME $SelectedImage + } + + Write-Host "Attempting start of Docker host $CONTAINER_NAME" + docker container start $CONTAINER_NAME +} + +if ($Mode -eq "stop"){ + $proxyContainer = Get-Proxy-Container + + if($proxyContainer){ + if($proxyContainer.State -eq "running"){ + Write-Host "Found a running instance of $CONTAINER_NAME, shutting it down." + docker container stop $CONTAINER_NAME + } + } +} \ No newline at end of file diff --git a/eng/common/testproxy/dotnet-devcert.crt b/eng/common/testproxy/dotnet-devcert.crt new file mode 100644 index 00000000000..e8575ea4456 --- /dev/null +++ b/eng/common/testproxy/dotnet-devcert.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDSDCCAjCgAwIBAgIUPMKpJ/j10eQrcQBNnkImIaOYHakwDQYJKoZIhvcNAQEL +BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIxMDgwNTAwMzU1NloXDTIyMDgw +NTAwMzU1NlowFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAxe/ZseXgOTVoF7uTjX5Leknk95jIoyGc+VlxA8BhzGOr +r4u6VNQZRCMq+svHY36tW4+u/xHNe2kvbwy2mnS8cFFLfst+94qBZVJDBxSGZ9I/ +wekErNsjFsik4UrMvcC+ZlGPh7hb3f7tSx29tn1DIkAUXVnbZ6TT5s+mYRQpZ6fW +6kR3RNfc0A1IUM7Zs9yfNEr0O2H41P2HcLKoOPtvd7GvTQm9Ofh3srKvII+sZn/J +WH7r76oRQMX904mOMdryQwZLObsqX4dXIEbafKVSecB3PBVIhv8gVtJhcZbQP1pI +mMiWd6PHv46ZhGf7+cKnYUSa8Ia2t/wetK1wd00dFwIDAQABo4GRMIGOMA8GA1Ud +EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGmMBYGA1UdJQEB/wQMMAoGCCsGAQUF +BwMBMBcGA1UdEQEB/wQNMAuCCWxvY2FsaG9zdDA6BgorBgEEAYI3VAEBBCwMKkFT +UC5ORVQgQ29yZSBIVFRQUyBkZXZlbG9wbWVudCBjZXJ0aWZpY2F0ZTANBgkqhkiG +9w0BAQsFAAOCAQEAIj2VlBVcXGSly6KCBg6lgwFi+henWfSox77iuGAaAxDjN3jd +9lZahW4MPNLHKSrPRb4YNSLZ2jh7zdcttQrqd4qH65o1q56q5JrCmli99iIzY9Y8 +RdYyxK4Zzr31wjpsyFiWQfqJTuSFUUg9uDDj0negwEZLIGlt7nr12wflt2+QOJtD +byMeSZLbB5dPzn341DK0qfJEJMMgL0XsPEVZ3TQ6Alc9zq5wI608C/mXnz3xJE05 +UTYD8pRJJ/DyG0empvOVE8Sg93msHPquAbgqO9aqCpykgg/a8CFvI4wRdfvGEFlv +8XJKL8Y/PFsmFeO3axq3zUYKFVdc9Un4dFIaag== +-----END CERTIFICATE----- diff --git a/eng/common/testproxy/invoke-proxy.sh b/eng/common/testproxy/invoke-proxy.sh new file mode 100644 index 00000000000..be71a0e6921 --- /dev/null +++ b/eng/common/testproxy/invoke-proxy.sh @@ -0,0 +1 @@ +${TEST_PROXY_LOC}/test-proxy \ No newline at end of file diff --git a/eng/common/testproxy/test-proxy-docker.yml b/eng/common/testproxy/test-proxy-docker.yml new file mode 100644 index 00000000000..e7105e43a68 --- /dev/null +++ b/eng/common/testproxy/test-proxy-docker.yml @@ -0,0 +1,20 @@ +parameters: + rootFolder: '$(Build.SourcesDirectory)' + +steps: + - pwsh: | + . $(Build.SourcesDirectory)/eng/common/scripts/common.ps1 + + if ($FindArtifactForApiReviewFn -and (Test-Path "Function:$FindArtifactForApiReviewFn")) + { + &$FindArtifactForApiReviewFn + } + displayName: 'Language Specific Certificate Trust' + + - pwsh: | + $(Build.SourcesDirectory)/eng/common/testproxy/docker-start-proxy.ps1 -Mode start -TargetFolder "${{ parameters.rootFolder }}" + displayName: 'Run the docker container' + + - pwsh: | + docker container ls -a + displayName: Check running container \ No newline at end of file diff --git a/eng/common/testproxy/test-proxy-tool.yml b/eng/common/testproxy/test-proxy-tool.yml new file mode 100644 index 00000000000..c31641448bf --- /dev/null +++ b/eng/common/testproxy/test-proxy-tool.yml @@ -0,0 +1,52 @@ +parameters: + rootFolder: '$(Build.SourcesDirectory)' + +steps: + - pwsh: | + . $(Build.SourcesDirectory)/eng/common/scripts/common.ps1 + + if ($FindArtifactForApiReviewFn -and (Test-Path "Function:$FindArtifactForApiReviewFn")) + { + &$FindArtifactForApiReviewFn + } + displayName: 'Language Specific Certificate Trust' + + - pwsh: | + Write-Host "##vso[task.setvariable variable=OriginalPath]$env:PATH" + displayName: 'Store Path Value' + + - pwsh: | + Write-Host "##vso[task.setvariable variable=ASPNETCORE_Kestrel__Certificates__Default__Path]$(Build.SourcesDirectory)/eng/common/testproxy/dotnet-devcert.pfx" + Write-Host "##vso[task.setvariable variable=ASPNETCORE_Kestrel__Certificates__Default__Password]password" + displayName: 'Configure Kestrel Environment Variables' + + - task: UseDotNet@2 + displayName: "Use .NET Core SDK" + inputs: + packageType: sdk + version: 5.0.205 + + - pwsh: | + dotnet tool install azure.sdk.tools.testproxy ` + --tool-path $(Build.BinariesDirectory)/test-proxy ` + --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk-for-net/nuget/v3/index.json ` + --version 1.0.0-dev.20210811.2 + displayName: "Install test-proxy" + + - pwsh: | + Start-Process $(Build.BinariesDirectory)/test-proxy/test-proxy.exe ` + -ArgumentList "--storage-location '${{ parameters.rootFolder }}'" ` + -NoNewWindow -PassThru + displayName: 'Run the testproxy - windows' + condition: and(succeeded(), eq(variables['Agent.OS'],'Windows_NT')) + + # nohup does NOT continue beyond the current session if you use it within powershell + - bash: | + sudo nohup $(Build.BinariesDirectory)/test-proxy/test-proxy & + displayName: "Run the testproxy - linux/mac" + condition: and(succeeded(), ne(variables['Agent.OS'],'Windows_NT')) + workingDirectory: "${{ parameters.rootFolder }}" + + - pwsh: | + Write-Host "##vso[task.setvariable variable=PATH]$(OriginalPath)" + displayName: 'Restore .NET version by resetting path' \ No newline at end of file From 10ceb623e70396cf4371bd74291942e9fdc31699 Mon Sep 17 00:00:00 2001 From: scbedd <45376673+scbedd@users.noreply.github.com> Date: Fri, 13 Aug 2021 15:53:57 -0700 Subject: [PATCH 06/16] store components --- eng/common/testproxy/dotnet-devcert.pfx | Bin 0 -> 2445 bytes eng/common/testproxy/invoke-proxy.sh | 1 - 2 files changed, 1 deletion(-) create mode 100644 eng/common/testproxy/dotnet-devcert.pfx delete mode 100644 eng/common/testproxy/invoke-proxy.sh diff --git a/eng/common/testproxy/dotnet-devcert.pfx b/eng/common/testproxy/dotnet-devcert.pfx new file mode 100644 index 0000000000000000000000000000000000000000..28058ae4ce30e7a413e8f872d930fa2cf5c2107c GIT binary patch literal 2445 zcmY+Ec{me}AIEKGOw3W1T%&R;L(Z@fa?O=93FS=q=BQl7a-{|M|6Xqd27(0wI1w0#Ef}JdY@Ym$AHWSL zz(7zS3`GAI)K?F!Tb zfjk`X7|v1{OYWP-ZccVCBTB-xZYA4g%!tC;_FsW8vbMzZGh3`8ogVrPMR>ljPU4#- z`G@P4g@lf03(hTENs)vkx^jBoGHwj2avv-Dpe_DO>@3jk<%U$iX9rZd`=jP! zsg>})<%?TyfZg|Y*>jhF5Sk^W#Xi;Zf992<-1wem2j0S$iBLn3j~5NK^GDtfIXo`5 zEs4Sf`)CEeP0j%@`i~ke|2fh@=L=@SIJ}`Y+kWWchubBzbXCRXNLitiiMY3dmu!a( zFZPEvT^=8TlPT8*{GH8Y<-2>g>eDZprB2Z+>uP-Z?YAXY9h_{s@4_XehsU4Id_iyC zJ+N--k7cI{U3Bi+p2UKd+buQ)=Z*I*(W5Hw)&cuE;drYzBT8WE$tY9^^4o53%-qi5 z=n{`d!C!c+~BNXhVHGYMn+(JJ0#LCDfvOFPO#fMYz)uYiLDW|Co z(JGTK!;W~b1WLVc_OQ;;y-e`1>Itds$%e}1YQK|Ze#ae*l3sb6q>JipNOI#XV=WLu zsiaZOG)Y@E9Hc?8IGLp#_fdMEJxgwAltLxG(ZXfxQMhi>=<_k}P;!U4_5&K0su_n9 zQ&wnVaA_R&m2zs__fZs>G)%_NW)SfLFgowbEDRqBT^z zJMo)_(u@dc8+TU{Xdrq5=H(TjX}T`cCNE>>pH3;Ad}l6&(NCGu#)3`Gm)tWnFX*fWw>iusH-DeXc-0_K%B?cPcYb`dW?L5*s2f4hp zKeP|&@yDS&;8*PpQw~cQEhAf!7vf#A2DL4a-dY3E@O)XZKK~Y*%(FLu`*?(Zen_F2 zPxvUY0RHLI{s$pqq*$-r#fUBwfZo(KCs%hX?u@6-^jp@|GJ(4$>d|yLeaX7K7qf1N25=t-MWP)nc}xHt_coMNUZF&!y2dObegcrn^uF-D>4qs;DA=zqU?bmyx|I zx{YWUS(>xDdPsmyh{Z*-lg^&5RYzXkyVj#%Jjao_N!q@F2y*i=D;iN=%^8j1li)|W zO$Tp!3PT4fpfxfDq zUhF8y%X|XI1;l*cygss_+G?*f_ik^z=Ke5}=A~KOvHxYg)!i}dxwR25Xf+f!SPifN zK_Y9AKWpP+oI@T^$XT5`{_B4e3fD|c@Q}89T*QQwyld*zXZCAD4>GC}9;NG;RG0(5 znCLlG-=@yqe0I($$p5%?wp-oxY5FwGxwa%0!TBYiZX~;QPV~q@A%SXMowq=`bW3rT zPIq&knIrEPBS8(i=47qf){UF!GGy&r0Z;BbJc~h^^*-$0zZUMj%x?59QtrM0%^JKZ$4FPS{j?Ut<*pX!#dB%!EbOGU5*$5VFUa)Y@$M;Z z4sl8Ns(swP-zX*T#^Q9`@)Sed>bf4v-3@?4?C!~cisATi`B3dvT1mth0W%(+%O^(X)3 zB7ad%T0XtsUdE>o28`a;_iQtx4RfXR|6{`h;drtDABlWO*H zgT|>(isc2UO4D+-y-(X5*;PMlIb6=BB$EqoGaR;5T|(3cEW!exbkWR0 zKSxCTZ>!9^nIMV@rXZp3&~tT3_6(~U@dzr@{&LObWzJXp+%8Ugw8q*?g_nMorpp7&E#Ztx{^h3z}&B?D+fl@MlU+)b>qDi^1L1WD%$SyN(bMH5llaAfgwMN+(1yb)GL# zB644QI=;pr)DSWV2$)M5$_W(X;s71nM&EriZMXu9q4}jIu`Zb2ZMe}2;=yh6dp0e8 JEc(5Y{{n}~oSOgu literal 0 HcmV?d00001 diff --git a/eng/common/testproxy/invoke-proxy.sh b/eng/common/testproxy/invoke-proxy.sh deleted file mode 100644 index be71a0e6921..00000000000 --- a/eng/common/testproxy/invoke-proxy.sh +++ /dev/null @@ -1 +0,0 @@ -${TEST_PROXY_LOC}/test-proxy \ No newline at end of file From d2317175da20f199f26b36be9e47d13de6308c72 Mon Sep 17 00:00:00 2001 From: scbedd <45376673+scbedd@users.noreply.github.com> Date: Mon, 16 Aug 2021 11:00:24 -0700 Subject: [PATCH 07/16] update call of the certificate check --- eng/common/testproxy/test-proxy-docker.yml | 4 ++-- eng/common/testproxy/test-proxy-tool.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/eng/common/testproxy/test-proxy-docker.yml b/eng/common/testproxy/test-proxy-docker.yml index e7105e43a68..08bd93cf10c 100644 --- a/eng/common/testproxy/test-proxy-docker.yml +++ b/eng/common/testproxy/test-proxy-docker.yml @@ -5,9 +5,9 @@ steps: - pwsh: | . $(Build.SourcesDirectory)/eng/common/scripts/common.ps1 - if ($FindArtifactForApiReviewFn -and (Test-Path "Function:$FindArtifactForApiReviewFn")) + if ($TestProxyTrustCertFn -and (Test-Path "Function:$TestProxyTrustCertFn")) { - &$FindArtifactForApiReviewFn + &$TestProxyTrustCertFn } displayName: 'Language Specific Certificate Trust' diff --git a/eng/common/testproxy/test-proxy-tool.yml b/eng/common/testproxy/test-proxy-tool.yml index c31641448bf..5a803021a78 100644 --- a/eng/common/testproxy/test-proxy-tool.yml +++ b/eng/common/testproxy/test-proxy-tool.yml @@ -5,9 +5,9 @@ steps: - pwsh: | . $(Build.SourcesDirectory)/eng/common/scripts/common.ps1 - if ($FindArtifactForApiReviewFn -and (Test-Path "Function:$FindArtifactForApiReviewFn")) + if ($TestProxyTrustCertFn -and (Test-Path "Function:$TestProxyTrustCertFn")) { - &$FindArtifactForApiReviewFn + &$TestProxyTrustCertFn } displayName: 'Language Specific Certificate Trust' From 578f6feebe5bf8021957c961872fc9605825ebcd Mon Sep 17 00:00:00 2001 From: scbedd <45376673+scbedd@users.noreply.github.com> Date: Mon, 16 Aug 2021 12:16:01 -0700 Subject: [PATCH 08/16] move all files under eng/common --- .../common/testproxy}/apply-dev-cert.sh | 0 .../common/testproxy}/localhost.conf | 0 tools/test-proxy/docker/README.md | 8 ++++--- .../docker/dev_certificate/.gitattributes | 1 - .../docker/dev_certificate/dotnet-devcert.crt | 20 ------------------ .../docker/dev_certificate/dotnet-devcert.pfx | Bin 2445 -> 0 bytes 6 files changed, 5 insertions(+), 24 deletions(-) rename {tools/test-proxy/docker/dev_certificate => eng/common/testproxy}/apply-dev-cert.sh (100%) rename {tools/test-proxy/docker/dev_certificate => eng/common/testproxy}/localhost.conf (100%) delete mode 100644 tools/test-proxy/docker/dev_certificate/.gitattributes delete mode 100644 tools/test-proxy/docker/dev_certificate/dotnet-devcert.crt delete mode 100644 tools/test-proxy/docker/dev_certificate/dotnet-devcert.pfx diff --git a/tools/test-proxy/docker/dev_certificate/apply-dev-cert.sh b/eng/common/testproxy/apply-dev-cert.sh similarity index 100% rename from tools/test-proxy/docker/dev_certificate/apply-dev-cert.sh rename to eng/common/testproxy/apply-dev-cert.sh diff --git a/tools/test-proxy/docker/dev_certificate/localhost.conf b/eng/common/testproxy/localhost.conf similarity index 100% rename from tools/test-proxy/docker/dev_certificate/localhost.conf rename to eng/common/testproxy/localhost.conf diff --git a/tools/test-proxy/docker/README.md b/tools/test-proxy/docker/README.md index 4c8246fa4ce..a81c3ef3f5d 100644 --- a/tools/test-proxy/docker/README.md +++ b/tools/test-proxy/docker/README.md @@ -5,12 +5,14 @@ ### Build and Run -First, navigate to the folder containing the test-proxy dockerfile: `tools/test-proxy/docker`. +**Be aware that this dockerfile must from the root directory of the sdk-tools repository.** + +This is necessary to access supporting certificate files located in eng/common. There is intent to adjust this build upon a `test-assets image` that will allow us to relocate build context to this local folder, but that is as yet incomplete. Invoke to generate a container (with optional tag): ```docker -docker build . -t test-proxy +docker build . -t test-proxy -f tools/test-proxy/docker/dockerfile ``` Start locally using: @@ -34,7 +36,7 @@ Actions images do not support swapping between `Linux` and `Windows` containers. To build _that_, use the following command. ```docker -docker build . -f dockerfile-win -t test-proxy +docker build . -f tools/test-proxy/docker/dockerfile-win -t test-proxy ``` ### Certificates diff --git a/tools/test-proxy/docker/dev_certificate/.gitattributes b/tools/test-proxy/docker/dev_certificate/.gitattributes deleted file mode 100644 index c5d9e95ea67..00000000000 --- a/tools/test-proxy/docker/dev_certificate/.gitattributes +++ /dev/null @@ -1 +0,0 @@ -.sh eol=lf \ No newline at end of file diff --git a/tools/test-proxy/docker/dev_certificate/dotnet-devcert.crt b/tools/test-proxy/docker/dev_certificate/dotnet-devcert.crt deleted file mode 100644 index e8575ea4456..00000000000 --- a/tools/test-proxy/docker/dev_certificate/dotnet-devcert.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDSDCCAjCgAwIBAgIUPMKpJ/j10eQrcQBNnkImIaOYHakwDQYJKoZIhvcNAQEL -BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIxMDgwNTAwMzU1NloXDTIyMDgw -NTAwMzU1NlowFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF -AAOCAQ8AMIIBCgKCAQEAxe/ZseXgOTVoF7uTjX5Leknk95jIoyGc+VlxA8BhzGOr -r4u6VNQZRCMq+svHY36tW4+u/xHNe2kvbwy2mnS8cFFLfst+94qBZVJDBxSGZ9I/ -wekErNsjFsik4UrMvcC+ZlGPh7hb3f7tSx29tn1DIkAUXVnbZ6TT5s+mYRQpZ6fW -6kR3RNfc0A1IUM7Zs9yfNEr0O2H41P2HcLKoOPtvd7GvTQm9Ofh3srKvII+sZn/J -WH7r76oRQMX904mOMdryQwZLObsqX4dXIEbafKVSecB3PBVIhv8gVtJhcZbQP1pI -mMiWd6PHv46ZhGf7+cKnYUSa8Ia2t/wetK1wd00dFwIDAQABo4GRMIGOMA8GA1Ud -EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGmMBYGA1UdJQEB/wQMMAoGCCsGAQUF -BwMBMBcGA1UdEQEB/wQNMAuCCWxvY2FsaG9zdDA6BgorBgEEAYI3VAEBBCwMKkFT -UC5ORVQgQ29yZSBIVFRQUyBkZXZlbG9wbWVudCBjZXJ0aWZpY2F0ZTANBgkqhkiG -9w0BAQsFAAOCAQEAIj2VlBVcXGSly6KCBg6lgwFi+henWfSox77iuGAaAxDjN3jd -9lZahW4MPNLHKSrPRb4YNSLZ2jh7zdcttQrqd4qH65o1q56q5JrCmli99iIzY9Y8 -RdYyxK4Zzr31wjpsyFiWQfqJTuSFUUg9uDDj0negwEZLIGlt7nr12wflt2+QOJtD -byMeSZLbB5dPzn341DK0qfJEJMMgL0XsPEVZ3TQ6Alc9zq5wI608C/mXnz3xJE05 -UTYD8pRJJ/DyG0empvOVE8Sg93msHPquAbgqO9aqCpykgg/a8CFvI4wRdfvGEFlv -8XJKL8Y/PFsmFeO3axq3zUYKFVdc9Un4dFIaag== ------END CERTIFICATE----- diff --git a/tools/test-proxy/docker/dev_certificate/dotnet-devcert.pfx b/tools/test-proxy/docker/dev_certificate/dotnet-devcert.pfx deleted file mode 100644 index 28058ae4ce30e7a413e8f872d930fa2cf5c2107c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2445 zcmY+Ec{me}AIEKGOw3W1T%&R;L(Z@fa?O=93FS=q=BQl7a-{|M|6Xqd27(0wI1w0#Ef}JdY@Ym$AHWSL zz(7zS3`GAI)K?F!Tb zfjk`X7|v1{OYWP-ZccVCBTB-xZYA4g%!tC;_FsW8vbMzZGh3`8ogVrPMR>ljPU4#- z`G@P4g@lf03(hTENs)vkx^jBoGHwj2avv-Dpe_DO>@3jk<%U$iX9rZd`=jP! zsg>})<%?TyfZg|Y*>jhF5Sk^W#Xi;Zf992<-1wem2j0S$iBLn3j~5NK^GDtfIXo`5 zEs4Sf`)CEeP0j%@`i~ke|2fh@=L=@SIJ}`Y+kWWchubBzbXCRXNLitiiMY3dmu!a( zFZPEvT^=8TlPT8*{GH8Y<-2>g>eDZprB2Z+>uP-Z?YAXY9h_{s@4_XehsU4Id_iyC zJ+N--k7cI{U3Bi+p2UKd+buQ)=Z*I*(W5Hw)&cuE;drYzBT8WE$tY9^^4o53%-qi5 z=n{`d!C!c+~BNXhVHGYMn+(JJ0#LCDfvOFPO#fMYz)uYiLDW|Co z(JGTK!;W~b1WLVc_OQ;;y-e`1>Itds$%e}1YQK|Ze#ae*l3sb6q>JipNOI#XV=WLu zsiaZOG)Y@E9Hc?8IGLp#_fdMEJxgwAltLxG(ZXfxQMhi>=<_k}P;!U4_5&K0su_n9 zQ&wnVaA_R&m2zs__fZs>G)%_NW)SfLFgowbEDRqBT^z zJMo)_(u@dc8+TU{Xdrq5=H(TjX}T`cCNE>>pH3;Ad}l6&(NCGu#)3`Gm)tWnFX*fWw>iusH-DeXc-0_K%B?cPcYb`dW?L5*s2f4hp zKeP|&@yDS&;8*PpQw~cQEhAf!7vf#A2DL4a-dY3E@O)XZKK~Y*%(FLu`*?(Zen_F2 zPxvUY0RHLI{s$pqq*$-r#fUBwfZo(KCs%hX?u@6-^jp@|GJ(4$>d|yLeaX7K7qf1N25=t-MWP)nc}xHt_coMNUZF&!y2dObegcrn^uF-D>4qs;DA=zqU?bmyx|I zx{YWUS(>xDdPsmyh{Z*-lg^&5RYzXkyVj#%Jjao_N!q@F2y*i=D;iN=%^8j1li)|W zO$Tp!3PT4fpfxfDq zUhF8y%X|XI1;l*cygss_+G?*f_ik^z=Ke5}=A~KOvHxYg)!i}dxwR25Xf+f!SPifN zK_Y9AKWpP+oI@T^$XT5`{_B4e3fD|c@Q}89T*QQwyld*zXZCAD4>GC}9;NG;RG0(5 znCLlG-=@yqe0I($$p5%?wp-oxY5FwGxwa%0!TBYiZX~;QPV~q@A%SXMowq=`bW3rT zPIq&knIrEPBS8(i=47qf){UF!GGy&r0Z;BbJc~h^^*-$0zZUMj%x?59QtrM0%^JKZ$4FPS{j?Ut<*pX!#dB%!EbOGU5*$5VFUa)Y@$M;Z z4sl8Ns(swP-zX*T#^Q9`@)Sed>bf4v-3@?4?C!~cisATi`B3dvT1mth0W%(+%O^(X)3 zB7ad%T0XtsUdE>o28`a;_iQtx4RfXR|6{`h;drtDABlWO*H zgT|>(isc2UO4D+-y-(X5*;PMlIb6=BB$EqoGaR;5T|(3cEW!exbkWR0 zKSxCTZ>!9^nIMV@rXZp3&~tT3_6(~U@dzr@{&LObWzJXp+%8Ugw8q*?g_nMorpp7&E#Ztx{^h3z}&B?D+fl@MlU+)b>qDi^1L1WD%$SyN(bMH5llaAfgwMN+(1yb)GL# zB644QI=;pr)DSWV2$)M5$_W(X;s71nM&EriZMXu9q4}jIu`Zb2ZMe}2;=yh6dp0e8 JEc(5Y{{n}~oSOgu From be1421ca3e0360f83929b2492d0547b95255d0e3 Mon Sep 17 00:00:00 2001 From: scbedd <45376673+scbedd@users.noreply.github.com> Date: Mon, 16 Aug 2021 12:59:53 -0700 Subject: [PATCH 09/16] add prepare stage. update readmes about moving location of the certificate. only necessary to add pre-step to container publish --- .gitignore | 3 +++ eng/common/scripts/trust-proxy-certificate.ps1 | 6 ++++++ eng/common/testproxy/test-proxy-docker.yml | 7 +------ eng/common/testproxy/test-proxy-tool.yml | 7 +------ .../test-proxy/Azure.Sdk.Tools.TestProxy/README.md | 4 ++-- tools/test-proxy/docker/README.md | 14 ++++++++++---- tools/test-proxy/docker/prepare.ps1 | 9 +++++++++ .../documentation/trusting-cert-per-language.md | 10 +++++----- 8 files changed, 37 insertions(+), 23 deletions(-) create mode 100644 eng/common/scripts/trust-proxy-certificate.ps1 create mode 100644 tools/test-proxy/docker/prepare.ps1 diff --git a/.gitignore b/.gitignore index 348fa989287..e31e3bafd7e 100644 --- a/.gitignore +++ b/.gitignore @@ -460,6 +460,9 @@ src/dotnet/Mgmt.CI.BuildTools/NugetToolsPackage/CI.Tools.Package/build/tasks/net # ensure local debugging of the test-proxy will not end up committed tools/test-proxy/**/recordings/ +# ensure local build directory for test-proxy dockerfiles remains ignored +tools/test-proxy/docker/dev_certificate + # local settings .DS_Store .vscode diff --git a/eng/common/scripts/trust-proxy-certificate.ps1 b/eng/common/scripts/trust-proxy-certificate.ps1 new file mode 100644 index 00000000000..144d304cfd1 --- /dev/null +++ b/eng/common/scripts/trust-proxy-certificate.ps1 @@ -0,0 +1,6 @@ +. $PSScriptRoot/common.ps1 + +if ($TestProxyTrustCertFn -and (Test-Path "Function:$TestProxyTrustCertFn")) +{ + &$TestProxyTrustCertFn +} \ No newline at end of file diff --git a/eng/common/testproxy/test-proxy-docker.yml b/eng/common/testproxy/test-proxy-docker.yml index 08bd93cf10c..97617b6fd08 100644 --- a/eng/common/testproxy/test-proxy-docker.yml +++ b/eng/common/testproxy/test-proxy-docker.yml @@ -3,12 +3,7 @@ parameters: steps: - pwsh: | - . $(Build.SourcesDirectory)/eng/common/scripts/common.ps1 - - if ($TestProxyTrustCertFn -and (Test-Path "Function:$TestProxyTrustCertFn")) - { - &$TestProxyTrustCertFn - } + $(Build.SourcesDirectory)/eng/common/scripts/trust-proxy-certificate.ps1 displayName: 'Language Specific Certificate Trust' - pwsh: | diff --git a/eng/common/testproxy/test-proxy-tool.yml b/eng/common/testproxy/test-proxy-tool.yml index 5a803021a78..9f24b0f0d52 100644 --- a/eng/common/testproxy/test-proxy-tool.yml +++ b/eng/common/testproxy/test-proxy-tool.yml @@ -3,12 +3,7 @@ parameters: steps: - pwsh: | - . $(Build.SourcesDirectory)/eng/common/scripts/common.ps1 - - if ($TestProxyTrustCertFn -and (Test-Path "Function:$TestProxyTrustCertFn")) - { - &$TestProxyTrustCertFn - } + $(Build.SourcesDirectory)/eng/common/scripts/trust-proxy-certificate.ps1 displayName: 'Language Specific Certificate Trust' - pwsh: | diff --git a/tools/test-proxy/Azure.Sdk.Tools.TestProxy/README.md b/tools/test-proxy/Azure.Sdk.Tools.TestProxy/README.md index 16ddf4eb67c..a5c6e2e2909 100644 --- a/tools/test-proxy/Azure.Sdk.Tools.TestProxy/README.md +++ b/tools/test-proxy/Azure.Sdk.Tools.TestProxy/README.md @@ -290,7 +290,7 @@ The test-proxy server supports SSL, but due to its local-hosted nature, SSL vali Within this repository there is a single certificate. -* `dev_certificate/dotnet-devcert.pfx`: generated on a `Ubuntu` distribution using `openssl`. +* `eng/common/testproxy/dotnet-devcert.pfx`: generated on a `Ubuntu` distribution using `openssl`. Unfortunately, the `dotnet dev-certs` generated certificates are _not_ acceptable to a standard ubuntu distro. The issue is that the `KeyUsage` field in the `.crt` [MUST contain](https://github.com/dotnet/aspnetcore/issues/7246#issuecomment-541165030) the `keyCertSign` flag. Certificates generated by `dotnet dev-certs` do NOT have this flag. This means that if you're on Windows AND running the Ubuntu docker image, you will need to trust the `dotnet-devcert.pfx` locally prior to `docker run`. @@ -311,7 +311,7 @@ This will be automatically retrieved if you run the nuget installed version of t #### Option 2 -Import the appropriate already existing certificate within the `tools/test-proxy/docker/dev_certificate` folder. +Import the appropriate already existing certificate within the `eng/common/testproxy/` folder. ### Docker Image + SSL diff --git a/tools/test-proxy/docker/README.md b/tools/test-proxy/docker/README.md index a81c3ef3f5d..d9324fe3ca1 100644 --- a/tools/test-proxy/docker/README.md +++ b/tools/test-proxy/docker/README.md @@ -5,14 +5,20 @@ ### Build and Run -**Be aware that this dockerfile must from the root directory of the sdk-tools repository.** +**Be aware there is a pre-step to prepare the working directory before building the dockerfile.** This is necessary to access supporting certificate files located in eng/common. There is intent to adjust this build upon a `test-assets image` that will allow us to relocate build context to this local folder, but that is as yet incomplete. -Invoke to generate a container (with optional tag): +Prior to any other steps, invoke: + +```pwsh +./prepare.ps1 +``` + +Then, invoke to generate a container (with optional tag): ```docker -docker build . -t test-proxy -f tools/test-proxy/docker/dockerfile +docker build . -t test-proxy ``` Start locally using: @@ -36,7 +42,7 @@ Actions images do not support swapping between `Linux` and `Windows` containers. To build _that_, use the following command. ```docker -docker build . -f tools/test-proxy/docker/dockerfile-win -t test-proxy +docker build . -f dockerfile-win -t test-proxy ``` ### Certificates diff --git a/tools/test-proxy/docker/prepare.ps1 b/tools/test-proxy/docker/prepare.ps1 new file mode 100644 index 00000000000..e197de2a42e --- /dev/null +++ b/tools/test-proxy/docker/prepare.ps1 @@ -0,0 +1,9 @@ +$targetDirectory = Resolve-Path (Join-Path -Path $PSScriptRoot -ChildPath "../../../eng/common/testproxy/") + +if (-not (Test-Path "dev_certificate/")) +{ + mkdir dev_certificate +} + +# copy all files other than .yml from eng/common/scripts/testproxy into local directory dev_certificate +Get-ChildItem $targetDirectory -Exclude "*.yml" | % { Copy-Item -Path $_ -Destination dev_certificate } \ No newline at end of file diff --git a/tools/test-proxy/documentation/trusting-cert-per-language.md b/tools/test-proxy/documentation/trusting-cert-per-language.md index 72eef7576fb..fbf170c2095 100644 --- a/tools/test-proxy/documentation/trusting-cert-per-language.md +++ b/tools/test-proxy/documentation/trusting-cert-per-language.md @@ -2,25 +2,25 @@ ## Generally -All necessary components for dev-certificate usage are present within the `dev_certificate` directory. +All necessary components for dev-certificate usage are present within the `eng/common/testproxy/` directory. **Note that this certificate was generated with password "password"** -Within are components of a **dev certificate** that has no usage outside of keeping your local usage of SSL happy. When running the container, you will need to trust this certificate (`dotnet-devcert.pfx`) if you want to connect to `https://localhost:5001` without cert validation failures. This certificate has no usage outside of your local box and is strictly associated with `CN=localhost`. +Within this folder are components of a **dev certificate** that has no usage outside of keeping your local usage of SSL happy. When running the container, you will need to trust `dotnet-devcert.pfx` if you want to connect to `https://localhost:5001` without cert validation failures. This certificate has no usage outside of your local box and is strictly associated with `CN=localhost`. ```powershell # ensure root access -> $rootCert = $(Import-PfxCertificate -FilePath ./dev_certificate/dotnet-devcert.pfx -CertStoreLocation 'Cert:\LocalMachine\Root') +> $rootCert = $(Import-PfxCertificate -FilePath eng/common/testproxy/dotnet-devcert.pfx -CertStoreLocation 'Cert:\LocalMachine\Root') ``` or via `dotnet` ```powershell -dotnet dev-certs https --clean --import ./dotnet-devcert.pfx --password="password" +dotnet dev-certs https --clean --import eng/common/testproxy/dotnet-devcert.pfx --password="password" dotnet dev-certs https --trust ``` -On a ubuntu-flavored distro of linux, feel free to re-use the import mechanism in the local file `tools/test-proxy/docker/dev_certificate/import-dev-cert.sh`. Prior to using locally, ensure $CERT_FOLDER environment variable is set to the local directory `dev_certificate` to access necessary files! +On a ubuntu-flavored distro of linux, feel free to re-use the import mechanism in the local file `eng/common/testproxy/import-dev-cert.sh`. Prior to using locally, ensure $CERT_FOLDER environment variable is set to the local directory containing the script. Otherwise it won't be able to access necessary files! Also note that taken to trust this cert will _also apply to installing the dotnet tool directly_. The test-proxy tool will consume the certificate just the same as the docker container does. From 6c7d0ca1d14ade8968125292874e05a5e920e827 Mon Sep 17 00:00:00 2001 From: scbedd <45376673+scbedd@users.noreply.github.com> Date: Mon, 16 Aug 2021 13:07:31 -0700 Subject: [PATCH 10/16] try adding preparation script --- eng/containers/ci.yml | 7 +++++++ tools/test-proxy/docker/prepare.ps1 | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/eng/containers/ci.yml b/eng/containers/ci.yml index 60b18458307..cf35d5c042f 100644 --- a/eng/containers/ci.yml +++ b/eng/containers/ci.yml @@ -5,6 +5,7 @@ parameters: - name: test_proxy_linux pool: 'ubuntu-20.04' dockerRepo: 'engsys/testproxy-lin' + prepareScript: tools/test-proxy/docker/prepare.ps1 dockerFile: 'tools/test-proxy/docker/dockerfile' stableTags: - 'latest' @@ -17,6 +18,7 @@ parameters: - name: test_proxy_windows pool: 'windows-2019' dockerRepo: 'engsys/testproxy-win' + prepareScript: tools/test-proxy/docker/prepare.ps1 dockerFile: 'tools/test-proxy/docker/dockerfile-win' stableTags: - 'latest' @@ -47,6 +49,11 @@ jobs: pool: vmImage: ${{ config.pool }} steps: + - ${{ if config.prepareScript }}: + - pwsh: | + ./${{ config.prepareScript }} + displayName: "Run prep script" + - task: Docker@2 displayName: Build ${{ config.name }}:$(imageTag) inputs: diff --git a/tools/test-proxy/docker/prepare.ps1 b/tools/test-proxy/docker/prepare.ps1 index e197de2a42e..f689b6e3c38 100644 --- a/tools/test-proxy/docker/prepare.ps1 +++ b/tools/test-proxy/docker/prepare.ps1 @@ -6,4 +6,4 @@ if (-not (Test-Path "dev_certificate/")) } # copy all files other than .yml from eng/common/scripts/testproxy into local directory dev_certificate -Get-ChildItem $targetDirectory -Exclude "*.yml" | % { Copy-Item -Path $_ -Destination dev_certificate } \ No newline at end of file +Get-ChildItem $targetDirectory -Exclude "*.yml" | % { Copy-Item -Path $_ -Destination dev_certificate } From ec195008283a9d8dff3c374b605cd391412d8a71 Mon Sep 17 00:00:00 2001 From: scbedd <45376673+scbedd@users.noreply.github.com> Date: Mon, 16 Aug 2021 13:08:36 -0700 Subject: [PATCH 11/16] spacing adjustments --- eng/containers/ci.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/eng/containers/ci.yml b/eng/containers/ci.yml index cf35d5c042f..73f50d2b920 100644 --- a/eng/containers/ci.yml +++ b/eng/containers/ci.yml @@ -61,6 +61,7 @@ jobs: Dockerfile: ${{ config.dockerFile }} tags: $(imageTag) arguments: '-t $(containerRegistry).azurecr.io/${{ config.dockerRepo }}:$(imageTag)' + - task: Docker@2 displayName: Push ${{ config.name }}:$(imageTag) inputs: @@ -68,6 +69,7 @@ jobs: repository: ${{ config.dockerRepo }} command: push tags: $(imageTag) + - ${{ each stableTag in config.stableTags }}: - task: Docker@2 displayName: Build ${{ config.name }}:${{ stableTag }} @@ -76,6 +78,7 @@ jobs: Dockerfile: ${{ config.dockerFile }} tags: ${{ stableTag }} arguments: '-t $(containerRegistry).azurecr.io/${{ config.dockerRepo }}:${{ stableTag }}' + - task: Docker@2 displayName: Push ${{ config.name }}:${{ stableTag }} inputs: From e43f21f908071d3f10d5c4de494476259308b099 Mon Sep 17 00:00:00 2001 From: scbedd <45376673+scbedd@users.noreply.github.com> Date: Mon, 16 Aug 2021 13:12:49 -0700 Subject: [PATCH 12/16] ensure output directory doesn't need local context --- tools/test-proxy/docker/prepare.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/test-proxy/docker/prepare.ps1 b/tools/test-proxy/docker/prepare.ps1 index f689b6e3c38..19d47fb4645 100644 --- a/tools/test-proxy/docker/prepare.ps1 +++ b/tools/test-proxy/docker/prepare.ps1 @@ -1,9 +1,9 @@ $targetDirectory = Resolve-Path (Join-Path -Path $PSScriptRoot -ChildPath "../../../eng/common/testproxy/") -if (-not (Test-Path "dev_certificate/")) +if (-not (Test-Path $PsScriptRoot/dev_certificate)) { mkdir dev_certificate } # copy all files other than .yml from eng/common/scripts/testproxy into local directory dev_certificate -Get-ChildItem $targetDirectory -Exclude "*.yml" | % { Copy-Item -Path $_ -Destination dev_certificate } +Get-ChildItem $targetDirectory -Exclude "*.yml" | % { Copy-Item -Path $_ -Destination $PsScriptRoot/dev_certificate } From 38167191d839ba0a19ed6dd85c812be27e6fa445 Mon Sep 17 00:00:00 2001 From: scbedd <45376673+scbedd@users.noreply.github.com> Date: Mon, 16 Aug 2021 13:20:42 -0700 Subject: [PATCH 13/16] properly fix the prepare script --- tools/test-proxy/docker/prepare.ps1 | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tools/test-proxy/docker/prepare.ps1 b/tools/test-proxy/docker/prepare.ps1 index 19d47fb4645..3c9c29e2650 100644 --- a/tools/test-proxy/docker/prepare.ps1 +++ b/tools/test-proxy/docker/prepare.ps1 @@ -1,9 +1,10 @@ $targetDirectory = Resolve-Path (Join-Path -Path $PSScriptRoot -ChildPath "../../../eng/common/testproxy/") -if (-not (Test-Path $PsScriptRoot/dev_certificate)) +if (-not (Test-Path $PsScriptRoot/dev_certificate/)) { - mkdir dev_certificate + mkdir $PsScriptRoot/dev_certificate/ } # copy all files other than .yml from eng/common/scripts/testproxy into local directory dev_certificate -Get-ChildItem $targetDirectory -Exclude "*.yml" | % { Copy-Item -Path $_ -Destination $PsScriptRoot/dev_certificate } +Get-ChildItem $targetDirectory -Exclude "*.yml" | % { Copy-Item -Path $_ -Destination "$PsScriptRoot/dev_certificate${$_.Name}" } + From ffc59de31248d4625262fbddea2143e796545f70 Mon Sep 17 00:00:00 2001 From: scbedd <45376673+scbedd@users.noreply.github.com> Date: Mon, 16 Aug 2021 13:21:22 -0700 Subject: [PATCH 14/16] correct a small typo that makes this difficult to read --- tools/test-proxy/docker/prepare.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/test-proxy/docker/prepare.ps1 b/tools/test-proxy/docker/prepare.ps1 index 3c9c29e2650..e044e52a4f8 100644 --- a/tools/test-proxy/docker/prepare.ps1 +++ b/tools/test-proxy/docker/prepare.ps1 @@ -6,5 +6,5 @@ if (-not (Test-Path $PsScriptRoot/dev_certificate/)) } # copy all files other than .yml from eng/common/scripts/testproxy into local directory dev_certificate -Get-ChildItem $targetDirectory -Exclude "*.yml" | % { Copy-Item -Path $_ -Destination "$PsScriptRoot/dev_certificate${$_.Name}" } +Get-ChildItem $targetDirectory -Exclude "*.yml" | % { Copy-Item -Path $_ -Destination "$PsScriptRoot/dev_certificate/${$_.Name}" } From d9241e110a6d5b0d8413a829c95e21f6076d0880 Mon Sep 17 00:00:00 2001 From: scbedd <45376673+scbedd@users.noreply.github.com> Date: Mon, 16 Aug 2021 13:22:52 -0700 Subject: [PATCH 15/16] further cleanup of the copy script --- tools/test-proxy/docker/prepare.ps1 | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/tools/test-proxy/docker/prepare.ps1 b/tools/test-proxy/docker/prepare.ps1 index e044e52a4f8..4bb36622853 100644 --- a/tools/test-proxy/docker/prepare.ps1 +++ b/tools/test-proxy/docker/prepare.ps1 @@ -1,10 +1,11 @@ -$targetDirectory = Resolve-Path (Join-Path -Path $PSScriptRoot -ChildPath "../../../eng/common/testproxy/") +$copyDirectory = Resolve-Path (Join-Path -Path $PSScriptRoot -ChildPath "../../../eng/common/testproxy/") +$targetDirectory = "$PsScriptRoot/dev_certificate" -if (-not (Test-Path $PsScriptRoot/dev_certificate/)) +if (-not (Test-Path $targetDirectory)) { - mkdir $PsScriptRoot/dev_certificate/ + mkdir $targetDirectory } # copy all files other than .yml from eng/common/scripts/testproxy into local directory dev_certificate -Get-ChildItem $targetDirectory -Exclude "*.yml" | % { Copy-Item -Path $_ -Destination "$PsScriptRoot/dev_certificate/${$_.Name}" } +Get-ChildItem $copyDirectory -Exclude "*.yml" | % { Copy-Item -Path $_ -Destination "$targetDirectory/${$_.Name}" } From 7bd45bc3a06cd05361840e33786305f2d0b7d49f Mon Sep 17 00:00:00 2001 From: scbedd <45376673+scbedd@users.noreply.github.com> Date: Mon, 16 Aug 2021 15:15:23 -0700 Subject: [PATCH 16/16] revert changes to install-pipeline-generation --- .../pipelines/templates/steps/install-pipeline-generation.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/eng/common/pipelines/templates/steps/install-pipeline-generation.yml b/eng/common/pipelines/templates/steps/install-pipeline-generation.yml index b19093b0aaa..d368d52595b 100644 --- a/eng/common/pipelines/templates/steps/install-pipeline-generation.yml +++ b/eng/common/pipelines/templates/steps/install-pipeline-generation.yml @@ -10,7 +10,7 @@ steps: dotnet tool install Azure.Sdk.Tools.PipelineGenerator --version 1.0.2-dev.20210621.4 - --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk-for-net/nuget/v3/index.json + --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk/nuget/v3/index.json --tool-path ${{parameters.ToolPath}} workingDirectory: $(Pipeline.Workspace)/pipeline-generator displayName: 'Install pipeline generator tool'