Add strong name signing to webjobs extensions repo (#482)

* add strong name signing to webjobs extensions repo

* adding more public keys

* only sign builds on PR merge

* revert side-effect change of timer sample update

Build.ps1

@@ -31,5 +31,12 @@ foreach ($project in $projects)
     $cmd += "--version-suffix", "-$packageSuffix"
   }
 
-  & dotnet $cmd  
+  & dotnet $cmd
+}
+
+ ### Sign package if build is not a PR
+$isPr = Test-Path env:APPVEYOR_PULL_REQUEST_NUMBER
+if (-not $isPr) {
+  & ".\tools\RunSigningJob.ps1" 
+  if (-not $?) { exit 1 }
 }

appveyor.yml

@@ -27,10 +27,9 @@ build_script:
       $buildNumber = $env:APPVEYOR_BUILD_NUMBER
       Write-Host "No git tag found. Setting package suffix to '$buildNumber'"
     }    
-    .\build.ps1 -packageSuffix "$buildNumber"
+    .\Build.ps1 -packageSuffix "$buildNumber"
 test_script:
 - ps: >-
     .\run-tests.ps1
-artifacts:
-- path: buildoutput\*.nupkg
-  name: Packages
+on_finish:
+- ps: .\tools\PollSigningResults.ps1

build/common.props

@@ -18,6 +18,9 @@
     <PackageTags>Microsoft Azure WebJobs AzureFunctions</PackageTags>
     <CodeAnalysisRuleSet>$(MSBuildThisFileDirectory)..\src.ruleset</CodeAnalysisRuleSet>
     <UseSourceLink Condition="$(UseSourceLink) == '' And $(CI) != ''">true</UseSourceLink>
+    <SignAssembly>true</SignAssembly>
+    <DelaySign>true</DelaySign>
+    <AssemblyOriginatorKeyFile>$(MSBuildThisFileDirectory)PublicKey.snk</AssemblyOriginatorKeyFile>
   </PropertyGroup>
 
   <PropertyGroup Condition="'$(UseSourceLink)' == 'true'">

src/WebJobs.Extensions.CosmosDB/Properties/AssemblyInfo.cs

@@ -3,5 +3,5 @@
 
 using System.Runtime.CompilerServices;
 
-[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")]
-[assembly: InternalsVisibleTo("Microsoft.Azure.WebJobs.Extensions.CosmosDB.Tests")]
+[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")]
+[assembly: InternalsVisibleTo("Microsoft.Azure.WebJobs.Extensions.CosmosDB.Tests, PublicKey=0024000004800000940000000602000000240000525341310004000001000100b5fc90e7027f67871e773a8fde8938c81dd402ba65b9201d60593e96c492651e889cc13f1415ebb53fac1131ae0bd333c5ee6021672d9718ea31a8aebd0da0072f25d87dba6fc90ffd598ed4da35e44c398c454307e8e33b8426143daec9f596836f97c8f74750e5975c64e2189f45def46b2a2b1247adc3652bf5c308055da9")]

src/WebJobs.Extensions.Http/Properties/AssemblyInfo.cs

@@ -8,5 +8,5 @@
 
 [assembly: ComVisible(false)]
 
-[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")]
-[assembly: InternalsVisibleTo("Microsoft.Azure.WebJobs.Extensions.Http.Tests")]
+[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")]
+[assembly: InternalsVisibleTo("Microsoft.Azure.WebJobs.Extensions.Http.Tests, PublicKey=0024000004800000940000000602000000240000525341310004000001000100b5fc90e7027f67871e773a8fde8938c81dd402ba65b9201d60593e96c492651e889cc13f1415ebb53fac1131ae0bd333c5ee6021672d9718ea31a8aebd0da0072f25d87dba6fc90ffd598ed4da35e44c398c454307e8e33b8426143daec9f596836f97c8f74750e5975c64e2189f45def46b2a2b1247adc3652bf5c308055da9")]

src/WebJobs.Extensions.MobileApps/Properties/AssemblyInfo.cs

@@ -8,5 +8,5 @@
 
 [assembly: ComVisible(false)]
 
-[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")]
-[assembly: InternalsVisibleTo("Microsoft.Azure.WebJobs.Extensions.MobileApps.Tests")]
+[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")]
+[assembly: InternalsVisibleTo("Microsoft.Azure.WebJobs.Extensions.MobileApps.Tests, PublicKey=0024000004800000940000000602000000240000525341310004000001000100b5fc90e7027f67871e773a8fde8938c81dd402ba65b9201d60593e96c492651e889cc13f1415ebb53fac1131ae0bd333c5ee6021672d9718ea31a8aebd0da0072f25d87dba6fc90ffd598ed4da35e44c398c454307e8e33b8426143daec9f596836f97c8f74750e5975c64e2189f45def46b2a2b1247adc3652bf5c308055da9")]

src/WebJobs.Extensions.SendGrid/Properties/AssemblyInfo.cs

@@ -8,5 +8,5 @@
 
 [assembly: ComVisible(false)]
 
-[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")]
-[assembly: InternalsVisibleTo("Microsoft.Azure.WebJobs.Extensions.SendGrid.Tests")]
+[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")]
+[assembly: InternalsVisibleTo("Microsoft.Azure.WebJobs.Extensions.SendGrid.Tests, PublicKey=0024000004800000940000000602000000240000525341310004000001000100b5fc90e7027f67871e773a8fde8938c81dd402ba65b9201d60593e96c492651e889cc13f1415ebb53fac1131ae0bd333c5ee6021672d9718ea31a8aebd0da0072f25d87dba6fc90ffd598ed4da35e44c398c454307e8e33b8426143daec9f596836f97c8f74750e5975c64e2189f45def46b2a2b1247adc3652bf5c308055da9")]

src/WebJobs.Extensions.Twilio/Properties/AssemblyInfo.cs

@@ -8,5 +8,5 @@
 
 [assembly: ComVisible(false)]
 
-[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")]
-[assembly: InternalsVisibleTo("Microsoft.Azure.WebJobs.Extensions.Twilio.Tests")]
+[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")]
+[assembly: InternalsVisibleTo("Microsoft.Azure.WebJobs.Extensions.Twilio.Tests, PublicKey=0024000004800000940000000602000000240000525341310004000001000100b5fc90e7027f67871e773a8fde8938c81dd402ba65b9201d60593e96c492651e889cc13f1415ebb53fac1131ae0bd333c5ee6021672d9718ea31a8aebd0da0072f25d87dba6fc90ffd598ed4da35e44c398c454307e8e33b8426143daec9f596836f97c8f74750e5975c64e2189f45def46b2a2b1247adc3652bf5c308055da9")]

src/WebJobs.Extensions/Properties/AssemblyInfo.cs

@@ -3,4 +3,4 @@
 
 using System.Runtime.CompilerServices;
 
-[assembly: InternalsVisibleTo("Microsoft.Azure.WebJobs.Extensions.Tests")]
+[assembly: InternalsVisibleTo("Microsoft.Azure.WebJobs.Extensions.Tests, PublicKey=0024000004800000940000000602000000240000525341310004000001000100b5fc90e7027f67871e773a8fde8938c81dd402ba65b9201d60593e96c492651e889cc13f1415ebb53fac1131ae0bd333c5ee6021672d9718ea31a8aebd0da0072f25d87dba6fc90ffd598ed4da35e44c398c454307e8e33b8426143daec9f596836f97c8f74750e5975c64e2189f45def46b2a2b1247adc3652bf5c308055da9")]

test/WebJobs.Extensions.CosmosDB.Tests/Properties/AssemblyInfo.cs

@@ -8,4 +8,4 @@
 
 [assembly: ComVisible(false)]
 
-[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")]
+[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")]

test/WebJobs.Extensions.Http.Tests/Properties/AssemblyInfo.cs

@@ -8,4 +8,4 @@
 
 [assembly: ComVisible(false)]
 
-[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")]
+[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")]

test/WebJobs.Extensions.MobileApps.Tests/Properties/AssemblyInfo.cs

@@ -8,4 +8,4 @@
 
 [assembly: ComVisible(false)]
 
-[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")]
+[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")]

test/WebJobs.Extensions.SendGrid.Tests/Properties/AssemblyInfo.cs

@@ -8,4 +8,4 @@
 
 [assembly: ComVisible(false)]
 
-[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")]
+[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")]

test/WebJobs.Extensions.Tests.Common/Properties/AssemblyInfo.cs

@@ -8,4 +8,4 @@
 
 [assembly: ComVisible(false)]
 
-[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")]
+[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")]

test/WebJobs.Extensions.Tests/Properties/AssemblyInfo.cs

@@ -8,4 +8,4 @@
 
 [assembly: ComVisible(false)]
 
-[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")]
+[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")]

test/WebJobs.Extensions.Twilio.Tests/Properties/AssemblyInfo.cs

@@ -8,4 +8,4 @@
 
 [assembly: ComVisible(false)]
 
-[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")]
+[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")]

tools/PollSigningResults.ps1

@@ -0,0 +1,39 @@
+$isPr = Test-Path env:APPVEYOR_PULL_REQUEST_NUMBER
+$directoryPath = Split-Path $MyInvocation.MyCommand.Path -Parent
+
+if (-not $isPr -and $env:SkipAssemblySigning -ne "true") {
+  $timeout = new-timespan -Minutes 5
+  $sw = [diagnostics.stopwatch]::StartNew();
+  $polling = $true;
+  $ctx = New-AzureStorageContext $env:FILES_ACCOUNT_NAME $env:FILES_ACCOUNT_KEY
+  $blob = $null;
+  while ($sw.elapsed -lt $timeout -and $polling) {
+    $blob = Get-AzureStorageBlob "$env:APPVEYOR_BUILD_VERSION.zip" "azure-webjobs-extensions-signed" -Context $ctx -ErrorAction Ignore
+    if (-not $blob) {
+      "${sw.elapsed} elapsed, polling..."
+    }
+    else {
+      "Jenkins artifacts found"
+      $polling = $false;
+    }
+    Start-Sleep -Seconds 5
+  }
+
+  if ($polling) {
+    "No jenkins artifacts found, investigate job at https://funkins-master.redmond.corp.microsoft.com/job/Build_signing/"
+    exit(1);
+  }
+
+  Remove-Item "$directoryPath/../buildoutput" -Recurse -Force
+
+  Mkdir "$directoryPath/../buildoutput"
+
+  Get-AzureStorageBlobContent "$env:APPVEYOR_BUILD_VERSION.zip" "azure-webjobs-extensions-signed" -Destination "$directoryPath/../buildoutput/signed.zip" -Context $ctx
+
+  Expand-Archive "$directoryPath/../buildoutput/signed.zip" "$directoryPath/../buildoutput/signed"
+
+  Get-ChildItem "$directoryPath/../buildoutput/signed" | % {
+    Push-AppveyorArtifact $_.FullName
+  }
+  if (-not $?) { exit 1 }
+}

tools/RunSigningJob.ps1

@@ -0,0 +1,19 @@
+$isPr = Test-Path env:APPVEYOR_PULL_REQUEST_NUMBER
+$directoryPath = Split-Path $MyInvocation.MyCommand.Path -Parent
+
+if (-not $isPr) {
+  Compress-Archive $directoryPath\..\buildoutput\* $directoryPath\..\buildoutput\tosign.zip
+
+  if ($env:SkipAssemblySigning -eq "true") {
+    "Assembly signing disabled. Skipping signing process."
+    exit 0;
+  }
+
+  $ctx = New-AzureStorageContext $env:FILES_ACCOUNT_NAME $env:FILES_ACCOUNT_KEY
+  Set-AzureStorageBlobContent "$directoryPath/../buildoutput/tosign.zip" "azure-webjobs-extensions" -Blob "$env:APPVEYOR_BUILD_VERSION.zip" -Context $ctx
+
+  $queue = Get-AzureStorageQueue "signing-jobs" -Context $ctx
+
+  $messageBody = "SignNupkgs;azure-webjobs-extensions;$env:APPVEYOR_BUILD_VERSION.zip"
+  $queue.CloudQueue.AddMessage($messageBody)
+}