Merged PR 4474: eng | Add AKV provider signed package

dotnet · Apr 15, 2024 · ea7ad53 · ea7ad53
1 parent ae988c3
commit ea7ad53
Show file tree

Hide file tree

Showing 16 changed files with 424 additions and 120 deletions.
diff --git a/eng/pipelines/common/templates/jobs/build-signed-akv-package-job.yml b/eng/pipelines/common/templates/jobs/build-signed-akv-package-job.yml
@@ -0,0 +1,64 @@
+#################################################################################
+# Licensed to the .NET Foundation under one or more agreements.                 #
+# The .NET Foundation licenses this file to you under the MIT license.          #
+# See the LICENSE file in the project root for more information.                #
+#################################################################################
+jobs:
+- job: build_signed_akv_package
+  pool:
+    type: windows  # read more about custom job pool types at https://aka.ms/obpipelines/yaml/jobs
+
+  variables:
+  - template: ../../../libraries/variables.yml@self
+
+  steps:
+  - script: SET
+    displayName: 'Print Environment Variables'
+
+  - template: ../steps/build-all-configurations-signed-dlls-step.yml@self
+    parameters:
+      product: AKV
+      nugetPackageRefVersion: $(MDS_PackageRef_Version)
+      AssemblyFileVersion: $(AKVAssemblyFileVersion)
+
+  - template: ../steps/code-analyze-step.yml@self
+    parameters:
+      analyzeType: all
+      product: AKV
+      nugetPackageRefVersion: $(MDS_PackageRef_Version)
+
+  - template: ../steps/esrp-code-signing-step.yml@self
+    parameters:
+      artifactType: dll
+
+  - template: ../steps/generate-nuget-package-step.yml@self
+    parameters:
+      OutputDirectory: $(artifactDirectory)
+      nuspecPath: ${{variables.akvNuspecPath }}
+      NugetPackageVersion: ${{variables.AKVNuGetPackageVersion }}
+      referenceType: package
+
+  - template: ../steps/esrp-code-signing-step.yml@self
+    parameters:
+      artifactType: pkg
+
+  - template: ../steps/copy-dlls-for-test-step.yml@self
+    parameters:
+      product: AKV
+      referenceType: package
+
+  # Publish symbols to private server
+  - template: ../steps/publish-symbols-step.yml@self
+    parameters:
+      SymAccount: $(PrivateSymAccount)
+      referenceType: package
+      symbolsVersion: ${{variables.AKVNuGetPackageVersion }}
+      product: AKV
+
+  # Publish symbols to public server
+  - template: ../steps/publish-symbols-step.yml@self
+    parameters:
+      SymAccount: $(PublicSymAccount)
+      referenceType: package
+      symbolsVersion: ${{variables.AKVNuGetPackageVersion }}
+      product: AKV
diff --git a/eng/pipelines/common/templates/jobs/build-signed-package-job.yml b/eng/pipelines/common/templates/jobs/build-signed-package-job.yml
@@ -17,59 +17,34 @@ jobs:
     type: windows  # read more about custom job pool types at https://aka.ms/obpipelines/yaml/jobs
 
   variables:
-  - template: ../../../libraries/variables.yml@self
+  - template: ../../../libraries/variables.yml@self 
 
   steps:
   - script: SET
     displayName: 'Print Environment Variables'
+
   - template: ../steps/build-all-configurations-signed-dlls-step.yml@self
+
   - template: ../steps/code-analyze-step.yml@self
     parameters:
       analyzeType: all
+
   - template: ../steps/esrp-code-signing-step.yml@self
     parameters:
       artifactType: dll
+
   - template: ../steps/generate-nuget-package-step.yml@self
     parameters:
       OutputDirectory: $(artifactDirectory)
+
   - template: ../steps/esrp-code-signing-step.yml@self
     parameters:
       artifactType: pkg
-  - powershell: |
-      $software = '${{parameters.softwareFolder}}'
-      md $software
-      md $software\win
-      md $software\win\net46
-      md $software\win\net6.0
-      md $software\win\net8.0
-      md $software\win\netstandard2.0
-      md $software\win\netstandard2.1
-      
-      Copy-Item "artifacts\Project\bin\Windows_NT\Release.AnyCPU\Microsoft.Data.SqlClient\netfx\net462\Microsoft.Data.SqlClient.dll" "$software\win\net46" -recurse
-      Copy-Item "artifacts\Project\bin\Windows_NT\Release.AnyCPU\Microsoft.Data.SqlClient\netcore\net6.0\Microsoft.Data.SqlClient.dll" "$software\win\net6.0" -recurse
-      Copy-Item "artifacts\Project\bin\Windows_NT\Release.AnyCPU\Microsoft.Data.SqlClient\netcore\net8.0\Microsoft.Data.SqlClient.dll" "$software\win\net8.0" -recurse
-      Copy-Item "artifacts\Project\bin\Windows_NT\Release.AnyCPU\Microsoft.Data.SqlClient\netcore\netstandard2.0\Microsoft.Data.SqlClient.dll" "$software\win\netstandard2.0" -recurse
-      Copy-Item "artifacts\Project\bin\Windows_NT\Release.AnyCPU\Microsoft.Data.SqlClient\netcore\netstandard2.1\Microsoft.Data.SqlClient.dll" "$software\win\netstandard2.1" -recurse
-      
-      $symbols = '${{parameters.symbolsFolder}}'
-      md $symbols
-      md $symbols\win
-      md $symbols\win\net46
-      md $symbols\win\net6.0
-      md $symbols\win\net8.0
-      md $symbols\win\netstandard2.0
-      md $symbols\win\netstandard2.1
-      
-      Copy-Item "artifacts\Project\bin\Windows_NT\Release.AnyCPU\Microsoft.Data.SqlClient\netfx\net462\Microsoft.Data.SqlClient.pdb" "$symbols\win\net46" -recurse
-      Copy-Item "artifacts\Project\bin\Windows_NT\Release.AnyCPU\Microsoft.Data.SqlClient\netcore\net6.0\Microsoft.Data.SqlClient.pdb" "$symbols\win\net6.0" -recurse
-      Copy-Item "artifacts\Project\bin\Windows_NT\Release.AnyCPU\Microsoft.Data.SqlClient\netcore\net8.0\Microsoft.Data.SqlClient.pdb" "$symbols\win\net8.0" -recurse
-      Copy-Item "artifacts\Project\bin\Windows_NT\Release.AnyCPU\Microsoft.Data.SqlClient\netcore\netstandard2.0\Microsoft.Data.SqlClient.pdb" "$symbols\win\netstandard2.0" -recurse
-      Copy-Item "artifacts\Project\bin\Windows_NT\Release.AnyCPU\Microsoft.Data.SqlClient\netcore\netstandard2.1\Microsoft.Data.SqlClient.pdb" "$symbols\win\netstandard2.1" -recurse
-      
-      Write-Host "Artifacts fetched for testing"
-      dir
-      Get-Location
-    displayName: 'Prepare Arifacts for Testing'
+
+  - template: ../steps/copy-dlls-for-test-step.yml@self
+    parameters:
+      product: MDS
+
   # Publish symbols to private server
   - template: ../steps/publish-symbols-step.yml@self
     parameters:

diff --git a/eng/pipelines/common/templates/jobs/run-tests-package-reference-job.yml b/eng/pipelines/common/templates/jobs/run-tests-package-reference-job.yml
@@ -28,8 +28,7 @@ jobs:
     vmImage: 'ADO-MMS22-SQL19'
 
   variables: # More settings at https://aka.ms/obpipelines/yaml/jobs
-  - template: ../../../libraries/build-variables.yml@self
-  - template: ../../../libraries/validation-variables.yml@self
+  - template: ../../../libraries/mds-validation-variables.yml@self
 
   steps:
   - template: ../steps/pre-build-step.yml

diff --git a/...plates/jobs/verify-signed-package-job.yml → ...ates/jobs/validate-signed-package-job.yml b/...plates/jobs/verify-signed-package-job.yml → ...ates/jobs/validate-signed-package-job.yml
@@ -34,7 +34,7 @@ parameters:
     default: $(AssemblyFileVersion)
 
 jobs:
-- job: verify_signed_package
+- job: validate_signed_package
   ${{ if ne(parameters.dependsOn, '')}}:
     dependsOn: '${{parameters.dependsOn }}'
   pool:
@@ -44,8 +44,8 @@ jobs:
     vmImage: 'ADO-MMS22-SQL19'
 
   variables: # More settings at https://aka.ms/obpipelines/yaml/jobs
-  - template: ../../../libraries/build-variables.yml@self
-  - template: ../../../libraries/validation-variables.yml@self
+  - template: ../../../libraries/mds-validation-variables.yml@self
+
   - name: pathToDownloadedNuget # path to the downloaded nuget files
     value: $(Pipeline.Workspace)\${{parameters.packageFolderName }}
 

diff --git a/eng/pipelines/common/templates/steps/build-all-configurations-signed-dlls-step.yml b/eng/pipelines/common/templates/steps/build-all-configurations-signed-dlls-step.yml
@@ -12,15 +12,50 @@ parameters:
     type: string
     default: '$(Configuration)'
 
+  - name: nugetPackageRefVersion
+    type: string
+    default: ''
+
+  - name: product
+    default: MDS
+    values:
+    - MDS
+    - AKV
+    - MSS
+
 steps:
-  - task: DownloadSecureFile@1
-    displayName: 'Download Key Pair'
-    inputs:
-      secureFile: netfxKeypair.snk
-      retryCount: 5
+- task: DownloadSecureFile@1
+  displayName: 'Download Key Pair'
+  inputs:
+    secureFile: netfxKeypair.snk
+    retryCount: 5
+
+- ${{ if eq(parameters.product, 'MDS') }}:
   - task: MSBuild@1
     displayName: 'BuildAllConfigurations using build.proj'
     inputs:
       solution: '**/build.proj'
       configuration: '${{parameters.Configuration }}'  
-      msbuildArguments: '/p:AssemblyFileVersion=${{parameters.AssemblyFileVersion }} /t:BuildAllConfigurations /p:GenerateNuget=false /p:SignAssembly=true /p:AssemblyOriginatorKeyFile=$(Agent.TempDirectory)\netfxKeypair.snk'
+      msbuildArguments: '-p:AssemblyFileVersion=${{parameters.AssemblyFileVersion }} -t:BuildAllConfigurations -p:GenerateNuget=false -p:SignAssembly=true -p:AssemblyOriginatorKeyFile=$(Agent.TempDirectory)\netfxKeypair.snk'
+
+- ${{ if eq(parameters.product, 'AKV') }}:
+  - task: MSBuild@1
+    displayName: 'BuildAKVNetStAllOS using build.proj'
+    inputs:
+      solution: '**/build.proj'
+      configuration: '$(Configuration)'
+      msbuildArguments: '-p:AssemblyFileVersion=${{parameters.AssemblyFileVersion }} -t:BuildAKVNetStAllOS -p:NugetPackageVersion=${{parameters.nugetPackageRefVersion }} -p:ReferenceType=Package -p:SignAssembly=true -p:AssemblyOriginatorKeyFile=$(Agent.TempDirectory)\netfxKeypair.snk'
+
+  - task: MSBuild@1
+    displayName: 'BuildAKVNetFx using build.proj'
+    inputs:
+      solution: '**/build.proj'
+      configuration: '$(Configuration)'
+      msbuildArguments: '-p:AssemblyFileVersion=${{parameters.AssemblyFileVersion }} -t:BuildAKVNetFx -p:NugetPackageVersion=${{parameters.nugetPackageRefVersion }} -p:ReferenceType=Package -p:SignAssembly=true -p:AssemblyOriginatorKeyFile=$(Agent.TempDirectory)\netfxKeypair.snk'
+
+  - task: MSBuild@1
+    displayName: 'BuildAKVNetCoreAllOS using build.proj'
+    inputs:
+      solution: '**/build.proj'
+      configuration: '$(Configuration)'
+      msbuildArguments: '-p:AssemblyFileVersion=${{parameters.AssemblyFileVersion }} -t:BuildAKVNetCoreAllOS -p:NugetPackageVersion=${{parameters.nugetPackageRefVersion }} -p:ReferenceType=Package -p:SignAssembly=true -p:AssemblyOriginatorKeyFile=$(Agent.TempDirectory)\netfxKeypair.snk'
diff --git a/eng/pipelines/common/templates/steps/code-analyze-step.yml b/eng/pipelines/common/templates/steps/code-analyze-step.yml
@@ -14,15 +14,35 @@ parameters:
     type: string
     default: $(REPOROOT)
 
+  - name: nugetPackageRefVersion
+    type: string
+    default: ''
+
+  - name: product
+    default: MDS
+    values:
+    - MDS
+    - AKV
+    - MSS
+
 steps:
 - ${{ if or(eq(parameters.analyzeType, 'roslyn'), eq(parameters.analyzeType, 'all')) }}:
-  - task: securedevelopmentteam.vss-secure-development-tools.build-task-roslynanalyzers.RoslynAnalyzers@3
-    displayName: 'Guardian Dotnet Analyzers '
-    inputs:
-      msBuildVersion: 17.0
-      msBuildArchitecture: x64
-      setupCommandlinePicker: vs2022
-      msBuildCommandline: 'msbuild  ${{parameters.sourceRoot}}\build.proj -p:configuration=Release -p:GenerateNuget=false -p:BuildTools=false'
+  - ${{ if eq(parameters.product, 'MDS') }}:
+    - task: securedevelopmentteam.vss-secure-development-tools.build-task-roslynanalyzers.RoslynAnalyzers@3
+      displayName: 'Guardian Dotnet Analyzers '
+      inputs:
+        msBuildVersion: 17.0
+        msBuildArchitecture: x64
+        setupCommandlinePicker: vs2022
+        msBuildCommandline: 'msbuild  ${{parameters.sourceRoot}}\build.proj -p:configuration=Release -p:GenerateNuget=false -p:BuildTools=false'
+  - ${{ if eq(parameters.product, 'AKV') }}:
+    - task: securedevelopmentteam.vss-secure-development-tools.build-task-roslynanalyzers.RoslynAnalyzers@3
+      displayName: 'Guardian Dotnet Analyzers '
+      inputs:
+        msBuildVersion: 17.0
+        msBuildArchitecture: x64
+        setupCommandlinePicker: vs2022
+        msBuildCommandline: 'msbuild  ${{parameters.sourceRoot}}\build.proj -p:configuration=Release -p:GenerateNuget=false -p:BuildTools=false -p:NugetPackageVersion=${{parameters.nugetPackageRefVersion }} -p:ReferenceType=Package -t:BuildAKVNetCoreAllOS'
 
 - ${{ if or(eq(parameters.analyzeType, 'inspect'), eq(parameters.analyzeType, 'all')) }}:
   - task: securedevelopmentteam.vss-secure-development-tools.build-task-codeinspector.CodeInspector@2

diff --git a/eng/pipelines/common/templates/steps/copy-dlls-for-test-step.yml b/eng/pipelines/common/templates/steps/copy-dlls-for-test-step.yml
@@ -0,0 +1,108 @@
+#################################################################################
+# Licensed to the .NET Foundation under one or more agreements.                 #
+# The .NET Foundation licenses this file to you under the MIT license.          #
+# See the LICENSE file in the project root for more information.                #
+#################################################################################
+parameters:
+  - name: Configuration
+    type: string
+    default: '$(Configuration)'
+
+  - name: symbolsFolder
+    type: string
+    default: symbols
+
+  - name: softwareFolder
+    type: string
+    default: software
+
+  - name: referenceType
+    default: project
+    values:
+    - project
+    - package
+
+  - name: listOfTF
+    type: object
+    default:
+    - net462
+    - net6.0
+    - net8.0
+    - netstandard2.0
+    - netstandard2.1
+
+  - name: product
+    default: MDS
+    values:
+    - MDS
+    - AKV
+    - MSS
+
+steps:
+- powershell: |
+    $software = '${{parameters.softwareFolder}}'
+    $symbols = '${{parameters.symbolsFolder}}'
+
+    md $software
+    md $software\win
+
+    md $symbols
+    md $symbols\win
+  displayName: 'Make base directories'
+
+- ${{ each targetFramework in parameters.listOfTF }}:
+  - ${{ if eq(parameters.product, 'MDS') }}:
+    - powershell: |
+        $software = '${{parameters.softwareFolder}}'
+        $tf = '${{ targetFramework }}'
+        md $software\win\$tf
+        
+        if ($tf.StartsWith('net4'))
+        {
+          Copy-Item "artifacts\${{parameters.referenceType }}\bin\Windows_NT\${{parameters.Configuration }}.AnyCPU\Microsoft.Data.SqlClient\netfx\$tf\Microsoft.Data.SqlClient.dll" "$software\win\$tf" -recurse
+        }
+        else
+        {
+          Copy-Item "artifacts\${{parameters.referenceType }}\bin\Windows_NT\${{parameters.Configuration }}.AnyCPU\Microsoft.Data.SqlClient\netcore\$tf\Microsoft.Data.SqlClient.dll" "$software\win\$tf" -recurse
+        }
+        
+        $symbols = '${{parameters.symbolsFolder}}'
+        md $symbols\win\$tf
+        
+        if ($tf.StartsWith('net4'))
+        {
+          Copy-Item "artifacts\Project\bin\Windows_NT\Release.AnyCPU\Microsoft.Data.SqlClient\netfx\$tf\Microsoft.Data.SqlClient.pdb" "$symbols\win\$tf" -recurse
+        }
+        else
+        {
+          Copy-Item "artifacts\Project\bin\Windows_NT\Release.AnyCPU\Microsoft.Data.SqlClient\netcore\$tf\Microsoft.Data.SqlClient.pdb" "$symbols\win\$tf" -recurse
+        }
+            
+        Write-Host "Artifacts fetched for testing"
+        Get-Location
+      displayName: 'Prepare ${{ targetFramework }} Arifacts for Testing'
+
+  - ${{ if eq(parameters.product, 'AKV') }}:
+    - powershell: |
+        $software = '${{parameters.softwareFolder}}'
+        $tf = '${{ targetFramework }}'
+        md $software\win\$tf
+        
+        Copy-Item "artifacts\${{parameters.referenceType }}\bin\Windows_NT\${{parameters.Configuration }}.AnyCPU\AzureKeyVaultProvider\$tf\Microsoft.Data.SqlClient.AlwaysEncrypted.AzureKeyVaultProvider.dll" "$software\win\$tf" -recurse
+        
+        $symbols = '${{parameters.symbolsFolder}}'
+        md $symbols\win\$tf
+        
+        Copy-Item "artifacts\${{parameters.referenceType }}\bin\Windows_NT\${{parameters.Configuration }}.AnyCPU\AzureKeyVaultProvider\$tf\Microsoft.Data.SqlClient.AlwaysEncrypted.AzureKeyVaultProvider.pdb" "$symbols\win\$tf" -recurse
+            
+        Write-Host "Artifacts fetched for testing"
+        Get-Location
+      displayName: 'Prepare ${{ targetFramework }} Arifacts for Testing'
+
+- powershell: |
+    $software = '${{parameters.softwareFolder}}'
+    $symbols = '${{parameters.symbolsFolder}}'
+
+    Get-ChildItem -recurse "$software\*.dll"
+    Get-ChildItem -recurse "$symbols\*.pdb"
+  displayName: 'List the prepared files'
diff --git a/eng/pipelines/common/templates/steps/generate-nuget-package-step.yml b/eng/pipelines/common/templates/steps/generate-nuget-package-step.yml
@@ -23,6 +23,12 @@ parameters:
   - name: Configuration
     type: string
     default: '$(Configuration)'
+
+  - name: referenceType
+    default: project
+    values:
+    - project
+    - package
 
 steps:
 - task: NuGetToolInstaller@1
@@ -37,4 +43,4 @@ steps:
   displayName: 'NuGet pack with snupkg'
   inputs:
     command: custom
-    arguments: 'pack -Symbols -SymbolPackageFormat snupkg ${{parameters.nuspecPath}} -Version ${{parameters.NugetPackageVersion}} -OutputDirectory ${{parameters.OutputDirectory}} -properties "COMMITID=${{parameters.CommitHead}};Configuration=${{parameters.Configuration}}"'
+    arguments: 'pack -Symbols -SymbolPackageFormat snupkg ${{parameters.nuspecPath}} -Version ${{parameters.NugetPackageVersion}} -OutputDirectory ${{parameters.OutputDirectory}} -properties "COMMITID=${{parameters.CommitHead}};Configuration=${{parameters.Configuration}};ReferenceType=${{parameters.referenceType}}"'