diff --git a/.config/dotnet-tools.json b/.config/dotnet-tools.json
index ce58c4bfc..c5fe9a99d 100644
--- a/.config/dotnet-tools.json
+++ b/.config/dotnet-tools.json
@@ -3,7 +3,7 @@
"isRoot": true,
"tools": {
"microsoft.dotnet.darc": {
- "version": "1.1.0-beta.23063.1",
+ "version": "1.1.0-beta.23068.1",
"commands": [
"darc"
]
diff --git a/eng/Version.Details.xml b/eng/Version.Details.xml
index 80edc4abe..9c682f6e3 100644
--- a/eng/Version.Details.xml
+++ b/eng/Version.Details.xml
@@ -205,13 +205,13 @@
https://github.com/dotnet/arcade
3600aa80a01e90f38a7b86b9d7c1264e091aa5a8
-
+
https://github.com/dotnet/arcade-services
- ad564790607031479f7c74b4211f53930d0f6ca8
+ fbfe3ef4178f3e5ca05ee32ebd4a20599e72f115
-
+
https://github.com/dotnet/arcade-services
- ad564790607031479f7c74b4211f53930d0f6ca8
+ fbfe3ef4178f3e5ca05ee32ebd4a20599e72f115
https://github.com/dotnet/runtime
diff --git a/eng/Versions.props b/eng/Versions.props
index ec592769b..7b8682628 100644
--- a/eng/Versions.props
+++ b/eng/Versions.props
@@ -30,7 +30,7 @@
- 1.1.0-beta.23063.1
+ 1.1.0-beta.23068.1
diff --git a/src/SourceBuild/content/eng/pipelines/ci.yml b/src/SourceBuild/content/eng/pipelines/ci.yml
index 9e74ea872..7cf91c400 100644
--- a/src/SourceBuild/content/eng/pipelines/ci.yml
+++ b/src/SourceBuild/content/eng/pipelines/ci.yml
@@ -16,6 +16,9 @@ pr:
- internal/release/*
stages:
+- ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
+ - template: templates/stages/vmr-scan.yml
+
# For rolling builds we want to build the MSFT SDK first so that we can
# compare the contents with the source-built one later.
# This only works because we don't run this test in PRs. If we decided
diff --git a/src/SourceBuild/content/eng/pipelines/templates/stages/vmr-scan.yml b/src/SourceBuild/content/eng/pipelines/templates/stages/vmr-scan.yml
new file mode 100644
index 000000000..81a7d9d64
--- /dev/null
+++ b/src/SourceBuild/content/eng/pipelines/templates/stages/vmr-scan.yml
@@ -0,0 +1,45 @@
+stages:
+- stage: VMR_Scan
+ displayName: VMR Scan
+ dependsOn: []
+ variables:
+ - template: /eng/common/templates/variables/pool-providers.yml
+ jobs:
+ - job: Scan
+ displayName: VMR Scan
+ pool:
+ ${{ if eq(variables['System.TeamProject'], 'public') }}:
+ name: $(DncEngPublicBuildPool)
+ demands: ImageOverride -equals Build.Ubuntu.2004.Amd64.Open
+ ${{ if eq(variables['System.TeamProject'], 'internal') }}:
+ name: $(DncEngInternalBuildPool)
+ demands: ImageOverride -equals Build.Ubuntu.2004.Amd64
+
+ steps:
+ - checkout: self
+
+ - script: |
+ source ./eng/common/tools.sh
+ InitializeDotNetCli true
+ dotnet='./.dotnet/dotnet'
+ "$dotnet" tool restore
+ displayName: Initialize tooling
+ workingDirectory: $(Build.SourcesDirectory)/src/installer
+
+ - script: >
+ ./.dotnet/dotnet darc vmr scan-binary-files
+ --vmr "$(Build.SourcesDirectory)"
+ --tmp "$(Agent.TempDirectory)"
+ || (echo '##[error]Found binaries in the VMR' && exit 1)
+ displayName: Scan for binaries
+ workingDirectory: $(Build.SourcesDirectory)/src/installer
+ continueOnError: true
+
+ - script: >
+ ./.dotnet/dotnet darc vmr scan-cloaked-files
+ --vmr "$(Build.SourcesDirectory)"
+ --tmp "$(Agent.TempDirectory)"
+ || (echo '##[error]Found cloaked files in the VMR' && exit 1)
+ displayName: Scan for cloaked files
+ workingDirectory: $(Build.SourcesDirectory)/src/installer
+ continueOnError: true