From 3444301dc71a16e2afbbfb211ad3ce51c2b115fd Mon Sep 17 00:00:00 2001 From: Nate McMaster Date: Tue, 28 Nov 2017 10:47:59 -0800 Subject: [PATCH 1/8] Pipe ldconfig stderr to /dev/null --- scripts/obtain/dotnet-install.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/obtain/dotnet-install.sh b/scripts/obtain/dotnet-install.sh index e409fe06d..b28a50e09 100755 --- a/scripts/obtain/dotnet-install.sh +++ b/scripts/obtain/dotnet-install.sh @@ -227,10 +227,10 @@ check_pre_reqs() { local librarypath=${LD_LIBRARY_PATH:-} LDCONFIG_COMMAND="$LDCONFIG_COMMAND -NXv ${librarypath//:/ }" - [ -z "$($LDCONFIG_COMMAND | grep libunwind)" ] && say_err "Unable to locate libunwind. Install libunwind to continue" && failing=true - [ -z "$($LDCONFIG_COMMAND | grep libssl)" ] && say_err "Unable to locate libssl. Install libssl to continue" && failing=true - [ -z "$($LDCONFIG_COMMAND | grep libicu)" ] && say_err "Unable to locate libicu. Install libicu to continue" && failing=true - [ -z "$($LDCONFIG_COMMAND | grep -F libcurl.so)" ] && say_err "Unable to locate libcurl. Install libcurl to continue" && failing=true + [ -z "$($LDCONFIG_COMMAND 2>/dev/null | grep libunwind)" ] && say_err "Unable to locate libunwind. Install libunwind to continue" && failing=true + [ -z "$($LDCONFIG_COMMAND 2>/dev/null | grep libssl)" ] && say_err "Unable to locate libssl. Install libssl to continue" && failing=true + [ -z "$($LDCONFIG_COMMAND 2>/dev/null | grep libicu)" ] && say_err "Unable to locate libicu. Install libicu to continue" && failing=true + [ -z "$($LDCONFIG_COMMAND 2>/dev/null | grep -F libcurl.so)" ] && say_err "Unable to locate libcurl. Install libcurl to continue" && failing=true fi if [ "$failing" = true ]; then From fd04fdd5f2a6a81de9a19a35132573ef6fefb0f8 Mon Sep 17 00:00:00 2001 From: Nate McMaster Date: Tue, 28 Nov 2017 10:11:22 -0800 Subject: [PATCH 2/8] Add parameter to dotnet-install to support pulling from private blob feeds --- scripts/obtain/dotnet-install.ps1 | 12 +++++++--- scripts/obtain/dotnet-install.sh | 38 ++++++++++++++++++++++--------- 2 files changed, 36 insertions(+), 14 deletions(-) diff --git a/scripts/obtain/dotnet-install.ps1 b/scripts/obtain/dotnet-install.ps1 index 89e6e74d8..af50dbd6e 100644 --- a/scripts/obtain/dotnet-install.ps1 +++ b/scripts/obtain/dotnet-install.ps1 @@ -49,10 +49,13 @@ .PARAMETER AzureFeed Default: https://dotnetcli.azureedge.net/dotnet This parameter typically is not changed by the user. - It allows to change URL for the Azure feed used by this installer. + It allows changing the URL for the Azure feed used by this installer. .PARAMETER UncachedFeed This parameter typically is not changed by the user. - It allows to change URL for the Uncached feed used by this installer. + It allows changing the URL for the Uncached feed used by this installer. +.PARAMETER FeedCredential + Used as a query string to append to the Azure feed. + It allows changing the URL to use non-public blob storage accounts. .PARAMETER ProxyAddress If set, the installer will use the proxy when making web requests .PARAMETER ProxyUseDefaultCredentials @@ -73,6 +76,7 @@ param( [switch]$NoPath, [string]$AzureFeed="https://dotnetcli.azureedge.net/dotnet", [string]$UncachedFeed="https://dotnetcli.blob.core.windows.net/dotnet", + [string]$FeedCredential, [string]$ProxyAddress, [switch]$ProxyUseDefaultCredentials, [switch]$SkipNonVersionedFiles @@ -199,8 +203,10 @@ function GetHTTPResponse([Uri] $Uri) # Default timeout for HttpClient is 100s. For a 50 MB download this assumes 500 KB/s average, any less will time out # 10 minutes allows it to work over much slower connections. $HttpClient.Timeout = New-TimeSpan -Minutes 10 - $Response = $HttpClient.GetAsync($Uri).Result + $ActualUri = if (($Uri -like "$AzureFeed*") -or ($Uri -like "$UncachedFeed*")) { "${Uri}${FeedCredential}" } else { $Uri } + $Response = $HttpClient.GetAsync($ActualUri).Result if (($Response -eq $null) -or (-not ($Response.IsSuccessStatusCode))) { + # The feed credential is potential sensitive info. Do not log ActualUri to console output. $ErrorMsg = "Failed to download $Uri." if ($Response -ne $null) { $ErrorMsg += " $Response" diff --git a/scripts/obtain/dotnet-install.sh b/scripts/obtain/dotnet-install.sh index e409fe06d..ee4e6ba66 100755 --- a/scripts/obtain/dotnet-install.sh +++ b/scripts/obtain/dotnet-install.sh @@ -618,6 +618,11 @@ downloadcurl() { local remote_path="$1" local out_path="${2:-}" + # Append feed_credential as late as possible before calling curl to avoid logging feed_credential + if [[ "$remote_path" == "$azure_feed"* ]] || [[ "$remote_path" == "$uncached_feed"* ]]; then + remote_path="${remote_path}${feed_credential}" + fi + local failed=false if [ -z "$out_path" ]; then curl --retry 10 -sSL -f --create-dirs "$remote_path" || failed=true @@ -636,6 +641,11 @@ downloadwget() { local remote_path="$1" local out_path="${2:-}" + # Append feed_credential as late as possible before calling wget to avoid logging feed_credential + if [[ "$remote_path" == "$azure_feed"* ]] || [[ "$remote_path" == "$uncached_feed"* ]]; then + remote_path="${remote_path}${feed_credential}" + fi + local failed=false if [ -z "$out_path" ]; then wget -q --tries 10 -O - "$remote_path" || failed=true @@ -725,6 +735,7 @@ dry_run=false no_path=false azure_feed="https://dotnetcli.azureedge.net/dotnet" uncached_feed="https://dotnetcli.blob.core.windows.net/dotnet" +feed_credential="" verbose=false shared_runtime=false runtime_id="" @@ -770,6 +781,10 @@ do shift uncached_feed="$1" ;; + --feed-credential|-[Ff]eed[Cc]redential) + shift + feed_credential="$1" + ;; --runtime-id|-[Rr]untime[Ii]d) shift runtime_id="$1" @@ -804,22 +819,23 @@ do echo " coherent applies only to SDK downloads" echo " - 3-part version in a format A.B.C - represents specific version of build" echo " examples: 2.0.0-preview2-006120; 1.1.0" - echo " -i,--install-dir Install under specified location (see Install Location below)" + echo " -i,--install-dir Install under specified location (see Install Location below)" echo " -InstallDir" - echo " --architecture Architecture of .NET Tools. Currently only x64 is supported." + echo " --architecture Architecture of .NET Tools. Currently only x64 is supported." echo " --arch,-Architecture,-Arch" - echo " --shared-runtime Installs just the shared runtime bits, not the entire SDK." + echo " --shared-runtime Installs just the shared runtime bits, not the entire SDK." echo " -SharedRuntime" - echo " --skip-non-versioned-files Skips non-versioned files if they already exist, such as the dotnet executable." + echo " --skip-non-versioned-files Skips non-versioned files if they already exist, such as the dotnet executable." echo " -SkipNonVersionedFiles" - echo " --dry-run,-DryRun Do not perform installation. Display download link." - echo " --no-path, -NoPath Do not set PATH for the current process." - echo " --verbose,-Verbose Display diagnostics information." - echo " --azure-feed,-AzureFeed Azure feed location. Defaults to $azure_feed, This parameter typically is not changed by the user." - echo " --uncached-feed,-UncachedFeed Uncached feed location. This parameter typically is not changed by the user." - echo " --runtime-id Installs the .NET Tools for the given platform (use linux-x64 for portable linux)." + echo " --dry-run,-DryRun Do not perform installation. Display download link." + echo " --no-path, -NoPath Do not set PATH for the current process." + echo " --verbose,-Verbose Display diagnostics information." + echo " --azure-feed,-AzureFeed Azure feed location. Defaults to $azure_feed, This parameter typically is not changed by the user." + echo " --uncached-feed,-UncachedFeed Uncached feed location. This parameter typically is not changed by the user." + echo " --feed-credential,-FeedCredential Azure feed shared access token. This parameter typically is not specified." + echo " --runtime-id Installs the .NET Tools for the given platform (use linux-x64 for portable linux)." echo " -RuntimeId" - echo " -?,--?,-h,--help,-Help Shows this help message" + echo " -?,--?,-h,--help,-Help Shows this help message" echo "" echo "Install Location:" echo " Location is chosen in following order:" From 9a8316cd1295a64d88ce84d09388ef595e59d0a8 Mon Sep 17 00:00:00 2001 From: Nate McMaster Date: Tue, 28 Nov 2017 14:23:30 -0800 Subject: [PATCH 3/8] Always append feed_credential to URIs in dotnet-install.{sh,ps1} --- scripts/obtain/dotnet-install.ps1 | 5 ++--- scripts/obtain/dotnet-install.sh | 8 ++------ 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/scripts/obtain/dotnet-install.ps1 b/scripts/obtain/dotnet-install.ps1 index af50dbd6e..e267edc76 100644 --- a/scripts/obtain/dotnet-install.ps1 +++ b/scripts/obtain/dotnet-install.ps1 @@ -203,10 +203,9 @@ function GetHTTPResponse([Uri] $Uri) # Default timeout for HttpClient is 100s. For a 50 MB download this assumes 500 KB/s average, any less will time out # 10 minutes allows it to work over much slower connections. $HttpClient.Timeout = New-TimeSpan -Minutes 10 - $ActualUri = if (($Uri -like "$AzureFeed*") -or ($Uri -like "$UncachedFeed*")) { "${Uri}${FeedCredential}" } else { $Uri } - $Response = $HttpClient.GetAsync($ActualUri).Result + $Response = $HttpClient.GetAsync("${Uri}${FeedCredential}").Result if (($Response -eq $null) -or (-not ($Response.IsSuccessStatusCode))) { - # The feed credential is potential sensitive info. Do not log ActualUri to console output. + # The feed credential is potentially sensitive info. Do not log FeedCredential to console output. $ErrorMsg = "Failed to download $Uri." if ($Response -ne $null) { $ErrorMsg += " $Response" diff --git a/scripts/obtain/dotnet-install.sh b/scripts/obtain/dotnet-install.sh index ee4e6ba66..ee15af5a7 100755 --- a/scripts/obtain/dotnet-install.sh +++ b/scripts/obtain/dotnet-install.sh @@ -619,9 +619,7 @@ downloadcurl() { local out_path="${2:-}" # Append feed_credential as late as possible before calling curl to avoid logging feed_credential - if [[ "$remote_path" == "$azure_feed"* ]] || [[ "$remote_path" == "$uncached_feed"* ]]; then - remote_path="${remote_path}${feed_credential}" - fi + remote_path="${remote_path}${feed_credential}" local failed=false if [ -z "$out_path" ]; then @@ -642,9 +640,7 @@ downloadwget() { local out_path="${2:-}" # Append feed_credential as late as possible before calling wget to avoid logging feed_credential - if [[ "$remote_path" == "$azure_feed"* ]] || [[ "$remote_path" == "$uncached_feed"* ]]; then - remote_path="${remote_path}${feed_credential}" - fi + remote_path="${remote_path}${feed_credential}" local failed=false if [ -z "$out_path" ]; then From 5fb91f96618f6a8aa6eab991719d510c9270f9d4 Mon Sep 17 00:00:00 2001 From: John Beisner Date: Thu, 30 Nov 2017 10:35:51 -0800 Subject: [PATCH 4/8] Use the 'PB_AssetRootUrl' and 'PB_AssetRootAccessTokenSuffix' for all asset downloads if set - "TransportFeed" should be "BlobFeed". --- build/AzureInfo.props | 14 +++++++++----- build/BackwardsCompatibilityRuntimes.props | 9 ++++----- build/BundledRuntimes.props | 17 ++++++++--------- build/Publish.targets | 4 ++-- build/compile/LzmaArchive.targets | 6 ++---- build/package/Installer.DEB.targets | 4 ++-- build/package/Installer.MSI.targets | 4 ++-- build/package/Installer.RPM.targets | 4 ++-- ...d.targets => PublishNupkgToBlobFeed.targets} | 12 ++++++------ dir.props | 3 +-- 10 files changed, 38 insertions(+), 39 deletions(-) rename build/publish/{PublishNupkgToTransportFeed.targets => PublishNupkgToBlobFeed.targets} (52%) diff --git a/build/AzureInfo.props b/build/AzureInfo.props index 2773a817c..42b762a7c 100644 --- a/build/AzureInfo.props +++ b/build/AzureInfo.props @@ -1,6 +1,10 @@ Sdk + $(PB_AssetRootUrl) + https://dotnetcli.azureedge.net + $(PB_AssetRootAccessTokenSuffix) + ?$(PrivateBlobAccessToken) $(ARTIFACT_STORAGE_CONTAINER) dotnet $(ARTIFACT_STORAGE_KEY) @@ -12,10 +16,10 @@ $(CHECKSUM_STORAGE_KEY) $(CHECKSUM_STORAGE_ACCOUNT) dotnetclichecksums - $(TRANSPORTFEED_STORAGE_CONTAINER) - dotnet-core - $(TRANSPORTFEED_EXPECTED_URL) - https://dotnetfeed.blob.core.windows.net/$(TransportFeedContainerName)/index.json - $(TRANSPORTFEED_STORAGE_KEY) + $(BLOBFEED_STORAGE_CONTAINER) + dotnet-core + $(BLOBFEED_EXPECTED_URL) + https://dotnetfeed.blob.core.windows.net/$(BlobFeedContainerName)/index.json + $(BLOBFEED_STORAGE_KEY) diff --git a/build/BackwardsCompatibilityRuntimes.props b/build/BackwardsCompatibilityRuntimes.props index 9664fdadf..4dd0d800f 100644 --- a/build/BackwardsCompatibilityRuntimes.props +++ b/build/BackwardsCompatibilityRuntimes.props @@ -21,13 +21,12 @@ $(BackwardsCompatibility110CoreSetupBlobRootUrlWithChannel)/Installers $(IntermediateDirectory)/coreSetupDownload/$(BackwardsCompatibility110SharedFrameworkVersion) $(BackwardsCompatibility110CoreSetupDownloadDirectory)/combinedSharedHostAndFrameworkArchive$(ArchiveExtension) - ?$(CoreSetupBlobAccessToken) <_DownloadAndExtractItem Include="BackwardsCompatibility110CombinedSharedHostAndFrameworkArchive" Condition="!Exists('$(BackwardsCompatibility110CombinedSharedHostAndFrameworkArchive)')"> - $(BackwardsCompatibility110SharedFrameworkArchiveBlobRootUrl)/$(BackwardsCompatibility110CombinedFrameworkHostCompressedFileName)$(CoreSetupBlobAccessTokenParam) + $(BackwardsCompatibility110SharedFrameworkArchiveBlobRootUrl)/$(BackwardsCompatibility110CombinedFrameworkHostCompressedFileName)$(PrivateBlobAccessTokenParam) $(BackwardsCompatibility110CombinedSharedHostAndFrameworkArchive) $(BackwardsCompatibleSharedFrameworksPublishDirectory) @@ -36,21 +35,21 @@ <_DownloadAndExtractItem Include="BackwardsCompatibility110DownloadedSharedFrameworkInstallerFile" Condition="!Exists('$(BackwardsCompatibility110DownloadedSharedFrameworkInstallerFile)') And '$(OSName)' != 'linux'"> - $(BackwardsCompatibility110CoreSetupInstallerBlobRootUrl)/$(BackwardsCompatibility110SharedFrameworkVersion)/$(BackwardsCompatibility110DownloadedSharedFrameworkInstallerFileName)$(CoreSetupBlobAccessTokenParam) + $(BackwardsCompatibility110CoreSetupInstallerBlobRootUrl)/$(BackwardsCompatibility110SharedFrameworkVersion)/$(BackwardsCompatibility110DownloadedSharedFrameworkInstallerFileName)$(PrivateBlobAccessTokenParam) $(BackwardsCompatibility110DownloadedSharedFrameworkInstallerFile) <_DownloadAndExtractItem Include="BackwardsCompatibility110DownloadedSharedHostInstallerFile" Condition="!Exists('$(BackwardsCompatibility110DownloadedSharedHostInstallerFile)') And '$(OSName)' != 'linux'"> - $(BackwardsCompatibility110CoreSetupInstallerBlobRootUrl)/$(BackwardsCompatibility110SharedHostVersion)/$(BackwardsCompatibility110DownloadedSharedHostInstallerFileName)$(CoreSetupBlobAccessTokenParam) + $(BackwardsCompatibility110CoreSetupInstallerBlobRootUrl)/$(BackwardsCompatibility110SharedHostVersion)/$(BackwardsCompatibility110DownloadedSharedHostInstallerFileName)$(PrivateBlobAccessTokenParam) $(BackwardsCompatibility110DownloadedSharedHostInstallerFile) <_DownloadAndExtractItem Include="BackwardsCompatibility110DownloadedHostFxrInstallerFile" Condition="!Exists('$(BackwardsCompatibility110DownloadedHostFxrInstallerFile)') And '$(OSName)' != 'linux'"> - $(BackwardsCompatibility110CoreSetupInstallerBlobRootUrl)/$(BackwardsCompatibility110HostFxrVersion)/$(BackwardsCompatibility110DownloadedHostFxrInstallerFileName)$(CoreSetupBlobAccessTokenParam) + $(BackwardsCompatibility110CoreSetupInstallerBlobRootUrl)/$(BackwardsCompatibility110HostFxrVersion)/$(BackwardsCompatibility110DownloadedHostFxrInstallerFileName)$(PrivateBlobAccessTokenParam) $(BackwardsCompatibility110DownloadedHostFxrInstallerFile) diff --git a/build/BundledRuntimes.props b/build/BundledRuntimes.props index cbc7a67a0..72b18cabd 100644 --- a/build/BundledRuntimes.props +++ b/build/BundledRuntimes.props @@ -27,8 +27,7 @@ - https://dotnetcli.azureedge.net/dotnet/ - ?$(CoreSetupBlobAccessToken) + $(AssetDownloadRootUrl)/dotnet/ $(CoreSetupBlobRootUrl)Runtime/ $(IntermediateDirectory)/coreSetupDownload/$(SharedFrameworkVersion) $(CoreSetupDownloadDirectory)/combinedSharedHostAndFrameworkArchive$(ArchiveExtension) @@ -56,49 +55,49 @@ <_DownloadAndExtractItem Include="CombinedSharedHostAndFrameworkArchive" Condition="!Exists('$(CombinedSharedHostAndFrameworkArchive)')"> - $(CoreSetupRootUrl)$(SharedFrameworkVersion)/$(CombinedFrameworkHostCompressedFileName)$(CoreSetupBlobAccessTokenParam) + $(CoreSetupRootUrl)$(SharedFrameworkVersion)/$(CombinedFrameworkHostCompressedFileName)$(PrivateBlobAccessTokenParam) $(CombinedSharedHostAndFrameworkArchive) $(SharedFrameworkPublishDirectory) <_DownloadAndExtractItem Include="DownloadedSharedFrameworkInstallerFile" Condition="'$(SkipBuildingInstallers)' != 'true' And !Exists('$(DownloadedSharedFrameworkInstallerFile)') And '$(InstallerExtension)' != ''"> - $(CoreSetupRootUrl)$(SharedFrameworkVersion)/$(DownloadedSharedFrameworkInstallerFileName)$(CoreSetupBlobAccessTokenParam) + $(CoreSetupRootUrl)$(SharedFrameworkVersion)/$(DownloadedSharedFrameworkInstallerFileName)$(PrivateBlobAccessTokenParam) $(DownloadedSharedFrameworkInstallerFile) <_DownloadAndExtractItem Include="DownloadedSharedHostInstallerFile" Condition="'$(SkipBuildingInstallers)' != 'true' And !Exists('$(DownloadedSharedHostInstallerFile)') And '$(InstallerExtension)' != ''"> - $(CoreSetupRootUrl)$(SharedHostVersion)/$(DownloadedSharedHostInstallerFileName)$(CoreSetupBlobAccessTokenParam) + $(CoreSetupRootUrl)$(SharedHostVersion)/$(DownloadedSharedHostInstallerFileName)$(PrivateBlobAccessTokenParam) $(DownloadedSharedHostInstallerFile) <_DownloadAndExtractItem Include="DownloadedHostFxrInstallerFile" Condition="'$(SkipBuildingInstallers)' != 'true' And !Exists('$(DownloadedHostFxrInstallerFile)') And '$(InstallerExtension)' != ''"> - $(CoreSetupRootUrl)$(HostFxrVersion)/$(DownloadedHostFxrInstallerFileName)$(CoreSetupBlobAccessTokenParam) + $(CoreSetupRootUrl)$(HostFxrVersion)/$(DownloadedHostFxrInstallerFileName)$(PrivateBlobAccessTokenParam) $(DownloadedHostFxrInstallerFile) <_DownloadAndExtractItem Include="AspNetCoreRuntimeInstallerWixLibFile" Condition=" '$(AspNetCoreRuntimeInstallerWixLibFile)' != '' And !Exists('$(AspNetCoreRuntimeInstallerWixLibFile)')"> - $(AspNetCoreRuntimeInstallerBlobRootUrl)/$(AspNetCoreRuntimeInstallerWixLibFileName)$(CoreSetupBlobAccessTokenParam) + $(AspNetCoreRuntimeInstallerBlobRootUrl)/$(AspNetCoreRuntimeInstallerWixLibFileName)$(PrivateBlobAccessTokenParam) $(AspNetCoreRuntimeInstallerWixLibFile) <_DownloadAndExtractItem Include="AspNetCoreRuntimeInstallerArchiveFile" Condition="!Exists('$(AspNetCoreRuntimeInstallerArchiveFile)')"> - $(AspNetCoreRuntimeInstallerBlobRootUrl)/$(AspNetCoreRuntimeInstallerArchiveFileName)$(CoreSetupBlobAccessTokenParam) + $(AspNetCoreRuntimeInstallerBlobRootUrl)/$(AspNetCoreRuntimeInstallerArchiveFileName)$(PrivateBlobAccessTokenParam) $(AspNetCoreRuntimeInstallerArchiveFile) $(AspNetRuntimePackageStorePublishDirectory) <_DownloadAndExtractItem Include="AspNetCoreSharedRuntimeVersionFile" Condition="!Exists('$(AspNetCoreSharedRuntimeVersionFile)')"> - $(AspNetCoreRuntimeInstallerBlobRootUrl)/$(AspNetCoreSharedRuntimeVersionFileName)$(CoreSetupBlobAccessTokenParam) + $(AspNetCoreRuntimeInstallerBlobRootUrl)/$(AspNetCoreSharedRuntimeVersionFileName)$(PrivateBlobAccessTokenParam) $(AspNetCoreSharedRuntimeVersionFile) diff --git a/build/Publish.targets b/build/Publish.targets index 9e911318c..918ae556e 100644 --- a/build/Publish.targets +++ b/build/Publish.targets @@ -3,7 +3,7 @@ - + @@ -25,7 +25,7 @@ GenerateChecksums; UploadArtifactsToAzure; UploadChecksumsToAzure; - PublishNupkgToTransportFeed; + PublishNupkgToBlobFeed; PublishDebFilesToDebianRepo; PublishCliVersionBadge" /> diff --git a/build/compile/LzmaArchive.targets b/build/compile/LzmaArchive.targets index 494164b26..911124eb6 100644 --- a/build/compile/LzmaArchive.targets +++ b/build/compile/LzmaArchive.targets @@ -2,19 +2,17 @@ - - ?$(CoreSetupBlobAccessToken) $(SdkOutputDirectory)/nuGetPackagesArchive.lzma nuGetPackagesArchive.$(AspNetCoreRuntimePackageFlavor).lzma $(IntermediateDirectory)/$(NugetPackagesArchiveName) - $(AspNetCoreRuntimeInstallerBlobRootUrl)/$(NugetPackagesArchiveName)$(CoreSetupBlobAccessTokenParam) + $(AspNetCoreRuntimeInstallerBlobRootUrl)/$(NugetPackagesArchiveName) - diff --git a/build/package/Installer.DEB.targets b/build/package/Installer.DEB.targets index 00afd7f30..76fc614d6 100644 --- a/build/package/Installer.DEB.targets +++ b/build/package/Installer.DEB.targets @@ -129,10 +129,10 @@ $(PackagesDirectory)/$(AspNetCoreRuntimeDebInstallerFileName) diff --git a/build/package/Installer.MSI.targets b/build/package/Installer.MSI.targets index 2a4e131b8..32977d399 100644 --- a/build/package/Installer.MSI.targets +++ b/build/package/Installer.MSI.targets @@ -3,7 +3,7 @@ 3.10.2 - https://dotnetcli.azureedge.net/build/wix/wix.$(WixVersion).zip + $(AssetDownloadRootUrl)/build/wix/wix.$(WixVersion).zip $(IntermediateDirectory)/WixTools/$(WixVersion) $(WixRoot)/WixTools.$(WixVersion).zip $(WixRoot)/WixDownload.$(WixVersion).sentinel @@ -85,7 +85,7 @@ Encoding="Unicode"/> diff --git a/build/package/Installer.RPM.targets b/build/package/Installer.RPM.targets index a4f7853ca..5736675cd 100644 --- a/build/package/Installer.RPM.targets +++ b/build/package/Installer.RPM.targets @@ -191,10 +191,10 @@ $(PackagesDirectory)/$(AspNetCoreRuntimeRpmInstallerFileName) diff --git a/build/publish/PublishNupkgToTransportFeed.targets b/build/publish/PublishNupkgToBlobFeed.targets similarity index 52% rename from build/publish/PublishNupkgToTransportFeed.targets rename to build/publish/PublishNupkgToBlobFeed.targets index 19dd03e71..eb8ba821a 100644 --- a/build/publish/PublishNupkgToTransportFeed.targets +++ b/build/publish/PublishNupkgToBlobFeed.targets @@ -7,13 +7,13 @@ - - - + + + - - + diff --git a/dir.props b/dir.props index 756fccc32..a59eba29e 100644 --- a/dir.props +++ b/dir.props @@ -20,7 +20,7 @@ - + @@ -40,7 +40,6 @@ - From 4aea36d48eea9f56f9e02090171c622b0d265cb1 Mon Sep 17 00:00:00 2001 From: John Beisner Date: Thu, 30 Nov 2017 10:36:16 -0800 Subject: [PATCH 5/8] No passwords should be in the open as environmental variables. --- scripts/dockerrun.sh | 9 --------- 1 file changed, 9 deletions(-) diff --git a/scripts/dockerrun.sh b/scripts/dockerrun.sh index abdaec636..30ba88479 100755 --- a/scripts/dockerrun.sh +++ b/scripts/dockerrun.sh @@ -119,20 +119,14 @@ docker run $INTERACTIVE -t --rm --sig-proxy=true \ --name $DOTNET_BUILD_CONTAINER_NAME \ -v $DOCKER_HOST_SHARE_DIR:/opt/code \ -e CHANNEL \ - -e CONNECTION_STRING \ -e REPO_ID \ -e REPO_USER \ - -e REPO_PASS \ -e REPO_SERVER \ -e DOTNET_BUILD_SKIP_CROSSGEN \ -e PUBLISH_TO_AZURE_BLOB \ -e NUGET_FEED_URL \ - -e NUGET_API_KEY \ - -e GITHUB_PASSWORD \ - -e ARTIFACT_STORAGE_KEY \ -e ARTIFACT_STORAGE_ACCOUNT \ -e ARTIFACT_STORAGE_CONTAINER \ - -e CHECKSUM_STORAGE_KEY \ -e CHECKSUM_STORAGE_ACCOUNT \ -e CHECKSUM_STORAGE_CONTAINER \ -e CLIBUILD_SKIP_TESTS \ @@ -141,10 +135,7 @@ docker run $INTERACTIVE -t --rm --sig-proxy=true \ -e RELEASESUFFIX \ -e COREFXAZURECONTAINER \ -e AZUREACCOUNTNAME \ - -e AZUREACCESSTOKEN \ - -e VSOPASSWORD \ -e RELEASETOOLSGITURL \ -e CORESETUPBLOBROOTURL \ - -e CORESETUPBLOBACCESSTOKEN \ $DOTNET_BUILD_CONTAINER_TAG \ $BUILD_COMMAND "$@" From 3d39772fe9bc13a3c01b4d83e50a7cbb8b06f729 Mon Sep 17 00:00:00 2001 From: John Beisner Date: Thu, 30 Nov 2017 12:09:27 -0800 Subject: [PATCH 6/8] The URL root will include the "dotnet" container; the structure will be identical after the "dotnet" container. --- build/AzureInfo.props | 8 ++++---- build/BackwardsCompatibilityRuntimes.props | 8 ++++---- build/BundledRuntimes.props | 14 +++++++------- build/compile/LzmaArchive.targets | 2 +- build/package/Installer.DEB.targets | 4 ++-- build/package/Installer.MSI.targets | 4 ++-- build/package/Installer.RPM.targets | 4 ++-- 7 files changed, 22 insertions(+), 22 deletions(-) diff --git a/build/AzureInfo.props b/build/AzureInfo.props index 42b762a7c..cee626a2c 100644 --- a/build/AzureInfo.props +++ b/build/AzureInfo.props @@ -1,10 +1,10 @@ Sdk - $(PB_AssetRootUrl) - https://dotnetcli.azureedge.net - $(PB_AssetRootAccessTokenSuffix) - ?$(PrivateBlobAccessToken) + $(PB_AssetRootUrl) + https://dotnetcli.azureedge.net/dotnet/ + $(PB_AssetRootAccessTokenSuffix) + ?$(CoreSetupBlobAccessToken) $(ARTIFACT_STORAGE_CONTAINER) dotnet $(ARTIFACT_STORAGE_KEY) diff --git a/build/BackwardsCompatibilityRuntimes.props b/build/BackwardsCompatibilityRuntimes.props index 4dd0d800f..85303240f 100644 --- a/build/BackwardsCompatibilityRuntimes.props +++ b/build/BackwardsCompatibilityRuntimes.props @@ -26,7 +26,7 @@ <_DownloadAndExtractItem Include="BackwardsCompatibility110CombinedSharedHostAndFrameworkArchive" Condition="!Exists('$(BackwardsCompatibility110CombinedSharedHostAndFrameworkArchive)')"> - $(BackwardsCompatibility110SharedFrameworkArchiveBlobRootUrl)/$(BackwardsCompatibility110CombinedFrameworkHostCompressedFileName)$(PrivateBlobAccessTokenParam) + $(BackwardsCompatibility110SharedFrameworkArchiveBlobRootUrl)/$(BackwardsCompatibility110CombinedFrameworkHostCompressedFileName)$(CoreSetupBlobAccessTokenParam) $(BackwardsCompatibility110CombinedSharedHostAndFrameworkArchive) $(BackwardsCompatibleSharedFrameworksPublishDirectory) @@ -35,21 +35,21 @@ <_DownloadAndExtractItem Include="BackwardsCompatibility110DownloadedSharedFrameworkInstallerFile" Condition="!Exists('$(BackwardsCompatibility110DownloadedSharedFrameworkInstallerFile)') And '$(OSName)' != 'linux'"> - $(BackwardsCompatibility110CoreSetupInstallerBlobRootUrl)/$(BackwardsCompatibility110SharedFrameworkVersion)/$(BackwardsCompatibility110DownloadedSharedFrameworkInstallerFileName)$(PrivateBlobAccessTokenParam) + $(BackwardsCompatibility110CoreSetupInstallerBlobRootUrl)/$(BackwardsCompatibility110SharedFrameworkVersion)/$(BackwardsCompatibility110DownloadedSharedFrameworkInstallerFileName)$(CoreSetupBlobAccessTokenParam) $(BackwardsCompatibility110DownloadedSharedFrameworkInstallerFile) <_DownloadAndExtractItem Include="BackwardsCompatibility110DownloadedSharedHostInstallerFile" Condition="!Exists('$(BackwardsCompatibility110DownloadedSharedHostInstallerFile)') And '$(OSName)' != 'linux'"> - $(BackwardsCompatibility110CoreSetupInstallerBlobRootUrl)/$(BackwardsCompatibility110SharedHostVersion)/$(BackwardsCompatibility110DownloadedSharedHostInstallerFileName)$(PrivateBlobAccessTokenParam) + $(BackwardsCompatibility110CoreSetupInstallerBlobRootUrl)/$(BackwardsCompatibility110SharedHostVersion)/$(BackwardsCompatibility110DownloadedSharedHostInstallerFileName)$(CoreSetupBlobAccessTokenParam) $(BackwardsCompatibility110DownloadedSharedHostInstallerFile) <_DownloadAndExtractItem Include="BackwardsCompatibility110DownloadedHostFxrInstallerFile" Condition="!Exists('$(BackwardsCompatibility110DownloadedHostFxrInstallerFile)') And '$(OSName)' != 'linux'"> - $(BackwardsCompatibility110CoreSetupInstallerBlobRootUrl)/$(BackwardsCompatibility110HostFxrVersion)/$(BackwardsCompatibility110DownloadedHostFxrInstallerFileName)$(PrivateBlobAccessTokenParam) + $(BackwardsCompatibility110CoreSetupInstallerBlobRootUrl)/$(BackwardsCompatibility110HostFxrVersion)/$(BackwardsCompatibility110DownloadedHostFxrInstallerFileName)$(CoreSetupBlobAccessTokenParam) $(BackwardsCompatibility110DownloadedHostFxrInstallerFile) diff --git a/build/BundledRuntimes.props b/build/BundledRuntimes.props index 72b18cabd..cfb5d04ab 100644 --- a/build/BundledRuntimes.props +++ b/build/BundledRuntimes.props @@ -55,49 +55,49 @@ <_DownloadAndExtractItem Include="CombinedSharedHostAndFrameworkArchive" Condition="!Exists('$(CombinedSharedHostAndFrameworkArchive)')"> - $(CoreSetupRootUrl)$(SharedFrameworkVersion)/$(CombinedFrameworkHostCompressedFileName)$(PrivateBlobAccessTokenParam) + $(CoreSetupRootUrl)$(SharedFrameworkVersion)/$(CombinedFrameworkHostCompressedFileName)$(CoreSetupBlobAccessTokenParam) $(CombinedSharedHostAndFrameworkArchive) $(SharedFrameworkPublishDirectory) <_DownloadAndExtractItem Include="DownloadedSharedFrameworkInstallerFile" Condition="'$(SkipBuildingInstallers)' != 'true' And !Exists('$(DownloadedSharedFrameworkInstallerFile)') And '$(InstallerExtension)' != ''"> - $(CoreSetupRootUrl)$(SharedFrameworkVersion)/$(DownloadedSharedFrameworkInstallerFileName)$(PrivateBlobAccessTokenParam) + $(CoreSetupRootUrl)$(SharedFrameworkVersion)/$(DownloadedSharedFrameworkInstallerFileName)$(CoreSetupBlobAccessTokenParam) $(DownloadedSharedFrameworkInstallerFile) <_DownloadAndExtractItem Include="DownloadedSharedHostInstallerFile" Condition="'$(SkipBuildingInstallers)' != 'true' And !Exists('$(DownloadedSharedHostInstallerFile)') And '$(InstallerExtension)' != ''"> - $(CoreSetupRootUrl)$(SharedHostVersion)/$(DownloadedSharedHostInstallerFileName)$(PrivateBlobAccessTokenParam) + $(CoreSetupRootUrl)$(SharedHostVersion)/$(DownloadedSharedHostInstallerFileName)$(CoreSetupBlobAccessTokenParam) $(DownloadedSharedHostInstallerFile) <_DownloadAndExtractItem Include="DownloadedHostFxrInstallerFile" Condition="'$(SkipBuildingInstallers)' != 'true' And !Exists('$(DownloadedHostFxrInstallerFile)') And '$(InstallerExtension)' != ''"> - $(CoreSetupRootUrl)$(HostFxrVersion)/$(DownloadedHostFxrInstallerFileName)$(PrivateBlobAccessTokenParam) + $(CoreSetupRootUrl)$(HostFxrVersion)/$(DownloadedHostFxrInstallerFileName)$(CoreSetupBlobAccessTokenParam) $(DownloadedHostFxrInstallerFile) <_DownloadAndExtractItem Include="AspNetCoreRuntimeInstallerWixLibFile" Condition=" '$(AspNetCoreRuntimeInstallerWixLibFile)' != '' And !Exists('$(AspNetCoreRuntimeInstallerWixLibFile)')"> - $(AspNetCoreRuntimeInstallerBlobRootUrl)/$(AspNetCoreRuntimeInstallerWixLibFileName)$(PrivateBlobAccessTokenParam) + $(AspNetCoreRuntimeInstallerBlobRootUrl)/$(AspNetCoreRuntimeInstallerWixLibFileName)$(CoreSetupBlobAccessTokenParam) $(AspNetCoreRuntimeInstallerWixLibFile) <_DownloadAndExtractItem Include="AspNetCoreRuntimeInstallerArchiveFile" Condition="!Exists('$(AspNetCoreRuntimeInstallerArchiveFile)')"> - $(AspNetCoreRuntimeInstallerBlobRootUrl)/$(AspNetCoreRuntimeInstallerArchiveFileName)$(PrivateBlobAccessTokenParam) + $(AspNetCoreRuntimeInstallerBlobRootUrl)/$(AspNetCoreRuntimeInstallerArchiveFileName)$(CoreSetupBlobAccessTokenParam) $(AspNetCoreRuntimeInstallerArchiveFile) $(AspNetRuntimePackageStorePublishDirectory) <_DownloadAndExtractItem Include="AspNetCoreSharedRuntimeVersionFile" Condition="!Exists('$(AspNetCoreSharedRuntimeVersionFile)')"> - $(AspNetCoreRuntimeInstallerBlobRootUrl)/$(AspNetCoreSharedRuntimeVersionFileName)$(PrivateBlobAccessTokenParam) + $(AspNetCoreRuntimeInstallerBlobRootUrl)/$(AspNetCoreSharedRuntimeVersionFileName)$(CoreSetupBlobAccessTokenParam) $(AspNetCoreSharedRuntimeVersionFile) diff --git a/build/compile/LzmaArchive.targets b/build/compile/LzmaArchive.targets index 911124eb6..37c96d648 100644 --- a/build/compile/LzmaArchive.targets +++ b/build/compile/LzmaArchive.targets @@ -12,7 +12,7 @@ Inputs="$(IntermediateArchive)" Outputs="$(FinalArchive)" Condition=" '$(IncludeNuGetPackageArchive)' == 'true' "> - diff --git a/build/package/Installer.DEB.targets b/build/package/Installer.DEB.targets index 76fc614d6..00afd7f30 100644 --- a/build/package/Installer.DEB.targets +++ b/build/package/Installer.DEB.targets @@ -129,10 +129,10 @@ $(PackagesDirectory)/$(AspNetCoreRuntimeDebInstallerFileName) diff --git a/build/package/Installer.MSI.targets b/build/package/Installer.MSI.targets index 32977d399..2a4e131b8 100644 --- a/build/package/Installer.MSI.targets +++ b/build/package/Installer.MSI.targets @@ -3,7 +3,7 @@ 3.10.2 - $(AssetDownloadRootUrl)/build/wix/wix.$(WixVersion).zip + https://dotnetcli.azureedge.net/build/wix/wix.$(WixVersion).zip $(IntermediateDirectory)/WixTools/$(WixVersion) $(WixRoot)/WixTools.$(WixVersion).zip $(WixRoot)/WixDownload.$(WixVersion).sentinel @@ -85,7 +85,7 @@ Encoding="Unicode"/> diff --git a/build/package/Installer.RPM.targets b/build/package/Installer.RPM.targets index 5736675cd..a4f7853ca 100644 --- a/build/package/Installer.RPM.targets +++ b/build/package/Installer.RPM.targets @@ -191,10 +191,10 @@ $(PackagesDirectory)/$(AspNetCoreRuntimeRpmInstallerFileName) From b092ad0141f7b01d1f46b2126710d9066f99ee09 Mon Sep 17 00:00:00 2001 From: John Beisner Date: Fri, 1 Dec 2017 08:05:33 -0800 Subject: [PATCH 7/8] Changes per code review... --- build/AzureInfo.props | 3 +-- build/BundledRuntimes.props | 1 - scripts/dockerrun.sh | 9 +++++++++ 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/build/AzureInfo.props b/build/AzureInfo.props index cee626a2c..252dbe269 100644 --- a/build/AzureInfo.props +++ b/build/AzureInfo.props @@ -3,8 +3,7 @@ Sdk $(PB_AssetRootUrl) https://dotnetcli.azureedge.net/dotnet/ - $(PB_AssetRootAccessTokenSuffix) - ?$(CoreSetupBlobAccessToken) + ?$(CoreSetupBlobAccessToken) $(ARTIFACT_STORAGE_CONTAINER) dotnet $(ARTIFACT_STORAGE_KEY) diff --git a/build/BundledRuntimes.props b/build/BundledRuntimes.props index cfb5d04ab..82f47ecca 100644 --- a/build/BundledRuntimes.props +++ b/build/BundledRuntimes.props @@ -27,7 +27,6 @@ - $(AssetDownloadRootUrl)/dotnet/ $(CoreSetupBlobRootUrl)Runtime/ $(IntermediateDirectory)/coreSetupDownload/$(SharedFrameworkVersion) $(CoreSetupDownloadDirectory)/combinedSharedHostAndFrameworkArchive$(ArchiveExtension) diff --git a/scripts/dockerrun.sh b/scripts/dockerrun.sh index 30ba88479..abdaec636 100755 --- a/scripts/dockerrun.sh +++ b/scripts/dockerrun.sh @@ -119,14 +119,20 @@ docker run $INTERACTIVE -t --rm --sig-proxy=true \ --name $DOTNET_BUILD_CONTAINER_NAME \ -v $DOCKER_HOST_SHARE_DIR:/opt/code \ -e CHANNEL \ + -e CONNECTION_STRING \ -e REPO_ID \ -e REPO_USER \ + -e REPO_PASS \ -e REPO_SERVER \ -e DOTNET_BUILD_SKIP_CROSSGEN \ -e PUBLISH_TO_AZURE_BLOB \ -e NUGET_FEED_URL \ + -e NUGET_API_KEY \ + -e GITHUB_PASSWORD \ + -e ARTIFACT_STORAGE_KEY \ -e ARTIFACT_STORAGE_ACCOUNT \ -e ARTIFACT_STORAGE_CONTAINER \ + -e CHECKSUM_STORAGE_KEY \ -e CHECKSUM_STORAGE_ACCOUNT \ -e CHECKSUM_STORAGE_CONTAINER \ -e CLIBUILD_SKIP_TESTS \ @@ -135,7 +141,10 @@ docker run $INTERACTIVE -t --rm --sig-proxy=true \ -e RELEASESUFFIX \ -e COREFXAZURECONTAINER \ -e AZUREACCOUNTNAME \ + -e AZUREACCESSTOKEN \ + -e VSOPASSWORD \ -e RELEASETOOLSGITURL \ -e CORESETUPBLOBROOTURL \ + -e CORESETUPBLOBACCESSTOKEN \ $DOTNET_BUILD_CONTAINER_TAG \ $BUILD_COMMAND "$@" From 4adabde4c93c347f2515e5749e759707e192cc56 Mon Sep 17 00:00:00 2001 From: John Beisner Date: Fri, 1 Dec 2017 09:56:11 -0800 Subject: [PATCH 8/8] Accounting for MSRC builds with pre-set 'CoreSetupBlobRootUrl' and 'CoreSetupBlobAccessToke' properties. --- build/AzureInfo.props | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/build/AzureInfo.props b/build/AzureInfo.props index 252dbe269..490ea909e 100644 --- a/build/AzureInfo.props +++ b/build/AzureInfo.props @@ -1,9 +1,10 @@ Sdk - $(PB_AssetRootUrl) + $(PB_AssetRootUrl) https://dotnetcli.azureedge.net/dotnet/ - ?$(CoreSetupBlobAccessToken) + $(PB_AssetRootAccessTokenSuffix) + ?$(CoreSetupBlobAccessToken) $(ARTIFACT_STORAGE_CONTAINER) dotnet $(ARTIFACT_STORAGE_KEY)