e8dddcc611
* Enable post build signing Enables post build signing of installer by including the items that need to be signed post build in an ItemsToSignPostBuild item group and moving the file signing information into the Signing.props files. Changes to in-build signing have been verified by taking a drop with the current in-build structure and comparing the the signatures and strong name keys between files in equivalent builds. * Enable post build signing Enables post build signing of installer by including the items that need to be signed post build in an ItemsToSignPostBuild item group and moving the file signing information into the Signing.props files. Changes to in-build signing have been verified by taking a drop with the current in-build structure and comparing the the signatures and strong name keys between files in equivalent builds. Co-authored-by: dotnet-bot <dotnet-bot@dotnetfoundation.org> Co-authored-by: Christopher Costa <chcosta@microsoft.com>
144 lines
9 KiB
XML
144 lines
9 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<!-- Copyright (c) .NET Foundation and contributors. All rights reserved. Licensed under the MIT license. See License.txt in the project root for full license information. -->
|
|
<Project>
|
|
<PropertyGroup>
|
|
<PublishingVersion>3</PublishingVersion>
|
|
</PropertyGroup>
|
|
|
|
<PropertyGroup>
|
|
<Product>Sdk</Product>
|
|
<BlobStoragePartialRelativePath>$(Product)</BlobStoragePartialRelativePath>
|
|
<ChecksumsFeedUrl>$(DotnetPublishChecksumsBlobFeedUrl)</ChecksumsFeedUrl>
|
|
<SdkAssetsFeedUrl>$(DotnetPublishSdkAssetsBlobFeedUrl)</SdkAssetsFeedUrl>
|
|
|
|
<PublishSdkAssetsAndChecksumsToBlob>false</PublishSdkAssetsAndChecksumsToBlob>
|
|
<PublishSdkAssetsAndChecksumsToBlob Condition=" '$(ChecksumsFeedUrl)' != '' and '$(SdkAssetsFeedUrl)' != '' ">true</PublishSdkAssetsAndChecksumsToBlob>
|
|
|
|
<PublishBinariesAndBadge Condition=" '$(PublishBinariesAndBadge)' == '' ">true</PublishBinariesAndBadge>
|
|
</PropertyGroup>
|
|
|
|
<!-- Pulled from arcade's publish.proj see https://github.com/dotnet/arcade/issues/5790 for
|
|
issue on making this common in arcade so it doesn't have to be duplicated here -->
|
|
<PropertyGroup>
|
|
<CollectionUri>$(SYSTEM_TEAMFOUNDATIONCOLLECTIONURI)</CollectionUri>
|
|
|
|
<!-- When we have dev.azure.com/<account>/ -->
|
|
<AzureDevOpsAccount Condition="$(CollectionUri.IndexOf('dev.azure.com')) >= 0">$(CollectionUri.Split('/')[3])</AzureDevOpsAccount>
|
|
|
|
<!-- When we have <account>.visualstudio.com -->
|
|
<AzureDevOpsAccount Condition="$(CollectionUri.IndexOf('visualstudio.com')) >= 0">$(CollectionUri.Split('.')[0].Split('/')[2])</AzureDevOpsAccount>
|
|
</PropertyGroup>
|
|
|
|
<!--
|
|
The new Maestro/BAR build model keeps separate Azure DevOps and GitHub build information.
|
|
The GitHub information will be extracted based on the Azure DevOps repository.
|
|
-->
|
|
<ItemGroup>
|
|
<ManifestBuildData Include="InitialAssetsLocation=$(SYSTEM_TEAMFOUNDATIONCOLLECTIONURI)$(SYSTEM_TEAMPROJECT)/_apis/build/builds/$(BUILD_BUILDID)/artifacts" />
|
|
<ManifestBuildData Include="AzureDevOpsBuildId=$(BUILD_BUILDID)" />
|
|
<ManifestBuildData Include="AzureDevOpsBuildDefinitionId=$(SYSTEM_DEFINITIONID)" />
|
|
<ManifestBuildData Include="AzureDevOpsAccount=$(AzureDevOpsAccount)" />
|
|
<ManifestBuildData Include="AzureDevOpsProject=$(SYSTEM_TEAMPROJECT)" />
|
|
<ManifestBuildData Include="AzureDevOpsBuildNumber=$(BUILD_BUILDNUMBER)" />
|
|
<ManifestBuildData Include="AzureDevOpsRepository=$(BUILD_REPOSITORY_URI)" />
|
|
<ManifestBuildData Include="AzureDevOpsBranch=$(BUILD_SOURCEBRANCH)" />
|
|
</ItemGroup>
|
|
|
|
<PropertyGroup>
|
|
<!-- Because we may be building in a container, we should use an asset manifest file path
|
|
that exists in the container. Disambiguate the manifests via available properties.
|
|
AGENT_OS and AGENT_JOBNAME are present on Azure DevOps agents. AssetManifestOS will also
|
|
be used by arcade to generate the name of the manifest file name for the built in publishing. -->
|
|
<AssetManifestOS Condition="'$(AGENT_OS)' != ''">$(AGENT_OS)</AssetManifestOS>
|
|
<AssetManifestOS Condition="'$(AGENT_OS)' == ''">$(OS)</AssetManifestOS>
|
|
<AssetManifestOS Condition="'$(AGENT_JOBNAME)' != ''">$(AssetManifestOS)-$(AGENT_JOBNAME)</AssetManifestOS>
|
|
<BaseAssetManifestFileName>$(AssetManifestOS)</BaseAssetManifestFileName>
|
|
<BaseAssetManifestFileName Condition="'$(AGENT_JOBNAME)' == '' and '$(Architecture)' != ''">$(AssetManifestOS)-$(Architecture)</BaseAssetManifestFileName>
|
|
<InstallersAssetManifestFileName>$(BaseAssetManifestFileName)-installers</InstallersAssetManifestFileName>
|
|
<!-- Property AssetManifestFilePath would be reassigned by the Arcade SDK, so use a different name (InstallersAssetManifestFilePath) -->
|
|
<InstallersAssetManifestFilePath>$(ArtifactsLogDir)AssetManifest\$(InstallersAssetManifestFileName).xml</InstallersAssetManifestFilePath>
|
|
|
|
<DotnetTempWorkingDirectory>$(ArtifactsDir)..\DotnetAssetsTmpDir\$([System.Guid]::NewGuid())</DotnetTempWorkingDirectory>
|
|
<ChecksumTempWorkingDirectory>$(ArtifactsDir)..\ChecksumAssetsTmpDir\$([System.Guid]::NewGuid())</ChecksumTempWorkingDirectory>
|
|
</PropertyGroup>
|
|
|
|
<ItemGroup>
|
|
<SdkAssetsToPublish Include="$(ArtifactsShippingPackagesDir)*.zip" Condition=" '$(PublishBinariesAndBadge)' == 'true' " />
|
|
<SdkAssetsToPublish Include="$(ArtifactsShippingPackagesDir)*.tar.gz" Condition=" '$(PublishBinariesAndBadge)' == 'true' " />
|
|
<SdkAssetsToPublish Include="$(ArtifactsShippingPackagesDir)*.pkg" />
|
|
<SdkAssetsToPublish Include="$(ArtifactsShippingPackagesDir)*.exe" />
|
|
<SdkAssetsToPublish Include="$(ArtifactsShippingPackagesDir)*.deb" />
|
|
<SdkAssetsToPublish Include="$(ArtifactsShippingPackagesDir)*.rpm" />
|
|
<SdkAssetsToPublish Include="$(ArtifactsShippingPackagesDir)*.msi" />
|
|
<SdkAssetsToPublish Include="$(ArtifactsShippingPackagesDir)*.nupkg" />
|
|
<SdkAssetsToPublish Include="$(ArtifactsShippingPackagesDir)*.cab" />
|
|
<SdkAssetsToPublish Include="$(ArtifactsShippingPackagesDir)*.svg" Condition=" '$(PublishBinariesAndBadge)' == 'true' " />
|
|
<!-- Only publish this file from windows x64 so that we don't end up with duplicates -->
|
|
<SdkAssetsToPublish Include="$(ArtifactsShippingPackagesDir)productVersion.txt"
|
|
Condition=" '$(PublishBinariesAndBadge)' == 'true' and '$(OS)' == 'Windows_NT' and '$(Architecture)' == 'x64'" />
|
|
<SdkAssetsToPublish Include="$(ArtifactsShippingPackagesDir)productCommit-*.txt" Condition=" '$(PublishBinariesAndBadge)' == 'true' " />
|
|
<SdkNonShippingAssetsToPublish Include="$(ArtifactsNonShippingPackagesDir)*.nupkg" />
|
|
<SdkNonShippingAssetsToPublish Include="$(ArtifactsNonShippingPackagesDir)*.swr" />
|
|
<SdkNonShippingAssetsToPublish Include="$(ArtifactsNonShippingPackagesDir)*.msi" />
|
|
<SdkNonShippingAssetsToPublish Condition="'$(PublishBinariesAndBadge)' != 'false'" Include="$(ArtifactsNonShippingPackagesDir)*.tar.gz" />
|
|
<SdkNonShippingAssetsToPublish Condition="'$(PublishBinariesAndBadge)' != 'false'" Include="$(ArtifactsNonShippingPackagesDir)*.zip" />
|
|
<SdkNonShippingAssetsToPublish Include="$(ArtifactsNonShippingPackagesDir)*.pkg" />
|
|
<CheckSumsToPublish Include="$(ArtifactsShippingPackagesDir)*.sha" />
|
|
<CheckSumsToPublish Remove="$(ArtifactsShippingPackagesDir)productCommit-*.txt.sha" Condition=" '$(PublishBinariesAndBadge)' == 'false'" />
|
|
<CheckSumsToPublish Remove="$(ArtifactsShippingPackagesDir)productVersion.txt.sha" Condition=" '$(OS)' != 'Windows_NT' or '$(Architecture)' != 'x64'" />
|
|
<CheckSumsToPublish Remove="$(ArtifactsShippingPackagesDir)*.zip.sha" Condition=" '$(PublishBinariesAndBadge)' == 'false' "/>
|
|
<CheckSumsToPublish Remove="$(ArtifactsShippingPackagesDir)*.tar.gz.sha" Condition=" '$(PublishBinariesAndBadge)' == 'false' "/>
|
|
</ItemGroup>
|
|
|
|
<Target Name="PublishSdkAssetsAndChecksums"
|
|
BeforeTargets="Publish"
|
|
Condition=" '$(PublishSdkAssetsAndChecksumsToBlob)' == 'true' ">
|
|
|
|
<ReadLinesFromFile File="$(ArtifactsTmpDir)FullNugetVersion.version">
|
|
<Output
|
|
TaskParameter="Lines"
|
|
PropertyName="FullNugetVersion"/>
|
|
</ReadLinesFromFile>
|
|
|
|
<ItemGroup>
|
|
<!-- Always publish blobs to a suffixed directory. -->
|
|
<SdkAssetsToPushToBlobFeed Include="@(SdkAssetsToPublish)">
|
|
<RelativeBlobPath>$(BlobStoragePartialRelativePath)/$(FullNugetVersion)/$([System.String]::Copy('%(Filename)%(Extension)'))</RelativeBlobPath>
|
|
</SdkAssetsToPushToBlobFeed>
|
|
|
|
<SdkAssetsToPushToBlobFeed Include="@(SdkNonShippingAssetsToPublish)">
|
|
<RelativeBlobPath>$(BlobStoragePartialRelativePath)/$(FullNugetVersion)/$([System.String]::Copy('%(Filename)%(Extension)'))</RelativeBlobPath>
|
|
<ManifestArtifactData>NonShipping=true</ManifestArtifactData>
|
|
</SdkAssetsToPushToBlobFeed>
|
|
|
|
<ChecksumsToPushToBlobFeed Include="@(CheckSumsToPublish)">
|
|
<RelativeBlobPath>$(BlobStoragePartialRelativePath)/$(FullNugetVersion)/$([System.String]::Copy('%(Filename)%(Extension)'))</RelativeBlobPath>
|
|
</ChecksumsToPushToBlobFeed>
|
|
</ItemGroup>
|
|
|
|
<PropertyGroup>
|
|
<IsStableBuild>false</IsStableBuild>
|
|
<IsStableBuild Condition="'$(DotNetFinalVersionKind)' == 'release'">true</IsStableBuild>
|
|
</PropertyGroup>
|
|
|
|
<PushToAzureDevOpsArtifacts
|
|
AzureDevOpsCollectionUri="$(SYSTEM_TEAMFOUNDATIONCOLLECTIONURI)"
|
|
AzureDevOpsProject="$(SYSTEM_TEAMPROJECT)"
|
|
AzureDevOpsBuildId="$(BUILD_BUILDID)"
|
|
ItemsToPush="@(SdkAssetsToPushToBlobFeed);@(ChecksumsToPushToBlobFeed)"
|
|
ItemsToSign="@(ItemsToSignPostBuild)"
|
|
CertificatesSignInfo="@(CertificatesSignInfo)"
|
|
StrongNameSignInfo="@(StrongNameSignInfo)"
|
|
FileSignInfo="@(FileSignInfo)"
|
|
FileExtensionSignInfo="@(FileExtensionSignInfo)"
|
|
ManifestBuildData="@(ManifestBuildData)"
|
|
ManifestRepoName="$(BUILD_REPOSITORY_NAME)"
|
|
ManifestBranch="$(BUILD_SOURCEBRANCH)"
|
|
ManifestBuildId="$(BUILD_BUILDNUMBER)"
|
|
ManifestCommit="$(BUILD_SOURCEVERSION)"
|
|
AssetManifestPath="$(InstallersAssetManifestFilePath)"
|
|
PublishFlatContainer="true"
|
|
IsStableBuild="$(IsStableBuild)"
|
|
PublishingVersion="3" />
|
|
</Target>
|
|
</Project>
|