diff options
| author | dotnet-maestro[bot] <dotnet-maestro[bot]@users.noreply.github.com> | 2022-04-05 23:25:48 +0300 |
|---|---|---|
| committer | dotnet-maestro[bot] <dotnet-maestro[bot]@users.noreply.github.com> | 2022-04-05 23:25:48 +0300 |
| commit | df853826fb7747250b8c10dae6a56527b5279e7a (patch) | |
| tree | 4e3d677c1776b796ca4c5e9bd981fdd9a224679b | |
| parent | c7a22f1d9d7fa40464d888f2438f78af0b200ef2 (diff) | |
Update dependencies from https://github.com/dotnet/arcade build 20220309.5darc-release/5.0-92d1e460-9aff-47f5-be27-3fe83f1124bf
Microsoft.DotNet.GenFacades , Microsoft.DotNet.Build.Tasks.Feed , Microsoft.DotNet.Build.Tasks.Packaging , Microsoft.DotNet.Build.Tasks.SharedFramework.Sdk , Microsoft.DotNet.Build.Tasks.TargetFramework.Sdk , Microsoft.DotNet.CodeAnalysis , Microsoft.DotNet.GenAPI , Microsoft.DotNet.XUnitExtensions , Microsoft.DotNet.Helix.Sdk , Microsoft.DotNet.RemoteExecutor , Microsoft.DotNet.VersionTools.Tasks , Microsoft.DotNet.XUnitConsoleRunner , Microsoft.DotNet.Arcade.Sdk , Microsoft.DotNet.ApiCompat
From Version 5.0.0-beta.21565.1 -> To Version 5.0.0-beta.22159.5
| -rw-r--r-- | eng/Version.Details.xml | 56 | ||||
| -rw-r--r-- | eng/Versions.props | 20 | ||||
| -rw-r--r-- | eng/common/pipeline-logging-functions.ps1 | 104 | ||||
| -rw-r--r-- | eng/common/sdl/configure-sdl-tool.ps1 | 109 | ||||
| -rw-r--r-- | eng/common/sdl/execute-all-sdl-tools.ps1 | 80 | ||||
| -rw-r--r-- | eng/common/sdl/extract-artifact-archives.ps1 | 63 | ||||
| -rw-r--r-- | eng/common/sdl/init-sdl.ps1 | 1 | ||||
| -rw-r--r-- | eng/common/sdl/packages.config | 2 | ||||
| -rw-r--r-- | eng/common/sdl/run-sdl.ps1 | 50 | ||||
| -rw-r--r-- | eng/common/templates/job/execute-sdl.yml | 2 | ||||
| -rw-r--r-- | eng/common/templates/job/job.yml | 5 | ||||
| -rw-r--r-- | eng/common/templates/job/publish-build-assets.yml | 4 | ||||
| -rw-r--r-- | eng/common/templates/jobs/jobs.yml | 2 | ||||
| -rw-r--r-- | eng/common/templates/post-build/common-variables.yml | 4 | ||||
| -rw-r--r-- | eng/common/tools.ps1 | 51 | ||||
| -rw-r--r-- | global.json | 8 |
16 files changed, 404 insertions, 157 deletions
diff --git a/eng/Version.Details.xml b/eng/Version.Details.xml index 6d32b2f99eb..df5f94e27bd 100644 --- a/eng/Version.Details.xml +++ b/eng/Version.Details.xml @@ -10,61 +10,61 @@ </Dependency> </ProductDependencies> <ToolsetDependencies> - <Dependency Name="Microsoft.DotNet.Arcade.Sdk" Version="5.0.0-beta.21565.1"> + <Dependency Name="Microsoft.DotNet.Arcade.Sdk" Version="5.0.0-beta.22159.5"> <Uri>https://github.com/dotnet/arcade</Uri> - <Sha>2f5d6d594674c80c57048dd9ba8b4f6ee9297171</Sha> + <Sha>ee744068a4fcccc5b8b56e0025f9c95aa19ff318</Sha> </Dependency> - <Dependency Name="Microsoft.DotNet.Helix.Sdk" Version="5.0.0-beta.21565.1"> + <Dependency Name="Microsoft.DotNet.Helix.Sdk" Version="5.0.0-beta.22159.5"> <Uri>https://github.com/dotnet/arcade</Uri> - <Sha>2f5d6d594674c80c57048dd9ba8b4f6ee9297171</Sha> + <Sha>ee744068a4fcccc5b8b56e0025f9c95aa19ff318</Sha> </Dependency> - <Dependency Name="Microsoft.DotNet.ApiCompat" Version="5.0.0-beta.21565.1"> + <Dependency Name="Microsoft.DotNet.ApiCompat" Version="5.0.0-beta.22159.5"> <Uri>https://github.com/dotnet/arcade</Uri> - <Sha>2f5d6d594674c80c57048dd9ba8b4f6ee9297171</Sha> + <Sha>ee744068a4fcccc5b8b56e0025f9c95aa19ff318</Sha> </Dependency> - <Dependency Name="Microsoft.DotNet.GenAPI" Version="5.0.0-beta.21565.1"> + <Dependency Name="Microsoft.DotNet.GenAPI" Version="5.0.0-beta.22159.5"> <Uri>https://github.com/dotnet/arcade</Uri> - <Sha>2f5d6d594674c80c57048dd9ba8b4f6ee9297171</Sha> + <Sha>ee744068a4fcccc5b8b56e0025f9c95aa19ff318</Sha> </Dependency> - <Dependency Name="Microsoft.DotNet.GenFacades" Version="5.0.0-beta.21565.1"> + <Dependency Name="Microsoft.DotNet.GenFacades" Version="5.0.0-beta.22159.5"> <Uri>https://github.com/dotnet/arcade</Uri> - <Sha>2f5d6d594674c80c57048dd9ba8b4f6ee9297171</Sha> + <Sha>ee744068a4fcccc5b8b56e0025f9c95aa19ff318</Sha> </Dependency> - <Dependency Name="Microsoft.DotNet.XUnitExtensions" Version="5.0.0-beta.21565.1"> + <Dependency Name="Microsoft.DotNet.XUnitExtensions" Version="5.0.0-beta.22159.5"> <Uri>https://github.com/dotnet/arcade</Uri> - <Sha>2f5d6d594674c80c57048dd9ba8b4f6ee9297171</Sha> + <Sha>ee744068a4fcccc5b8b56e0025f9c95aa19ff318</Sha> </Dependency> - <Dependency Name="Microsoft.DotNet.XUnitConsoleRunner" Version="2.5.1-beta.21565.1"> + <Dependency Name="Microsoft.DotNet.XUnitConsoleRunner" Version="2.5.1-beta.22159.5"> <Uri>https://github.com/dotnet/arcade</Uri> - <Sha>2f5d6d594674c80c57048dd9ba8b4f6ee9297171</Sha> + <Sha>ee744068a4fcccc5b8b56e0025f9c95aa19ff318</Sha> </Dependency> - <Dependency Name="Microsoft.DotNet.Build.Tasks.Packaging" Version="5.0.0-beta.21565.1"> + <Dependency Name="Microsoft.DotNet.Build.Tasks.Packaging" Version="5.0.0-beta.22159.5"> <Uri>https://github.com/dotnet/arcade</Uri> - <Sha>2f5d6d594674c80c57048dd9ba8b4f6ee9297171</Sha> + <Sha>ee744068a4fcccc5b8b56e0025f9c95aa19ff318</Sha> </Dependency> - <Dependency Name="Microsoft.DotNet.CodeAnalysis" Version="5.0.0-beta.21565.1"> + <Dependency Name="Microsoft.DotNet.CodeAnalysis" Version="5.0.0-beta.22159.5"> <Uri>https://github.com/dotnet/arcade</Uri> - <Sha>2f5d6d594674c80c57048dd9ba8b4f6ee9297171</Sha> + <Sha>ee744068a4fcccc5b8b56e0025f9c95aa19ff318</Sha> </Dependency> - <Dependency Name="Microsoft.DotNet.Build.Tasks.TargetFramework.Sdk" Version="5.0.0-beta.21565.1"> + <Dependency Name="Microsoft.DotNet.Build.Tasks.TargetFramework.Sdk" Version="5.0.0-beta.22159.5"> <Uri>https://github.com/dotnet/arcade</Uri> - <Sha>2f5d6d594674c80c57048dd9ba8b4f6ee9297171</Sha> + <Sha>ee744068a4fcccc5b8b56e0025f9c95aa19ff318</Sha> </Dependency> - <Dependency Name="Microsoft.DotNet.RemoteExecutor" Version="5.0.0-beta.21565.1"> + <Dependency Name="Microsoft.DotNet.RemoteExecutor" Version="5.0.0-beta.22159.5"> <Uri>https://github.com/dotnet/arcade</Uri> - <Sha>2f5d6d594674c80c57048dd9ba8b4f6ee9297171</Sha> + <Sha>ee744068a4fcccc5b8b56e0025f9c95aa19ff318</Sha> </Dependency> - <Dependency Name="Microsoft.DotNet.Build.Tasks.Feed" Version="5.0.0-beta.21565.1"> + <Dependency Name="Microsoft.DotNet.Build.Tasks.Feed" Version="5.0.0-beta.22159.5"> <Uri>https://github.com/dotnet/arcade</Uri> - <Sha>2f5d6d594674c80c57048dd9ba8b4f6ee9297171</Sha> + <Sha>ee744068a4fcccc5b8b56e0025f9c95aa19ff318</Sha> </Dependency> - <Dependency Name="Microsoft.DotNet.VersionTools.Tasks" Version="5.0.0-beta.21565.1"> + <Dependency Name="Microsoft.DotNet.VersionTools.Tasks" Version="5.0.0-beta.22159.5"> <Uri>https://github.com/dotnet/arcade</Uri> - <Sha>2f5d6d594674c80c57048dd9ba8b4f6ee9297171</Sha> + <Sha>ee744068a4fcccc5b8b56e0025f9c95aa19ff318</Sha> </Dependency> - <Dependency Name="Microsoft.DotNet.Build.Tasks.SharedFramework.Sdk" Version="5.0.0-beta.21565.1"> + <Dependency Name="Microsoft.DotNet.Build.Tasks.SharedFramework.Sdk" Version="5.0.0-beta.22159.5"> <Uri>https://github.com/dotnet/arcade</Uri> - <Sha>2f5d6d594674c80c57048dd9ba8b4f6ee9297171</Sha> + <Sha>ee744068a4fcccc5b8b56e0025f9c95aa19ff318</Sha> </Dependency> <Dependency Name="optimization.windows_nt-x64.IBC.CoreFx" Version="99.99.99-master-20200806.6"> <Uri>https://dev.azure.com/dnceng/internal/_git/dotnet-optimization</Uri> diff --git a/eng/Versions.props b/eng/Versions.props index b9d98270d34..b031e1a729f 100644 --- a/eng/Versions.props +++ b/eng/Versions.props @@ -48,16 +48,16 @@ </ItemGroup> <PropertyGroup> <!-- Arcade dependencies --> - <MicrosoftDotNetApiCompatVersion>5.0.0-beta.21565.1</MicrosoftDotNetApiCompatVersion> - <MicrosoftDotNetBuildTasksFeedVersion>5.0.0-beta.21565.1</MicrosoftDotNetBuildTasksFeedVersion> - <MicrosoftDotNetCodeAnalysisVersion>5.0.0-beta.21565.1</MicrosoftDotNetCodeAnalysisVersion> - <MicrosoftDotNetGenAPIVersion>5.0.0-beta.21565.1</MicrosoftDotNetGenAPIVersion> - <MicrosoftDotNetGenFacadesVersion>5.0.0-beta.21565.1</MicrosoftDotNetGenFacadesVersion> - <MicrosoftDotNetXUnitExtensionsVersion>5.0.0-beta.21565.1</MicrosoftDotNetXUnitExtensionsVersion> - <MicrosoftDotNetXUnitConsoleRunnerVersion>2.5.1-beta.21565.1</MicrosoftDotNetXUnitConsoleRunnerVersion> - <MicrosoftDotNetBuildTasksPackagingVersion>5.0.0-beta.21565.1</MicrosoftDotNetBuildTasksPackagingVersion> - <MicrosoftDotNetRemoteExecutorVersion>5.0.0-beta.21565.1</MicrosoftDotNetRemoteExecutorVersion> - <MicrosoftDotNetVersionToolsTasksVersion>5.0.0-beta.21565.1</MicrosoftDotNetVersionToolsTasksVersion> + <MicrosoftDotNetApiCompatVersion>5.0.0-beta.22159.5</MicrosoftDotNetApiCompatVersion> + <MicrosoftDotNetBuildTasksFeedVersion>5.0.0-beta.22159.5</MicrosoftDotNetBuildTasksFeedVersion> + <MicrosoftDotNetCodeAnalysisVersion>5.0.0-beta.22159.5</MicrosoftDotNetCodeAnalysisVersion> + <MicrosoftDotNetGenAPIVersion>5.0.0-beta.22159.5</MicrosoftDotNetGenAPIVersion> + <MicrosoftDotNetGenFacadesVersion>5.0.0-beta.22159.5</MicrosoftDotNetGenFacadesVersion> + <MicrosoftDotNetXUnitExtensionsVersion>5.0.0-beta.22159.5</MicrosoftDotNetXUnitExtensionsVersion> + <MicrosoftDotNetXUnitConsoleRunnerVersion>2.5.1-beta.22159.5</MicrosoftDotNetXUnitConsoleRunnerVersion> + <MicrosoftDotNetBuildTasksPackagingVersion>5.0.0-beta.22159.5</MicrosoftDotNetBuildTasksPackagingVersion> + <MicrosoftDotNetRemoteExecutorVersion>5.0.0-beta.22159.5</MicrosoftDotNetRemoteExecutorVersion> + <MicrosoftDotNetVersionToolsTasksVersion>5.0.0-beta.22159.5</MicrosoftDotNetVersionToolsTasksVersion> <!-- Installer dependencies --> <MicrosoftNETCoreAppVersion>5.0.0-rc.1.20451.14</MicrosoftNETCoreAppVersion> <MicrosoftNETCoreDotNetHostVersion>5.0.0-rc.1.20451.14</MicrosoftNETCoreDotNetHostVersion> diff --git a/eng/common/pipeline-logging-functions.ps1 b/eng/common/pipeline-logging-functions.ps1 index 8484451f3a5..8e422c561e4 100644 --- a/eng/common/pipeline-logging-functions.ps1 +++ b/eng/common/pipeline-logging-functions.ps1 @@ -29,14 +29,14 @@ function Write-PipelineTelemetryError { [switch]$AsOutput, [switch]$Force) - $PSBoundParameters.Remove('Category') | Out-Null + $PSBoundParameters.Remove('Category') | Out-Null - if($Force -Or ((Test-Path variable:ci) -And $ci)) { - $Message = "(NETCORE_ENGINEERING_TELEMETRY=$Category) $Message" - } - $PSBoundParameters.Remove('Message') | Out-Null - $PSBoundParameters.Add('Message', $Message) - Write-PipelineTaskError @PSBoundParameters + if ($Force -Or ((Test-Path variable:ci) -And $ci)) { + $Message = "(NETCORE_ENGINEERING_TELEMETRY=$Category) $Message" + } + $PSBoundParameters.Remove('Message') | Out-Null + $PSBoundParameters.Add('Message', $Message) + Write-PipelineTaskError @PSBoundParameters } # Specify "-Force" to force pipeline formatted output even if "$ci" is false or not set @@ -55,8 +55,8 @@ function Write-PipelineTaskError { [switch]$Force ) - if(!$Force -And (-Not (Test-Path variable:ci) -Or !$ci)) { - if($Type -eq 'error') { + if (!$Force -And (-Not (Test-Path variable:ci) -Or !$ci)) { + if ($Type -eq 'error') { Write-Host $Message -ForegroundColor Red return } @@ -66,47 +66,61 @@ function Write-PipelineTaskError { } } - if(($Type -ne 'error') -and ($Type -ne 'warning')) { + if (($Type -ne 'error') -and ($Type -ne 'warning')) { Write-Host $Message return } $PSBoundParameters.Remove('Force') | Out-Null - if(-not $PSBoundParameters.ContainsKey('Type')) { + if (-not $PSBoundParameters.ContainsKey('Type')) { $PSBoundParameters.Add('Type', 'error') } Write-LogIssue @PSBoundParameters - } +} - function Write-PipelineSetVariable { +function Write-PipelineSetVariable { [CmdletBinding()] param( - [Parameter(Mandatory = $true)] - [string]$Name, - [string]$Value, - [switch]$Secret, - [switch]$AsOutput, - [bool]$IsMultiJobVariable=$true) - - if((Test-Path variable:ci) -And $ci) { + [Parameter(Mandatory = $true)] + [string]$Name, + [string]$Value, + [switch]$Secret, + [switch]$AsOutput, + [bool]$IsMultiJobVariable = $true) + + if ((Test-Path variable:ci) -And $ci) { Write-LoggingCommand -Area 'task' -Event 'setvariable' -Data $Value -Properties @{ - 'variable' = $Name - 'isSecret' = $Secret - 'isOutput' = $IsMultiJobVariable + 'variable' = $Name + 'isSecret' = $Secret + 'isOutput' = $IsMultiJobVariable } -AsOutput:$AsOutput - } - } + } +} - function Write-PipelinePrependPath { +function Write-PipelinePrependPath { [CmdletBinding()] param( - [Parameter(Mandatory=$true)] - [string]$Path, - [switch]$AsOutput) + [Parameter(Mandatory = $true)] + [string]$Path, + [switch]$AsOutput) - if((Test-Path variable:ci) -And $ci) { + if ((Test-Path variable:ci) -And $ci) { Write-LoggingCommand -Area 'task' -Event 'prependpath' -Data $Path -AsOutput:$AsOutput - } - } + } +} + +function Write-PipelineSetResult { + [CmdletBinding()] + param( + [ValidateSet("Succeeded", "SucceededWithIssues", "Failed", "Cancelled", "Skipped")] + [Parameter(Mandatory = $true)] + [string]$Result, + [string]$Message) + if ((Test-Path variable:ci) -And $ci) { + Write-LoggingCommand -Area 'task' -Event 'complete' -Data $Message -Properties @{ + 'result' = $Result + } + } +} <######################################## # Private functions. @@ -123,7 +137,8 @@ function Format-LoggingCommandData { foreach ($mapping in $script:loggingCommandEscapeMappings) { $Value = $Value.Replace($mapping.Token, $mapping.Replacement) } - } else { + } + else { for ($i = $script:loggingCommandEscapeMappings.Length - 1 ; $i -ge 0 ; $i--) { $mapping = $script:loggingCommandEscapeMappings[$i] $Value = $Value.Replace($mapping.Replacement, $mapping.Token) @@ -156,7 +171,8 @@ function Format-LoggingCommand { if ($first) { $null = $sb.Append(' ') $first = $false - } else { + } + else { $null = $sb.Append(';') } @@ -193,7 +209,8 @@ function Write-LoggingCommand { $command = Format-LoggingCommand -Area $Area -Event $Event -Data $Data -Properties $Properties if ($AsOutput) { $command - } else { + } + else { Write-Host $command } } @@ -212,12 +229,12 @@ function Write-LogIssue { [switch]$AsOutput) $command = Format-LoggingCommand -Area 'task' -Event 'logissue' -Data $Message -Properties @{ - 'type' = $Type - 'code' = $ErrCode - 'sourcepath' = $SourcePath - 'linenumber' = $LineNumber - 'columnnumber' = $ColumnNumber - } + 'type' = $Type + 'code' = $ErrCode + 'sourcepath' = $SourcePath + 'linenumber' = $LineNumber + 'columnnumber' = $ColumnNumber + } if ($AsOutput) { return $command } @@ -229,7 +246,8 @@ function Write-LogIssue { $foregroundColor = [System.ConsoleColor]::Red $backgroundColor = [System.ConsoleColor]::Black } - } else { + } + else { $foregroundColor = $host.PrivateData.WarningForegroundColor $backgroundColor = $host.PrivateData.WarningBackgroundColor if ($foregroundColor -isnot [System.ConsoleColor] -or $backgroundColor -isnot [System.ConsoleColor]) { diff --git a/eng/common/sdl/configure-sdl-tool.ps1 b/eng/common/sdl/configure-sdl-tool.ps1 new file mode 100644 index 00000000000..8a68fc24b11 --- /dev/null +++ b/eng/common/sdl/configure-sdl-tool.ps1 @@ -0,0 +1,109 @@ +Param( + [string] $GuardianCliLocation, + [string] $WorkingDirectory, + [string] $TargetDirectory, + [string] $GdnFolder, + # The list of Guardian tools to configure. For each object in the array: + # - If the item is a [hashtable], it must contain these entries: + # - Name = The tool name as Guardian knows it. + # - Scenario = (Optional) Scenario-specific name for this configuration entry. It must be unique + # among all tool entries with the same Name. + # - Args = (Optional) Array of Guardian tool configuration args, like '@("Target > C:\temp")' + # - If the item is a [string] $v, it is treated as '@{ Name="$v" }' + [object[]] $ToolsList, + [string] $GuardianLoggerLevel='Standard', + # Optional: Additional params to add to any tool using CredScan. + [string[]] $CrScanAdditionalRunConfigParams, + # Optional: Additional params to add to any tool using PoliCheck. + [string[]] $PoliCheckAdditionalRunConfigParams +) + +$ErrorActionPreference = 'Stop' +Set-StrictMode -Version 2.0 +$disableConfigureToolsetImport = $true +$global:LASTEXITCODE = 0 + +try { + # `tools.ps1` checks $ci to perform some actions. Since the SDL + # scripts don't necessarily execute in the same agent that run the + # build.ps1/sh script this variable isn't automatically set. + $ci = $true + . $PSScriptRoot\..\tools.ps1 + + # Normalize tools list: all in [hashtable] form with defined values for each key. + $ToolsList = $ToolsList | + ForEach-Object { + if ($_ -is [string]) { + $_ = @{ Name = $_ } + } + + if (-not ($_['Scenario'])) { $_.Scenario = "" } + if (-not ($_['Args'])) { $_.Args = @() } + $_ + } + + Write-Host "List of tools to configure:" + $ToolsList | ForEach-Object { $_ | Out-String | Write-Host } + + # We store config files in the r directory of .gdn + $gdnConfigPath = Join-Path $GdnFolder 'r' + $ValidPath = Test-Path $GuardianCliLocation + + if ($ValidPath -eq $False) + { + Write-PipelineTelemetryError -Force -Category 'Sdl' -Message "Invalid Guardian CLI Location." + ExitWithExitCode 1 + } + + foreach ($tool in $ToolsList) { + # Put together the name and scenario to make a unique key. + $toolConfigName = $tool.Name + if ($tool.Scenario) { + $toolConfigName += "_" + $tool.Scenario + } + + Write-Host "=== Configuring $toolConfigName..." + + $gdnConfigFile = Join-Path $gdnConfigPath "$toolConfigName-configure.gdnconfig" + + # For some tools, add default and automatic args. + if ($tool.Name -eq 'credscan') { + if ($targetDirectory) { + $tool.Args += "`"TargetDirectory < $TargetDirectory`"" + } + $tool.Args += "`"OutputType < pre`"" + $tool.Args += $CrScanAdditionalRunConfigParams + } elseif ($tool.Name -eq 'policheck') { + if ($targetDirectory) { + $tool.Args += "`"Target < $TargetDirectory`"" + } + $tool.Args += $PoliCheckAdditionalRunConfigParams + } + + # Create variable pointing to the args array directly so we can use splat syntax later. + $toolArgs = $tool.Args + + # Configure the tool. If args array is provided or the current tool has some default arguments + # defined, add "--args" and splat each element on the end. Arg format is "{Arg id} < {Value}", + # one per parameter. Doc page for "guardian configure": + # https://dev.azure.com/securitytools/SecurityIntegration/_wiki/wikis/Guardian/1395/configure + Exec-BlockVerbosely { + & $GuardianCliLocation configure ` + --working-directory $WorkingDirectory ` + --tool $tool.Name ` + --output-path $gdnConfigFile ` + --logger-level $GuardianLoggerLevel ` + --noninteractive ` + --force ` + $(if ($toolArgs) { "--args" }) @toolArgs + Exit-IfNZEC "Sdl" + } + + Write-Host "Created '$toolConfigName' configuration file: $gdnConfigFile" + } +} +catch { + Write-Host $_.ScriptStackTrace + Write-PipelineTelemetryError -Force -Category 'Sdl' -Message $_ + ExitWithExitCode 1 +} diff --git a/eng/common/sdl/execute-all-sdl-tools.ps1 b/eng/common/sdl/execute-all-sdl-tools.ps1 index b6a7de26b47..e5bef8ebd3a 100644 --- a/eng/common/sdl/execute-all-sdl-tools.ps1 +++ b/eng/common/sdl/execute-all-sdl-tools.ps1 @@ -7,8 +7,17 @@ Param( [string] $SourceDirectory=$env:BUILD_SOURCESDIRECTORY, # Required: the directory where source files are located [string] $ArtifactsDirectory = (Join-Path $env:BUILD_ARTIFACTSTAGINGDIRECTORY ('artifacts')), # Required: the directory where build artifacts are located [string] $AzureDevOpsAccessToken, # Required: access token for dnceng; should be provided via KeyVault - [string[]] $SourceToolsList, # Optional: list of SDL tools to run on source code - [string[]] $ArtifactToolsList, # Optional: list of SDL tools to run on built artifacts + + # Optional: list of SDL tools to run on source code. See 'configure-sdl-tool.ps1' for tools list + # format. + [object[]] $SourceToolsList, + # Optional: list of SDL tools to run on built artifacts. See 'configure-sdl-tool.ps1' for tools + # list format. + [object[]] $ArtifactToolsList, + # Optional: list of SDL tools to run without automatically specifying a target directory. See + # 'configure-sdl-tool.ps1' for tools list format. + [object[]] $CustomToolsList, + [bool] $TsaPublish=$False, # Optional: true will publish results to TSA; only set to true after onboarding to TSA; TSA is the automated framework used to upload test results as bugs. [string] $TsaBranchName=$env:BUILD_SOURCEBRANCH, # Optional: required for TSA publish; defaults to $(Build.SourceBranchName); TSA is the automated framework used to upload test results as bugs. [string] $TsaRepositoryName=$env:BUILD_REPOSITORY_NAME, # Optional: TSA repository name; will be generated automatically if not submitted; TSA is the automated framework used to upload test results as bugs. @@ -63,13 +72,16 @@ try { ExitWithExitCode 1 } - & $(Join-Path $PSScriptRoot 'init-sdl.ps1') -GuardianCliLocation $guardianCliLocation -Repository $RepoName -BranchName $BranchName -WorkingDirectory $workingDirectory -AzureDevOpsAccessToken $AzureDevOpsAccessToken -GuardianLoggerLevel $GuardianLoggerLevel + Exec-BlockVerbosely { + & $(Join-Path $PSScriptRoot 'init-sdl.ps1') -GuardianCliLocation $guardianCliLocation -Repository $RepoName -BranchName $BranchName -WorkingDirectory $workingDirectory -AzureDevOpsAccessToken $AzureDevOpsAccessToken -GuardianLoggerLevel $GuardianLoggerLevel + } $gdnFolder = Join-Path $workingDirectory '.gdn' if ($TsaOnboard) { if ($TsaCodebaseName -and $TsaNotificationEmail -and $TsaCodebaseAdmin -and $TsaBugAreaPath) { - Write-Host "$guardianCliLocation tsa-onboard --codebase-name `"$TsaCodebaseName`" --notification-alias `"$TsaNotificationEmail`" --codebase-admin `"$TsaCodebaseAdmin`" --instance-url `"$TsaInstanceUrl`" --project-name `"$TsaProjectName`" --area-path `"$TsaBugAreaPath`" --iteration-path `"$TsaIterationPath`" --working-directory $workingDirectory --logger-level $GuardianLoggerLevel" - & $guardianCliLocation tsa-onboard --codebase-name "$TsaCodebaseName" --notification-alias "$TsaNotificationEmail" --codebase-admin "$TsaCodebaseAdmin" --instance-url "$TsaInstanceUrl" --project-name "$TsaProjectName" --area-path "$TsaBugAreaPath" --iteration-path "$TsaIterationPath" --working-directory $workingDirectory --logger-level $GuardianLoggerLevel + Exec-BlockVerbosely { + & $guardianCliLocation tsa-onboard --codebase-name "$TsaCodebaseName" --notification-alias "$TsaNotificationEmail" --codebase-admin "$TsaCodebaseAdmin" --instance-url "$TsaInstanceUrl" --project-name "$TsaProjectName" --area-path "$TsaBugAreaPath" --iteration-path "$TsaIterationPath" --working-directory $workingDirectory --logger-level $GuardianLoggerLevel + } if ($LASTEXITCODE -ne 0) { Write-PipelineTelemetryError -Force -Category 'Sdl' -Message "Guardian tsa-onboard failed with exit code $LASTEXITCODE." ExitWithExitCode $LASTEXITCODE @@ -80,24 +92,41 @@ try { } } - if ($ArtifactToolsList -and $ArtifactToolsList.Count -gt 0) { - & $(Join-Path $PSScriptRoot 'run-sdl.ps1') -GuardianCliLocation $guardianCliLocation -WorkingDirectory $workingDirectory -TargetDirectory $ArtifactsDirectory -GdnFolder $gdnFolder -ToolsList $ArtifactToolsList -AzureDevOpsAccessToken $AzureDevOpsAccessToken -UpdateBaseline $UpdateBaseline -GuardianLoggerLevel $GuardianLoggerLevel -CrScanAdditionalRunConfigParams $CrScanAdditionalRunConfigParams -PoliCheckAdditionalRunConfigParams $PoliCheckAdditionalRunConfigParams - if ($LASTEXITCODE -ne 0) { - ExitWithExitCode $LASTEXITCODE - } - } - if ($SourceToolsList -and $SourceToolsList.Count -gt 0) { - & $(Join-Path $PSScriptRoot 'run-sdl.ps1') -GuardianCliLocation $guardianCliLocation -WorkingDirectory $workingDirectory -TargetDirectory $SourceDirectory -GdnFolder $gdnFolder -ToolsList $SourceToolsList -AzureDevOpsAccessToken $AzureDevOpsAccessToken -UpdateBaseline $UpdateBaseline -GuardianLoggerLevel $GuardianLoggerLevel -CrScanAdditionalRunConfigParams $CrScanAdditionalRunConfigParams -PoliCheckAdditionalRunConfigParams $PoliCheckAdditionalRunConfigParams - if ($LASTEXITCODE -ne 0) { - ExitWithExitCode $LASTEXITCODE + # Configure a list of tools with a default target directory. Populates the ".gdn/r" directory. + function Configure-ToolsList([object[]] $tools, [string] $targetDirectory) { + if ($tools -and $tools.Count -gt 0) { + Exec-BlockVerbosely { + & $(Join-Path $PSScriptRoot 'configure-sdl-tool.ps1') ` + -GuardianCliLocation $guardianCliLocation ` + -WorkingDirectory $workingDirectory ` + -TargetDirectory $targetDirectory ` + -GdnFolder $gdnFolder ` + -ToolsList $tools ` + -AzureDevOpsAccessToken $AzureDevOpsAccessToken ` + -GuardianLoggerLevel $GuardianLoggerLevel ` + -CrScanAdditionalRunConfigParams $CrScanAdditionalRunConfigParams ` + -PoliCheckAdditionalRunConfigParams $PoliCheckAdditionalRunConfigParams + if ($BreakOnFailure) { + Exit-IfNZEC "Sdl" + } + } } } - if ($UpdateBaseline) { - & (Join-Path $PSScriptRoot 'push-gdn.ps1') -Repository $RepoName -BranchName $BranchName -GdnFolder $GdnFolder -AzureDevOpsAccessToken $AzureDevOpsAccessToken -PushReason 'Update baseline' - if ($LASTEXITCODE -ne 0) { - ExitWithExitCode $LASTEXITCODE - } + # Configure Artifact and Source tools with default Target directories. + Configure-ToolsList $ArtifactToolsList $ArtifactsDirectory + Configure-ToolsList $SourceToolsList $SourceDirectory + # Configure custom tools with no default Target directory. + Configure-ToolsList $CustomToolsList $null + + # At this point, all tools are configured in the ".gdn" directory. Run them all in a single call. + # (If we used "run" multiple times, each run would overwrite data from earlier runs.) + Exec-BlockVerbosely { + & $(Join-Path $PSScriptRoot 'run-sdl.ps1') ` + -GuardianCliLocation $guardianCliLocation ` + -WorkingDirectory $SourceDirectory ` + -UpdateBaseline $UpdateBaseline ` + -GdnFolder $gdnFolder } if ($TsaPublish) { @@ -105,8 +134,9 @@ try { if (-not $TsaRepositoryName) { $TsaRepositoryName = "$($Repository)-$($BranchName)" } - Write-Host "$guardianCliLocation tsa-publish --all-tools --repository-name `"$TsaRepositoryName`" --branch-name `"$TsaBranchName`" --build-number `"$BuildNumber`" --codebase-name `"$TsaCodebaseName`" --notification-alias `"$TsaNotificationEmail`" --codebase-admin `"$TsaCodebaseAdmin`" --instance-url `"$TsaInstanceUrl`" --project-name `"$TsaProjectName`" --area-path `"$TsaBugAreaPath`" --iteration-path `"$TsaIterationPath`" --working-directory $workingDirectory --logger-level $GuardianLoggerLevel" - & $guardianCliLocation tsa-publish --all-tools --repository-name "$TsaRepositoryName" --branch-name "$TsaBranchName" --build-number "$BuildNumber" --onboard $True --codebase-name "$TsaCodebaseName" --notification-alias "$TsaNotificationEmail" --codebase-admin "$TsaCodebaseAdmin" --instance-url "$TsaInstanceUrl" --project-name "$TsaProjectName" --area-path "$TsaBugAreaPath" --iteration-path "$TsaIterationPath" --working-directory $workingDirectory --logger-level $GuardianLoggerLevel + Exec-BlockVerbosely { + & $guardianCliLocation tsa-publish --all-tools --repository-name "$TsaRepositoryName" --branch-name "$TsaBranchName" --build-number "$BuildNumber" --onboard $True --codebase-name "$TsaCodebaseName" --notification-alias "$TsaNotificationEmail" --codebase-admin "$TsaCodebaseAdmin" --instance-url "$TsaInstanceUrl" --project-name "$TsaProjectName" --area-path "$TsaBugAreaPath" --iteration-path "$TsaIterationPath" --working-directory $workingDirectory --logger-level $GuardianLoggerLevel + } if ($LASTEXITCODE -ne 0) { Write-PipelineTelemetryError -Force -Category 'Sdl' -Message "Guardian tsa-publish failed with exit code $LASTEXITCODE." ExitWithExitCode $LASTEXITCODE @@ -119,7 +149,11 @@ try { if ($BreakOnFailure) { Write-Host "Failing the build in case of breaking results..." - & $guardianCliLocation break + Exec-BlockVerbosely { + & $guardianCliLocation break --working-directory $workingDirectory --logger-level $GuardianLoggerLevel + } + } else { + Write-Host "Letting the build pass even if there were breaking results..." } } catch { diff --git a/eng/common/sdl/extract-artifact-archives.ps1 b/eng/common/sdl/extract-artifact-archives.ps1 new file mode 100644 index 00000000000..68da4fbf257 --- /dev/null +++ b/eng/common/sdl/extract-artifact-archives.ps1 @@ -0,0 +1,63 @@ +# This script looks for each archive file in a directory and extracts it into the target directory. +# For example, the file "$InputPath/bin.tar.gz" extracts to "$ExtractPath/bin.tar.gz.extracted/**". +# Uses the "tar" utility added to Windows 10 / Windows 2019 that supports tar.gz and zip. +param( + # Full path to directory where archives are stored. + [Parameter(Mandatory=$true)][string] $InputPath, + # Full path to directory to extract archives into. May be the same as $InputPath. + [Parameter(Mandatory=$true)][string] $ExtractPath +) + +$ErrorActionPreference = 'Stop' +Set-StrictMode -Version 2.0 + +$disableConfigureToolsetImport = $true + +try { + # `tools.ps1` checks $ci to perform some actions. Since the SDL + # scripts don't necessarily execute in the same agent that run the + # build.ps1/sh script this variable isn't automatically set. + $ci = $true + . $PSScriptRoot\..\tools.ps1 + + Measure-Command { + $jobs = @() + + # Find archive files for non-Windows and Windows builds. + $archiveFiles = @( + Get-ChildItem (Join-Path $InputPath "*.tar.gz") + Get-ChildItem (Join-Path $InputPath "*.zip") + ) + + foreach ($targzFile in $archiveFiles) { + $jobs += Start-Job -ScriptBlock { + $file = $using:targzFile + $fileName = [System.IO.Path]::GetFileName($file) + $extractDir = Join-Path $using:ExtractPath "$fileName.extracted" + + New-Item $extractDir -ItemType Directory -Force | Out-Null + + Write-Host "Extracting '$file' to '$extractDir'..." + + # Pipe errors to stdout to prevent PowerShell detecting them and quitting the job early. + # This type of quit skips the catch, so we wouldn't be able to tell which file triggered the + # error. Save output so it can be stored in the exception string along with context. + $output = tar -xf $file -C $extractDir 2>&1 + # Handle NZEC manually rather than using Exit-IfNZEC: we are in a background job, so we + # don't have access to the outer scope. + if ($LASTEXITCODE -ne 0) { + throw "Error extracting '$file': non-zero exit code ($LASTEXITCODE). Output: '$output'" + } + + Write-Host "Extracted to $extractDir" + } + } + + Receive-Job $jobs -Wait + } +} +catch { + Write-Host $_ + Write-PipelineTelemetryError -Force -Category 'Sdl' -Message $_ + ExitWithExitCode 1 +} diff --git a/eng/common/sdl/init-sdl.ps1 b/eng/common/sdl/init-sdl.ps1 index ac1bc4b87bb..3ac1d92b370 100644 --- a/eng/common/sdl/init-sdl.ps1 +++ b/eng/common/sdl/init-sdl.ps1 @@ -46,7 +46,6 @@ try { Write-PipelineTelemetryError -Force -Category 'Build' -Message "Guardian baseline failed with exit code $LASTEXITCODE." ExitWithExitCode $LASTEXITCODE } - & $(Join-Path $PSScriptRoot 'push-gdn.ps1') -Repository $Repository -BranchName $BranchName -GdnFolder $gdnFolder -AzureDevOpsAccessToken $AzureDevOpsAccessToken -PushReason 'Initialize gdn folder' ExitWithExitCode 0 } catch { diff --git a/eng/common/sdl/packages.config b/eng/common/sdl/packages.config index 3bd8b29ebd7..b7bcfe38caf 100644 --- a/eng/common/sdl/packages.config +++ b/eng/common/sdl/packages.config @@ -1,4 +1,4 @@ <?xml version="1.0" encoding="utf-8"?> <packages> - <package id="Microsoft.Guardian.Cli" version="0.53.3"/> + <package id="Microsoft.Guardian.Cli" version="0.110.1"/> </packages> diff --git a/eng/common/sdl/run-sdl.ps1 b/eng/common/sdl/run-sdl.ps1 index 3d9c87aba6a..2eac8c78f10 100644 --- a/eng/common/sdl/run-sdl.ps1 +++ b/eng/common/sdl/run-sdl.ps1 @@ -1,13 +1,9 @@ Param( [string] $GuardianCliLocation, [string] $WorkingDirectory, - [string] $TargetDirectory, [string] $GdnFolder, - [string[]] $ToolsList, [string] $UpdateBaseline, - [string] $GuardianLoggerLevel='Standard', - [string[]] $CrScanAdditionalRunConfigParams, - [string[]] $PoliCheckAdditionalRunConfigParams + [string] $GuardianLoggerLevel='Standard' ) $ErrorActionPreference = 'Stop' @@ -23,7 +19,6 @@ try { . $PSScriptRoot\..\tools.ps1 # We store config files in the r directory of .gdn - Write-Host $ToolsList $gdnConfigPath = Join-Path $GdnFolder 'r' $ValidPath = Test-Path $GuardianCliLocation @@ -33,37 +28,18 @@ try { ExitWithExitCode 1 } - $configParam = @('--config') - - foreach ($tool in $ToolsList) { - $gdnConfigFile = Join-Path $gdnConfigPath "$tool-configure.gdnconfig" - Write-Host $tool - # We have to manually configure tools that run on source to look at the source directory only - if ($tool -eq 'credscan') { - Write-Host "$GuardianCliLocation configure --working-directory $WorkingDirectory --tool $tool --output-path $gdnConfigFile --logger-level $GuardianLoggerLevel --noninteractive --force --args `" TargetDirectory < $TargetDirectory `" `" OutputType < pre `" $(If ($CrScanAdditionalRunConfigParams) {$CrScanAdditionalRunConfigParams})" - & $GuardianCliLocation configure --working-directory $WorkingDirectory --tool $tool --output-path $gdnConfigFile --logger-level $GuardianLoggerLevel --noninteractive --force --args " TargetDirectory < $TargetDirectory " "OutputType < pre" $(If ($CrScanAdditionalRunConfigParams) {$CrScanAdditionalRunConfigParams}) - if ($LASTEXITCODE -ne 0) { - Write-PipelineTelemetryError -Force -Category 'Sdl' -Message "Guardian configure for $tool failed with exit code $LASTEXITCODE." - ExitWithExitCode $LASTEXITCODE - } - } - if ($tool -eq 'policheck') { - Write-Host "$GuardianCliLocation configure --working-directory $WorkingDirectory --tool $tool --output-path $gdnConfigFile --logger-level $GuardianLoggerLevel --noninteractive --force --args `" Target < $TargetDirectory `" $(If ($PoliCheckAdditionalRunConfigParams) {$PoliCheckAdditionalRunConfigParams})" - & $GuardianCliLocation configure --working-directory $WorkingDirectory --tool $tool --output-path $gdnConfigFile --logger-level $GuardianLoggerLevel --noninteractive --force --args " Target < $TargetDirectory " $(If ($PoliCheckAdditionalRunConfigParams) {$PoliCheckAdditionalRunConfigParams}) - if ($LASTEXITCODE -ne 0) { - Write-PipelineTelemetryError -Force -Category 'Sdl' -Message "Guardian configure for $tool failed with exit code $LASTEXITCODE." - ExitWithExitCode $LASTEXITCODE - } - } - - $configParam+=$gdnConfigFile - } - - Write-Host "$GuardianCliLocation run --working-directory $WorkingDirectory --baseline mainbaseline --update-baseline $UpdateBaseline --logger-level $GuardianLoggerLevel $configParam" - & $GuardianCliLocation run --working-directory $WorkingDirectory --tool $tool --baseline mainbaseline --update-baseline $UpdateBaseline --logger-level $GuardianLoggerLevel $configParam - if ($LASTEXITCODE -ne 0) { - Write-PipelineTelemetryError -Force -Category 'Sdl' -Message "Guardian run for $ToolsList using $configParam failed with exit code $LASTEXITCODE." - ExitWithExitCode $LASTEXITCODE + $gdnConfigFiles = Get-ChildItem $gdnConfigPath -Recurse -Include '*.gdnconfig' + Write-Host "Discovered Guardian config files:" + $gdnConfigFiles | Out-String | Write-Host + + Exec-BlockVerbosely { + & $GuardianCliLocation run ` + --working-directory $WorkingDirectory ` + --baseline mainbaseline ` + --update-baseline $UpdateBaseline ` + --logger-level $GuardianLoggerLevel ` + --config @gdnConfigFiles + Exit-IfNZEC "Sdl" } } catch { diff --git a/eng/common/templates/job/execute-sdl.yml b/eng/common/templates/job/execute-sdl.yml index acb5a5d8793..ccd2a340934 100644 --- a/eng/common/templates/job/execute-sdl.yml +++ b/eng/common/templates/job/execute-sdl.yml @@ -83,7 +83,7 @@ jobs: continueOnError: ${{ parameters.sdlContinueOnError }} - ${{ if eq(parameters.overrideParameters, '') }}: - powershell: eng/common/sdl/execute-all-sdl-tools.ps1 - -GuardianPackageName Microsoft.Guardian.Cli.0.53.3 + -GuardianPackageName Microsoft.Guardian.Cli.0.110.1 -NugetPackageDirectory $(Build.SourcesDirectory)\.packages -AzureDevOpsAccessToken $(dn-bot-dotnet-build-rw-code-rw) ${{ parameters.additionalParameters }} diff --git a/eng/common/templates/job/job.yml b/eng/common/templates/job/job.yml index 2dcda1a8a61..b536c95ff44 100644 --- a/eng/common/templates/job/job.yml +++ b/eng/common/templates/job/job.yml @@ -25,6 +25,7 @@ parameters: enablePublishTestResults: false enablePublishUsingPipelines: false useBuildManifest: false + disableComponentGovernance: false mergeTestResults: false testRunTitle: '' name: '' @@ -136,6 +137,10 @@ jobs: richNavLogOutputDirectory: $(Build.SourcesDirectory)/artifacts/bin continueOnError: true + - ${{ if and(eq(parameters.runAsPublic, 'false'), ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest'), ne(parameters.disableComponentGovernance, 'true')) }}: + - task: ComponentGovernanceComponentDetection@0 + continueOnError: true + - ${{ if eq(parameters.enableMicrobuild, 'true') }}: - ${{ if and(eq(parameters.runAsPublic, 'false'), ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}: - task: MicroBuildCleanup@1 diff --git a/eng/common/templates/job/publish-build-assets.yml b/eng/common/templates/job/publish-build-assets.yml index d0c3cc2b3ba..f349d7ce980 100644 --- a/eng/common/templates/job/publish-build-assets.yml +++ b/eng/common/templates/job/publish-build-assets.yml @@ -37,10 +37,6 @@ jobs: - name: _BuildConfig value: ${{ parameters.configuration }} - group: Publish-Build-Assets - # Skip component governance and codesign validation for SDL. These jobs - # create no content. - - name: skipComponentGovernanceDetection - value: true - name: runCodesignValidationInjection value: false diff --git a/eng/common/templates/jobs/jobs.yml b/eng/common/templates/jobs/jobs.yml index a6a58c78b0c..c1c6e0d611c 100644 --- a/eng/common/templates/jobs/jobs.yml +++ b/eng/common/templates/jobs/jobs.yml @@ -7,7 +7,7 @@ parameters: # Optional: Enable publishing using release pipelines enablePublishUsingPipelines: false - + graphFileGeneration: # Optional: Enable generating the graph files at the end of the build enabled: false diff --git a/eng/common/templates/post-build/common-variables.yml b/eng/common/templates/post-build/common-variables.yml index c99fd750376..956ed7eb904 100644 --- a/eng/common/templates/post-build/common-variables.yml +++ b/eng/common/templates/post-build/common-variables.yml @@ -91,9 +91,5 @@ variables: - name: InternalInstallersBlobFeedKey value: $(dotnetclimsrc-access-key) - # Skip component governance and codesign validation for SDL. These jobs - # create no content. - - name: skipComponentGovernanceDetection - value: true - name: runCodesignValidationInjection value: false diff --git a/eng/common/tools.ps1 b/eng/common/tools.ps1 index eba7ed49d78..15b2ef4cec8 100644 --- a/eng/common/tools.ps1 +++ b/eng/common/tools.ps1 @@ -103,6 +103,46 @@ function Exec-Process([string]$command, [string]$commandArgs) { } } +# Take the given block, print it, print what the block probably references from the current set of +# variables using low-effort string matching, then run the block. +# +# This is intended to replace the pattern of manually copy-pasting a command, wrapping it in quotes, +# and printing it using "Write-Host". The copy-paste method is more readable in build logs, but less +# maintainable and less reliable. It is easy to make a mistake and modify the command without +# properly updating the "Write-Host" line, resulting in misleading build logs. The probability of +# this mistake makes the pattern hard to trust when it shows up in build logs. Finding the bug in +# existing source code can also be difficult, because the strings are not aligned to each other and +# the line may be 300+ columns long. +# +# By removing the need to maintain two copies of the command, Exec-BlockVerbosely avoids the issues. +# +# In Bash (or any posix-like shell), "set -x" prints usable verbose output automatically. +# "Set-PSDebug" appears to be similar at first glance, but unfortunately, it isn't very useful: it +# doesn't print any info about the variables being used by the command, which is normally the +# interesting part to diagnose. +function Exec-BlockVerbosely([scriptblock] $block) { + Write-Host "--- Running script block:" + $blockString = $block.ToString().Trim() + Write-Host $blockString + + Write-Host "--- List of variables that might be used:" + # For each variable x in the environment, check the block for a reference to x via simple "$x" or + # "@x" syntax. This doesn't detect other ways to reference variables ("${x}" nor "$variable:x", + # among others). It only catches what this function was originally written for: simple + # command-line commands. + $variableTable = Get-Variable | + Where-Object { + $blockString.Contains("`$$($_.Name)") -or $blockString.Contains("@$($_.Name)") + } | + Format-Table -AutoSize -HideTableHeaders -Wrap | + Out-String + Write-Host $variableTable.Trim() + + Write-Host "--- Executing:" + & $block + Write-Host "--- Done running script block!" +} + # createSdkLocationFile parameter enables a file being generated under the toolset directory # which writes the sdk's location into. This is only necessary for cmd --> powershell invocations # as dot sourcing isn't possible. @@ -614,6 +654,17 @@ function ExitWithExitCode([int] $exitCode) { exit $exitCode } +# Check if $LASTEXITCODE is a nonzero exit code (NZEC). If so, print a Azure Pipeline error for +# diagnostics, then exit the script with the $LASTEXITCODE. +function Exit-IfNZEC([string] $category = "General") { + Write-Host "Exit code $LASTEXITCODE" + if ($LASTEXITCODE -ne 0) { + $message = "Last command failed with exit code $LASTEXITCODE." + Write-PipelineTelemetryError -Force -Category $category -Message $message + ExitWithExitCode $LASTEXITCODE + } +} + function Stop-Processes() { Write-Host 'Killing running build processes...' foreach ($processName in $processesToStopOnExit) { diff --git a/global.json b/global.json index ea7f876afea..5f97f888730 100644 --- a/global.json +++ b/global.json @@ -8,10 +8,10 @@ "dotnet": "5.0.401" }, "msbuild-sdks": { - "Microsoft.DotNet.Build.Tasks.TargetFramework.Sdk": "5.0.0-beta.21565.1", - "Microsoft.DotNet.Arcade.Sdk": "5.0.0-beta.21565.1", - "Microsoft.DotNet.Build.Tasks.SharedFramework.Sdk": "5.0.0-beta.21565.1", - "Microsoft.DotNet.Helix.Sdk": "5.0.0-beta.21565.1", + "Microsoft.DotNet.Build.Tasks.TargetFramework.Sdk": "5.0.0-beta.22159.5", + "Microsoft.DotNet.Arcade.Sdk": "5.0.0-beta.22159.5", + "Microsoft.DotNet.Build.Tasks.SharedFramework.Sdk": "5.0.0-beta.22159.5", + "Microsoft.DotNet.Helix.Sdk": "5.0.0-beta.22159.5", "Microsoft.FIX-85B6-MERGE-9C38-CONFLICT": "1.0.0", "Microsoft.NET.Sdk.IL": "5.0.0-preview.8.20359.4", "Microsoft.Build.NoTargets": "2.0.1", |