diff options
| -rw-r--r-- | eng/Version.Details.xml | 8 | ||||
| -rw-r--r-- | eng/Versions.props | 2 | ||||
| -rw-r--r-- | eng/common/generate-sbom-prep.ps1 | 19 | ||||
| -rw-r--r-- | eng/common/generate-sbom-prep.sh | 22 | ||||
| -rw-r--r-- | eng/common/templates/job/job.yml | 10 | ||||
| -rw-r--r-- | eng/common/templates/steps/generate-sbom.yml | 44 | ||||
| -rw-r--r-- | global.json | 2 |
7 files changed, 101 insertions, 6 deletions
diff --git a/eng/Version.Details.xml b/eng/Version.Details.xml index 40d8b4e93..52ee43aad 100644 --- a/eng/Version.Details.xml +++ b/eng/Version.Details.xml @@ -3,14 +3,14 @@ <ProductDependencies> </ProductDependencies> <ToolsetDependencies> - <Dependency Name="Microsoft.DotNet.Arcade.Sdk" Version="6.0.0-beta.22107.2"> + <Dependency Name="Microsoft.DotNet.Arcade.Sdk" Version="6.0.0-beta.22116.15"> <Uri>https://github.com/dotnet/arcade</Uri> - <Sha>fe5cc1841d12196d94a4ae3b276cb92d8d7ca73d</Sha> + <Sha>40eacd2afc9cfd2ba892b5eadb3e728c1008fa38</Sha> <SourceBuild RepoName="arcade" ManagedOnly="true" /> </Dependency> - <Dependency Name="Microsoft.DotNet.ApiCompat" Version="6.0.0-beta.22107.2"> + <Dependency Name="Microsoft.DotNet.ApiCompat" Version="6.0.0-beta.22116.15"> <Uri>https://github.com/dotnet/arcade</Uri> - <Sha>fe5cc1841d12196d94a4ae3b276cb92d8d7ca73d</Sha> + <Sha>40eacd2afc9cfd2ba892b5eadb3e728c1008fa38</Sha> </Dependency> <Dependency Name="Microsoft.NET.Sdk.IL" Version="7.0.0-alpha.1.21524.4"> <Uri>https://github.com/dotnet/runtime</Uri> diff --git a/eng/Versions.props b/eng/Versions.props index 2513898a7..34e40d879 100644 --- a/eng/Versions.props +++ b/eng/Versions.props @@ -18,7 +18,7 @@ <SystemReflectionMetadataVersion>5.0.0</SystemReflectionMetadataVersion> <MicrosoftBuildFrameworkVersion>17.0.0-preview-21267-01</MicrosoftBuildFrameworkVersion> <MicrosoftBuildUtilitiesCoreVersion>17.0.0-preview-21267-01</MicrosoftBuildUtilitiesCoreVersion> - <MicrosoftDotNetApiCompatVersion>6.0.0-beta.22107.2</MicrosoftDotNetApiCompatVersion> + <MicrosoftDotNetApiCompatVersion>6.0.0-beta.22116.15</MicrosoftDotNetApiCompatVersion> <MicrosoftDotNetCodeAnalysisVersion>6.0.0-beta.21271.1</MicrosoftDotNetCodeAnalysisVersion> <MicrosoftCodeAnalysisCSharpCodeStyleVersion>3.10.0-2.final</MicrosoftCodeAnalysisCSharpCodeStyleVersion> <MicrosoftCodeAnalysisVersion>3.10.0-2.final</MicrosoftCodeAnalysisVersion> diff --git a/eng/common/generate-sbom-prep.ps1 b/eng/common/generate-sbom-prep.ps1 new file mode 100644 index 000000000..a733a8885 --- /dev/null +++ b/eng/common/generate-sbom-prep.ps1 @@ -0,0 +1,19 @@ +Param( + [Parameter(Mandatory=$true)][string] $ManifestDirPath # Manifest directory where sbom will be placed +) + +Write-Host "Creating dir $ManifestDirPath" +# create directory for sbom manifest to be placed +if (!(Test-Path -path $ManifestDirPath)) +{ + New-Item -ItemType Directory -path $ManifestDirPath + Write-Host "Successfully created directory $ManifestDirPath" +} +else{ + Write-PipelineTelemetryError -category 'Build' "Unable to create sbom folder." +} + +Write-Host "Updating artifact name" +$artifact_name = "${env:SYSTEM_STAGENAME}_${env:AGENT_JOBNAME}_SBOM" -replace '["/:<>\\|?@*"() ]', '_' +Write-Host "Artifact name $artifact_name" +Write-Host "##vso[task.setvariable variable=ARTIFACT_NAME]$artifact_name" diff --git a/eng/common/generate-sbom-prep.sh b/eng/common/generate-sbom-prep.sh new file mode 100644 index 000000000..f6c774531 --- /dev/null +++ b/eng/common/generate-sbom-prep.sh @@ -0,0 +1,22 @@ +#!/usr/bin/env bash + +source="${BASH_SOURCE[0]}" + +manifest_dir=$1 + +if [ ! -d "$manifest_dir" ] ; then + mkdir -p "$manifest_dir" + echo "Sbom directory created." $manifest_dir +else + Write-PipelineTelemetryError -category 'Build' "Unable to create sbom folder." +fi + +artifact_name=$SYSTEM_STAGENAME"_"$AGENT_JOBNAME"_SBOM" +echo "Artifact name before : "$artifact_name +# replace all special characters with _, some builds use special characters like : in Agent.Jobname, that is not a permissible name while uploading artifacts. +safe_artifact_name="${artifact_name//["/:<>\\|?@*$" ]/_}" +echo "Artifact name after : "$safe_artifact_name +export ARTIFACT_NAME=$safe_artifact_name +echo "##vso[task.setvariable variable=ARTIFACT_NAME]$safe_artifact_name" + +exit 0 diff --git a/eng/common/templates/job/job.yml b/eng/common/templates/job/job.yml index 30d1de583..547d878da 100644 --- a/eng/common/templates/job/job.yml +++ b/eng/common/templates/job/job.yml @@ -31,6 +31,10 @@ parameters: name: '' preSteps: [] runAsPublic: false +# Sbom related params + enableSbom: true + PackageVersion: 6.0.0 + BuildDropPath: '$(Build.SourcesDirectory)/artifacts' jobs: - job: ${{ parameters.name }} @@ -247,3 +251,9 @@ jobs: ArtifactName: AssetManifests continueOnError: ${{ parameters.continueOnError }} condition: and(succeeded(), eq(variables['_DotNetPublishToBlobFeed'], 'true')) + + - ${{ if and(eq(parameters.runAsPublic, 'false'), ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest'), eq(parameters.enableSbom, 'true')) }}: + - template: /eng/common/templates/steps/generate-sbom.yml + parameters: + PackageVersion: ${{ parameters.packageVersion}} + BuildDropPath: ${{ parameters.buildDropPath }} diff --git a/eng/common/templates/steps/generate-sbom.yml b/eng/common/templates/steps/generate-sbom.yml new file mode 100644 index 000000000..f4d7937f3 --- /dev/null +++ b/eng/common/templates/steps/generate-sbom.yml @@ -0,0 +1,44 @@ +# BuildDropPath - The root folder of the drop directory for which the manifest file will be generated. +# PackageName - The name of the package this SBOM represents. +# PackageVersion - The version of the package this SBOM represents. +# ManifestDirPath - The path of the directory where the generated manifest files will be placed + +parameters: + PackageVersion: 6.0.0 + BuildDropPath: '$(Build.SourcesDirectory)/artifacts' + PackageName: '.NET' + ManifestDirPath: $(Build.ArtifactStagingDirectory)/sbom + sbomContinueOnError: true + +steps: +- task: PowerShell@2 + displayName: Prep for SBOM generation in (Non-linux) + condition: or(eq(variables['Agent.Os'], 'Windows_NT'), eq(variables['Agent.Os'], 'Darwin')) + inputs: + filePath: ./eng/common/generate-sbom-prep.ps1 + arguments: ${{parameters.manifestDirPath}} + +# Chmodding is a workaround for https://github.com/dotnet/arcade/issues/8461 +- script: | + chmod +x ./eng/common/generate-sbom-prep.sh + ./eng/common/generate-sbom-prep.sh ${{parameters.manifestDirPath}} + displayName: Prep for SBOM generation in (Linux) + condition: eq(variables['Agent.Os'], 'Linux') + continueOnError: ${{ parameters.sbomContinueOnError }} + +- task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 + displayName: 'Generate SBOM manifest' + continueOnError: ${{ parameters.sbomContinueOnError }} + inputs: + PackageName: ${{ parameters.packageName }} + BuildDropPath: ${{ parameters.buildDropPath }} + PackageVersion: ${{ parameters.packageVersion }} + ManifestDirPath: ${{ parameters.manifestDirPath }} + +- task: PublishPipelineArtifact@1 + displayName: Publish SBOM manifest + continueOnError: ${{parameters.sbomContinueOnError}} + inputs: + targetPath: '${{parameters.manifestDirPath}}' + artifactName: $(ARTIFACT_NAME) + diff --git a/global.json b/global.json index 2ded63ce5..6ecad1fff 100644 --- a/global.json +++ b/global.json @@ -3,7 +3,7 @@ "dotnet": "6.0.101" }, "msbuild-sdks": { - "Microsoft.DotNet.Arcade.Sdk": "6.0.0-beta.22107.2", + "Microsoft.DotNet.Arcade.Sdk": "6.0.0-beta.22116.15", "Microsoft.FIX-85B6-MERGE-9C38-CONFLICT": "1.0.0", "Microsoft.NET.Sdk.IL": "7.0.0-alpha.1.21524.4" } |