From abb7c2bee256f922b044c619b7cec7cfe6de5b5f Mon Sep 17 00:00:00 2001 From: Andrew Arnott Date: Wed, 5 Jan 2022 14:06:51 -0700 Subject: [PATCH] Apply latest Library.Template including SDT additions --- Directory.Build.props | 4 + azure-pipelines/Get-SymbolFiles.ps1 | 10 +- azure-pipelines/PoliCheckExclusions.xml | 10 ++ azure-pipelines/artifacts/testResults.ps1 | 20 ++-- azure-pipelines/build.yml | 11 +- azure-pipelines/dotnet.yml | 8 +- azure-pipelines/falsepositives.gdnsuppress | 104 +++++++++++++++++++ azure-pipelines/microbuild.after.yml | 9 +- azure-pipelines/microbuild.before.yml | 9 ++ azure-pipelines/official.yml | 5 + azure-pipelines/publish-codecoverage.yml | 6 +- azure-pipelines/release.yml | 6 +- azure-pipelines/secure-development-tools.yml | 73 ++++++++++++- azure-pipelines/variables/BinSkimTargets.ps1 | 4 + init.ps1 | 10 +- src/AssemblyInfo.cs | 6 ++ src/Directory.Build.targets | 4 + test/.editorconfig | 8 +- tools/Install-DotNetSdk.ps1 | 7 +- version.json | 7 +- 20 files changed, 283 insertions(+), 38 deletions(-) create mode 100644 azure-pipelines/PoliCheckExclusions.xml create mode 100644 azure-pipelines/falsepositives.gdnsuppress create mode 100644 azure-pipelines/variables/BinSkimTargets.ps1 create mode 100644 src/AssemblyInfo.cs diff --git a/Directory.Build.props b/Directory.Build.props index 8f7d704bb..8197ed724 100644 --- a/Directory.Build.props +++ b/Directory.Build.props @@ -41,6 +41,10 @@ + + + + diff --git a/azure-pipelines/Get-SymbolFiles.ps1 b/azure-pipelines/Get-SymbolFiles.ps1 index 45afe7c2a..8793e19c6 100644 --- a/azure-pipelines/Get-SymbolFiles.ps1 +++ b/azure-pipelines/Get-SymbolFiles.ps1 @@ -5,12 +5,16 @@ The root path to recursively search for PDBs. .PARAMETER Tests A switch indicating to find test-related PDBs instead of product-only PDBs. +.PARAMETER ConvertToWindowsPDBs + A switch to convert and return paths to Windows PDBs instead of portable PDBs. + Ignored on non-Windows agents. #> [CmdletBinding()] param ( [parameter(Mandatory=$true)] [string]$Path, - [switch]$Tests + [switch]$Tests, + [switch]$ConvertToWindowsPDBs=$true ) $WindowsPdbSubDirName = "symstore" @@ -54,7 +58,7 @@ $PDBs |% { Write-Output $BinaryImagePath - if (-not ($IsMacOS -or $IsLinux)) { + if ($ConvertToWindowsPDBs -and -not ($IsMacOS -or $IsLinux)) { # Convert the PDB to legacy Windows PDBs Write-Host "Converting PDB for $_" -ForegroundColor DarkGray $WindowsPdbDir = "$($_.Directory.FullName)\$WindowsPdbSubDirName" @@ -65,5 +69,7 @@ $PDBs |% { } Write-Output "$WindowsPdbDir\$($_.BaseName).pdb" + } else { + Write-Output $_.FullName } } diff --git a/azure-pipelines/PoliCheckExclusions.xml b/azure-pipelines/PoliCheckExclusions.xml new file mode 100644 index 000000000..5ae167100 --- /dev/null +++ b/azure-pipelines/PoliCheckExclusions.xml @@ -0,0 +1,10 @@ + + + NODE_MODULES|.STORE + + + + + + + diff --git a/azure-pipelines/artifacts/testResults.ps1 b/azure-pipelines/artifacts/testResults.ps1 index 7895ddcaa..862155da7 100644 --- a/azure-pipelines/artifacts/testResults.ps1 +++ b/azure-pipelines/artifacts/testResults.ps1 @@ -1,12 +1,18 @@ +$result = @{} + if ($env:AGENT_TEMPDIRECTORY) { # The DotNetCoreCLI uses an alternate location to publish these files $guidRegex = '^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$' - @{ - $env:AGENT_TEMPDIRECTORY = (Get-ChildItem $env:AGENT_TEMPDIRECTORY -Directory |? { $_.Name -match $guidRegex } |% { Get-ChildItem "$($_.FullName)\dotnet*.dmp","$($_.FullName)\testhost*.dmp","$($_.FullName)\Sequence_*.xml" -Recurse }); - } -} else { + $result[$env:AGENT_TEMPDIRECTORY] = (Get-ChildItem $env:AGENT_TEMPDIRECTORY -Directory |? { $_.Name -match $guidRegex } |% { Get-ChildItem "$($_.FullName)\dotnet*.dmp","$($_.FullName)\testhost*.dmp","$($_.FullName)\Sequence_*.xml" -Recurse }); +} +else { $testRoot = Resolve-Path "$PSScriptRoot\..\..\test" - @{ - $testRoot = (Get-ChildItem "$testRoot\TestResults" -Recurse -Directory | Get-ChildItem -Recurse -File); - } + $result[$testRoot] = (Get-ChildItem "$testRoot\TestResults" -Recurse -Directory | Get-ChildItem -Recurse -File) +} + +$testlogsPath = "$env:BUILD_ARTIFACTSTAGINGDIRECTORY\test_logs" +if (Test-Path $testlogsPath) { + $result[$testlogsPath] = Get-ChildItem "$testlogsPath\*"; } + +$result diff --git a/azure-pipelines/build.yml b/azure-pipelines/build.yml index dda4e35bf..8bba14865 100644 --- a/azure-pipelines/build.yml +++ b/azure-pipelines/build.yml @@ -5,10 +5,17 @@ parameters: vmImage: windows-2022 - name: ShouldSkipOptimize - name: includeMacOS +- name: EnableAPIScan + type: boolean + default: false jobs: - job: Windows pool: ${{ parameters.windowsPool }} + variables: + - ${{ if eq(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}: + # https://dev.azure.com/devdiv/DevDiv/_wiki/wikis/DevDiv.wiki/25351/APIScan-step-by-step-guide-to-setting-up-a-Pipeline + - group: VSCloudServices-APIScan steps: - checkout: self clean: true @@ -18,7 +25,7 @@ jobs: - template: install-dependencies.yml - - powershell: '& (./azure-pipelines/Get-nbgv.ps1) cloud' + - powershell: '& (./azure-pipelines/Get-nbgv.ps1) cloud -ca' displayName: Set build number - ${{ if eq(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}: @@ -30,6 +37,8 @@ jobs: - ${{ if eq(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}: - template: microbuild.after.yml + parameters: + EnableAPIScan: ${{ parameters.EnableAPIScan }} - job: Linux condition: ne(variables['OptProf'], 'true') diff --git a/azure-pipelines/dotnet.yml b/azure-pipelines/dotnet.yml index d8c3ae180..527b43b85 100644 --- a/azure-pipelines/dotnet.yml +++ b/azure-pipelines/dotnet.yml @@ -1,5 +1,5 @@ steps: -# We use VSBuild instead of "dotnet build" on Windows where MicroBuild tasks have to run (since they don't support MSBuild Core yet). +# We use VSBuild instead of "dotnet build" on Windows because dllexport doesn't work on dotnet build. - task: VSBuild@1 displayName: Build Visual Studio solution inputs: @@ -16,7 +16,7 @@ steps: displayName: dotnet test -f net472 inputs: command: test - arguments: --no-build -c $(BuildConfiguration) -f net472 --filter "TestCategory!=FailsInCloudTest" -v n /p:CollectCoverage=true --settings "$(Build.Repository.LocalPath)/azure-pipelines/$(Agent.OS).runsettings" /bl:"$(Build.ArtifactStagingDirectory)/build_logs/test_net472.binlog" + arguments: --no-build -c $(BuildConfiguration) -f net472 --filter "TestCategory!=FailsInCloudTest" -v n /p:CollectCoverage=true --settings "$(Build.Repository.LocalPath)/azure-pipelines/$(Agent.OS).runsettings" /bl:"$(Build.ArtifactStagingDirectory)/build_logs/test_net472.binlog" --diag "$(Build.ArtifactStagingDirectory)/test_logs/net472.txt" testRunTitle: net472-$(Agent.JobName) condition: and(ne(variables['OptProf'], 'true'), eq(variables['Agent.OS'], 'Windows_NT')) @@ -24,7 +24,7 @@ steps: displayName: dotnet test -f netcoreapp3.1 inputs: command: test - arguments: --no-build -c $(BuildConfiguration) -f netcoreapp3.1 --filter "TestCategory!=FailsInCloudTest" -v n /p:CollectCoverage=true --settings "$(Build.Repository.LocalPath)/azure-pipelines/$(Agent.OS).runsettings" /bl:"$(Build.ArtifactStagingDirectory)/build_logs/test_netcoreapp3.1.binlog" + arguments: --no-build -c $(BuildConfiguration) -f netcoreapp3.1 --filter "TestCategory!=FailsInCloudTest" -v n /p:CollectCoverage=true --settings "$(Build.Repository.LocalPath)/azure-pipelines/$(Agent.OS).runsettings" /bl:"$(Build.ArtifactStagingDirectory)/build_logs/test_netcoreapp3.1.binlog" --diag "$(Build.ArtifactStagingDirectory)/test_logs/netcoreapp3.1.txt" testRunTitle: netcoreapp3.1-$(Agent.JobName) workingDirectory: test/Microsoft.VisualStudio.Threading.Tests condition: ne(variables['OptProf'], 'true') @@ -33,7 +33,7 @@ steps: displayName: dotnet test -f net5.0 inputs: command: test - arguments: --no-build -c $(BuildConfiguration) -f net5.0 --filter "TestCategory!=FailsInCloudTest" -v n /p:CollectCoverage=true --settings "$(Build.Repository.LocalPath)/azure-pipelines/$(Agent.OS).runsettings" /bl:"$(Build.ArtifactStagingDirectory)/build_logs/test_net5.0.binlog" + arguments: --no-build -c $(BuildConfiguration) -f net5.0 --filter "TestCategory!=FailsInCloudTest" -v n /p:CollectCoverage=true --settings "$(Build.Repository.LocalPath)/azure-pipelines/$(Agent.OS).runsettings" /bl:"$(Build.ArtifactStagingDirectory)/build_logs/test_net5.0.binlog" --diag "$(Build.ArtifactStagingDirectory)/test_logs/net5.0.txt" testRunTitle: net5.0-$(Agent.JobName) workingDirectory: test/Microsoft.VisualStudio.Threading.Tests condition: ne(variables['OptProf'], 'true') diff --git a/azure-pipelines/falsepositives.gdnsuppress b/azure-pipelines/falsepositives.gdnsuppress new file mode 100644 index 000000000..1d30c76d4 --- /dev/null +++ b/azure-pipelines/falsepositives.gdnsuppress @@ -0,0 +1,104 @@ +{ + "version": "latest", + "suppressionSets": { + "falsepositives": { + "name": "falsepositives", + "createdDate": "2022-01-05 22:51:28Z", + "lastUpdatedDate": "2022-01-05 22:51:28Z" + } + }, + "results": { + "f2d4b996c6d7c4016ec4fcd8ffee323140ad820bf3e162080d3def56e8341e91": { + "signature": "f2d4b996c6d7c4016ec4fcd8ffee323140ad820bf3e162080d3def56e8341e91", + "alternativeSignatures": [], + "target": "src/Microsoft.VisualStudio.Threading.Analyzers.CSharp/VSTHRD003UseJtfRunAsyncAnalyzer.cs", + "memberOf": [ + "falsepositives" + ], + "tool": "policheck", + "ruleId": "80411", + "justification": null, + "createdDate": "2022-01-05 21:55:03Z", + "expirationDate": null, + "type": null + }, + "5bd7dbbf8a0e638bc4ee65d7db6dc4ab9054ddd64f8ec5cf4031380b01100b63": { + "signature": "5bd7dbbf8a0e638bc4ee65d7db6dc4ab9054ddd64f8ec5cf4031380b01100b63", + "alternativeSignatures": [], + "target": "src/Microsoft.VisualStudio.Threading.Analyzers.CSharp/VSTHRD003UseJtfRunAsyncAnalyzer.cs", + "memberOf": [ + "falsepositives" + ], + "tool": "policheck", + "ruleId": "80411", + "justification": null, + "createdDate": "2022-01-05 21:55:03Z", + "expirationDate": null, + "type": null + }, + "ed020ef10e60a1a49245aad9cd8922514ac643fe6f2f689cabdfc2205d725de5": { + "signature": "ed020ef10e60a1a49245aad9cd8922514ac643fe6f2f689cabdfc2205d725de5", + "alternativeSignatures": [ + "2b12d128e16023e34f3070e5d1c3014207692966829acbf838fe1ec92ddf6798" + ], + "target": "microsoft.visualstudio.threading/release/net472/microsoft.visualstudio.threading.dll", + "memberOf": [ + "falsepositives" + ], + "tool": "apiscan", + "ruleId": "documentationnotfound", + "justification": null, + "createdDate": "2022-01-05 21:55:03Z", + "expirationDate": null, + "type": null + }, + "72600e5e09c73929820080a3d7fbbd591c4aac41a606251af6755e2ea3e96286": { + "signature": "72600e5e09c73929820080a3d7fbbd591c4aac41a606251af6755e2ea3e96286", + "alternativeSignatures": [ + "e0697b669d792491bda5ab3c49a1c1bc71adc6c2a4cd903163c8d956aec5d16f" + ], + "target": "microsoft.visualstudio.threading/release/netstandard2.0/microsoft.visualstudio.threading.dll", + "memberOf": [ + "falsepositives" + ], + "tool": "apiscan", + "ruleId": "documentationnotfound", + "justification": null, + "createdDate": "2022-01-05 21:55:03Z", + "expirationDate": null, + "type": null + }, + "020f08af56f0cc9f5fe08f1a8b1fd0c1e4eae1c279dd347be77f1a7fabcff8f6": { + "signature": "020f08af56f0cc9f5fe08f1a8b1fd0c1e4eae1c279dd347be77f1a7fabcff8f6", + "alternativeSignatures": [ + "a558e750375b35019cd9a75dbad28be2d3ca71e5fe00a69e275f097b7fd94483" + ], + "target": "bin/SosThreadingTools/Release/net472/win-x64/SosThreadingTools.dll", + "memberOf": [ + "falsepositives" + ], + "tool": "binskim", + "ruleId": "BA2010", + "justification": null, + "createdDate": "2022-01-05 22:51:28Z", + "expirationDate": null, + "type": null + }, + "c26038cded62714187b699785c344c1732b33f73f98e738270603dc5c03a8be8": { + "signature": "c26038cded62714187b699785c344c1732b33f73f98e738270603dc5c03a8be8", + "alternativeSignatures": [ + "7964039bd373d0bc2e2f97d0b4a4f8d7b8b94c226fedb17c5bc9a012866ce46a" + ], + "target": "bin/SosThreadingTools/Release/net472/win-x86/SosThreadingTools.dll", + "memberOf": [ + "falsepositives" + ], + "tool": "binskim", + "ruleId": "BA2010", + "justification": null, + "createdDate": "2022-01-05 22:51:28Z", + "expirationDate": null, + "type": null + } + } +} diff --git a/azure-pipelines/microbuild.after.yml b/azure-pipelines/microbuild.after.yml index 8bb4dec56..d3c8a1cba 100644 --- a/azure-pipelines/microbuild.after.yml +++ b/azure-pipelines/microbuild.after.yml @@ -1,3 +1,7 @@ +parameters: +- name: EnableAPIScan + type: boolean + steps: - task: MicroBuildCodesignVerify@3 displayName: Verify Signed Files @@ -9,9 +13,6 @@ steps: condition: succeededOrFailed() displayName: MicroBuild Cleanup -- task: ComponentGovernanceComponentDetection@0 - displayName: Component Detection - - task: ms-vscs-artifact.build-tasks.artifactDropTask-1.artifactDropTask@0 inputs: dropServiceURI: https://devdiv.artifacts.visualstudio.com @@ -45,3 +46,5 @@ steps: continueOnError: true - template: secure-development-tools.yml + parameters: + EnableAPIScan: ${{ parameters.EnableAPIScan }} diff --git a/azure-pipelines/microbuild.before.yml b/azure-pipelines/microbuild.before.yml index b55533cf0..900f9d71c 100644 --- a/azure-pipelines/microbuild.before.yml +++ b/azure-pipelines/microbuild.before.yml @@ -2,6 +2,15 @@ parameters: - name: ShouldSkipOptimize steps: +- task: ComponentGovernanceComponentDetection@0 + displayName: Component Detection + +- task: notice@0 + displayName: Generate NOTICE file + inputs: + outputfile: $(System.DefaultWorkingDirectory)/obj/NOTICE + outputformat: text + - task: MicroBuildOptProfPlugin@6 inputs: ProfilingInputsDropName: ProfilingInputs/$(System.TeamProject)/$(Build.Repository.Name)/$(Build.SourceBranchName)/$(Build.BuildNumber) diff --git a/azure-pipelines/official.yml b/azure-pipelines/official.yml index 9b071b1af..605e62afa 100644 --- a/azure-pipelines/official.yml +++ b/azure-pipelines/official.yml @@ -35,6 +35,10 @@ parameters: displayName: Build on macOS type: boolean default: false # macOS is often bogged down in Azure Pipelines +- name: EnableAPIScan + displayName: Run APIScan + type: boolean + default: false # enable when we get it passing variables: NugetSecurityAnalysisWarningLevel: none # nuget.config requires signed packages by trusted owners @@ -53,6 +57,7 @@ stages: jobs: - template: build.yml parameters: + EnableAPIScan: ${{ parameters.EnableAPIScan }} windowsPool: VSEngSS-MicroBuild2022-1ES ShouldSkipOptimize: ${{ parameters.ShouldSkipOptimize }} includeMacOS: ${{ parameters.includeMacOS }} diff --git a/azure-pipelines/publish-codecoverage.yml b/azure-pipelines/publish-codecoverage.yml index 3667b976c..a0862be3f 100644 --- a/azure-pipelines/publish-codecoverage.yml +++ b/azure-pipelines/publish-codecoverage.yml @@ -18,10 +18,10 @@ steps: - powershell: | dotnet tool install --tool-path obj dotnet-reportgenerator-globaltool --version 4.8.5 --configfile azure-pipelines/justnugetorg.nuget.config Copy-Item -Recurse $(Pipeline.Workspace)/coverageResults-Windows/obj/* $(System.DefaultWorkingDirectory)/obj - Write-Host "Substituting {reporoot} with $(System.DefaultWorkingDirectory)" - $reports = Get-ChildItem -Recurse "$(Pipeline.Workspace)/coverage.*cobertura.xml" + Write-Host 'Substituting {reporoot} with $(System.DefaultWorkingDirectory)' + $reports = Get-ChildItem -Recurse '$(Pipeline.Workspace)/coverage.*cobertura.xml' $reports |% { - $content = Get-Content -Path $_ |% { $_.Replace("{reporoot}", "$(System.DefaultWorkingDirectory)") } + $content = Get-Content -Path $_ |% { $_.Replace('{reporoot}', '$(System.DefaultWorkingDirectory)') } Set-Content -Path $_ -Value $content -Encoding UTF8 } $Inputs = [string]::join(';', ($reports |% { Resolve-Path -relative $_ })) diff --git a/azure-pipelines/release.yml b/azure-pipelines/release.yml index 487fa8c09..46fb6c0e0 100644 --- a/azure-pipelines/release.yml +++ b/azure-pipelines/release.yml @@ -47,8 +47,8 @@ stages: { "label" : "enhancement", "displayName": "Enhancements", "state" : "closed" } ] -- stage: push_packages - displayName: Push packages +- stage: nuget_org + displayName: nuget.org dependsOn: GitHubRelease jobs: - deployment: push @@ -67,7 +67,7 @@ stages: inputs: versionSpec: 5.x - task: NuGetCommand@2 - displayName: nuget.org + displayName: NuGet push inputs: command: push packagesToPush: $(Pipeline.Workspace)/CI/deployables-Windows/NuGet/*.nupkg diff --git a/azure-pipelines/secure-development-tools.yml b/azure-pipelines/secure-development-tools.yml index 941d5b0c8..99925c13d 100644 --- a/azure-pipelines/secure-development-tools.yml +++ b/azure-pipelines/secure-development-tools.yml @@ -1,11 +1,74 @@ +parameters: +- name: EnableAPIScan + type: boolean + steps: - ### Check for checked in credentials. - task: CredScan@3 - displayName: 'Run CredScan' + displayName: Run CredScan - ### Run PoliCheck to check for disallowed terms. targetType: F indicates we're searching files and folders. -- task: PoliCheck@1 - displayName: 'Run PoliCheck' +- task: PoliCheck@2 + displayName: Run PoliCheck inputs: targetType: F + targetArgument: $(System.DefaultWorkingDirectory) + optionsUEPATH: $(System.DefaultWorkingDirectory)\azure-pipelines\PoliCheckExclusions.xml + +- task: BinSkim@3 + displayName: Run BinSkim + inputs: + InputType: Basic + Function: analyze + AnalyzeTarget: $(BinSkimTargets) + +- task: CopyFiles@2 + displayName: Collect APIScan inputs + inputs: + SourceFolder: $(Build.ArtifactStagingDirectory)/Symbols-$(Agent.JobName) + # Exclude any patterns from the Contents (e.g. `!**/git2*`) that we have symbols for but do not need to run APIScan on. + Contents: | + ** + TargetFolder: $(Build.ArtifactStagingDirectory)/APIScanInputs + condition: and(succeeded(), ${{ parameters.EnableAPIScan }}, ne(variables.ApiScanClientId, '')) + +- task: APIScan@2 + displayName: Run APIScan + inputs: + softwareFolder: $(Build.ArtifactStagingDirectory)/APIScanInputs + softwareName: $(SymbolsFeatureName) + softwareVersionNum: $(NBGV_MajorMinorVersion) + isLargeApp: false + toolVersion: Latest + condition: and(succeeded(), ${{ parameters.EnableAPIScan }}, ne(variables.ApiScanClientId, '')) + env: + AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId);TenantId=$(ApiScanTenant);AppKey=$(ApiScanSecret) + +- task: SdtReport@2 + displayName: Create Security Analysis Report + inputs: + GdnExportAllTools: true + +- task: PublishSecurityAnalysisLogs@3 + displayName: Publish Code Analysis Logs + inputs: + ArtifactName: CodeAnalysisLogs + ArtifactType: Container + PublishProcessedResults: true + AllTools: true + ToolLogsNotFoundAction: Standard + +- task: PostAnalysis@2 + displayName: Break on compliance issues + inputs: + GdnBreakAllTools: true + GdnBreakGdnToolBinSkimSeverity: Warning + GdnBreakSuppressionFiles: $(System.DefaultWorkingDirectory)/azure-pipelines/falsepositives.gdnsuppress + GdnBreakSuppressionSets: falsepositives + GdnBreakOutputSuppressionFile: $(Build.ArtifactStagingDirectory)/guardian_failures_as_suppressions/ + GdnBreakOutputSuppressionSet: falsepositives + +# This is useful when false positives appear so we can copy some of the output into the suppressions file. +- publish: $(Build.ArtifactStagingDirectory)/guardian_failures_as_suppressions + artifact: guardian_failures_as_suppressions + displayName: Publish Guardian failures + condition: failed() diff --git a/azure-pipelines/variables/BinSkimTargets.ps1 b/azure-pipelines/variables/BinSkimTargets.ps1 new file mode 100644 index 000000000..5c0dd24ec --- /dev/null +++ b/azure-pipelines/variables/BinSkimTargets.ps1 @@ -0,0 +1,4 @@ +$Path = "$PSScriptRoot\..\..\bin" +if (Test-Path $Path) { + [string]::join(';', (& "$PSScriptRoot\..\Get-SymbolFiles.ps1" -ConvertToWindowsPDBs:$false -Path $Path)) +} diff --git a/init.ps1 b/init.ps1 index a70d81f65..8374dd565 100644 --- a/init.ps1 +++ b/init.ps1 @@ -40,10 +40,10 @@ .PARAMETER AccessToken An optional access token for authenticating to Azure Artifacts authenticated feeds. #> -[CmdletBinding(SupportsShouldProcess=$true)] +[CmdletBinding(SupportsShouldProcess = $true)] Param ( - [ValidateSet('repo','user','machine')] - [string]$InstallLocality='user', + [ValidateSet('repo', 'user', 'machine')] + [string]$InstallLocality = 'user', [Parameter()] [switch]$NoPrerequisites, [Parameter()] @@ -83,8 +83,8 @@ if (!$NoPrerequisites) { } # Workaround nuget credential provider bug that causes very unreliable package restores on Azure Pipelines -$env:NUGET_PLUGIN_HANDSHAKE_TIMEOUT_IN_SECONDS=20 -$env:NUGET_PLUGIN_REQUEST_TIMEOUT_IN_SECONDS=20 +$env:NUGET_PLUGIN_HANDSHAKE_TIMEOUT_IN_SECONDS = 20 +$env:NUGET_PLUGIN_REQUEST_TIMEOUT_IN_SECONDS = 20 Push-Location $PSScriptRoot try { diff --git a/src/AssemblyInfo.cs b/src/AssemblyInfo.cs new file mode 100644 index 000000000..dcdd281db --- /dev/null +++ b/src/AssemblyInfo.cs @@ -0,0 +1,6 @@ +// Copyright (c) Microsoft. All rights reserved. +// Licensed under the MIT license. See LICENSE file in the project root for full license information. + +using System.Runtime.InteropServices; + +[assembly: DefaultDllImportSearchPaths(DllImportSearchPath.SafeDirectories)] diff --git a/src/Directory.Build.targets b/src/Directory.Build.targets index e7edee55a..566ab4fcf 100644 --- a/src/Directory.Build.targets +++ b/src/Directory.Build.targets @@ -1,3 +1,7 @@ + + + + diff --git a/test/.editorconfig b/test/.editorconfig index f9828ec4a..cb548f89c 100644 --- a/test/.editorconfig +++ b/test/.editorconfig @@ -21,6 +21,12 @@ dotnet_diagnostic.VSTHRD111.severity = none # VSTHRD200: Use Async suffix for async methods dotnet_diagnostic.VSTHRD200.severity = silent +# CA1014: Mark assemblies with CLSCompliant +dotnet_diagnostic.CA1014.severity = none + +# CA1050: Declare types in namespaces +dotnet_diagnostic.CA1050.severity = none + # CA1303: Do not pass literals as localized parameters dotnet_diagnostic.CA1303.severity = none @@ -70,4 +76,4 @@ dotnet_diagnostic.CA1307.severity = suggestion dotnet_diagnostic.SA1604.severity = suggestion # SA1401: Fields should be private -dotnet_diagnostic.SA1401.severity = none +dotnet_diagnostic.SA1401.severity = silent diff --git a/tools/Install-DotNetSdk.ps1 b/tools/Install-DotNetSdk.ps1 index 427899307..3c82ee2b2 100644 --- a/tools/Install-DotNetSdk.ps1 +++ b/tools/Install-DotNetSdk.ps1 @@ -29,8 +29,11 @@ $DotNetInstallScriptRoot = Resolve-Path $DotNetInstallScriptRoot # Look up actual required .NET Core SDK version from global.json $sdkVersion = & "$PSScriptRoot/../azure-pipelines/variables/DotNetSdkVersion.ps1" -$arch = 'x64' -if ($env:PROCESSOR_ARCHITECTURE -eq 'ARM64') { $arch = 'ARM64' } +$arch = [System.Runtime.InteropServices.RuntimeInformation]::ProcessArchitecture +if (!$arch) { # Windows Powershell leaves this blank + $arch = 'x64' + if ($env:PROCESSOR_ARCHITECTURE -eq 'ARM64') { $arch = 'ARM64' } +} # Search for all .NET Core runtime versions referenced from MSBuild projects and arrange to install them. $runtimeVersions = @() diff --git a/version.json b/version.json index 9814b273b..aa54c04da 100644 --- a/version.json +++ b/version.json @@ -4,5 +4,8 @@ "publicReleaseRefSpec": [ "^refs/heads/main$", "^refs/heads/v\\d+(?:\\.\\d+)?$" - ] -} \ No newline at end of file + ], + "cloudBuild": { + "setVersionVariables": false + } +}