Skip to content

Commit

Permalink
build - Onboard MicroBuild
Browse files Browse the repository at this point in the history
  • Loading branch information
jdneo committed Dec 4, 2024
1 parent 89f600b commit fa80a2f
Show file tree
Hide file tree
Showing 3 changed files with 76 additions and 180 deletions.
127 changes: 37 additions & 90 deletions .azure-pipelines/vscode-gradle-nightly.yml
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,15 @@ extends:
steps:
- checkout: self
fetchTags: true
- task: UsePythonVersion@0
displayName: 'Use Python 3.11.x'
inputs:
versionSpec: 3.11.x
- task: UseDotNet@2
displayName: 'Use .NET Core 3.1.x'
inputs:
packageType: 'sdk'
version: '3.1.x'
- task: JavaToolInstaller@0
displayName: Install Java 17
inputs:
Expand All @@ -53,6 +62,14 @@ extends:
displayName: Install Node 18.x
inputs:
versionSpec: 18.x
- task: MicroBuildSigningPlugin@4
displayName: 'Install Signing Plugin'
inputs:
signType: real
azureSubscription: 'MicroBuild Signing Task (MSEng)'
feedSource: 'https://mseng.pkgs.visualstudio.com/DefaultCollection/_packaging/MicroBuildToolset/nuget/v3/index.json'
env:
SYSTEM_ACCESSTOKEN: $(System.AccessToken)
- task: DownloadBuildArtifacts@1
displayName: 'Download Build Server Artifacts'
inputs:
Expand Down Expand Up @@ -94,38 +111,11 @@ extends:
- bash: chmod +x gradle-server
workingDirectory: $(Build.SourcesDirectory)/extension/lib
displayName: Set permission
- task: EsrpCodeSigning@5
displayName: 'ESRP CodeSigning'
inputs:
ConnectedServiceName: $(ConnectedServiceName)
AppRegistrationClientId: $(AppRegistrationClientId)
AppRegistrationTenantId: $(AppRegistrationTenantId)
AuthAKVName: $(AuthAKVName)
AuthCertName: $(AuthCertName)
AuthSignCertName: $(AuthSignCertName)
FolderPath: 'extension/lib'
Pattern: 'gradle-server.jar'
signConfigType: 'inlineSignParams'
inlineOperation: |
[
{
"KeyCode" : "CP-447347-Java",
"OperationCode" : "JavaSign",
"Parameters" : {
"SigAlg" : "SHA256withRSA",
"Timestamp" : "-tsa http://sha256timestamp.ws.digicert.com/sha256/timestamp"
},
"ToolName" : "sign",
"ToolVersion" : "1.0"
},
{
"KeyCode" : "CP-447347-Java",
"OperationCode" : "JavaVerify",
"Parameters" : {},
"ToolName" : "sign",
"ToolVersion" : "1.0"
}
]
- task: CmdLine@2
displayName: Sign jars
inputs:
script: dotnet "$MBSIGN_APPFOLDER/DDSignFiles.dll" -- /file:extension/lib/gradle-server.jar /certs:100010171
workingDirectory: 'extension/lib'
- bash: npx json@latest -I -f package.json -e "this.aiKey=\"$(AI_KEY)\""
workingDirectory: $(Build.SourcesDirectory)/extension
displayName: Replace AI Key
Expand Down Expand Up @@ -154,38 +144,16 @@ extends:
gradleWrapperFile: 'gradlew'
gradleOptions: '-Xmx3072m'
tasks: ':extension:copyJdtlsPluginJar'
- task: EsrpCodeSigning@5
displayName: 'ESRP CodeSigning'
inputs:
ConnectedServiceName: $(ConnectedServiceName)
AppRegistrationClientId: $(AppRegistrationClientId)
AppRegistrationTenantId: $(AppRegistrationTenantId)
AuthAKVName: $(AuthAKVName)
AuthCertName: $(AuthCertName)
AuthSignCertName: $(AuthSignCertName)
FolderPath: 'extension/server'
Pattern: 'com.microsoft.gradle.bs.importer-*.jar'
signConfigType: 'inlineSignParams'
inlineOperation: |
[
{
"KeyCode" : "CP-447347-Java",
"OperationCode" : "JavaSign",
"Parameters" : {
"SigAlg" : "SHA256withRSA",
"Timestamp" : "-tsa http://sha256timestamp.ws.digicert.com/sha256/timestamp"
},
"ToolName" : "sign",
"ToolVersion" : "1.0"
},
{
"KeyCode" : "CP-447347-Java",
"OperationCode" : "JavaVerify",
"Parameters" : {},
"ToolName" : "sign",
"ToolVersion" : "1.0"
}
]
- task: CmdLine@2
displayName: Sign jars
inputs:
script: |
files=$(find . -type f -name "com.microsoft.gradle.bs.importer-*.jar")
for file in $files; do
fileName=$(basename "$file")
dotnet "$MBSIGN_APPFOLDER/DDSignFiles.dll" -- /file:"$fileName" /certs:100010171
done
workingDirectory: 'extension/server'
- bash: npx @vscode/vsce@latest package --pre-release -o extension.vsix
workingDirectory: $(Build.SourcesDirectory)/extension
displayName: Package VSIX
Expand All @@ -195,32 +163,11 @@ extends:
- bash: cp extension.manifest extension.signature.p7s
workingDirectory: $(Build.SourcesDirectory)/extension
displayName: 'Prepare manifest for signing'
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
inputs:
ConnectedServiceName: $(ConnectedServiceName)
AppRegistrationClientId: $(AppRegistrationClientId)
AppRegistrationTenantId: $(AppRegistrationTenantId)
AuthAKVName: $(AuthAKVName)
AuthCertName: $(AuthCertName)
AuthSignCertName: $(AuthSignCertName)
FolderPath: 'extension'
Pattern: 'extension.signature.p7s'
signConfigType: inlineSignParams
inlineOperation: |
[
{
"keyCode": "CP-401405",
"operationSetCode": "VSCodePublisherSign",
"parameters" : [],
"toolName": "sign",
"toolVersion": "1.0"
}
]
SessionTimeout: 90
MaxConcurrency: 25
MaxRetryAttempts: 5
PendingAnalysisWaitTimeoutMinutes: 5
displayName: 'Sign extension'
- task: CmdLine@2
displayName: Sign extension
inputs:
script: dotnet "$MBSIGN_APPFOLDER/DDSignFiles.dll" -- /file:extension.signature.p7s /certs:4014052
workingDirectory: 'extension'
- task: CopyFiles@2
displayName: Copy VSIX
inputs:
Expand Down
127 changes: 37 additions & 90 deletions .azure-pipelines/vscode-gradle-rc.yml
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,15 @@ extends:
steps:
- checkout: self
fetchTags: true
- task: UsePythonVersion@0
displayName: 'Use Python 3.11.x'
inputs:
versionSpec: 3.11.x
- task: UseDotNet@2
displayName: 'Use .NET Core 3.1.x'
inputs:
packageType: 'sdk'
version: '3.1.x'
- task: JavaToolInstaller@0
displayName: Install Java 17
inputs:
Expand All @@ -53,6 +62,14 @@ extends:
displayName: Install Node 18.x
inputs:
versionSpec: 18.x
- task: MicroBuildSigningPlugin@4
displayName: 'Install Signing Plugin'
inputs:
signType: real
azureSubscription: 'MicroBuild Signing Task (MSEng)'
feedSource: 'https://mseng.pkgs.visualstudio.com/DefaultCollection/_packaging/MicroBuildToolset/nuget/v3/index.json'
env:
SYSTEM_ACCESSTOKEN: $(System.AccessToken)
- task: DownloadBuildArtifacts@1
displayName: 'Download Build Server Artifacts'
inputs:
Expand Down Expand Up @@ -94,38 +111,11 @@ extends:
- bash: chmod +x gradle-server
workingDirectory: $(Build.SourcesDirectory)/extension/lib
displayName: Set permission
- task: EsrpCodeSigning@5
displayName: 'ESRP CodeSigning'
inputs:
ConnectedServiceName: $(ConnectedServiceName)
AppRegistrationClientId: $(AppRegistrationClientId)
AppRegistrationTenantId: $(AppRegistrationTenantId)
AuthAKVName: $(AuthAKVName)
AuthCertName: $(AuthCertName)
AuthSignCertName: $(AuthSignCertName)
FolderPath: 'extension/lib'
Pattern: 'gradle-server.jar'
signConfigType: 'inlineSignParams'
inlineOperation: |
[
{
"KeyCode" : "CP-447347-Java",
"OperationCode" : "JavaSign",
"Parameters" : {
"SigAlg" : "SHA256withRSA",
"Timestamp" : "-tsa http://sha256timestamp.ws.digicert.com/sha256/timestamp"
},
"ToolName" : "sign",
"ToolVersion" : "1.0"
},
{
"KeyCode" : "CP-447347-Java",
"OperationCode" : "JavaVerify",
"Parameters" : {},
"ToolName" : "sign",
"ToolVersion" : "1.0"
}
]
- task: CmdLine@2
displayName: Sign jars
inputs:
script: dotnet "$MBSIGN_APPFOLDER/DDSignFiles.dll" -- /file:extension/lib/gradle-server.jar /certs:100010171
workingDirectory: 'extension/lib'
- bash: npx json@latest -I -f package.json -e "this.aiKey=\"$(AI_KEY)\""
workingDirectory: $(Build.SourcesDirectory)/extension
displayName: Replace AI Key
Expand All @@ -149,38 +139,16 @@ extends:
gradleWrapperFile: 'gradlew'
gradleOptions: '-Xmx3072m'
tasks: ':extension:copyJdtlsPluginJar'
- task: EsrpCodeSigning@5
displayName: 'ESRP CodeSigning'
inputs:
ConnectedServiceName: $(ConnectedServiceName)
AppRegistrationClientId: $(AppRegistrationClientId)
AppRegistrationTenantId: $(AppRegistrationTenantId)
AuthAKVName: $(AuthAKVName)
AuthCertName: $(AuthCertName)
AuthSignCertName: $(AuthSignCertName)
FolderPath: 'extension/server'
Pattern: 'com.microsoft.gradle.bs.importer-*.jar'
signConfigType: 'inlineSignParams'
inlineOperation: |
[
{
"KeyCode" : "CP-447347-Java",
"OperationCode" : "JavaSign",
"Parameters" : {
"SigAlg" : "SHA256withRSA",
"Timestamp" : "-tsa http://sha256timestamp.ws.digicert.com/sha256/timestamp"
},
"ToolName" : "sign",
"ToolVersion" : "1.0"
},
{
"KeyCode" : "CP-447347-Java",
"OperationCode" : "JavaVerify",
"Parameters" : {},
"ToolName" : "sign",
"ToolVersion" : "1.0"
}
]
- task: CmdLine@2
displayName: Sign jars
inputs:
script: |
files=$(find . -type f -name "com.microsoft.gradle.bs.importer-*.jar")
for file in $files; do
fileName=$(basename "$file")
dotnet "$MBSIGN_APPFOLDER/DDSignFiles.dll" -- /file:"$fileName" /certs:100010171
done
workingDirectory: 'extension/server'
- bash: npx @vscode/vsce@latest package -o extension.vsix
workingDirectory: $(Build.SourcesDirectory)/extension
displayName: Package VSIX
Expand All @@ -190,32 +158,11 @@ extends:
- bash: cp extension.manifest extension.signature.p7s
workingDirectory: $(Build.SourcesDirectory)/extension
displayName: 'Prepare manifest for signing'
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
inputs:
ConnectedServiceName: $(ConnectedServiceName)
AppRegistrationClientId: $(AppRegistrationClientId)
AppRegistrationTenantId: $(AppRegistrationTenantId)
AuthAKVName: $(AuthAKVName)
AuthCertName: $(AuthCertName)
AuthSignCertName: $(AuthSignCertName)
FolderPath: 'extension'
Pattern: 'extension.signature.p7s'
signConfigType: inlineSignParams
inlineOperation: |
[
{
"keyCode": "CP-401405",
"operationSetCode": "VSCodePublisherSign",
"parameters" : [],
"toolName": "sign",
"toolVersion": "1.0"
}
]
SessionTimeout: 90
MaxConcurrency: 25
MaxRetryAttempts: 5
PendingAnalysisWaitTimeoutMinutes: 5
displayName: 'Sign extension'
- task: CmdLine@2
displayName: Sign extension
inputs:
script: dotnet "$MBSIGN_APPFOLDER/DDSignFiles.dll" -- /file:extension.signature.p7s /certs:4014052
workingDirectory: 'extension'
- task: CopyFiles@2
displayName: Copy VSIX
inputs:
Expand Down
2 changes: 2 additions & 0 deletions extension/.vscodeignore
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,8 @@ beta/**
ARCHITECTURE.md
# Ignore output of code sign
lib/*.md
**/*.log

scripts
# for nightly build
package.insiders.json
Expand Down

0 comments on commit fa80a2f

Please sign in to comment.