diff --git a/.pipelines/PowerShell-Packages-Official.yml b/.pipelines/PowerShell-Packages-Official.yml index 7fce394ca19..30b9e415215 100644 --- a/.pipelines/PowerShell-Packages-Official.yml +++ b/.pipelines/PowerShell-Packages-Official.yml @@ -51,7 +51,7 @@ variables: - name: ob_outputDirectory value: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT' - name: WindowsContainerImage - value: 'onebranch.azurecr.io/windows/ltsc2019/vse2022:latest' # Docker image which is used to build the project + value: 'onebranch.azurecr.io/windows/ltsc2022/vse2022:latest' # Docker image which is used to build the project - name: LinuxContainerImage value: mcr.microsoft.com/onebranch/cbl-mariner/build:2.0 - group: mscodehub-feed-read-general @@ -64,7 +64,7 @@ variables: resources: pipelines: - pipeline: CoOrdinatedBuildPipeline - source: 'PowerShell-Coordinated Packages-Official' + source: 'PowerShell-Coordinated Binaries-Official' trigger: branches: include: @@ -83,6 +83,9 @@ extends: cloudvault: enabled: false featureFlags: + WindowsHostVersion: + Version: 2022 + Network: KS3 linuxEsrpSigning: true globalSdl: disableLegacyManifest: true diff --git a/.pipelines/PowerShell-Release-Official-Azure.yml b/.pipelines/PowerShell-Release-Official-Azure.yml index acba669ffa3..2d644c7a5dd 100644 --- a/.pipelines/PowerShell-Release-Official-Azure.yml +++ b/.pipelines/PowerShell-Release-Official-Azure.yml @@ -56,7 +56,7 @@ resources: pipelines: - pipeline: CoOrdinatedBuildPipeline - source: 'PowerShell-Coordinated Packages-Official' + source: 'PowerShell-Coordinated Binaries-Official' - pipeline: PSPackagesOfficial source: 'PowerShell-Packages-Official' diff --git a/.pipelines/PowerShell-Release-Official.yml b/.pipelines/PowerShell-Release-Official.yml index 335ef4f71d3..4d924c4b44f 100644 --- a/.pipelines/PowerShell-Release-Official.yml +++ b/.pipelines/PowerShell-Release-Official.yml @@ -17,8 +17,8 @@ parameters: # parameters are shown up in ADO UI in a build queue time displayName: Skip Signing type: string default: 'NO' - - name: SkipPMCPublish - displayName: Skip PMC Publish + - name: SkipPublish + displayName: Skip Publishing to GitHub and Nuget type: boolean default: false - name: SkipPSInfraInstallers @@ -72,7 +72,7 @@ resources: pipelines: - pipeline: CoOrdinatedBuildPipeline - source: 'PowerShell-Coordinated Packages-Official' + source: 'PowerShell-Coordinated Binaries-Official' - pipeline: PSPackagesOfficial source: 'PowerShell-Packages-Official' @@ -116,10 +116,10 @@ extends: tsaOptionsFile: .config\tsaoptions.json stages: - - stage: setReleaseTagAndUploadTools - displayName: 'Set Release Tag and Upload Tools' + - stage: setReleaseTagAndChangelog + displayName: 'Set Release Tag and Upload Changelog' jobs: - - template: /.pipelines/templates/release-SetTagAndTools.yml@self + - template: /.pipelines/templates/release-SetTagAndChangelog.yml@self - stage: msixbundle displayName: 'Create MSIX Bundle' @@ -280,19 +280,21 @@ extends: Update and merge the changelog for the release. This step is required for creating GitHub draft release. - - stage: PublishGitHubRelease - displayName: Publish GitHub Release + - stage: PublishGitHubReleaseAndNuget + displayName: Publish GitHub and Nuget Release dependsOn: - - setReleaseTagAndUploadTools + - setReleaseTagAndChangelog - UpdateChangeLog variables: ob_release_environment: Production jobs: - - template: /.pipelines/templates/release-githubtasks.yml@self - + - template: /.pipelines/templates/release-githubNuget.yml@self + parameters: + SkipPublish: ${{ parameters.SkipPublish }} + - stage: PushGitTagAndMakeDraftPublic displayName: Push Git Tag and Make Draft Public - dependsOn: PublishGitHubRelease + dependsOn: PublishGitHubReleaseAndNuget jobs: - template: /.pipelines/templates/approvalJob.yml@self parameters: @@ -317,19 +319,7 @@ extends: jobs: - template: /.pipelines/templates/release-MakeBlobPublic.yml@self parameters: - SkipPSInfraInstallers: ${{ parameters.SkipPSInfraInstallers }} - - - stage: PublishNuGet - displayName: Publish NuGet - dependsOn: - - setReleaseTagAndUploadTools - - PushGitTagAndMakeDraftPublic - variables: - ob_release_environment: Production - jobs: - - template: /.pipelines/templates/release-publish-nuget.yml@self - parameters: - skipPublish: true + SkipPSInfraInstallers: ${{ parameters.SkipPSInfraInstallers }} - stage: PublishPMC displayName: Publish PMC @@ -423,7 +413,6 @@ extends: - stage: ChangesToMaster displayName: Ensure changes are in GH master dependsOn: - - PublishNuGet - PublishPMC jobs: - template: /.pipelines/templates/approvalJob.yml@self @@ -433,17 +422,6 @@ extends: instructions: | Make sure that changes README.md and metadata.json are merged into master on GitHub. - - stage: ReleaseSnap - displayName: Release Snap - dependsOn: ChangesToMaster - jobs: - - template: /.pipelines/templates/approvalJob.yml@self - parameters: - displayName: Publish Snap - jobName: PublishSnapJob - instructions: | - Publish Snap - - stage: ReleaseToMU displayName: Release to MU dependsOn: PushGitTagAndMakeDraftPublic # This only needs the blob to be available @@ -459,7 +437,6 @@ extends: dependsOn: - ReleaseToMU - ReleaseSymbols - - ReleaseSnap jobs: - template: /.pipelines/templates/approvalJob.yml@self parameters: diff --git a/.pipelines/templates/checkAzureContainer.yml b/.pipelines/templates/checkAzureContainer.yml index a5ce2b1c666..a6a86214d07 100644 --- a/.pipelines/templates/checkAzureContainer.yml +++ b/.pipelines/templates/checkAzureContainer.yml @@ -51,22 +51,13 @@ jobs: } displayName: 'Check suppress.json' - # Needed as per FAQ here: https://eng.ms/docs/products/onebranch/build/troubleshootingfaqs - - task: PowerShell@2 - displayName: 'Update Az.Storage Module' - inputs: - targetType: 'inline' - script: | - Get-PackageProvider -Name NuGet -ForceBootstrap - Install-Module -Name Az.Storage -Verbose -Force -AllowClobber - Uninstall-AzureRm -Verbose - - task: AzurePowerShell@5 displayName: Check if blob exists and delete if specified inputs: azureSubscription: az-blob-cicd-infra scriptType: inlineScript - azurePowerShellVersion: latestVersion + azurePowerShellVersion: LatestVersion + pwsh: true inline: | $containersToDelete = @('$(AzureVersion)', '$(AzureVersion)-private', '$(AzureVersion)-nuget', '$(AzureVersion)-gc') diff --git a/.pipelines/templates/compliance/apiscan.yml b/.pipelines/templates/compliance/apiscan.yml index bfe97827801..4e945b40349 100644 --- a/.pipelines/templates/compliance/apiscan.yml +++ b/.pipelines/templates/compliance/apiscan.yml @@ -78,19 +78,6 @@ jobs: workingDirectory: '$(repoRoot)' retryCountOnTaskFailure: 2 - - pwsh: | - $modules = 'Az.Accounts', 'Az.Storage' - foreach($module in $modules) { - if(!(get-module $module -listavailable)) { - Write-Verbose "installing $module..." -verbose - Install-Module $module -force -AllowClobber - } else { - Write-Verbose "$module already installed." -verbose - } - } - displayName: Install PowerShell modules - workingDirectory: '$(repoRoot)' - - task: AzurePowerShell@5 displayName: Download winverify-private Artifacts inputs: diff --git a/.pipelines/templates/compliance/generateNotice.yml b/.pipelines/templates/compliance/generateNotice.yml index 9a00ed6f01d..b9d489795b1 100644 --- a/.pipelines/templates/compliance/generateNotice.yml +++ b/.pipelines/templates/compliance/generateNotice.yml @@ -95,29 +95,6 @@ jobs: Get-PackageProvider -Name NuGet -ForceBootstrap displayName: Initalize PowerShellGet - - powershell: | - $modules = 'Az.Accounts', 'Az.Storage' - foreach($module in $modules) { - if(!(get-module $module -listavailable)) { - Write-Verbose "installing $module..." -verbose - Install-Module $module -force -AllowClobber - } else { - Write-Verbose "$module already installed." -verbose - #Update-Module $module -verbose - } - } - displayName: Install PowerShell modules - - - powershell: | - if(Get-Command -Name Uninstall-AzureRm -ErrorAction Ignore){ - Write-Verbose "running Uninstall-AzureRm" -verbose - Uninstall-AzureRm - } else { - Write-Verbose "Uninstall-AzureRm not present" -verbose - } - displayName: Uninstall Uninstall-AzureRm - continueOnError: true - - task: AzurePowerShell@5 displayName: Upload Notice inputs: diff --git a/.pipelines/templates/mac-package-build.yml b/.pipelines/templates/mac-package-build.yml index 37a5ed48b07..f3cbd691474 100644 --- a/.pipelines/templates/mac-package-build.yml +++ b/.pipelines/templates/mac-package-build.yml @@ -133,7 +133,7 @@ jobs: dependsOn: package_macOS_${{ parameters.buildArchitecture }} condition: succeeded() pool: - type: windows + type: linux variables: - name: ob_outputDirectory @@ -173,56 +173,43 @@ jobs: Get-ChildItem -Path $(Pipeline.Workspace) -Filter "*.zip" -File | Write-Verbose -Verbose displayName: Compress package files for signing - - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5 - displayName: 'ESRP CodeSigning' + - task: onebranch.pipeline.signing@1 + displayName: 'OneBranch CodeSigning Package' inputs: - ConnectedServiceName: 'ESRPMacOSSigning' - AppRegistrationClientId: '$(AppRegistrationClientId)' - AppRegistrationTenantId: '$(AppRegistrationTenantId)' - AuthAKVName: 'pwsh-CICD-Keyvault' - AuthCertName: 'PS-macos-signing' - AuthSignCertName: 'ESRP-OneCert' # this is not needed for pkg signing - FolderPath: $(Pipeline.Workspace) - Pattern: '*.zip' - signConfigType: inlineSignParams - inlineOperation: | - [{ + command: 'sign' + files_to_sign: '**/*-osx-*.zip' + search_root: '$(Pipeline.Workspace)' + inline_operation: | + [ + { "KeyCode": "$(KeyCode)", - "OperationSetCode": "MacAppDeveloperSign", - "parameters": [ - { - "parameterName": "hardening", - "parameterValue": "enable" - }, - { - "parameterName": "OpusInfo", - "parameterValue": "http://Microsoft.com" - } - ], + "OperationCode": "MacAppDeveloperSign", "ToolName": "sign", - "ToolVersion": "1.0" - }] - SessionTimeout: 90 - ServiceEndpointUrl: '$(ServiceEndpointUrl)' - MaxConcurrency: 25 + "ToolVersion": "1.0", + "Parameters": { + "Hardening": "Enable", + "OpusInfo": "http://microsoft.com" + } + } + ] - pwsh: | $signedPkg = Get-ChildItem -Path $(Pipeline.Workspace) -Filter "*osx*.zip" -File - + $signedPkg | ForEach-Object { Write-Verbose -Verbose "Signed package zip: $_" - + if (-not (Test-Path $_)) { throw "Package not found: $_" } - - if (-not (Test-Path $env:ob_outputDirectory)) { - $null = New-Item -Path $env:ob_outputDirectory -ItemType Directory + + if (-not (Test-Path $(ob_outputDirectory))) { + $null = New-Item -Path $(ob_outputDirectory) -ItemType Directory } - Expand-Archive -Path $_ -DestinationPath $env:ob_outputDirectory -Verbose + Expand-Archive -Path $_ -DestinationPath $(ob_outputDirectory) -Verbose } Write-Verbose -Verbose "Expanded pkg file:" - Get-ChildItem -Path $env:ob_outputDirectory | Write-Verbose -Verbose + Get-ChildItem -Path $(ob_outputDirectory) | Write-Verbose -Verbose displayName: Expand signed file diff --git a/.pipelines/templates/release-MakeBlobPublic.yml b/.pipelines/templates/release-MakeBlobPublic.yml index f11a0839e47..c8f12938d25 100644 --- a/.pipelines/templates/release-MakeBlobPublic.yml +++ b/.pipelines/templates/release-MakeBlobPublic.yml @@ -52,17 +52,6 @@ jobs: Get-ChildItem Env: displayName: 'Capture Environment Variables' - - pwsh: | - $azureRmModule = Get-InstalledModule AzureRM -ErrorAction SilentlyContinue -Verbose - if ($azureRmModule) { - Write-Host 'AzureRM module exists. Removing it' - Uninstall-AzureRm - Write-Host 'AzureRM module removed' - } - - Install-Module -Name Az.Storage -Force -AllowClobber -Scope CurrentUser -Verbose - displayName: Remove AzRM modules - - task: AzurePowerShell@5 displayName: Copy blobs to PSInfra storage inputs: @@ -150,17 +139,6 @@ jobs: Get-ChildItem Env: | Out-String -width 9999 -Stream | write-Verbose -Verbose displayName: 'Capture Environment Variables' - - pwsh: | - $azureRmModule = Get-InstalledModule AzureRM -ErrorAction SilentlyContinue -Verbose - if ($azureRmModule) { - Write-Host 'AzureRM module exists. Removing it' - Uninstall-AzureRm - Write-Host 'AzureRM module removed' - } - - Install-Module -Name Az.Storage -Force -AllowClobber -Scope CurrentUser -Verbose - displayName: Remove AzRM modules - - task: AzurePowerShell@5 displayName: Copy blobs to PSInfra storage inputs: diff --git a/.pipelines/templates/release-SetTagAndTools.yml b/.pipelines/templates/release-SetTagAndChangelog.yml similarity index 59% rename from .pipelines/templates/release-SetTagAndTools.yml rename to .pipelines/templates/release-SetTagAndChangelog.yml index 7b8a946e323..f0c516dd28f 100644 --- a/.pipelines/templates/release-SetTagAndTools.yml +++ b/.pipelines/templates/release-SetTagAndChangelog.yml @@ -1,6 +1,6 @@ jobs: -- job: SetTagAndTools - displayName: Set Tag and Tools +- job: setTagAndChangelog + displayName: Set Tag and Upload Changelog condition: succeeded() pool: type: windows @@ -19,32 +19,6 @@ jobs: clean: true env: ob_restore_phase: true - - - checkout: PSInternalTools - clean: true - env: - ob_restore_phase: true - - - pwsh: | - New-Item -ItemType Directory -Path '$(Pipeline.Workspace)/ToolArtifact' - Get-ChildItem -Path '$(Build.SourcesDirectory)/Internal-PowerShellTeam-Tools/Scripts' -Filter 'GitHubRelease.psm1' -ErrorAction SilentlyContinue | - Copy-Item -Destination '$(Pipeline.Workspace)/ToolArtifact' -Verbose - displayName: Move GitHub Tool - - - task: onebranch.pipeline.signing@1 - displayName: Sign Tools - inputs: - command: 'sign' - signing_profile: internal_azure_service - files_to_sign: '*.ps1;*.psm1' - search_root: '$(Pipeline.Workspace)/ToolArtifact' - - - pwsh: | - Write-Verbose -Verbose "Creating output directory for release tools: $(ob_outputDirectory)/ToolArtifact" - New-Item -Path $(ob_outputDirectory)/ToolArtifact -ItemType Directory -Force - Get-ChildItem -Path "$(Pipeline.Workspace)/ToolArtifact/*" -Recurse | - Copy-Item -Destination $(ob_outputDirectory)/ToolArtifact -Recurse -Verbose - displayName: Upload Tools - pwsh: | Write-Verbose -Verbose "Release Tag: $(OutputReleaseTag.releaseTag)" diff --git a/.pipelines/templates/release-create-msix.yml b/.pipelines/templates/release-create-msix.yml index cdb86544baf..c6b5ba51677 100644 --- a/.pipelines/templates/release-create-msix.yml +++ b/.pipelines/templates/release-create-msix.yml @@ -27,18 +27,6 @@ jobs: artifact: drop_windows_package_package_win_x86 displayName: Download x86 msix patterns: '**/*.msix' - - - pwsh: | - $azureRmModule = Get-InstalledModule AzureRM -ErrorAction SilentlyContinue -Verbose - if ($azureRmModule) { - Write-Host 'AzureRM module exists. Removing it' - Uninstall-AzureRm - Write-Host 'AzureRM module removed' - } - - Install-Module -Name Az.Storage -Force -AllowClobber -Scope CurrentUser -Verbose - displayName: Remove AzRM modules and install Az.Storage - # Finds the makeappx tool on the machine with image: 'onebranch.azurecr.io/windows/ltsc2022/vse2022:latest' - pwsh: | @@ -81,12 +69,31 @@ jobs: & $makeappx bundle /d $sourceDir /p "$outputDir\$pkgName" Get-ChildItem -Path $sourceDir -Recurse + # "Uploading msixbundle to Artifacts $vstsCommandString = "vso[task.setvariable variable=BundleDir]$outputDir" Write-Host "sending " + $vstsCommandString Write-Host "##$vstsCommandString" displayName: Create MsixBundle retryCountOnTaskFailure: 1 + - task: onebranch.pipeline.signing@1 + displayName: Sign MsixBundle + inputs: + command: 'sign' + signing_profile: Dynamic-WINMSAPP1ST + files_to_sign: '**/*.msixbundle' + search_root: '$(BundleDir)' + + - pwsh: | + $signedBundle = Get-ChildItem -Path $(BundleDir) -Filter "*.msixbundle" -File + Write-Verbose -Verbose "Signed bundle: $signedBundle" + + Copy-Item -Path $signedBundle -Destination $(ob_outputDirectory) -Verbose + + Write-Verbose -Verbose "Uploaded Bundle:" + Get-ChildItem -Path $(ob_outputDirectory) | Write-Verbose -Verbose + displayName: Upload msixbundle to Artifacts + - task: AzurePowerShell@5 displayName: Upload msix to blob inputs: diff --git a/.pipelines/templates/release-githubNuget.yml b/.pipelines/templates/release-githubNuget.yml new file mode 100644 index 00000000000..8209bec538d --- /dev/null +++ b/.pipelines/templates/release-githubNuget.yml @@ -0,0 +1,173 @@ +parameters: + - name: skipPublish + default: false + type: boolean + +jobs: +- job: GithubReleaseDraft + displayName: Create GitHub Release Draft + condition: succeeded() + pool: + type: release + os: windows + templateContext: + inputs: + - input: pipelineArtifact + artifactName: drop_setReleaseTagAndChangelog_SetTagAndChangelog + - input: pipelineArtifact + pipeline: PSPackagesOfficial + artifactName: drop_upload_upload_packages + variables: + - template: ./variable/release-shared.yml@self + parameters: + RELEASETAG: $[ stageDependencies.setReleaseTagAndChangelog.setTagAndChangelog.outputs['OutputReleaseTag.releaseTag'] ] + + steps: + - task: PowerShell@2 + inputs: + targetType: inline + script: | + Write-Verbose -Verbose "Release Tag: $(ReleaseTag)" + Get-ChildItem Env: | Out-String -Stream | Write-Verbose -Verbose + displayName: 'Capture Environment Variables' + + - template: release-install-pwsh.yml + + - task: PowerShell@2 + inputs: + targetType: inline + pwsh: true + script: | + $Path = "$(Pipeline.Workspace)/GitHubPackages" + $OutputPath = Join-Path $Path 'hashes.sha256' + $packages = Get-ChildItem -Path $Path -Include * -Recurse -File + $checksums = $packages | + ForEach-Object { + Write-Verbose -Verbose "Generating checksum file for $($_.FullName)" + $packageName = $_.Name + $hash = (Get-FileHash -Path $_.FullName -Algorithm SHA256).Hash.ToLower() + # the '*' before the packagename signifies it is a binary + "$hash *$packageName" + } + $checksums | Out-File -FilePath $OutputPath -Force + $fileContent = Get-Content -Path $OutputPath -Raw | Out-String + Write-Verbose -Verbose -Message $fileContent + displayName: Add sha256 hashes + + - task: PowerShell@2 + inputs: + targetType: inline + pwsh: true + script: | + Get-ChildItem $(Pipeline.Workspace) -recurse | Select-Object -ExpandProperty FullName + displayName: List all files in the workspace + + - task: PowerShell@2 + inputs: + targetType: inline + pwsh: true + script: | + $releaseVersion = '$(ReleaseTag)' -replace '^v','' + Write-Verbose -Verbose "Available modules: " + Get-Module | Write-Verbose -Verbose + + $filePath = Get-ChildItem -Path "$(Pipeline.Workspace)/CHANGELOG" -Filter '*.md' | Select-Object -First 1 -ExpandProperty FullName + + if (-not (Test-Path $filePath)) { + throw "$filePath not found" + } + + $changelog = Get-Content -Path $filePath + + $headingPattern = "^## \[\d+\.\d+\.\d+" + $headingStartLines = $changelog | Select-String -Pattern $headingPattern | Select-Object -ExpandProperty LineNumber + $startLine = $headingStartLines[0] + $endLine = $headingStartLines[1] - 1 + + $clContent = $changelog | Select-Object -Skip ($startLine-1) -First ($endLine - $startLine) | Out-String + + Write-Verbose -Verbose "Selected content: `n$clContent" + + $releaseNotesFilePath = "$(Pipeline.Workspace)/release-notes.md" + $clContent | Out-File -FilePath $releaseNotesFilePath -Encoding utf8 + + Write-Host "##vso[task.setvariable variable=ReleaseNotesFilePath;]$releaseNotesFilePath" + + #if name has prelease then make preelease true as a variable + if ($releaseVersion -like '*-preview*') { + Write-Host "##vso[task.setvariable variable=IsPreRelease;]true" + } else { + Write-Host "##vso[task.setvariable variable=IsPreRelease;]false" + } + displayName: Set variables for GitHub release task + + - pwsh: | + Write-Host "ReleaseNotes content:" + Get-Content "$(Pipeline.Workspace)/release-notes.md" -Raw | Out-String -width 9999 | Write-Host + displayName: Verify Release Notes + + - task: GitHubRelease@1 + inputs: + gitHubConnection: GitHubReleasePAT + repositoryName: PowerShell/PowerShell + target: master + assets: '$(Pipeline.Workspace)/GitHubPackages/*' + tagSource: 'userSpecifiedTag' + tag: '$(ReleaseTag)' + isDraft: true + addChangeLog: false + action: 'create' + releaseNotesFilePath: '$(ReleaseNotesFilePath)' + isPrerelease: '$(IsPreRelease)' + +- job: NuGetPublish + displayName: Publish to NuGet + condition: succeeded() + pool: + type: release + os: windows + templateContext: + inputs: + - input: pipelineArtifact + pipeline: PSPackagesOfficial + artifactName: drop_upload_upload_packages + variables: + - template: ./variable/release-shared.yml@self + parameters: + VERSION: $[ stageDependencies.setReleaseTagAndChangelog.SetTagAndChangelog.outputs['OutputVersion.Version'] ] + + steps: + - template: release-install-pwsh.yml + + - pwsh: | + Write-Verbose -Verbose "Version: $(Version)" + Get-ChildItem Env: | Out-String -width 9999 -Stream | write-Verbose -Verbose + displayName: 'Capture Environment Variables' + + - pwsh: | + #Exclude all global tool packages. Their names start with 'PowerShell.' + $null = New-Item -ItemType Directory -Path "$(Pipeline.Workspace)/release" + Copy-Item "$(Pipeline.Workspace)/NuGetPackages/*.nupkg" -Destination "$(Pipeline.Workspace)/release" -Exclude "PowerShell.*.nupkg" -Force -Verbose + + $releaseVersion = '$(Version)' + $globalToolPath = "$(Pipeline.Workspace)/NuGetPackages/PowerShell.$releaseVersion.nupkg" + + if ($releaseVersion -notlike '*-*') { + # Copy the global tool package for stable releases + Copy-Item $globalToolPath -Destination "$(Pipeline.Workspace)/release" + } + + Write-Verbose -Verbose "The .nupkgs below will be pushed:" + Get-ChildItem "$(Pipeline.Workspace)/release" -recurse + displayName: Download and capture nupkgs + condition: and(ne('${{ parameters.skipPublish }}', 'false'), succeeded()) + + - task: NuGetCommand@2 + displayName: 'NuGet push' + condition: and(ne('${{ parameters.skipPublish }}', 'false'), succeeded()) + inputs: + command: push + packagesToPush: '$(Pipeline.Workspace)/release/*.nupkg' + nuGetFeedType: external + publishFeedCredentials: PowerShellNuGetOrgPush + \ No newline at end of file diff --git a/.pipelines/templates/release-githubtasks.yml b/.pipelines/templates/release-githubtasks.yml deleted file mode 100644 index acdb45e18fb..00000000000 --- a/.pipelines/templates/release-githubtasks.yml +++ /dev/null @@ -1,88 +0,0 @@ -jobs: -- job: GithubReleaseDraft - displayName: Create GitHub Release Draft - condition: succeeded() - pool: - type: release - os: windows - templateContext: - inputs: - - input: pipelineArtifact - artifactName: drop_setReleaseTagAndUploadTools_SetTagAndTools - - input: pipelineArtifact - pipeline: PSPackagesOfficial - artifactName: drop_upload_upload_packages - variables: - - template: ./variable/release-shared.yml@self - parameters: - RELEASETAG: $[ stageDependencies.setReleaseTagAndUploadTools.SetTagAndTools.outputs['OutputReleaseTag.releaseTag'] ] - - steps: - - task: PowerShell@2 - inputs: - targetType: inline - script: | - Write-Verbose -Verbose "Release Tag: $(ReleaseTag)" - Get-ChildItem Env: | Out-String -Stream | Write-Verbose -Verbose - displayName: 'Capture Environment Variables' - - - template: release-install-pwsh.yml - - - task: PowerShell@2 - inputs: - targetType: inline - pwsh: true - script: | - $Path = "$(Pipeline.Workspace)/GitHubPackages" - $OutputPath = Join-Path $Path 'hashes.sha256' - $packages = Get-ChildItem -Path $Path -Include * -Recurse -File - $checksums = $packages | - ForEach-Object { - Write-Verbose -Verbose "Generating checksum file for $($_.FullName)" - $packageName = $_.Name - $hash = (Get-FileHash -Path $_.FullName -Algorithm SHA256).Hash.ToLower() - # the '*' before the packagename signifies it is a binary - "$hash *$packageName" - } - $checksums | Out-File -FilePath $OutputPath -Force - $fileContent = Get-Content -Path $OutputPath -Raw | Out-String - Write-Verbose -Verbose -Message $fileContent - displayName: Add sha256 hashes - - - task: PowerShell@2 - inputs: - targetType: inline - pwsh: true - script: | - Get-ChildItem $(Pipeline.Workspace) -recurse | Select-Object -ExpandProperty FullName - displayName: List all files in the workspace - - - task: PowerShell@2 - inputs: - targetType: inline - pwsh: true - script: | - Import-module '$(Pipeline.Workspace)/ToolArtifact/GitHubRelease.psm1' - $releaseVersion = '$(ReleaseTag)' -replace '^v','' - Write-Verbose -Verbose "Available modules: " - Get-Module | Write-Verbose -Verbose - - $filePath = Get-ChildItem -Path "$(Pipeline.Workspace)/CHANGELOG" -Filter '*.md' | Select-Object -First 1 -ExpandProperty FullName - - if (-not (Test-Path $filePath)) { - throw "$filePath not found" - } - - $changelog = Get-Content -Path $filePath - - $headingPattern = "^## \[\d+\.\d+\.\d+" - $headingStartLines = $changelog | Select-String -Pattern $headingPattern | Select-Object -ExpandProperty LineNumber - $startLine = $headingStartLines[0] - $endLine = $headingStartLines[1] - 1 - - $clContent = $changelog | Select-Object -Skip ($startLine-1) -First ($endLine - $startLine) | Out-String - - Write-Verbose -Verbose "Selected content: `n$clContent" - - Publish-ReleaseDraft -Tag '$(ReleaseTag)' -Name '$(ReleaseTag) Release of PowerShell' -Description $clContent -User PowerShell -Repository PowerShell -PackageFolder "$(Pipeline.Workspace)/GitHubPackages" -Token $(GitHubReleasePat) - displayName: Publish Release Draft diff --git a/.pipelines/templates/release-publish-nuget.yml b/.pipelines/templates/release-publish-nuget.yml deleted file mode 100644 index 98249844d4c..00000000000 --- a/.pipelines/templates/release-publish-nuget.yml +++ /dev/null @@ -1,58 +0,0 @@ -parameters: - - name: skipPublish - default: false - type: boolean - -jobs: -- job: NuGetPublish - displayName: Publish to NuGet - condition: succeeded() - pool: - type: release - os: windows - templateContext: - inputs: - - input: pipelineArtifact - artifactName: drop_setReleaseTagAndUploadTools_SetTagAndTools - - input: pipelineArtifact - pipeline: PSPackagesOfficial - artifactName: drop_upload_upload_packages - variables: - - template: ./variable/release-shared.yml@self - parameters: - VERSION: $[ stageDependencies.setReleaseTagAndUploadTools.SetTagAndTools.outputs['OutputVersion.Version'] ] - - steps: - - template: release-install-pwsh.yml - - - pwsh: | - Write-Verbose -Verbose "Version: $(Version)" - Get-ChildItem Env: | Out-String -width 9999 -Stream | write-Verbose -Verbose - displayName: 'Capture Environment Variables' - - - pwsh: | - #Exclude all global tool packages. Their names start with 'PowerShell.' - $null = New-Item -ItemType Directory -Path "$(Pipeline.Workspace)/release" - Copy-Item "$(Pipeline.Workspace)/NuGetPackages/*.nupkg" -Destination "$(Pipeline.Workspace)/release" -Exclude "PowerShell.*.nupkg" -Force -Verbose - - $releaseVersion = '$(Version)' - $globalToolPath = "$(Pipeline.Workspace)/NuGetPackages/PowerShell.$releaseVersion.nupkg" - - if ($releaseVersion -notlike '*-*') { - # Copy the global tool package for stable releases - Copy-Item $globalToolPath -Destination "$(Pipeline.Workspace)/release" - } - - Write-Verbose -Verbose "The .nupkgs below will be pushed:" - Get-ChildItem "$(Pipeline.Workspace)/release" -recurse - displayName: Download and capture nupkgs - condition: and(ne('${{ parameters.skipPublish }}', 'false'), succeeded()) - - - task: NuGetCommand@2 - displayName: 'NuGet push' - condition: and(ne('${{ parameters.skipPublish }}', 'false'), succeeded()) - inputs: - command: push - packagesToPush: '$(Pipeline.Workspace)/release/*.nupkg' - nuGetFeedType: external - publishFeedCredentials: PowerShellNuGetOrgPush diff --git a/.pipelines/templates/release-upload-buildinfo.yml b/.pipelines/templates/release-upload-buildinfo.yml index 27af6c87b64..8d59078b905 100644 --- a/.pipelines/templates/release-upload-buildinfo.yml +++ b/.pipelines/templates/release-upload-buildinfo.yml @@ -104,17 +104,6 @@ jobs: } displayName: Create json files - - pwsh: | - $azureRmModule = Get-InstalledModule AzureRM -ErrorAction SilentlyContinue -Verbose - if ($azureRmModule) { - Write-Host 'AzureRM module exists. Removing it' - Uninstall-AzureRm - Write-Host 'AzureRM module removed' - } - - Install-Module -Name Az.Storage -Force -AllowClobber -Scope CurrentUser -Verbose - displayName: Remove AzRM modules - - task: AzurePowerShell@5 displayName: Upload buildjson to blob inputs: diff --git a/.pipelines/templates/release-validate-packagenames.yml b/.pipelines/templates/release-validate-packagenames.yml index df467eacc28..983d6690036 100644 --- a/.pipelines/templates/release-validate-packagenames.yml +++ b/.pipelines/templates/release-validate-packagenames.yml @@ -28,18 +28,6 @@ jobs: Write-Host "##vso[build.updatebuildnumber]$name" displayName: Set Release Name - - pwsh: | - $azureRmModule = Get-InstalledModule AzureRM -ErrorAction SilentlyContinue -Verbose - if ($azureRmModule) { - Write-Host 'AzureRM module exists. Removing it' - Uninstall-AzureRm - Write-Host 'AzureRM module removed' - } - - Install-Module -Name Az.Storage -Force -AllowClobber -Scope CurrentUser -Verbose - - displayName: Remove AzRM modules and install Az.Storage - - task: AzurePowerShell@5 displayName: Upload packages to blob inputs: diff --git a/.pipelines/templates/uploadToAzure.yml b/.pipelines/templates/uploadToAzure.yml index cd6f7d6739c..3bcceeb1af7 100644 --- a/.pipelines/templates/uploadToAzure.yml +++ b/.pipelines/templates/uploadToAzure.yml @@ -256,18 +256,6 @@ jobs: New-Item -Path $(Build.ArtifactStagingDirectory)/uploaded -ItemType Directory -Force displayName: Create output directory for packages - - pwsh: | - $azureRmModule = Get-InstalledModule AzureRM -ErrorAction SilentlyContinue -Verbose - if ($azureRmModule) { - Write-Host 'AzureRM module exists. Removing it' - Uninstall-AzureRm - Write-Host 'AzureRM module removed' - } - - Install-Module -Name Az.Storage -Force -AllowClobber -Scope CurrentUser -Verbose - - displayName: Remove AzRM modules - - task: AzurePowerShell@5 displayName: Upload packages to blob inputs: diff --git a/tools/installPSResources.ps1 b/tools/installPSResources.ps1 new file mode 100644 index 00000000000..4ab1a9dc4bb --- /dev/null +++ b/tools/installPSResources.ps1 @@ -0,0 +1,24 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. +param( + [ValidateSet("PSGallery", "CFS")] + [string]$PSRepository = "PSGallery" +) + +if ($PSRepository -eq "CFS" -and -not (Get-PSResourceRepository -Name CFS -ErrorAction SilentlyContinue)) { + Register-PSResourceRepository -Name CFS -Uri "https://pkgs.dev.azure.com/powershell/PowerShell/_packaging/PowerShellGalleryMirror/nuget/v3/index.json" +} + +# NOTE: Due to a bug in Install-PSResource with upstream feeds, we have to +# request an exact version. Otherwise, if a newer version is available in the +# upstream feed, it will fail to install any version at all. +Install-PSResource -Verbose -TrustRepository -RequiredResource @{ + "Az.Accounts" = @{ + version = "4.0.2" + repository = $PSRepository + } + "Az.Storage" = @{ + version = "8.1.0" + repository = $PSRepository + } +}