* Move fxd compliance to the top to avoid binskim and apiscan on fxd folder
* Choose only the files we build for compliance
* Update tools/packaging/packaging.psm1
Co-Authored-By: Travis Plunk <travis.plunk@microsoft.com>
Add support in packaging.psm1 to produce a .msix AppX package. Update the docker image to use the new msix package type. Update the associated yml files so AzDevOps performs the build.
## PR Context
Enable publishing PSCore6 to Microsoft Store
This PR optimizes the download tasks to reduce build times. After the change we see a order of magnitude reduction in download times for Windows package signing and also the compliance tasks.
In addition to that the PR also makes changes to organize the build artifacts in folders.
The `f` in Dockerfile is not uppercase, this breaks syntax highlighting for vscode on my client
<!-- Summarize your PR between here and the checklist. -->
## PR Context
`DockerFile` breaks syntax highlighting as mentioned and described above.
<!-- Provide a little reasoning as to why this Pull Request helps and why you have opened it. -->
The NuGet build task should wait on uploads for DEB job to complete.
## PR Context
There is a race condition when the build for DEB is completed but the upload has not. If the NuGet build job starts it may not get all the packages needed for building nuget packages.
* Add shim dll to redirect to appropriate runtime
* Build updates for creating global tool package
* Add building global tool to nuget.yml
* Add azure upload of nuget packages
Refactors `travis.ps1`. Important for maintainers: I removed the webhook and badge stuff as neither exist anymore. I also merged the build and test phase with the bootstrap phase.
Add binskim to coordinated build and increase timout
## PR Context
Total timeout for the old build was 220 minutes.
The portions before the compliance take ~30 minutes.
So, I went with 180.
I also found I missed binskim when doing this work
Refactor Unified Release Build
- Make injecting the nuget.config a template
- Make setting the version variable a template
- Add parameters to templates where needed
- Run defender scan before uploading linux packages (and rename step to plain english)
Add compliance to Coordinated build
- Also switch to mac internal pool for release build
- Also turn some duplicate tasks into templates
- Also fix issue with vscode configuration which causes yaml files not to be recogized as yaml
Update the universal build to also build the framework package needed for the dotnet sdk container image.
## PR Context
We build the package in individual builds. This change brings over the steps in the universal build.
Create unified release build for macOS and Linux packages
- Also, updated the definition with latest definitions from the definitions in use.
I will work on these in future PRs:
- Add compliance Job
- Add macOS Signing step
- Merging Windows into the YAML
Major changes are as follows:
- Avoid `SecuritySupport.IsProductBinary` and unnecessary AMSI/suspicious code scan at startup time
- Update `CompiledScriptBlockData.IsProductCode` to avoid unnecessary calls to `IsProductBinary`, which attempts to retrieve catalog signature of the target file.
- Update `PerformSecurityChecks` to skip AMSI and suspicious code scan for the `.psd1` file that contains a safe `HashtableAst` only.
- Use customized `ReadOnlyBag` instead of `ImmutableHashSet` so that we can avoid loading the `System.Collections.Immutable.dll` completely.
- Replace `SHA1` with `CRC32` when generating module analysis cache file name
- This remove the loading of `System.Security.Cryptography.Algorithms.dll` at startup
- Move `ConvertFrom-SddlString` to C# to remove the `Utility.psm1` file.
- Crossgen `Microsoft.ApplicationInsights.dll` and enable tiered compilation
- Even pwsh with crossgen assemblies spends a lot time in jitting at the startup, about `191.6ms` comparing with `24.7ms` for Windows PowerShell.
- Jitting `Microsoft.ApplicationInsights.dll` takes about `51.6ms`.
- By crossgen `Microsoft.ApplicationInsights.dll` and enable tiered compilation, the jitting time drops to about `98.9ms`.
Compare the PowerShell modules dependencies on PowerShell Gallery and sync them to AzDevOps artifacts feed if a newer is available. The release builds pick up modules from AzDevOps feed.
As of #7892, the PowerShell repository no longer uses Git submodules.
This is fantastic from a workflow standpoint, and so all the notes about
how to deal with submodules (and all the build steps explicitly
initializing and updating submodules) can be safely removed.
Add the functionality to build a framework dependent (shared framework) package for PowerShell.
The changes create two packages, one for Windows and other for Linux, due to #if code.
setdate.cpp was incorrectly assigning an int to a struct, fixed to initialize struct zero'd
update the typegen project in the bash script
added some help text at top of script for someone trying to build it
updated runtime to linux-musl-x64 instead of linux-x64 as Alpine distro uses the musl libc libraries instead of glibc which is used by most distros.
update the Windows release build script with the ability to capture all the project.assets.json files
add a Windows build to use the new feature in the release build script
update the Linux release build script with the ability to capture all the project.assets.json files
-no new build is needed because signing is not currently automated
The main purpose of this was to enable full symbols for windows release build.
Also makes explicit where we are optimizing and where we are not optimizing due to https://github.com/dotnet/corefx/issues/29700
Add meta properties to mac VSTS YAML
- Add a property to clean the build machine
- Add a property to set the format of the build name
- add a property to set which queue to run the build in
Since a PR added support to opt out of telemetry via an environment variable, we can remove the,
always intended to be a temporary, solution of deleting a file to opt out of telemetry since the
environment variable can be defined at the system level and exist before even installing PowerShell Core.
Because the variable is defined as opt out, a value of true, yes, or 1 means no telemetry is sent.
create a PowerShellPackage...ps1 that works with these VMs (vs our custom VM)
create a script to create the \powershell folder with correct permissions
a YML VSTS build definition
- add `wixpdb` output when creating `MSI` package
- capture `wixpdb` in official build
- clean up anything left behind from previous MSI builds before starting MSI build to prevent using dirty files.
- make sure MSI creation fails if there is an error
- ignore `.wixpdb` files in git
- Add functionality to `Start-NativeExecution` to
- only display output if there is an error
- log caller information
- WXS validation error fixes
- Remove unused `ExitDialog` to fix ICE82
- Add KeyPath to `SetPath` to fix ICE18
- Use `HKMU` which translates to `HKLM` to runtime to fix various validation errors about creating the shortcut
- Suppress Validation errors
- suppress ICE61, which is about same version upgrades being allowed
- suppress ICE57, caused by the shortcut not being installed per user
Based on standard practices, we need to have a copyright and license notice at the top of each source file. Removed existing copyrights and updated/added copyright notices for .h, .cpp, .cs, .ps1, and .psm1 files.
Updated module manifests for consistency to have Author = "PowerShell" and Company = "Microsoft Corporation". Removed multiple line breaks.
Separate PR coming to update contribution document for new source files: #6140
Manually reviewed each change.
Fix#6073
The Linux release build was broken because AppImage,tar,tar-arm in build.json is turned into a string of "AppImage,tar,tar-arm" by docker run. Now it's changed to use switch parameters.
Create linux-arm tarball package in our release build.
Also moved the Linux-x64 tarball creation to Ubutntu 14.04, because Start-PSBuild adds additional symbolic link files when running on Red Hat Family distros.
Note that linux-arm can only be built on Ubuntu, so the tar-arm package will also be generated from the Ubuntu 14.04.
* add template xml for package signing
* Add script to generate package signing XML
* remove uploading artifact, it always fails.
* Allow the XML to be updated to be specified
* Add two files that need to be signed
* make sure to set PSModuleRestore to true when expanding a signed build because we run PSModuleRestore at that point.
* suppress output of CmdLets which are noisy
- Include a serialized version of PSOptions in an includesymbols zip
- Add a function which will create a zip package from the expanded includesymbols zip and a folder of signed files
- Add a function to restore an includesymbols zip as a build and populated PSOptions with the options
small fixes found while doing current work item
-replace expects a regex when I wanted to do a literal replace.
Have Sync-PSTags fix any issues it find