PowerShell/tools/releaseBuild/azureDevOps/templates/mac-package-build.yml

parameters:
  parentJob: ''
  buildArchitecture: x64

jobs:
- job: package_macOS_${{ parameters.buildArchitecture }}
  displayName: Package macOS ${{ parameters.buildArchitecture }}
  dependsOn: MacFileSigningJob_${{ parameters.buildArchitecture }}
  condition: succeeded()
  pool:
    vmImage: internal-macos-10.14
  variables:
    # Turn off Homebrew analytics
    - name: HOMEBREW_NO_ANALYTICS
      value: 1
    - name: runCodesignValidationInjection
      value: false
    - name: NugetSecurityAnalysisWarningLevel
      value: none
  steps:
  - checkout: self
    clean: true

  - pwsh: |
      # create folder
      sudo mkdir /PowerShell

      # make the current user the owner
      sudo chown $env:USER /PowerShell      
    displayName: 'Create /PowerShell'

  - template: SetVersionVariables.yml
    parameters:
      ReleaseTagVar: $(ReleaseTagVar)

  - template: shouldSign.yml

  - template: cloneToOfficialPath.yml

  - task: DownloadBuildArtifacts@0
    displayName: Download macosBinResults
    inputs:
      artifactName: 'macosBinResults'
      itemPattern: '**/*${{ parameters.buildArchitecture }}.zip'
      downloadPath: '$(System.ArtifactsDirectory)/Symbols'

  - task: DownloadBuildArtifacts@0
    displayName: Download signedMacOsBins
    inputs:
      artifactName: 'signedMacOsBins_${{ parameters.buildArchitecture }}'
      itemPattern: '**/*'
      downloadPath: '$(System.ArtifactsDirectory)/macOsBins'
    condition: and(succeeded(), eq(variables['SHOULD_SIGN'], 'true'))

  - pwsh: |
      Get-ChildItem "$(System.ArtifactsDirectory)\*" -Recurse      
    displayName: 'Capture Downloaded Artifacts'
    # Diagnostics is not critical it passes every time it runs
    continueOnError: true

  - pwsh: |
      $zipPath = Get-Item '$(System.ArtifactsDirectory)\Symbols\macosBinResults\*symbol*${{ parameters.buildArchitecture }}.zip'
      Write-Verbose -Verbose "Zip Path: $zipPath"

      $expandedFolder = $zipPath.BaseName
      Write-Host "sending.. vso[task.setvariable variable=SymbolsFolder]$expandedFolder"
      Write-Host "##vso[task.setvariable variable=SymbolsFolder]$expandedFolder"

      Expand-Archive -Path $zipPath -Destination "$(System.ArtifactsDirectory)\$expandedFolder" -Force      
    displayName: Expand symbols zip

  - pwsh: |
      Import-Module $(PowerShellRoot)/build.psm1 -Force
      Import-Module $(PowerShellRoot)/tools/packaging -Force
      $signedFilesPath = '$(System.ArtifactsDirectory)/macOsBins/signedMacOsBins_${{ parameters.buildArchitecture }}/'
      $BuildPath = '$(System.ArtifactsDirectory)\$(SymbolsFolder)'

      Update-PSSignedBuildFolder -BuildPath $BuildPath -SignedFilesPath $SignedFilesPath      
    displayName: Merge signed files with Build
    condition: and(succeeded(), eq(variables['SHOULD_SIGN'], 'true'))

  - template: Sbom.yml@ComplianceRepo
    parameters:
      BuildDropPath: '$(System.ArtifactsDirectory)/$(SymbolsFolder)'
      Build_Repository_Uri: $(Github_Build_Repository_Uri)

  - pwsh: |
      Import-Module $(PowerShellRoot)/build.psm1 -Force
      Import-Module $(PowerShellRoot)/tools/packaging -Force

      $destFolder = '$(System.ArtifactsDirectory)\signedZip'
      $BuildPath = '$(System.ArtifactsDirectory)\$(SymbolsFolder)'

      $null = New-Item -ItemType Directory -Path $destFolder -Force

      $BuildPackagePath = New-PSBuildZip -BuildPath $BuildPath -DestinationFolder $destFolder

      Write-Verbose -Verbose "New-PSSignedBuildZip returned `$BuildPackagePath as: $BuildPackagePath"
      Write-Host "##vso[artifact.upload containerfolder=results;artifactname=results]$BuildPackagePath"

      $vstsCommandString = "vso[task.setvariable variable=BuildPackagePath]$BuildPackagePath"
      Write-Host ("sending " + $vstsCommandString)
      Write-Host "##$vstsCommandString"      
    displayName: Compress signed files

  - pwsh: |
      tools/releaseBuild/macOS/PowerShellPackageVsts.ps1 -location $(PowerShellRoot) -BootStrap      
    displayName: 'Bootstrap VM'

  - pwsh: |
      $(Build.SourcesDirectory)/tools/releaseBuild/macOS/PowerShellPackageVsts.ps1 -ReleaseTag $(ReleaseTagVar) -Destination $(System.ArtifactsDirectory) -location $(PowerShellRoot) -ArtifactName macosPkgResults -BuildZip $(BuildPackagePath) -ExtraPackage "tar" -Runtime 'osx-${{ parameters.buildArchitecture }}'      
    displayName: 'Package'

  - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
    displayName: 'Component Detection'
    inputs:
      sourceScanPath: '$(Build.SourcesDirectory)'
      snapshotForceEnabled: true