119 lines
4.5 KiB
YAML
119 lines
4.5 KiB
YAML
parameters:
|
|
parentJob: ''
|
|
buildArchitecture: x64
|
|
|
|
jobs:
|
|
- job: package_macOS_${{ parameters.buildArchitecture }}
|
|
displayName: Package macOS ${{ parameters.buildArchitecture }}
|
|
dependsOn: MacFileSigningJob_${{ parameters.buildArchitecture }}
|
|
condition: succeeded()
|
|
pool:
|
|
vmImage: internal-macos-10.14
|
|
variables:
|
|
# Turn off Homebrew analytics
|
|
- name: HOMEBREW_NO_ANALYTICS
|
|
value: 1
|
|
- name: runCodesignValidationInjection
|
|
value: false
|
|
- name: NugetSecurityAnalysisWarningLevel
|
|
value: none
|
|
steps:
|
|
- checkout: self
|
|
clean: true
|
|
|
|
- pwsh: |
|
|
# create folder
|
|
sudo mkdir /PowerShell
|
|
|
|
# make the current user the owner
|
|
sudo chown $env:USER /PowerShell
|
|
displayName: 'Create /PowerShell'
|
|
|
|
- template: SetVersionVariables.yml
|
|
parameters:
|
|
ReleaseTagVar: $(ReleaseTagVar)
|
|
|
|
- template: shouldSign.yml
|
|
|
|
- template: cloneToOfficialPath.yml
|
|
|
|
- task: DownloadBuildArtifacts@0
|
|
displayName: Download macosBinResults
|
|
inputs:
|
|
artifactName: 'macosBinResults'
|
|
itemPattern: '**/*${{ parameters.buildArchitecture }}.zip'
|
|
downloadPath: '$(System.ArtifactsDirectory)/Symbols'
|
|
|
|
- task: DownloadBuildArtifacts@0
|
|
displayName: Download signedMacOsBins
|
|
inputs:
|
|
artifactName: 'signedMacOsBins_${{ parameters.buildArchitecture }}'
|
|
itemPattern: '**/*'
|
|
downloadPath: '$(System.ArtifactsDirectory)/macOsBins'
|
|
condition: and(succeeded(), eq(variables['SHOULD_SIGN'], 'true'))
|
|
|
|
- pwsh: |
|
|
Get-ChildItem "$(System.ArtifactsDirectory)\*" -Recurse
|
|
displayName: 'Capture Downloaded Artifacts'
|
|
# Diagnostics is not critical it passes every time it runs
|
|
continueOnError: true
|
|
|
|
- pwsh: |
|
|
$zipPath = Get-Item '$(System.ArtifactsDirectory)\Symbols\macosBinResults\*symbol*${{ parameters.buildArchitecture }}.zip'
|
|
Write-Verbose -Verbose "Zip Path: $zipPath"
|
|
|
|
$expandedFolder = $zipPath.BaseName
|
|
Write-Host "sending.. vso[task.setvariable variable=SymbolsFolder]$expandedFolder"
|
|
Write-Host "##vso[task.setvariable variable=SymbolsFolder]$expandedFolder"
|
|
|
|
Expand-Archive -Path $zipPath -Destination "$(System.ArtifactsDirectory)\$expandedFolder" -Force
|
|
displayName: Expand symbols zip
|
|
|
|
- pwsh: |
|
|
Import-Module $(PowerShellRoot)/build.psm1 -Force
|
|
Import-Module $(PowerShellRoot)/tools/packaging -Force
|
|
$signedFilesPath = '$(System.ArtifactsDirectory)/macOsBins/signedMacOsBins_${{ parameters.buildArchitecture }}/'
|
|
$BuildPath = '$(System.ArtifactsDirectory)\$(SymbolsFolder)'
|
|
|
|
Update-PSSignedBuildFolder -BuildPath $BuildPath -SignedFilesPath $SignedFilesPath
|
|
displayName: Merge signed files with Build
|
|
condition: and(succeeded(), eq(variables['SHOULD_SIGN'], 'true'))
|
|
|
|
- template: Sbom.yml@ComplianceRepo
|
|
parameters:
|
|
BuildDropPath: '$(System.ArtifactsDirectory)/$(SymbolsFolder)'
|
|
Build_Repository_Uri: $(Github_Build_Repository_Uri)
|
|
|
|
- pwsh: |
|
|
Import-Module $(PowerShellRoot)/build.psm1 -Force
|
|
Import-Module $(PowerShellRoot)/tools/packaging -Force
|
|
|
|
$destFolder = '$(System.ArtifactsDirectory)\signedZip'
|
|
$BuildPath = '$(System.ArtifactsDirectory)\$(SymbolsFolder)'
|
|
|
|
$null = New-Item -ItemType Directory -Path $destFolder -Force
|
|
|
|
$BuildPackagePath = New-PSBuildZip -BuildPath $BuildPath -DestinationFolder $destFolder
|
|
|
|
Write-Verbose -Verbose "New-PSSignedBuildZip returned `$BuildPackagePath as: $BuildPackagePath"
|
|
Write-Host "##vso[artifact.upload containerfolder=results;artifactname=results]$BuildPackagePath"
|
|
|
|
$vstsCommandString = "vso[task.setvariable variable=BuildPackagePath]$BuildPackagePath"
|
|
Write-Host ("sending " + $vstsCommandString)
|
|
Write-Host "##$vstsCommandString"
|
|
displayName: Compress signed files
|
|
|
|
- pwsh: |
|
|
tools/releaseBuild/macOS/PowerShellPackageVsts.ps1 -location $(PowerShellRoot) -BootStrap
|
|
displayName: 'Bootstrap VM'
|
|
|
|
- pwsh: |
|
|
$(Build.SourcesDirectory)/tools/releaseBuild/macOS/PowerShellPackageVsts.ps1 -ReleaseTag $(ReleaseTagVar) -Destination $(System.ArtifactsDirectory) -location $(PowerShellRoot) -ArtifactName macosPkgResults -BuildZip $(BuildPackagePath) -ExtraPackage "tar" -Runtime 'osx-${{ parameters.buildArchitecture }}'
|
|
displayName: 'Package'
|
|
|
|
- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
|
|
displayName: 'Component Detection'
|
|
inputs:
|
|
sourceScanPath: '$(Build.SourcesDirectory)'
|
|
snapshotForceEnabled: true
|