diff --git a/build/azure-pipelines/darwin/sql-product-build-darwin-signing.yml b/build/azure-pipelines/darwin/sql-product-build-darwin-signing.yml index 1ccaf4d62ce1..b429647755d7 100644 --- a/build/azure-pipelines/darwin/sql-product-build-darwin-signing.yml +++ b/build/azure-pipelines/darwin/sql-product-build-darwin-signing.yml @@ -17,55 +17,11 @@ steps: mv azuredatastudio-darwin-$(VSCODE_ARCH)-unsigned.zip azuredatastudio-darwin-$(VSCODE_ARCH).zip displayName: 'Rename the file' - - task: EsrpCodeSigning@3 - displayName: 'ESRP CodeSigning' - inputs: - ConnectedServiceName: 'Code Signing' - FolderPath: '$(Build.SourcesDirectory)/.build/drop/darwin/archive' - Pattern: 'azuredatastudio-darwin-$(VSCODE_ARCH).zip' - signConfigType: inlineSignParams - inlineOperation: | - [ - { - "keyCode": "CP-401337-Apple", - "operationCode": "MacAppDeveloperSign", - "parameters": { - "Hardening": "Enable" - }, - "toolName": "sign", - "toolVersion": "1.0" - } - ] - SessionTimeout: 90 - condition: and(succeeded(), eq(variables['signed'], true)) - - script: | zip -d $(Build.SourcesDirectory)/.build/drop/darwin/archive/azuredatastudio-darwin-$(VSCODE_ARCH).zip "*.pkg" displayName: Clean Archive condition: and(succeeded(), eq(variables['signed'], true)) - - task: EsrpCodeSigning@3 - displayName: 'ESRP Notarization' - inputs: - ConnectedServiceName: 'Code Signing' - FolderPath: '$(Build.SourcesDirectory)/.build/drop/darwin/archive' - Pattern: 'azuredatastudio-darwin-$(VSCODE_ARCH).zip' - signConfigType: inlineSignParams - inlineOperation: | - [ - { - "KeyCode": "CP-401337-Apple", - "OperationCode": "MacAppNotarize", - "Parameters": { - "BundleId": "com.microsoft.azuredatastudio-$(VSCODE_QUALITY)" - }, - "ToolName": "sign", - "ToolVersion": "1.0" - } - ] - SessionTimeout: 120 - condition: and(succeeded(), eq(variables['signed'], true)) - - task: CopyFiles@2 displayName: 'Copy Files to: $(Build.ArtifactStagingDirectory)/darwin/archive' inputs: diff --git a/build/azure-pipelines/darwin/sql-product-build-darwin.yml b/build/azure-pipelines/darwin/sql-product-build-darwin.yml index e5ef956780f4..7752428d9fbe 100644 --- a/build/azure-pipelines/darwin/sql-product-build-darwin.yml +++ b/build/azure-pipelines/darwin/sql-product-build-darwin.yml @@ -1,10 +1,4 @@ steps: - - task: InstallAppleCertificate@2 - displayName: 'Install developer certificate' - inputs: - certSecureFile: 'osx_signing_key.p12' - condition: eq(variables['signed'], true) - - task: DownloadPipelineArtifact@2 inputs: artifact: Compilation @@ -28,20 +22,13 @@ steps: versionSpec: '3.11.x' addToPath: true - - task: AzureKeyVault@1 - displayName: 'Azure Key Vault: Get Secrets' - inputs: - azureSubscription: 'ADS Pipelines' - KeyVaultName: ado-secrets - SecretsFilter: 'github-distro-mixin-password' - - script: | set -e cat << EOF > ~/.netrc machine github.com login azuredatastudio - password $(github-distro-mixin-password) + password $(Github-Mixin-Password) EOF git config user.email "sqltools@service.microsoft.com" @@ -82,7 +69,7 @@ steps: CHILD_CONCURRENCY=1 yarn --frozen-lockfile displayName: Install dependencies env: - GITHUB_TOKEN: $(github-distro-mixin-password) + GITHUB_TOKEN: $(Github-Mixin-Password) condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true')) - script: | @@ -110,8 +97,8 @@ steps: yarn gulp vscode-darwin-$(VSCODE_ARCH)-min-ci displayName: Build env: - GITHUB_TOKEN: $(github-distro-mixin-password) - VSCODE_MIXIN_PASSWORD: $(github-distro-mixin-password) + GITHUB_TOKEN: $(Github-Mixin-Password) + VSCODE_MIXIN_PASSWORD: $(Github-Mixin-Password) condition: and(succeeded(), ne(variables['VSCODE_ARCH'], 'universal')) - script: | @@ -119,7 +106,7 @@ steps: ./scripts/test.sh --build --tfs "Unit Tests" --coverage displayName: Run unit tests env: - GITHUB_TOKEN: $(github-distro-mixin-password) + GITHUB_TOKEN: $(Github-Mixin-Password) condition: and(succeeded(), eq(variables['RUN_TESTS'], 'true')) - script: | @@ -134,7 +121,7 @@ steps: ./scripts/test-integration.sh --build --tfs "Integration Tests" displayName: Run core integration tests env: - GITHUB_TOKEN: $(github-distro-mixin-password) + GITHUB_TOKEN: $(Github-Mixin-Password) condition: and(succeeded(), eq(variables['RUN_TESTS'], 'true')) - script: | @@ -153,7 +140,7 @@ steps: displayName: Run core smoke tests (Continue on Error) continueOnError: true env: - GITHUB_TOKEN: $(github-distro-mixin-password) + GITHUB_TOKEN: $(Github-Mixin-Password) condition: and(succeeded(), and(or(eq(variables['RUN_TESTS'], 'true'), eq(variables['RUN_SMOKE_TESTS'], 'true')), ne(variables['SMOKE_FAIL_ON_ERROR'], 'true'))) - script: | @@ -163,7 +150,7 @@ steps: yarn smoketest --build "$APP_ROOT/$APP_NAME" --log "$(build.artifactstagingdirectory)/logs/darwin/smoke.log" --extensionsDir "$(build.sourcesdirectory)/extensions" displayName: Run core smoke tests (Fail on Error) env: - GITHUB_TOKEN: $(github-distro-mixin-password) + GITHUB_TOKEN: $(Github-Mixin-Password) condition: and(succeeded(), and(or(eq(variables['RUN_TESTS'], 'true'), eq(variables['RUN_SMOKE_TESTS'], 'true')), eq(variables['SMOKE_FAIL_ON_ERROR'], 'true'))) # - script: | diff --git a/build/azure-pipelines/linux/sql-product-build-linux.yml b/build/azure-pipelines/linux/sql-product-build-linux.yml index c420f0ff8543..065cfeef1f83 100644 --- a/build/azure-pipelines/linux/sql-product-build-linux.yml +++ b/build/azure-pipelines/linux/sql-product-build-linux.yml @@ -10,13 +10,6 @@ steps: inputs: versionSpec: "1.x" - - task: AzureKeyVault@1 - displayName: 'Azure Key Vault: Get Secrets' - inputs: - azureSubscription: 'ADS Pipelines' - KeyVaultName: ado-secrets - SecretsFilter: 'github-distro-mixin-password' - - task: DownloadPipelineArtifact@2 inputs: artifact: Compilation @@ -34,7 +27,7 @@ steps: cat << EOF > ~/.netrc machine github.com login azuredatastudio - password $(github-distro-mixin-password) + password $(Github-Mixin-Password) EOF git config user.email "sqltools@service.microsoft.com" @@ -74,7 +67,7 @@ steps: CHILD_CONCURRENCY=1 yarn --frozen-lockfile displayName: Install dependencies env: - GITHUB_TOKEN: $(github-distro-mixin-password) + GITHUB_TOKEN: $(Github-Mixin-Password) condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true')) - script: | @@ -101,8 +94,8 @@ steps: yarn gulp vscode-linux-x64-min-ci displayName: Build env: - GITHUB_TOKEN: $(github-distro-mixin-password) - VSCODE_MIXIN_PASSWORD: $(github-distro-mixin-password) + GITHUB_TOKEN: $(Github-Mixin-Password) + VSCODE_MIXIN_PASSWORD: $(Github-Mixin-Password) - script: | set -e @@ -127,7 +120,7 @@ steps: DISPLAY=:10 ./scripts/test.sh --build --tfs "Unit Tests" --coverage displayName: Run core unit tests env: - GITHUB_TOKEN: $(github-distro-mixin-password) + GITHUB_TOKEN: $(Github-Mixin-Password) condition: and(succeeded(), eq(variables['RUN_TESTS'], 'true'), ne(variables['EXTENSIONS_ONLY'], 'true')) - script: | @@ -142,7 +135,7 @@ steps: DISPLAY=:10 ./scripts/test-integration.sh --build --tfs "Integration Tests" displayName: Run core integration tests env: - GITHUB_TOKEN: $(github-distro-mixin-password) + GITHUB_TOKEN: $(Github-Mixin-Password) condition: and(succeeded(), eq(variables['RUN_TESTS'], 'true'), ne(variables['EXTENSIONS_ONLY'], 'true')) - script: | @@ -159,7 +152,7 @@ steps: displayName: Run Extension Unit Tests (Continue on Error) continueOnError: true env: - GITHUB_TOKEN: $(github-distro-mixin-password) + GITHUB_TOKEN: $(Github-Mixin-Password) condition: and(succeeded(), and(eq(variables['RUN_TESTS'], 'true'), eq(variables['EXTENSION_UNIT_TESTS_FAIL_ON_ERROR'], 'false'))) - script: | @@ -175,7 +168,7 @@ steps: DISPLAY=:10 ./scripts/test-extensions-unit.sh --build --tfs "Extension Unit Tests" displayName: Run Extension Unit Tests (Fail on Error) env: - GITHUB_TOKEN: $(github-distro-mixin-password) + GITHUB_TOKEN: $(Github-Mixin-Password) condition: and(succeeded(), and(eq(variables['RUN_TESTS'], 'true'), ne(variables['EXTENSION_UNIT_TESTS_FAIL_ON_ERROR'], 'false'))) - bash: | @@ -216,65 +209,6 @@ steps: displayName: Build rpm package condition: and(succeeded(), ne(variables['EXTENSIONS_ONLY'], 'true')) - - task: UseDotNet@2 - displayName: 'Install .NET SDK for signing' - inputs: - packageType: sdk - version: 6.0.x - installationPath: $(Agent.ToolsDirectory)/dotnet - - - task: EsrpCodeSigning@3 - inputs: - ConnectedServiceName: 'Code Signing' - FolderPath: '$(Build.SourcesDirectory)/.build/linux' - Pattern: 'deb/*.deb, rpm/*.rpm' - signConfigType: inlineSignParams - inlineOperation: | - [ - { - "KeyCode": "CP-500207-Pgp", - "OperationCode": "LinuxSign", - "Parameters": {}, - "ToolName": "sign", - "ToolVersion": "1.0" - } - ] - SessionTimeout: 120 - displayName: 'Signing deb and rpm' - condition: and(succeeded(), ne(variables['EXTENSIONS_ONLY'], 'true'), eq(variables['signed'], true)) - - - task: EsrpCodeSigning@3 - inputs: - ConnectedServiceName: 'Code Signing' - FolderPath: '$(Build.SourcesDirectory)/.build' - Pattern: 'extensions/*.vsix,langpacks/*.vsix' - signConfigType: inlineSignParams - inlineOperation: | - [ - { - "keyCode": "CP-233016", - "operationSetCode": "OpcSign", - "parameters": [ - { - "parameterName": "FileDigest", - "parameterValue": "/fd \"SHA256\"" - } - ], - "toolName": "sign", - "toolVersion": "1.0" - }, - { - "keyCode": "CP-233016", - "operationSetCode": "OpcVerify", - "parameters": [], - "toolName": "sign", - "toolVersion": "1.0" - } - ] - SessionTimeout: 120 - displayName: 'Signing Extensions and Langpacks' - condition: and(succeeded(), eq(variables['signed'], true)) - - script: | set -e ./build/azure-pipelines/linux/createDrop.sh diff --git a/build/azure-pipelines/sql-product-build.yml b/build/azure-pipelines/sql-product-build.yml index 4e48d315b444..1c72f7c24e79 100644 --- a/build/azure-pipelines/sql-product-build.yml +++ b/build/azure-pipelines/sql-product-build.yml @@ -1,16 +1,9 @@ -resources: - containers: - - container: linux-x64 - image: sqltoolscontainers.azurecr.io/linux-build-agent:9 - endpoint: SqlToolsContainers - stages: - stage: Compile jobs: - job: Compile pool: - vmImage: 'Ubuntu-20.04' - container: linux-x64 + vmImage: 'ubuntu-latest' steps: - script: | set -e @@ -34,22 +27,12 @@ stages: - template: darwin/sql-product-build-darwin.yml timeoutInMinutes: 90 - - job: macOS_Signing - variables: - VSCODE_ARCH: x64 - condition: and(succeeded(), eq(variables['signed'], true)) - dependsOn: - - macOS - steps: - - template: darwin/sql-product-build-darwin-signing.yml - timeoutInMinutes: 60 - - job: macOS_ARM64 variables: NPM_CONFIG_ARCH: arm64 VSCODE_ARCH: arm64 AZDATA_RUNTIME: OSX_ARM64 - # Do not run tests for arm64 build + # Do not run tests for macOS_ARM64 build RUN_TESTS: false RUN_SMOKE_TESTS: false condition: and(succeeded(), eq(variables['VSCODE_BUILD_MACOS_ARM64'], 'true')) @@ -57,21 +40,11 @@ stages: - template: darwin/sql-product-build-darwin.yml timeoutInMinutes: 90 - - job: macOS_Signing_ARM64 - variables: - VSCODE_ARCH: arm64 - condition: and(succeeded(), eq(variables['signed'], true)) - dependsOn: - - macOS_ARM64 - steps: - - template: darwin/sql-product-build-darwin-signing.yml - timeoutInMinutes: 60 - - job: macOS_Universal variables: NPM_CONFIG_ARCH: x64 VSCODE_ARCH: universal - # Do not run tests for universal build + # Do not run tests for macOS_Universal build RUN_TESTS: false RUN_SMOKE_TESTS: false dependsOn: @@ -81,16 +54,6 @@ stages: - template: darwin/sql-product-build-darwin.yml timeoutInMinutes: 90 - - job: macOS_Signing_Universal - variables: - VSCODE_ARCH: universal - condition: and(succeeded(), eq(variables['signed'], true)) - dependsOn: - - macOS_Universal - steps: - - template: darwin/sql-product-build-darwin-signing.yml - timeoutInMinutes: 60 - - stage: Linux condition: and(succeeded(), eq(variables['VSCODE_BUILD_LINUX'], true)) dependsOn: @@ -98,8 +61,7 @@ stages: jobs: - job: Linux pool: - vmImage: 'Ubuntu-20.04' - container: linux-x64 + vmImage: 'ubuntu-latest' steps: - template: linux/sql-product-build-linux.yml parameters: @@ -129,45 +91,6 @@ stages: steps: - template: win32/sql-product-build-win32.yml timeoutInMinutes: 90 - # disable due to invalid machine pool (karlb 3/9/2022) - # - job: Windows_Test - # condition: and(succeeded(), eq(variables['VSCODE_BUILD_WIN32'], 'true')) - # pool: - # name: mssqltools - # dependsOn: - # - Linux - # - Windows - # steps: - # - template: win32/sql-product-test-win32.yml - # timeoutInMinutes: 90 - - - stage: Release - # Requirements: - # 1. Release can be created only from builds of the official build pipeline, but not all builds of it should be released automatically. - # 2. A build should be released only when the release variable is set to true. - # 3. The daily scheduled Insiders build should be released automatically. - # - # Limitation: - # Ideally, we should be able to use the condition `and(succeeded(), eq(variables['VSCODE_RELEASE'], 'true')` to achieve what we want. The VSCODE_RELEASE variable can be defined as overwritable or non-overwritable based on whether we want to - # release from the pipeline. Unfortunately ADO doesn't allow overriding variable values for scheduled runs. (see https://learn.microsoft.com/en-us/azure/devops/pipelines/process/scheduled-triggers?view=azure-devops&tabs=yaml#scheduled-triggers). - # This means we can't simply set VSCODE_RELEASE to true only for scheduled builds and have to set it to true for all runs of the pipeline by default. - # - # Implementation: - # Set the VSCODE_RELEASE variable's default value to true and add the release tag for following scenarios: - # 1. The build is a scheduled insiders build. - # 2. The build is not an insiders build. e.g. rc1, stable, saw. - # To release an ad-hoc insiders build, manually add 'Release' tag to the build. - condition: and(succeeded(), eq(variables['VSCODE_RELEASE'], 'true'), or(ne(variables['VSCODE_QUALITY'], 'insider'), and(eq(variables['VSCODE_QUALITY'], 'insider'), eq(variables['Build.Reason'], 'Schedule')))) - pool: - vmImage: 'Ubuntu-20.04' - dependsOn: - - macOS - - Linux - - Windows - jobs: - - job: Add_Release_Tag - steps: - - template: sql-release.yml trigger: none pr: none diff --git a/build/azure-pipelines/sql-product-compile.yml b/build/azure-pipelines/sql-product-compile.yml index 09d25109de69..399e2b0124a2 100644 --- a/build/azure-pipelines/sql-product-compile.yml +++ b/build/azure-pipelines/sql-product-compile.yml @@ -7,18 +7,12 @@ steps: inputs: versionSpec: "1.x" -- task: AzureKeyVault@1 - displayName: 'Azure Key Vault: Get Secrets' - inputs: - azureSubscription: 'ADS Pipelines' - KeyVaultName: ado-secrets - - script: | set -e cat << EOF > ~/.netrc machine github.com login azuredatastudio - password $(github-distro-mixin-password) + password $(Github-Mixin-Password) EOF git config user.email "sqltools@service.microsoft.com" @@ -57,8 +51,10 @@ steps: displayName: Extract node_modules archive - script: | - set -e - CHILD_CONCURRENCY=1 yarn --frozen-lockfile + set -e + sudo apt-get update + sudo apt-get install -y build-essential g++ libx11-dev libxkbfile-dev libsecret-1-dev python-is-python3 libkrb5-dev fakeroot rpm + CHILD_CONCURRENCY=1 yarn --frozen-lockfile displayName: Install dependencies condition: and(succeeded(), ne(variables['NODE_MODULES_RESTORED'], 'true')) @@ -96,14 +92,6 @@ steps: yarn npm-run-all -lp sqllint extensions-lint displayName: SQL Hygiene -- script: | - set -e - AZURE_STORAGE_ACCOUNT="$(sourcemap-storage-account)" \ - AZURE_STORAGE_ACCESS_KEY="$(sourcemap-storage-key)" \ - node build/azure-pipelines/upload-sourcemaps - displayName: Upload sourcemaps - condition: and(succeeded(), ne(variables['VSCODE_PUBLISH'], 'false')) - - script: | set -e diff --git a/build/azure-pipelines/web/sql-product-build-web.yml b/build/azure-pipelines/web/sql-product-build-web.yml index fa20f630b6bd..b3c4528e6dc6 100644 --- a/build/azure-pipelines/web/sql-product-build-web.yml +++ b/build/azure-pipelines/web/sql-product-build-web.yml @@ -187,38 +187,6 @@ steps: version: 6.0.x installationPath: $(Agent.ToolsDirectory)/dotnet -- task: EsrpCodeSigning@3 - inputs: - ConnectedServiceName: 'Code Signing' - FolderPath: '$(Build.SourcesDirectory)/.build' - Pattern: 'extensions/*.vsix,langpacks/*.vsix' - signConfigType: inlineSignParams - inlineOperation: | - [ - { - "keyCode": "CP-233016", - "operationSetCode": "OpcSign", - "parameters": [ - { - "parameterName": "FileDigest", - "parameterValue": "/fd \"SHA256\"" - } - ], - "toolName": "sign", - "toolVersion": "1.0" - }, - { - "keyCode": "CP-233016", - "operationSetCode": "OpcVerify", - "parameters": [], - "toolName": "sign", - "toolVersion": "1.0" - } - ] - SessionTimeout: 120 - displayName: 'Signing Extensions and Langpacks' - condition: and(succeeded(), eq(variables['signed'], true)) - - script: | set -e ./build/azure-pipelines/web/createDrop.sh diff --git a/build/azure-pipelines/win32/sql-product-build-win32.yml b/build/azure-pipelines/win32/sql-product-build-win32.yml index 4f66731407d5..83a17ab093f1 100644 --- a/build/azure-pipelines/win32/sql-product-build-win32.yml +++ b/build/azure-pipelines/win32/sql-product-build-win32.yml @@ -12,13 +12,6 @@ steps: versionSpec: '3.11.x' addToPath: true - - task: AzureKeyVault@1 - inputs: - azureSubscription: 'ADS Pipelines' - KeyVaultName: ado-secrets - SecretsFilter: 'github-distro-mixin-password,standalone-extensions-uri,esrp-pki,esrp-aad-username,esrp-aad-password' - displayName: 'Azure Key Vault: Get Secrets' - - task: DownloadPipelineArtifact@2 inputs: artifact: Compilation @@ -35,7 +28,7 @@ steps: - powershell: | . build/azure-pipelines/win32/exec.ps1 $ErrorActionPreference = "Stop" - "machine github.com`nlogin azuredatastudio`npassword $(github-distro-mixin-password)" | Out-File "$env:USERPROFILE\_netrc" -Encoding ASCII + "machine github.com`nlogin azuredatastudio`npassword $(Github-Mixin-Password)" | Out-File "$env:USERPROFILE\_netrc" -Encoding ASCII exec { git config user.email "sqltools@service.microsoft.com" } exec { git config user.name "AzureDataStudio" } @@ -81,7 +74,7 @@ steps: $env:CHILD_CONCURRENCY="1" exec { yarn --frozen-lockfile } env: - GITHUB_TOKEN: $(github-distro-mixin-password) + GITHUB_TOKEN: $(Github-Mixin-Password) condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true')) displayName: Install dependencies @@ -115,8 +108,8 @@ steps: exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-inno-updater" } displayName: Build env: - GITHUB_TOKEN: $(github-distro-mixin-password) - VSCODE_MIXIN_PASSWORD: $(github-distro-mixin-password) + GITHUB_TOKEN: $(Github-Mixin-Password) + VSCODE_MIXIN_PASSWORD: $(Github-Mixin-Password) - task: UniversalPackages@0 displayName: Download SAW Python package @@ -129,19 +122,6 @@ steps: vstsPackageVersion: '*' condition: and(succeeded(), eq(variables['VSCODE_QUALITY'], 'saw'), ne(variables['VSCODE_ARCH'], 'arm64')) - - powershell: | - # Install TSGOps specific extensions - $ErrorActionPreference = "Stop" - $tempFilePath = (New-TemporaryFile).FullName - $zipFilePath = $tempFilePath + ".zip" - $extensionUri = "$(standalone-extensions-uri)" - $adsExtensionPath = "$(agent.builddirectory)\azuredatastudio-win32-x64\resources\app\extensions" - Invoke-WebRequest -Uri $extensionUri -OutFile $tempFilePath - Move-Item $tempFilePath $zipFilePath - Expand-Archive $zipFilePath -DestinationPath $adsExtensionPath - displayName: Install SAW Extensions - condition: and(succeeded(), eq(variables['VSCODE_QUALITY'], 'saw'), ne(variables['VSCODE_ARCH'], 'arm64')) - # - powershell: | @anthonydresser unit tests timeout never existing the node process # . build/azure-pipelines/win32/exec.ps1 # $ErrorActionPreference = "Stop" @@ -176,158 +156,14 @@ steps: displayName: Run core integration tests (arm64) condition: and(succeeded(), and(eq(variables['RUN_TESTS'], 'true'), eq(variables['VSCODE_ARCH'], 'arm64'))) - - task: EsrpCodeSigning@3 - displayName: 'Sign out code' - inputs: - ConnectedServiceName: 'Code Signing' - FolderPath: '$(agent.builddirectory)/azuredatastudio-win32-$(VSCODE_ARCH)' - Pattern: '*.exe,*.node,resources/app/node_modules.asar.unpacked/*.dll,d3dcompiler_47.dll,vulkan-1.dll,libGLESv2.dll,ffmpeg.dll,libEGL.dll,Microsoft.SqlTools.Hosting.dll,Microsoft.SqlTools.ResourceProvider.Core.dll,Microsoft.SqlTools.ResourceProvider.DefaultImpl.dll,MicrosoftSqlToolsCredentials.dll,MicrosoftSqlToolsServiceLayer.dll,Newtonsoft.Json.dll,SqlSerializationService.dll,SqlToolsResourceProviderService.dll,Microsoft.SqlServer.*.dll,Microsoft.Data.Tools.Sql.BatchParser.dll' - signConfigType: inlineSignParams - inlineOperation: | - [ -   { -     "keyCode": "CP-230012", -     "operationSetCode": "SigntoolSign", -     "parameters": [ -     { -       "parameterName": "OpusName", -       "parameterValue": "Azure Data Studio" -     }, -     { -       "parameterName": "OpusInfo", -       "parameterValue": "https://github.com/microsoft/azuredatastudio" -     }, -     { -       "parameterName": "PageHash", -       "parameterValue": "/NPH" -     }, -     { -       "parameterName": "FileDigest", -       "parameterValue": "/fd sha256" -     }, -     { -       "parameterName": "TimeStamp", -       "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256" -     } -     ], -     "toolName": "signtool.exe", -     "toolVersion": "6.2.9304.0" -   }, -   { -     "keyCode": "CP-230012", -     "operationSetCode": "SigntoolVerify", -     "parameters": [ -     { -       "parameterName": "VerifyAll", -       "parameterValue": "/all" -     } - ], -     "toolName": "signtool.exe", -     "toolVersion": "6.2.9304.0" -   } - ] - SessionTimeout: 600 - MaxConcurrency: 5 - MaxRetryAttempts: 20 - condition: and(succeeded(), eq(variables['signed'], true)) - - - task: UseDotNet@2 - displayName: 'Install .NET 6.x for ESRP signing' - inputs: - version: 6.x - condition: and(succeeded(), eq(variables['signed'], true)) - - - task: EsrpClientTool@1 - displayName: Download ESRPClient - condition: and(succeeded(), eq(variables['signed'], true)) - - - powershell: | - . build/azure-pipelines/win32/exec.ps1 - $ErrorActionPreference = "Stop" - $EsrpClientTool = (gci -directory -filter EsrpClientTool_* $(Agent.RootDirectory)\_tasks | Select-Object -last 1).FullName - $EsrpCliZip = (gci -recurse -filter esrpcli.*.zip $EsrpClientTool | Select-Object -last 1).FullName - mkdir -p $(Agent.TempDirectory)\esrpcli - Expand-Archive -Path $EsrpCliZip -DestinationPath $(Agent.TempDirectory)\esrpcli - $EsrpCliDllPath = (gci -recurse -filter esrpcli.dll $(Agent.TempDirectory)\esrpcli | Select-Object -last 1).FullName - echo "##vso[task.setvariable variable=EsrpCliDllPath]$EsrpCliDllPath" - displayName: Find ESRP CLI - condition: and(succeeded(), eq(variables['signed'], true)) - - powershell: | . build/azure-pipelines/win32/exec.ps1 $ErrorActionPreference = "Stop" exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-user-setup" } exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-system-setup" } exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-archive" } - displayName: Archive & User & System setup (Unsigned) - condition: and(succeeded(), eq(variables['signed'], false)) - - - powershell: | - . build/azure-pipelines/win32/exec.ps1 - $ErrorActionPreference = "Stop" - $env:ESRPPKI = "$(ESRP-PKI)" - $env:ESRPAADUsername = "$(esrp-aad-username)" - $env:ESRPAADPassword = "$(esrp-aad-password)" - exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-user-setup" --sign } - exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-system-setup" --sign } - exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-archive" --sign } - displayName: Archive & User & System setup (Signed) - condition: and(succeeded(), eq(variables['signed'], true)) - - - task: EsrpCodeSigning@3 - displayName: 'Sign installers' - inputs: - ConnectedServiceName: 'Code Signing' - FolderPath: '.build' - Pattern: '*.exe' - signConfigType: inlineSignParams - inlineOperation: | - [ -   { -     "keyCode": "CP-230012", -     "operationSetCode": "SigntoolSign", -     "parameters": [ -     { -       "parameterName": "OpusName", -       "parameterValue": "Azure Data Studio" -     }, -     { -       "parameterName": "OpusInfo", -       "parameterValue": "https://github.com/microsoft/azuredatastudio" -     }, -     { -       "parameterName": "PageHash", -       "parameterValue": "/NPH" -     }, -     { -       "parameterName": "FileDigest", -       "parameterValue": "/fd sha256" -     }, -     { -       "parameterName": "TimeStamp", -       "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256" -     } -     ], -     "toolName": "signtool.exe", -     "toolVersion": "6.2.9304.0" -   }, -   { -     "keyCode": "CP-230012", -     "operationSetCode": "SigntoolVerify", -     "parameters": [ -     { -       "parameterName": "VerifyAll", -       "parameterValue": "/all" -     } - ], -     "toolName": "signtool.exe", -     "toolVersion": "6.2.9304.0" -   } - ] - SessionTimeout: 600 - MaxConcurrency: 5 - MaxRetryAttempts: 20 - condition: and(succeeded(), eq(variables['signed'], true)) + displayName: Archive & User & System setup + condition: succeeded() - task: ArchiveFiles@2 displayName: 'Archive build scripts source' diff --git a/build/gulpfile.vscode.win32.js b/build/gulpfile.vscode.win32.js index 189f59527420..4a9e4e8d37f8 100644 --- a/build/gulpfile.vscode.win32.js +++ b/build/gulpfile.vscode.win32.js @@ -183,3 +183,48 @@ function updateIcon(executablePath) { gulp.task(task.define('vscode-win32-ia32-inno-updater', task.series(copyInnoUpdater('ia32'), updateIcon(path.join(buildPath('ia32'), 'tools', 'inno_updater.exe'))))); gulp.task(task.define('vscode-win32-x64-inno-updater', task.series(copyInnoUpdater('x64'), updateIcon(path.join(buildPath('x64'), 'tools', 'inno_updater.exe'))))); gulp.task(task.define('vscode-win32-arm64-inno-updater', task.series(copyInnoUpdater('arm64'), updateIcon(path.join(buildPath('arm64'), 'tools', 'inno_updater.exe'))))); + +/** + * Updates azuredatastudio.exe icon and metadata + * @param {string} arch + */ +function updateExeIconAndMetadata(arch) { + return cb => { + const { config } = require('./lib/electron'); + const fancyLog = require('fancy-log'); + const ansiColors = require('ansi-colors'); + + var patch = { + "version-string": { + CompanyName: config.companyName || "GitHub, Inc.", + FileDescription: config.productAppName || opts.productName, + LegalCopyright: + config.copyright || + "Copyright (C) 2014 GitHub, Inc. All rights reserved", + ProductName: config.productAppName || config.productName, + ProductVersion: config.productVersion, + }, + "file-version": config.productVersion, + "product-version": config.productVersion, + "icon": config.winIcon + }; + + fancyLog(ansiColors.cyan('[Updating exe icon]'), JSON.stringify(patch, null, 2)); + fancyLog(ansiColors.yellow(`Checking if icon exists`), fs.existsSync('resources/win32/code.ico')); + fs.readdir(buildPath(arch), (err, files) => { + if (err) { + return cb(err); + } + files.forEach(file => { + if (file.startsWith('azuredatastudio') && file.endsWith('.exe')) { + fancyLog(ansiColors.cyan('[Patching exe]'), `Updating ${file}`); + rcedit(path.join(buildPath(arch), file), patch, cb); + } + }); + }); + }; +} + +gulp.task(task.define('vscode-win32-x64-exe-patcher', updateExeIconAndMetadata('x64'))); +gulp.task(task.define('vscode-win32-ia32-exe-patcher', updateExeIconAndMetadata('ia32'))); +gulp.task(task.define('vscode-win32-arm64-exe-patcher', updateExeIconAndMetadata('arm64')));