From 8a743361f4f39dedffb7266a0c0d44dc553124c2 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 11:24:08 +0800 Subject: [PATCH 01/94] Parallelize the build via pipeline job strategy --- azure-pipelines.yml | 75 ++++++++++++++++++++++++++++++--------------- scripts/build.sh | 35 +++++++-------------- 2 files changed, 61 insertions(+), 49 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 02e6049..3c57a9e 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -5,31 +5,56 @@ parameters: - name: version - displayName: Release Version + displayName: Release Version (e.g. v0.1.0) type: string -jobs: +stages: + - stage: Build aztfy + jobs: + - job: build_binary + displayName: "Build Binaries" + strategy: + matrix: + windows-386: + OS: windows + ARCH: 386 + windows-amd64: + OS: windows + ARCH: amd64 + linux-386: + OS: linux + ARCH: 386 + linux-amd64: + OS: linux + ARCH: amd64 + linux-arm: + OS: linux + ARCH: arm + linux-arm64: + OS: linux + ARCH: arm64 + darwin-amd64: + OS: darwin + ARCH: amd64 + darwin-arm64: + OS: darwin + ARCH: arm64 + steps: + - task: GoTool@0 + displayName: 'Install Go' + inputs: + version: 1.19 + - bash: '$(system.defaultWorkingDirectory)/scripts/build.sh' + displayName: 'Building for $(OS):$(ARCH)' + arguments: '$(OS) $(ARCH) $(version)' -- job: Package - pool: - vmImage: 'ubuntu-latest' - - steps: - - task: GoTool@0 - displayName: 'Install Go' - inputs: - version: 1.18 - GOPATH: '$(Pipeline.Workspace)/gopath' - GOBIN: '$(GOPATH)/bin' - - - task: Bash@3 - displayName: "Build Packages" - inputs: - filePath: '$(system.defaultWorkingDirectory)/scripts/build.sh' - env: - VERSION: ${{ parameters.version }} - - task: PublishPipelineArtifact@1 - inputs: - targetPath: '$(system.defaultWorkingDirectory)/dist/' - artifact: 'artifact' - publishLocation: 'pipeline' + - job: publish + displayName: "Publish Binaries" + - task: PublishPipelineArtifact@1 + inputs: + targetPath: '$(system.defaultWorkingDirectory)/dist/' + artifactName: 'artifact' + artifactType: 'pipeline' + - stage: Release Linux Packages + - stage: Release Windows Setup + - stage: Draft Github Release diff --git a/scripts/build.sh b/scripts/build.sh index dee245c..985a6c5 100644 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -1,28 +1,15 @@ #!/usr/bin/env bash + +# Usage: build.sh OS ARCH VERSION +# E.g. build.sh linux amd64 v0.1.0 REVISION=$(git rev-parse --short HEAD) -OS_ARCH=("freebsd:amd64" - "freebsd:386" - "freebsd:arm" - "freebsd:arm64" - "windows:amd64" - "windows:386" - "linux:amd64" - "linux:386" - "linux:arm" - "linux:arm64" - "darwin:amd64" - "darwin:arm64") mkdir dist -for os_arch in "${OS_ARCH[@]}" ; do - OS=${os_arch%%:*} - ARCH=${os_arch#*:} - echo "GOOS: ${OS}, GOARCH: ${ARCH}" - - output=aztfy_${OS}_${ARCH} - if [[ $OS = windows ]]; then +OS=$1 +ARCH=$2 +VERSION=$3 +echo "OS: ${OS}, ARCH: ${ARCH}, VERSION: ${VERSION}" +output=aztfy_${OS}_${ARCH} +if [[ $OS = windows ]]; then output=$output.exe - fi - - GOOS="${OS}" GOARCH="${ARCH}" CGO_ENABLED=0 go build -trimpath -ldflags="-s -w -X 'main.version=${VERSION}' -X 'main.revision=${REVISION}'" -o $output - mv $output dist -done +fi +GOOS="${OS}" GOARCH="${ARCH}" CGO_ENABLED=0 go build -trimpath -ldflags="-s -w -X 'main.version=${VERSION}' -X 'main.revision=${REVISION}'" -o dist/$output From 9274e654147c483de0d81cf892ffa084179f3e9a Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 11:28:01 +0800 Subject: [PATCH 02/94] fix --- azure-pipelines.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 3c57a9e..93db734 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -46,10 +46,14 @@ stages: version: 1.19 - bash: '$(system.defaultWorkingDirectory)/scripts/build.sh' displayName: 'Building for $(OS):$(ARCH)' - arguments: '$(OS) $(ARCH) $(version)' + arguments: + - '$(OS)' + - '$(ARCH)' + - '$(version)' - job: publish displayName: "Publish Binaries" + steps: - task: PublishPipelineArtifact@1 inputs: targetPath: '$(system.defaultWorkingDirectory)/dist/' From 86115c153d1a6da795ccbae638b152e80b79d00e Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 11:30:31 +0800 Subject: [PATCH 03/94] fix --- azure-pipelines.yml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 93db734..9110f4d 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -44,13 +44,11 @@ stages: displayName: 'Install Go' inputs: version: 1.19 - - bash: '$(system.defaultWorkingDirectory)/scripts/build.sh' + - task: Bash@3 displayName: 'Building for $(OS):$(ARCH)' - arguments: - - '$(OS)' - - '$(ARCH)' - - '$(version)' - + inputs: + filePath: '$(system.defaultWorkingDirectory)/scripts/build.sh' + arguments: '$(OS) $(ARCH) $(version)' - job: publish displayName: "Publish Binaries" steps: From 9568fbc6e734d109dc5c985af973848191001b58 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 11:32:10 +0800 Subject: [PATCH 04/94] fix --- azure-pipelines.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 9110f4d..70d2f0d 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -9,7 +9,8 @@ parameters: type: string stages: - - stage: Build aztfy + - stage: build + displayName: "Build aztfy" jobs: - job: build_binary displayName: "Build Binaries" @@ -57,6 +58,9 @@ stages: targetPath: '$(system.defaultWorkingDirectory)/dist/' artifactName: 'artifact' artifactType: 'pipeline' - - stage: Release Linux Packages - - stage: Release Windows Setup - - stage: Draft Github Release + - stage: release_linux_packages + displayName: "Release Linux Packages" + - stage: release_windows_setup + displayName: "Release Windows Setup" + - stage: draft_github_release + displayName: "Draft Github Release" From c209367654b0ae241f0a6609518a343f8b99dff1 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 11:32:41 +0800 Subject: [PATCH 05/94] fix --- azure-pipelines.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 70d2f0d..8a26f12 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -58,9 +58,9 @@ stages: targetPath: '$(system.defaultWorkingDirectory)/dist/' artifactName: 'artifact' artifactType: 'pipeline' - - stage: release_linux_packages - displayName: "Release Linux Packages" - - stage: release_windows_setup - displayName: "Release Windows Setup" - - stage: draft_github_release - displayName: "Draft Github Release" + # - stage: release_linux_packages + # displayName: "Release Linux Packages" + # - stage: release_windows_setup + # displayName: "Release Windows Setup" + # - stage: draft_github_release + # displayName: "Draft Github Release" From d775389931e675bc55d04db5771a5cd7bca12876 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 13:10:30 +0800 Subject: [PATCH 06/94] add dep --- azure-pipelines.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 8a26f12..4167920 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -12,7 +12,7 @@ stages: - stage: build displayName: "Build aztfy" jobs: - - job: build_binary + - job: build displayName: "Build Binaries" strategy: matrix: @@ -51,6 +51,7 @@ stages: filePath: '$(system.defaultWorkingDirectory)/scripts/build.sh' arguments: '$(OS) $(ARCH) $(version)' - job: publish + dependsOn: build displayName: "Publish Binaries" steps: - task: PublishPipelineArtifact@1 From b658b5cb4ca994791d2c5b5231da26385a650765 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 13:40:03 +0800 Subject: [PATCH 07/94] fix --- azure-pipelines.yml | 26 ++++++++++++++++---------- scripts/build.sh | 15 --------------- 2 files changed, 16 insertions(+), 25 deletions(-) delete mode 100644 scripts/build.sh diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 4167920..8abdd50 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -45,18 +45,24 @@ stages: displayName: 'Install Go' inputs: version: 1.19 - - task: Bash@3 - displayName: 'Building for $(OS):$(ARCH)' - inputs: - filePath: '$(system.defaultWorkingDirectory)/scripts/build.sh' - arguments: '$(OS) $(ARCH) $(version)' - - job: publish - dependsOn: build - displayName: "Publish Binaries" - steps: + - script: | + REVISION=`git rev-parse --short HEAD` + dir=$OS_$ARCH + mkdir $dir + output=aztfy + if [[ $OS = windows ]]; then + output=aztfy.exe + fi + GOOS="${OS}" GOARCH="${ARCH}" CGO_ENABLED=0 go build -trimpath -ldflags="-s -w -X 'main.version=${VERSION}' -X 'main.revision=${REVISION}'" -o $dir/$output + displayName: "Build for $(OS)-$(ARCH)" + env: + OS: $(OS) + ARCH: $(ARCH) + VERSION: $(version) - task: PublishPipelineArtifact@1 + displayName: "Publish Binary" inputs: - targetPath: '$(system.defaultWorkingDirectory)/dist/' + targetPath: '$(system.defaultWorkingDirectory)/$(OS)_$(ARCH)' artifactName: 'artifact' artifactType: 'pipeline' # - stage: release_linux_packages diff --git a/scripts/build.sh b/scripts/build.sh deleted file mode 100644 index 985a6c5..0000000 --- a/scripts/build.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/env bash - -# Usage: build.sh OS ARCH VERSION -# E.g. build.sh linux amd64 v0.1.0 -REVISION=$(git rev-parse --short HEAD) -mkdir dist -OS=$1 -ARCH=$2 -VERSION=$3 -echo "OS: ${OS}, ARCH: ${ARCH}, VERSION: ${VERSION}" -output=aztfy_${OS}_${ARCH} -if [[ $OS = windows ]]; then - output=$output.exe -fi -GOOS="${OS}" GOARCH="${ARCH}" CGO_ENABLED=0 go build -trimpath -ldflags="-s -w -X 'main.version=${VERSION}' -X 'main.revision=${REVISION}'" -o dist/$output From 21dfd5718b6a39d19dbe62373e8f32f4426a4de8 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 13:44:46 +0800 Subject: [PATCH 08/94] debug --- azure-pipelines.yml | 48 +++++++++++++++++++++++---------------------- 1 file changed, 25 insertions(+), 23 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 8abdd50..18b1c29 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -19,42 +19,44 @@ stages: windows-386: OS: windows ARCH: 386 - windows-amd64: - OS: windows - ARCH: amd64 - linux-386: - OS: linux - ARCH: 386 - linux-amd64: - OS: linux - ARCH: amd64 - linux-arm: - OS: linux - ARCH: arm - linux-arm64: - OS: linux - ARCH: arm64 - darwin-amd64: - OS: darwin - ARCH: amd64 - darwin-arm64: - OS: darwin - ARCH: arm64 + # windows-amd64: + # OS: windows + # ARCH: amd64 + # linux-386: + # OS: linux + # ARCH: 386 + # linux-amd64: + # OS: linux + # ARCH: amd64 + # linux-arm: + # OS: linux + # ARCH: arm + # linux-arm64: + # OS: linux + # ARCH: arm64 + # darwin-amd64: + # OS: darwin + # ARCH: amd64 + # darwin-arm64: + # OS: darwin + # ARCH: arm64 steps: - task: GoTool@0 displayName: 'Install Go' inputs: version: 1.19 - script: | + pwd + set -x REVISION=`git rev-parse --short HEAD` dir=$OS_$ARCH - mkdir $dir + mkdir -p $dir output=aztfy if [[ $OS = windows ]]; then output=aztfy.exe fi GOOS="${OS}" GOARCH="${ARCH}" CGO_ENABLED=0 go build -trimpath -ldflags="-s -w -X 'main.version=${VERSION}' -X 'main.revision=${REVISION}'" -o $dir/$output - displayName: "Build for $(OS)-$(ARCH)" + displayName: "Go Build" env: OS: $(OS) ARCH: $(ARCH) From 22b86b6a007c0fad8b57137b91657118b6dc9f2e Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 13:46:29 +0800 Subject: [PATCH 09/94] debug --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 18b1c29..28d4035 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -49,7 +49,7 @@ stages: pwd set -x REVISION=`git rev-parse --short HEAD` - dir=$OS_$ARCH + dir=${OS}_${ARCH} mkdir -p $dir output=aztfy if [[ $OS = windows ]]; then From a9f23530ac18ab9661b084f646dd025e2bfb2a65 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 14:01:26 +0800 Subject: [PATCH 10/94] fix --- azure-pipelines.yml | 46 ++++++++++++++++++++++----------------------- 1 file changed, 22 insertions(+), 24 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 28d4035..3008151 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -19,37 +19,35 @@ stages: windows-386: OS: windows ARCH: 386 - # windows-amd64: - # OS: windows - # ARCH: amd64 - # linux-386: - # OS: linux - # ARCH: 386 - # linux-amd64: - # OS: linux - # ARCH: amd64 - # linux-arm: - # OS: linux - # ARCH: arm - # linux-arm64: - # OS: linux - # ARCH: arm64 - # darwin-amd64: - # OS: darwin - # ARCH: amd64 - # darwin-arm64: - # OS: darwin - # ARCH: arm64 + windows-amd64: + OS: windows + ARCH: amd64 + linux-386: + OS: linux + ARCH: 386 + linux-amd64: + OS: linux + ARCH: amd64 + linux-arm: + OS: linux + ARCH: arm + linux-arm64: + OS: linux + ARCH: arm64 + darwin-amd64: + OS: darwin + ARCH: amd64 + darwin-arm64: + OS: darwin + ARCH: arm64 steps: - task: GoTool@0 displayName: 'Install Go' inputs: version: 1.19 - script: | - pwd - set -x REVISION=`git rev-parse --short HEAD` - dir=${OS}_${ARCH} + dir=${OS}_${ARCH}/${OS}_${ARCH} mkdir -p $dir output=aztfy if [[ $OS = windows ]]; then From 1f8ffba59f3b70a2389045a7ae2872b2cb6a61ce Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 14:40:36 +0800 Subject: [PATCH 11/94] fix --- azure-pipelines.yml | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 3008151..3c1fe40 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -47,7 +47,7 @@ stages: version: 1.19 - script: | REVISION=`git rev-parse --short HEAD` - dir=${OS}_${ARCH}/${OS}_${ARCH} + dir=${OS}-${ARCH}/${OS}-${ARCH} mkdir -p $dir output=aztfy if [[ $OS = windows ]]; then @@ -62,9 +62,16 @@ stages: - task: PublishPipelineArtifact@1 displayName: "Publish Binary" inputs: - targetPath: '$(system.defaultWorkingDirectory)/$(OS)_$(ARCH)' - artifactName: 'artifact' + targetPath: '$(system.defaultWorkingDirectory)/$(OS)-$(ARCH)' + artifactName: 'artifact-$(OS)-$(ARCH)' artifactType: 'pipeline' + - job: sign_binary + displayName: "Sign Binaries" + dependsOn: build + steps: + - task: DownloadPipelineArtifact@2 + inputs: + path: $(Build.SourcesDirectory)/dist # - stage: release_linux_packages # displayName: "Release Linux Packages" # - stage: release_windows_setup From d6309a8536e367b1156b0b754b3dbe080ceed3c7 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 15:30:57 +0800 Subject: [PATCH 12/94] Add ESRP sign --- azure-pipelines.yml | 71 +++++++++++++++++++++++++++++++++------------ 1 file changed, 52 insertions(+), 19 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 3c1fe40..18435f2 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -22,24 +22,24 @@ stages: windows-amd64: OS: windows ARCH: amd64 - linux-386: - OS: linux - ARCH: 386 - linux-amd64: - OS: linux - ARCH: amd64 - linux-arm: - OS: linux - ARCH: arm - linux-arm64: - OS: linux - ARCH: arm64 - darwin-amd64: - OS: darwin - ARCH: amd64 - darwin-arm64: - OS: darwin - ARCH: arm64 + # linux-386: + # OS: linux + # ARCH: 386 + # linux-amd64: + # OS: linux + # ARCH: amd64 + # linux-arm: + # OS: linux + # ARCH: arm + # linux-arm64: + # OS: linux + # ARCH: arm64 + # darwin-amd64: + # OS: darwin + # ARCH: amd64 + # darwin-arm64: + # OS: darwin + # ARCH: arm64 steps: - task: GoTool@0 displayName: 'Install Go' @@ -71,7 +71,40 @@ stages: steps: - task: DownloadPipelineArtifact@2 inputs: - path: $(Build.SourcesDirectory)/dist + path: $(Build.SourcesDirectory)/dist + - task: EsrpCodeSigning@1 + displayName: "Sign Windows Binaries" + inputs: + ConnectedServiceName: 'ESRP Signing Service' + FolderPath: '$(Build.SourcesDirectory)/dist' + Pattern: '*.exe' + signConfigType: 'inlineSignParams' + inlineOperation: | + [ + { + "KeyCode" : "CP-230012", + "OperationCode" : "SigntoolSign", + "Parameters" : { + "OpusName" : "Microsoft", + "OpusInfo" : "http://www.microsoft.com", + "PageHash" : "/NPH", + "TimeStamp" : "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256", + "FileDigest": "/fd \"SHA256\"" + }, + "ToolName" : "sign", + "ToolVersion" : "1.0" + }, + { + "KeyCode" : "CP-230012", + "OperationCode" : "SigntoolVerify", + "Parameters" : {}, + "ToolName" : "sign", + "ToolVersion" : "1.0" + } + ] + SessionTimeout: '60' + MaxConcurrency: '50' + MaxRetryAttempts: '5' # - stage: release_linux_packages # displayName: "Release Linux Packages" # - stage: release_windows_setup From d0ae8269c69284e3faae7675bf61db8e77ed7349 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 16:12:51 +0800 Subject: [PATCH 13/94] sign digest --- azure-pipelines.yml | 47 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 18435f2..c4f3597 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -105,6 +105,53 @@ stages: SessionTimeout: '60' MaxConcurrency: '50' MaxRetryAttempts: '5' + - script: | + NAME="aztfy" + OS_ARCH=( + "windows:amd64" + "windows:386" + #"linux:amd64" + #"linux:386" + #"linux:arm" + #"linux:arm64" + #"darwin:amd64" + #"darwin:arm64" + ) + mkdir release + for os_arch in "${OS_ARCH[@]}" ; do + OS=${os_arch%%:*} + ARCH=${os_arch#*:} + name=aztfy + if [[ $OS = windows ]]; then + name=aztfy.exe + fi + zip dist/${OS}-${ARCH}/${name} release/${NAME}_${VERSION}_${OS}_${ARCH}.zip + done + cd release + shasum -a 256 *.zip > ${NAME}_SHA256SUMS + cp ${NAME}_SHA256SUMS ${NAME}_SHA256SUMS.sig + env: + VERSION: $(version) + - task: EsrpCodeSigning@1 + displayName: "Sign Binary Archive Digests" + inputs: + ConnectedServiceName: 'ESRP Signing Service' + FolderPath: '$(Build.SourcesDirectory)/release' + Pattern: '*_SHA256SUMS.sig' + signConfigType: 'inlineSignParams' + inlineOperation: | + [ + { + "keyCode": "CP-461163-Pgp", + "OperationCode": "LinuxSign", + "Parameters": {}, + "ToolName": "sign", + "ToolVersion": "1.0" + } + ] + SessionTimeout: '60' + MaxConcurrency: '50' + MaxRetryAttempts: '5' # - stage: release_linux_packages # displayName: "Release Linux Packages" # - stage: release_windows_setup From de17549b0c74ece23986860c5bfb4bc407c5e408 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 16:27:23 +0800 Subject: [PATCH 14/94] fix --- azure-pipelines.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index c4f3597..2e18c90 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -46,6 +46,7 @@ stages: inputs: version: 1.19 - script: | + set -e REVISION=`git rev-parse --short HEAD` dir=${OS}-${ARCH}/${OS}-${ARCH} mkdir -p $dir @@ -106,6 +107,7 @@ stages: MaxConcurrency: '50' MaxRetryAttempts: '5' - script: | + set -e NAME="aztfy" OS_ARCH=( "windows:amd64" @@ -125,11 +127,16 @@ stages: if [[ $OS = windows ]]; then name=aztfy.exe fi - zip dist/${OS}-${ARCH}/${name} release/${NAME}_${VERSION}_${OS}_${ARCH}.zip + zip -j release/${NAME}_${VERSION}_${OS}_${ARCH}.zip dist/${OS}-${ARCH}/${name} done cd release shasum -a 256 *.zip > ${NAME}_SHA256SUMS cp ${NAME}_SHA256SUMS ${NAME}_SHA256SUMS.sig + + cd - + pwd + ls release + displayName: "Prepare Binary Archives & Digests" env: VERSION: $(version) - task: EsrpCodeSigning@1 From c5c0c3ee6a8b4f1e6b652fbaccc4010d136d93a8 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 16:45:21 +0800 Subject: [PATCH 15/94] debug --- azure-pipelines.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 2e18c90..6f1bec2 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -72,12 +72,12 @@ stages: steps: - task: DownloadPipelineArtifact@2 inputs: - path: $(Build.SourcesDirectory)/dist + path: $(system.defaultWorkingDirectory)/dist - task: EsrpCodeSigning@1 displayName: "Sign Windows Binaries" inputs: ConnectedServiceName: 'ESRP Signing Service' - FolderPath: '$(Build.SourcesDirectory)/dist' + FolderPath: '$(system.defaultWorkingDirectory)/dist' Pattern: '*.exe' signConfigType: 'inlineSignParams' inlineOperation: | @@ -107,7 +107,9 @@ stages: MaxConcurrency: '50' MaxRetryAttempts: '5' - script: | - set -e + set -xe + pwd + ls NAME="aztfy" OS_ARCH=( "windows:amd64" @@ -143,7 +145,7 @@ stages: displayName: "Sign Binary Archive Digests" inputs: ConnectedServiceName: 'ESRP Signing Service' - FolderPath: '$(Build.SourcesDirectory)/release' + FolderPath: '$(system.defaultWorkingDirectory)/release' Pattern: '*_SHA256SUMS.sig' signConfigType: 'inlineSignParams' inlineOperation: | From 59f2a01979d7c677b2b40199c153d6d57edf1f1c Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 16:56:45 +0800 Subject: [PATCH 16/94] debug --- azure-pipelines.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 6f1bec2..6333571 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -109,7 +109,8 @@ stages: - script: | set -xe pwd - ls + ls dist + tree dist NAME="aztfy" OS_ARCH=( "windows:amd64" @@ -151,7 +152,7 @@ stages: inlineOperation: | [ { - "keyCode": "CP-461163-Pgp", + "KeyCode": "CP-450779-Pgp", "OperationCode": "LinuxSign", "Parameters": {}, "ToolName": "sign", From 4cdb72c7ad180b90b9b3c4e9d8c12faa8b0180c2 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 17:07:26 +0800 Subject: [PATCH 17/94] fix --- azure-pipelines.yml | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 6333571..f9fcd04 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -48,13 +48,12 @@ stages: - script: | set -e REVISION=`git rev-parse --short HEAD` - dir=${OS}-${ARCH}/${OS}-${ARCH} - mkdir -p $dir - output=aztfy + mkdir build + name=aztfy if [[ $OS = windows ]]; then - output=aztfy.exe + name=aztfy.exe fi - GOOS="${OS}" GOARCH="${ARCH}" CGO_ENABLED=0 go build -trimpath -ldflags="-s -w -X 'main.version=${VERSION}' -X 'main.revision=${REVISION}'" -o $dir/$output + GOOS="${OS}" GOARCH="${ARCH}" CGO_ENABLED=0 go build -trimpath -ldflags="-s -w -X 'main.version=${VERSION}' -X 'main.revision=${REVISION}'" -o build/$name displayName: "Go Build" env: OS: $(OS) @@ -63,8 +62,8 @@ stages: - task: PublishPipelineArtifact@1 displayName: "Publish Binary" inputs: - targetPath: '$(system.defaultWorkingDirectory)/$(OS)-$(ARCH)' - artifactName: 'artifact-$(OS)-$(ARCH)' + targetPath: '$(system.defaultWorkingDirectory)/build' + artifactName: '$(OS)-$(ARCH)' artifactType: 'pipeline' - job: sign_binary displayName: "Sign Binaries" From 561abe12043daf94945126642a32ce04aba33c61 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 10 Aug 2022 17:23:56 +0800 Subject: [PATCH 18/94] remove some debug stuff --- azure-pipelines.yml | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index f9fcd04..e1ed830 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -106,10 +106,7 @@ stages: MaxConcurrency: '50' MaxRetryAttempts: '5' - script: | - set -xe - pwd - ls dist - tree dist + set -e NAME="aztfy" OS_ARCH=( "windows:amd64" @@ -134,10 +131,6 @@ stages: cd release shasum -a 256 *.zip > ${NAME}_SHA256SUMS cp ${NAME}_SHA256SUMS ${NAME}_SHA256SUMS.sig - - cd - - pwd - ls release displayName: "Prepare Binary Archives & Digests" env: VERSION: $(version) From 5785b0cbb8d17b1212db98a3fae1bfe6410b39d9 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 09:54:35 +0800 Subject: [PATCH 19/94] Add GH release task --- azure-pipelines.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index e1ed830..39a319d 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -154,6 +154,17 @@ stages: SessionTimeout: '60' MaxConcurrency: '50' MaxRetryAttempts: '5' + - task: GitHubRelease@1 + inputs: + gitHubConnection: 'Github' + repositoryName: '$(Build.Repository.Name)' + action: 'create' + target: '$(Build.SourceVersion)' + tagSource: 'gitTag' + tagPattern: '^v\d+\.\d+\.\d+' + assets: '$(system.defaultWorkingDirectory)/release/*' + isDraft: true + addChangeLog: false # - stage: release_linux_packages # displayName: "Release Linux Packages" # - stage: release_windows_setup From 4d5ed2e381466e05e1239d03bc3b1965b065f6cc Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 10:24:44 +0800 Subject: [PATCH 20/94] reorder --- azure-pipelines.yml | 44 +++++++++++++++++++++++--------------------- 1 file changed, 23 insertions(+), 21 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 39a319d..bac302c 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -59,24 +59,12 @@ stages: OS: $(OS) ARCH: $(ARCH) VERSION: $(version) - - task: PublishPipelineArtifact@1 - displayName: "Publish Binary" - inputs: - targetPath: '$(system.defaultWorkingDirectory)/build' - artifactName: '$(OS)-$(ARCH)' - artifactType: 'pipeline' - - job: sign_binary - displayName: "Sign Binaries" - dependsOn: build - steps: - - task: DownloadPipelineArtifact@2 - inputs: - path: $(system.defaultWorkingDirectory)/dist - task: EsrpCodeSigning@1 displayName: "Sign Windows Binaries" + condition: eq(variables.OS, 'windows') inputs: ConnectedServiceName: 'ESRP Signing Service' - FolderPath: '$(system.defaultWorkingDirectory)/dist' + FolderPath: '$(system.defaultWorkingDirectory)/build' Pattern: '*.exe' signConfigType: 'inlineSignParams' inlineOperation: | @@ -105,6 +93,25 @@ stages: SessionTimeout: '60' MaxConcurrency: '50' MaxRetryAttempts: '5' + - task: PublishPipelineArtifact@1 + displayName: "Publish Binary" + inputs: + targetPath: '$(system.defaultWorkingDirectory)/build' + artifactName: '$(OS)-$(ARCH)' + artifactType: 'pipeline' + # - stage: release_linux_packages + # displayName: "Release Linux Packages" + # - stage: release_windows_setup + # displayName: "Release Windows Setup" + - stage: release + displayName: "Release" + jobs: + - job: release + displayName: "Release" + steps: + - task: DownloadPipelineArtifact@2 + inputs: + path: $(system.defaultWorkingDirectory)/dist - script: | set -e NAME="aztfy" @@ -155,6 +162,7 @@ stages: MaxConcurrency: '50' MaxRetryAttempts: '5' - task: GitHubRelease@1 + displayName: "Draft Github Release" inputs: gitHubConnection: 'Github' repositoryName: '$(Build.Repository.Name)' @@ -164,10 +172,4 @@ stages: tagPattern: '^v\d+\.\d+\.\d+' assets: '$(system.defaultWorkingDirectory)/release/*' isDraft: true - addChangeLog: false - # - stage: release_linux_packages - # displayName: "Release Linux Packages" - # - stage: release_windows_setup - # displayName: "Release Windows Setup" - # - stage: draft_github_release - # displayName: "Draft Github Release" + addChangeLog: false \ No newline at end of file From daeda04d8fbc1955d5bf7998fe31df3b610cf6af Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 10:51:42 +0800 Subject: [PATCH 21/94] scaffold build packages --- azure-pipelines.yml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index bac302c..01573d4 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -99,6 +99,25 @@ stages: targetPath: '$(system.defaultWorkingDirectory)/build' artifactName: '$(OS)-$(ARCH)' artifactType: 'pipeline' + + - job: build_windows_setup + displayName: "Build Windows Setup" + dependsOn: build + steps: + - script: echo TODO + + - job: build_linux_package_rpm + displayName: "Build Linux RPM Packages" + dependsOn: build + steps: + - script: echo TODO + + - job: build_linux_package_deb + displayName: "Build Linux Debian Packages" + dependsOn: build + steps: + - script: echo TODO + # - stage: release_linux_packages # displayName: "Release Linux Packages" # - stage: release_windows_setup From 691cc32963fa87c1b0ce98761776a66be9ba3568 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 13:51:12 +0800 Subject: [PATCH 22/94] package linux --- azure-pipelines.yml | 89 +++++++++++++++++++++---------- scripts/package/linux/Dockerfile | 8 +++ scripts/package/linux/buildall.sh | 87 ++++++++++++++++++++++++++++++ 3 files changed, 157 insertions(+), 27 deletions(-) create mode 100644 scripts/package/linux/Dockerfile create mode 100755 scripts/package/linux/buildall.sh diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 01573d4..c707fee 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -16,24 +16,24 @@ stages: displayName: "Build Binaries" strategy: matrix: - windows-386: - OS: windows - ARCH: 386 - windows-amd64: - OS: windows - ARCH: amd64 - # linux-386: - # OS: linux + # windows-386: + # OS: windows # ARCH: 386 - # linux-amd64: - # OS: linux + # windows-amd64: + # OS: windows # ARCH: amd64 - # linux-arm: - # OS: linux - # ARCH: arm - # linux-arm64: - # OS: linux - # ARCH: arm64 + linux-386: + OS: linux + ARCH: 386 + linux-amd64: + OS: linux + ARCH: amd64 + linux-arm: + OS: linux + ARCH: arm + linux-arm64: + OS: linux + ARCH: arm64 # darwin-amd64: # OS: darwin # ARCH: amd64 @@ -98,7 +98,6 @@ stages: inputs: targetPath: '$(system.defaultWorkingDirectory)/build' artifactName: '$(OS)-$(ARCH)' - artifactType: 'pipeline' - job: build_windows_setup displayName: "Build Windows Setup" @@ -106,18 +105,54 @@ stages: steps: - script: echo TODO - - job: build_linux_package_rpm - displayName: "Build Linux RPM Packages" + - job: build_linux_packages + displayName: "Build Linux RPM/Debian Packages" dependsOn: build steps: - - script: echo TODO - - - job: build_linux_package_deb - displayName: "Build Linux Debian Packages" - dependsOn: build - steps: - - script: echo TODO - + - task: DownloadPipelineArtifact@2 + inputs: + artifact: linux-386 + path: $(system.defaultWorkingDirectory)/dist + - task: DownloadPipelineArtifact@2 + inputs: + artifact: linux-amd64 + path: $(system.defaultWorkingDirectory)/dist + - task: DownloadPipelineArtifact@2 + inputs: + artifact: linux-arm + path: $(system.defaultWorkingDirectory)/dist + - task: DownloadPipelineArtifact@2 + inputs: + artifact: linux-arm64 + path: $(system.defaultWorkingDirectory)/dist + - script: | + mv $workdir/dist/linux-386 $workdir/dist/386 + mv $workdir/dist/linux-amd64 $workdir/dist/amd64 + mv $workdir/dist/linux-arm $workdir/dist/arm + mv $workdir/dist/linux-arm64 $workdir/dist/arm64 + mkdir $workdir/output + displayName: "Prepare the source folder layout" + env: + workdir: $(system.defaultWorkingDirectory) + - script: | + cd scripts/package/linux + docker build -t aztfybuild . + docker run -t --rm \ + -v $workdir/dist:/build/sources \ + -v $workdir/output:/build/output \ + aztfybuild ./buildall.sh $version /build/sources /build/output + displayName: "Build Packages" + env: + workdir: $(system.defaultWorkingDirectory) + version: $(version) + - script: | + echo TODO + displayName: "Sign Packages" + - task: PublishPipelineArtifact@1 + displayName: "Publish Packages" + inputs: + targetPath: '$(system.defaultWorkingDirectory)/output' + artifactName: 'linux-pkg' # - stage: release_linux_packages # displayName: "Release Linux Packages" # - stage: release_windows_setup diff --git a/scripts/package/linux/Dockerfile b/scripts/package/linux/Dockerfile new file mode 100644 index 0000000..9cba135 --- /dev/null +++ b/scripts/package/linux/Dockerfile @@ -0,0 +1,8 @@ +FROM ubuntu:22.04 +ARG version +RUN apt update && apt install -y ruby-dev build-essential squashfs-tools +RUN apt install -y rpm +RUN gem i fpm +WORKDIR /build +COPY buildall.sh /build +CMD ["./buildall.sh", "--help"] diff --git a/scripts/package/linux/buildall.sh b/scripts/package/linux/buildall.sh new file mode 100755 index 0000000..f8111ad --- /dev/null +++ b/scripts/package/linux/buildall.sh @@ -0,0 +1,87 @@ +#!/bin/bash + +set -e + +usage() { + cat << EOF +Usage: ./${MYNAME} [options] version sourcedir outdir + +Options: + -h|--help show this message + +Arguments: + version Version of aztfy, e.g. v0.1.0. + sourcedir The directory contains arch named subfolders, which in turn include the "aztfy" binary for that arch + (Sub-folder includes: 386, amd64, arm, arm64) + outdir The output directory, that contains the packages. +EOF +} + +die() { + echo "$@" >&2 + exit 1 +} + +main() { + while :; do + case $1 in + -h|--help) + usage + exit 1 + ;; + --) + shift + break + ;; + *) + break + ;; + esac + shift + done + + local expect_n_arg + expect_n_arg=3 + [[ $# = "$expect_n_arg" ]] || die "wrong arguments (expected: $expect_n_arg, got: $#)" + + version=$1 + [[ "$version" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]] || die 'version should be of form "vx.y.z"' + version=${version:1} + sourcedir=$2 + outdir=$3 + + cat << EOF > .fpm +--name aztfy +--license MPL-2.0 +--version $version +--description "A tool to bring existing Azure resources under Terraform's management" +--url "https://github.com/Azure/aztfy" +--maintainer "magodo " +EOF + pkg_debian $version $sourcedir $outdir + pkg_rpm $version $sourcedir $outdir +} + +pkg_debian() { + version=$1 + sourcedir=$2 + outdir=$3 + mkdir -p $outdir/debian + declare -A arch_map=( [386]=i386 [amd64]=amd64 [arm]=armhf [arm64]=arm64 ) + for arch in 386 amd64 arm arm64; do + fpm -a ${arch_map[$arch]} -s dir -t deb -p $outdir/debian/aztfy-$version-1-${arch_map[$arch]}.deb $sourcedir/$arch/aztfy=/usr/bin/aztfy + done +} + +pkg_rpm() { + version=$1 + sourcedir=$2 + outdir=$3 + mkdir -p $outdir/rpm + declare -A arch_map=( [386]=i686 [amd64]=x86_64 [arm]=armv7hl [arm64]=aarch64 ) + for arch in 386 amd64 arm arm64; do + fpm -a ${arch_map[$arch]} -s dir -t rpm -p $outdir/rpm/aztfy-$version-1-${arch_map[$arch]}.rpm $sourcedir/$arch/aztfy=/usr/bin/aztfy + done +} + +main "$@" From 9bde63e76349c0c89d05ff8a04fc01162b01c581 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 15:00:56 +0800 Subject: [PATCH 23/94] package linux --- azure-pipelines.yml | 88 ++++++++++++++++++++++--------- scripts/package/linux/Dockerfile | 4 +- scripts/package/linux/buildall.sh | 87 ------------------------------ 3 files changed, 63 insertions(+), 116 deletions(-) delete mode 100755 scripts/package/linux/buildall.sh diff --git a/azure-pipelines.yml b/azure-pipelines.yml index c707fee..cda834e 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -60,7 +60,7 @@ stages: ARCH: $(ARCH) VERSION: $(version) - task: EsrpCodeSigning@1 - displayName: "Sign Windows Binaries" + displayName: "Sign Binary (Windows Only)" condition: eq(variables.OS, 'windows') inputs: ConnectedServiceName: 'ESRP Signing Service' @@ -108,39 +108,75 @@ stages: - job: build_linux_packages displayName: "Build Linux RPM/Debian Packages" dependsOn: build + strategy: + matrix: + linux-386: + OS: linux + ARCH: 386 + linux-amd64: + OS: linux + ARCH: amd64 + linux-arm: + OS: linux + ARCH: arm + linux-arm64: + OS: linux + ARCH: arm64 steps: - task: DownloadPipelineArtifact@2 inputs: - artifact: linux-386 - path: $(system.defaultWorkingDirectory)/dist - - task: DownloadPipelineArtifact@2 - inputs: - artifact: linux-amd64 - path: $(system.defaultWorkingDirectory)/dist - - task: DownloadPipelineArtifact@2 - inputs: - artifact: linux-arm - path: $(system.defaultWorkingDirectory)/dist - - task: DownloadPipelineArtifact@2 - inputs: - artifact: linux-arm64 - path: $(system.defaultWorkingDirectory)/dist + artifact: $(OS)-$(ARCH) + path: $(system.defaultWorkingDirectory)/dist/source - script: | - mv $workdir/dist/linux-386 $workdir/dist/386 - mv $workdir/dist/linux-amd64 $workdir/dist/amd64 - mv $workdir/dist/linux-arm $workdir/dist/arm - mv $workdir/dist/linux-arm64 $workdir/dist/arm64 - mkdir $workdir/output - displayName: "Prepare the source folder layout" + mkdir $workdir/dist/output + displayName: "Prepare the output directory" env: workdir: $(system.defaultWorkingDirectory) - script: | + set -e cd scripts/package/linux docker build -t aztfybuild . + + declare -A deb_arch_map=( [386]=i386 [amd64]=amd64 [arm]=armhf [arm64]=arm64 ) + declare -A rpm_arch_map=( [386]=i686 [amd64]=x86_64 [arm]=armv7hl [arm64]=aarch64 ) + + version=${version:1} + + # Build deb package + docker run -t --rm \ + -v $workdir/dist/source:/build/source \ + -v $workdir/dst/output:/build/output \ + aztfybuild \ + fpm \ + --name aztfy \ + --license MPL-2.0 \ + --version $version \ + --description "A tool to bring existing Azure resources under Terraform's management" \ + --url "https://github.com/Azure/aztfy" \ + --maintainer "magodo " \ + --input-type dir \ + --output-type deb \ + --architecture $(deb_arch_map[$ARCH]) \ + --package /build/output/aztfy-$version-$(deb_arch_map[$ARCH]).deb \ + /build/source/aztfy=/usr/bin/aztfy + + # Build rpm package docker run -t --rm \ - -v $workdir/dist:/build/sources \ - -v $workdir/output:/build/output \ - aztfybuild ./buildall.sh $version /build/sources /build/output + -v $workdir/dist/source:/build/source \ + -v $workdir/dst/output:/build/output \ + aztfybuild \ + fpm \ + --name aztfy \ + --license MPL-2.0 \ + --version $version \ + --description "A tool to bring existing Azure resources under Terraform's management" \ + --url "https://github.com/Azure/aztfy" \ + --maintainer "magodo " \ + --input-type dir \ + --output-type rpm \ + --architecture $(rpm_arch_map[$ARCH]) \ + --package /build/output/aztfy-$version-$(rpm_arch_map[$ARCH]).rpm \ + /build/source/aztfy=/usr/bin/aztfy displayName: "Build Packages" env: workdir: $(system.defaultWorkingDirectory) @@ -151,8 +187,8 @@ stages: - task: PublishPipelineArtifact@1 displayName: "Publish Packages" inputs: - targetPath: '$(system.defaultWorkingDirectory)/output' - artifactName: 'linux-pkg' + targetPath: '$(system.defaultWorkingDirectory)/dist/output' + artifactName: $(OS)-$(ARCH)-pkg # - stage: release_linux_packages # displayName: "Release Linux Packages" # - stage: release_windows_setup diff --git a/scripts/package/linux/Dockerfile b/scripts/package/linux/Dockerfile index 9cba135..c736f8e 100644 --- a/scripts/package/linux/Dockerfile +++ b/scripts/package/linux/Dockerfile @@ -3,6 +3,4 @@ ARG version RUN apt update && apt install -y ruby-dev build-essential squashfs-tools RUN apt install -y rpm RUN gem i fpm -WORKDIR /build -COPY buildall.sh /build -CMD ["./buildall.sh", "--help"] +CMD ["fpm", "--help"] diff --git a/scripts/package/linux/buildall.sh b/scripts/package/linux/buildall.sh deleted file mode 100755 index f8111ad..0000000 --- a/scripts/package/linux/buildall.sh +++ /dev/null @@ -1,87 +0,0 @@ -#!/bin/bash - -set -e - -usage() { - cat << EOF -Usage: ./${MYNAME} [options] version sourcedir outdir - -Options: - -h|--help show this message - -Arguments: - version Version of aztfy, e.g. v0.1.0. - sourcedir The directory contains arch named subfolders, which in turn include the "aztfy" binary for that arch - (Sub-folder includes: 386, amd64, arm, arm64) - outdir The output directory, that contains the packages. -EOF -} - -die() { - echo "$@" >&2 - exit 1 -} - -main() { - while :; do - case $1 in - -h|--help) - usage - exit 1 - ;; - --) - shift - break - ;; - *) - break - ;; - esac - shift - done - - local expect_n_arg - expect_n_arg=3 - [[ $# = "$expect_n_arg" ]] || die "wrong arguments (expected: $expect_n_arg, got: $#)" - - version=$1 - [[ "$version" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]] || die 'version should be of form "vx.y.z"' - version=${version:1} - sourcedir=$2 - outdir=$3 - - cat << EOF > .fpm ---name aztfy ---license MPL-2.0 ---version $version ---description "A tool to bring existing Azure resources under Terraform's management" ---url "https://github.com/Azure/aztfy" ---maintainer "magodo " -EOF - pkg_debian $version $sourcedir $outdir - pkg_rpm $version $sourcedir $outdir -} - -pkg_debian() { - version=$1 - sourcedir=$2 - outdir=$3 - mkdir -p $outdir/debian - declare -A arch_map=( [386]=i386 [amd64]=amd64 [arm]=armhf [arm64]=arm64 ) - for arch in 386 amd64 arm arm64; do - fpm -a ${arch_map[$arch]} -s dir -t deb -p $outdir/debian/aztfy-$version-1-${arch_map[$arch]}.deb $sourcedir/$arch/aztfy=/usr/bin/aztfy - done -} - -pkg_rpm() { - version=$1 - sourcedir=$2 - outdir=$3 - mkdir -p $outdir/rpm - declare -A arch_map=( [386]=i686 [amd64]=x86_64 [arm]=armv7hl [arm64]=aarch64 ) - for arch in 386 amd64 arm arm64; do - fpm -a ${arch_map[$arch]} -s dir -t rpm -p $outdir/rpm/aztfy-$version-1-${arch_map[$arch]}.rpm $sourcedir/$arch/aztfy=/usr/bin/aztfy - done -} - -main "$@" From ebb1a9f575bb6b3bf39d62b3ce49357b8a60caca Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 15:17:27 +0800 Subject: [PATCH 24/94] fix --- azure-pipelines.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index cda834e..fe53187 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -156,8 +156,8 @@ stages: --maintainer "magodo " \ --input-type dir \ --output-type deb \ - --architecture $(deb_arch_map[$ARCH]) \ - --package /build/output/aztfy-$version-$(deb_arch_map[$ARCH]).deb \ + --architecture ${deb_arch_map[$ARCH]} \ + --package /build/output/aztfy-$version-${deb_arch_map[$ARCH]}.deb \ /build/source/aztfy=/usr/bin/aztfy # Build rpm package @@ -174,8 +174,8 @@ stages: --maintainer "magodo " \ --input-type dir \ --output-type rpm \ - --architecture $(rpm_arch_map[$ARCH]) \ - --package /build/output/aztfy-$version-$(rpm_arch_map[$ARCH]).rpm \ + --architecture ${rpm_arch_map[$ARCH]} \ + --package /build/output/aztfy-$version-${rpm_arch_map[$ARCH]}.rpm \ /build/source/aztfy=/usr/bin/aztfy displayName: "Build Packages" env: From 281e1f198c810328fe0d4ab6ba499ed1b088b607 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 15:28:09 +0800 Subject: [PATCH 25/94] debug --- azure-pipelines.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index fe53187..0b780ad 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -143,7 +143,7 @@ stages: version=${version:1} # Build deb package - docker run -t --rm \ + docker run -it --rm \ -v $workdir/dist/source:/build/source \ -v $workdir/dst/output:/build/output \ aztfybuild \ @@ -161,7 +161,8 @@ stages: /build/source/aztfy=/usr/bin/aztfy # Build rpm package - docker run -t --rm \ + set -x + docker run -it --rm \ -v $workdir/dist/source:/build/source \ -v $workdir/dst/output:/build/output \ aztfybuild \ From f1c68d352d852281933bdb55faf435cbc8445823 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 15:33:39 +0800 Subject: [PATCH 26/94] debug --- azure-pipelines.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 0b780ad..4b94997 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -143,7 +143,7 @@ stages: version=${version:1} # Build deb package - docker run -it --rm \ + docker run -t --rm \ -v $workdir/dist/source:/build/source \ -v $workdir/dst/output:/build/output \ aztfybuild \ @@ -157,12 +157,12 @@ stages: --input-type dir \ --output-type deb \ --architecture ${deb_arch_map[$ARCH]} \ - --package /build/output/aztfy-$version-${deb_arch_map[$ARCH]}.deb \ + --package /build/output/aztfy-$version-1-${deb_arch_map[$ARCH]}.deb \ /build/source/aztfy=/usr/bin/aztfy # Build rpm package set -x - docker run -it --rm \ + docker run -t --rm \ -v $workdir/dist/source:/build/source \ -v $workdir/dst/output:/build/output \ aztfybuild \ @@ -176,7 +176,7 @@ stages: --input-type dir \ --output-type rpm \ --architecture ${rpm_arch_map[$ARCH]} \ - --package /build/output/aztfy-$version-${rpm_arch_map[$ARCH]}.rpm \ + --package /build/output/aztfy-$version-1-${rpm_arch_map[$ARCH]}.rpm \ /build/source/aztfy=/usr/bin/aztfy displayName: "Build Packages" env: From 0c2b10da65f46acd1d95091d34b5fd50c2a5a9ff Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 16:13:07 +0800 Subject: [PATCH 27/94] Use ACR to host the docker image --- azure-pipelines.yml | 11 ++++++----- scripts/package/infra/.gitignore | 1 + scripts/package/infra/main.tf | 14 ++++++++++++++ 3 files changed, 21 insertions(+), 5 deletions(-) create mode 100644 scripts/package/infra/.gitignore create mode 100644 scripts/package/infra/main.tf diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 4b94997..4ba1947 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -134,8 +134,10 @@ stages: workdir: $(system.defaultWorkingDirectory) - script: | set -e - cd scripts/package/linux - docker build -t aztfybuild . + + # Retrieve the image from ACR + az login aztfy.azurecr.io -u $(ACR_USERNAME) -p $(ACR_PASSWORD) + docker pull aztfy.azurecr.io/aztfybuild declare -A deb_arch_map=( [386]=i386 [amd64]=amd64 [arm]=armhf [arm64]=arm64 ) declare -A rpm_arch_map=( [386]=i686 [amd64]=x86_64 [arm]=armv7hl [arm64]=aarch64 ) @@ -146,7 +148,7 @@ stages: docker run -t --rm \ -v $workdir/dist/source:/build/source \ -v $workdir/dst/output:/build/output \ - aztfybuild \ + aztfy.azureacr.io/aztfybuild \ fpm \ --name aztfy \ --license MPL-2.0 \ @@ -161,11 +163,10 @@ stages: /build/source/aztfy=/usr/bin/aztfy # Build rpm package - set -x docker run -t --rm \ -v $workdir/dist/source:/build/source \ -v $workdir/dst/output:/build/output \ - aztfybuild \ + aztfy.azureacr.io/aztfybuild \ fpm \ --name aztfy \ --license MPL-2.0 \ diff --git a/scripts/package/infra/.gitignore b/scripts/package/infra/.gitignore new file mode 100644 index 0000000..49d1ef2 --- /dev/null +++ b/scripts/package/infra/.gitignore @@ -0,0 +1 @@ +terraform.tfstate* diff --git a/scripts/package/infra/main.tf b/scripts/package/infra/main.tf new file mode 100644 index 0000000..33e62d4 --- /dev/null +++ b/scripts/package/infra/main.tf @@ -0,0 +1,14 @@ +provider "azurerm" { + features {} +} +resource "azurerm_resource_group" "rg" { + name = "aztfy" + location = "WestEurope" +} +resource "azurerm_container_registry" "acr" { + name = "aztfy" + resource_group_name = azurerm_resource_group.rg.name + location = azurerm_resource_group.rg.location + sku = "Standard" + admin_enabled = true +} From 9f3088aa6b3ad50c00531909df5fdaa1aad92773 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 16:18:29 +0800 Subject: [PATCH 28/94] debug --- azure-pipelines.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 4ba1947..8673f05 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -133,10 +133,10 @@ stages: env: workdir: $(system.defaultWorkingDirectory) - script: | - set -e + set -xe # Retrieve the image from ACR - az login aztfy.azurecr.io -u $(ACR_USERNAME) -p $(ACR_PASSWORD) + az login aztfy.azurecr.io -u aztfy -p $(ACR_PASSWORD) docker pull aztfy.azurecr.io/aztfybuild declare -A deb_arch_map=( [386]=i386 [amd64]=amd64 [arm]=armhf [arm64]=arm64 ) From 3d2b86f3974c1fd0f130be6e674ca87bd151ef2b Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 16:26:08 +0800 Subject: [PATCH 29/94] fix --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 8673f05..7419a55 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -136,7 +136,7 @@ stages: set -xe # Retrieve the image from ACR - az login aztfy.azurecr.io -u aztfy -p $(ACR_PASSWORD) + docker login aztfy.azurecr.io -u aztfy -p $(ACR_PASSWORD) docker pull aztfy.azurecr.io/aztfybuild declare -A deb_arch_map=( [386]=i386 [amd64]=amd64 [arm]=armhf [arm64]=arm64 ) From dfb92bf576a784eb6b101e62c0f12b46c47b6234 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 16:33:34 +0800 Subject: [PATCH 30/94] fix --- azure-pipelines.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 7419a55..9f849c7 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -148,7 +148,7 @@ stages: docker run -t --rm \ -v $workdir/dist/source:/build/source \ -v $workdir/dst/output:/build/output \ - aztfy.azureacr.io/aztfybuild \ + aztfy.azurecr.io/aztfybuild \ fpm \ --name aztfy \ --license MPL-2.0 \ @@ -166,7 +166,7 @@ stages: docker run -t --rm \ -v $workdir/dist/source:/build/source \ -v $workdir/dst/output:/build/output \ - aztfy.azureacr.io/aztfybuild \ + aztfy.azurecr.io/aztfybuild \ fpm \ --name aztfy \ --license MPL-2.0 \ From 455ea1cdfe2061f45ac0a37dcd835eca45d01aca Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 16:46:10 +0800 Subject: [PATCH 31/94] debug --- azure-pipelines.yml | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 9f849c7..93e37ad 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -163,6 +163,7 @@ stages: /build/source/aztfy=/usr/bin/aztfy # Build rpm package + cat << EOF docker run -t --rm \ -v $workdir/dist/source:/build/source \ -v $workdir/dst/output:/build/output \ @@ -170,7 +171,24 @@ stages: fpm \ --name aztfy \ --license MPL-2.0 \ - --version $version \ + --version ${version} \ + --description "A tool to bring existing Azure resources under Terraform's management" \ + --url "https://github.com/Azure/aztfy" \ + --maintainer "magodo " \ + --input-type dir \ + --output-type rpm \ + --architecture ${rpm_arch_map[$ARCH]} \ + --package /build/output/aztfy-$version-1-${rpm_arch_map[$ARCH]}.rpm \ + /build/source/aztfy=/usr/bin/aztfy + EOF + docker run -t --rm \ + -v $workdir/dist/source:/build/source \ + -v $workdir/dst/output:/build/output \ + aztfy.azurecr.io/aztfybuild \ + fpm \ + --name aztfy \ + --license MPL-2.0 \ + --version ${version} \ --description "A tool to bring existing Azure resources under Terraform's management" \ --url "https://github.com/Azure/aztfy" \ --maintainer "magodo " \ From d2a5c0a63304fbb235cfc6ce0cce07670a7ce1dd Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 16:52:06 +0800 Subject: [PATCH 32/94] debug --- azure-pipelines.yml | 19 +------------------ 1 file changed, 1 insertion(+), 18 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 93e37ad..848be51 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -163,24 +163,7 @@ stages: /build/source/aztfy=/usr/bin/aztfy # Build rpm package - cat << EOF - docker run -t --rm \ - -v $workdir/dist/source:/build/source \ - -v $workdir/dst/output:/build/output \ - aztfy.azurecr.io/aztfybuild \ - fpm \ - --name aztfy \ - --license MPL-2.0 \ - --version ${version} \ - --description "A tool to bring existing Azure resources under Terraform's management" \ - --url "https://github.com/Azure/aztfy" \ - --maintainer "magodo " \ - --input-type dir \ - --output-type rpm \ - --architecture ${rpm_arch_map[$ARCH]} \ - --package /build/output/aztfy-$version-1-${rpm_arch_map[$ARCH]}.rpm \ - /build/source/aztfy=/usr/bin/aztfy - EOF + echo $version docker run -t --rm \ -v $workdir/dist/source:/build/source \ -v $workdir/dst/output:/build/output \ From f97d7db8257115afb27c2fe1a092424825f01333 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 17:05:57 +0800 Subject: [PATCH 33/94] fix --- azure-pipelines.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 848be51..5d9f9e6 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -58,7 +58,7 @@ stages: env: OS: $(OS) ARCH: $(ARCH) - VERSION: $(version) + VERSION: ${{ parameters.version }} - task: EsrpCodeSigning@1 displayName: "Sign Binary (Windows Only)" condition: eq(variables.OS, 'windows') @@ -133,7 +133,7 @@ stages: env: workdir: $(system.defaultWorkingDirectory) - script: | - set -xe + set -e # Retrieve the image from ACR docker login aztfy.azurecr.io -u aztfy -p $(ACR_PASSWORD) @@ -142,12 +142,12 @@ stages: declare -A deb_arch_map=( [386]=i386 [amd64]=amd64 [arm]=armhf [arm64]=arm64 ) declare -A rpm_arch_map=( [386]=i686 [amd64]=x86_64 [arm]=armv7hl [arm64]=aarch64 ) - version=${version:1} + version=${VERSION:1} # Build deb package docker run -t --rm \ - -v $workdir/dist/source:/build/source \ - -v $workdir/dst/output:/build/output \ + -v $WORKDIR/dist/source:/build/source \ + -v $WORKDIR/dst/output:/build/output \ aztfy.azurecr.io/aztfybuild \ fpm \ --name aztfy \ @@ -165,8 +165,8 @@ stages: # Build rpm package echo $version docker run -t --rm \ - -v $workdir/dist/source:/build/source \ - -v $workdir/dst/output:/build/output \ + -v $WORKDIR/dist/source:/build/source \ + -v $WORKDIR/dst/output:/build/output \ aztfy.azurecr.io/aztfybuild \ fpm \ --name aztfy \ @@ -182,8 +182,8 @@ stages: /build/source/aztfy=/usr/bin/aztfy displayName: "Build Packages" env: - workdir: $(system.defaultWorkingDirectory) - version: $(version) + VERSION: ${{ parameters.version }} + WORKDIR: $(system.defaultWorkingDirectory) - script: | echo TODO displayName: "Sign Packages" @@ -233,7 +233,7 @@ stages: cp ${NAME}_SHA256SUMS ${NAME}_SHA256SUMS.sig displayName: "Prepare Binary Archives & Digests" env: - VERSION: $(version) + VERSION: ${{ parameters.version }} - task: EsrpCodeSigning@1 displayName: "Sign Binary Archive Digests" inputs: From bdfccceb80b6b8eceeb6bfe3b4486a827503437f Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 17:15:51 +0800 Subject: [PATCH 34/94] debug --- azure-pipelines.yml | 42 ++++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 5d9f9e6..5450101 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -16,12 +16,12 @@ stages: displayName: "Build Binaries" strategy: matrix: - # windows-386: - # OS: windows - # ARCH: 386 - # windows-amd64: - # OS: windows - # ARCH: amd64 + windows-386: + OS: windows + ARCH: 386 + windows-amd64: + OS: windows + ARCH: amd64 linux-386: OS: linux ARCH: 386 @@ -34,12 +34,12 @@ stages: linux-arm64: OS: linux ARCH: arm64 - # darwin-amd64: - # OS: darwin - # ARCH: amd64 - # darwin-arm64: - # OS: darwin - # ARCH: arm64 + darwin-amd64: + OS: darwin + ARCH: amd64 + darwin-arm64: + OS: darwin + ARCH: arm64 steps: - task: GoTool@0 displayName: 'Install Go' @@ -135,6 +135,8 @@ stages: - script: | set -e + ls -l $WORKDIR/dist/source/* + # Retrieve the image from ACR docker login aztfy.azurecr.io -u aztfy -p $(ACR_PASSWORD) docker pull aztfy.azurecr.io/aztfybuild @@ -147,7 +149,7 @@ stages: # Build deb package docker run -t --rm \ -v $WORKDIR/dist/source:/build/source \ - -v $WORKDIR/dst/output:/build/output \ + -v $WORKDIR/dist/output:/build/output \ aztfy.azurecr.io/aztfybuild \ fpm \ --name aztfy \ @@ -166,7 +168,7 @@ stages: echo $version docker run -t --rm \ -v $WORKDIR/dist/source:/build/source \ - -v $WORKDIR/dst/output:/build/output \ + -v $WORKDIR/dist/output:/build/output \ aztfy.azurecr.io/aztfybuild \ fpm \ --name aztfy \ @@ -211,12 +213,12 @@ stages: OS_ARCH=( "windows:amd64" "windows:386" - #"linux:amd64" - #"linux:386" - #"linux:arm" - #"linux:arm64" - #"darwin:amd64" - #"darwin:arm64" + "linux:amd64" + "linux:386" + "linux:arm" + "linux:arm64" + "darwin:amd64" + "darwin:arm64" ) mkdir release for os_arch in "${OS_ARCH[@]}" ; do From 98b92073e091f8969e15413c16e1529a14d542a4 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 17:38:50 +0800 Subject: [PATCH 35/94] update --- azure-pipelines.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 5450101..9ee3ad8 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -135,7 +135,7 @@ stages: - script: | set -e - ls -l $WORKDIR/dist/source/* + chmod +x $WORKDIR/dist/source/aztfy # Retrieve the image from ACR docker login aztfy.azurecr.io -u aztfy -p $(ACR_PASSWORD) @@ -228,6 +228,7 @@ stages: if [[ $OS = windows ]]; then name=aztfy.exe fi + chmod +x dist/${OS}-${ARCH}/${name} zip -j release/${NAME}_${VERSION}_${OS}_${ARCH}.zip dist/${OS}-${ARCH}/${name} done cd release From d84b6ad419bb13f9cf0c811a17690c2fe60d9abd Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 18:10:27 +0800 Subject: [PATCH 36/94] build image rather than retrieve from acr --- azure-pipelines.yml | 12 ++++++------ scripts/package/infra/.gitignore | 1 - scripts/package/infra/main.tf | 14 -------------- 3 files changed, 6 insertions(+), 21 deletions(-) delete mode 100644 scripts/package/infra/.gitignore delete mode 100644 scripts/package/infra/main.tf diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 9ee3ad8..5f0efeb 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -137,20 +137,20 @@ stages: chmod +x $WORKDIR/dist/source/aztfy - # Retrieve the image from ACR - docker login aztfy.azurecr.io -u aztfy -p $(ACR_PASSWORD) - docker pull aztfy.azurecr.io/aztfybuild declare -A deb_arch_map=( [386]=i386 [amd64]=amd64 [arm]=armhf [arm64]=arm64 ) declare -A rpm_arch_map=( [386]=i686 [amd64]=x86_64 [arm]=armv7hl [arm64]=aarch64 ) - version=${VERSION:1} + # Build the image + cd $WORKDIR/scripts/linux + docker build -t aztfybuild . + # Build deb package docker run -t --rm \ -v $WORKDIR/dist/source:/build/source \ -v $WORKDIR/dist/output:/build/output \ - aztfy.azurecr.io/aztfybuild \ + aztfybuild \ fpm \ --name aztfy \ --license MPL-2.0 \ @@ -169,7 +169,7 @@ stages: docker run -t --rm \ -v $WORKDIR/dist/source:/build/source \ -v $WORKDIR/dist/output:/build/output \ - aztfy.azurecr.io/aztfybuild \ + aztfybuild \ fpm \ --name aztfy \ --license MPL-2.0 \ diff --git a/scripts/package/infra/.gitignore b/scripts/package/infra/.gitignore deleted file mode 100644 index 49d1ef2..0000000 --- a/scripts/package/infra/.gitignore +++ /dev/null @@ -1 +0,0 @@ -terraform.tfstate* diff --git a/scripts/package/infra/main.tf b/scripts/package/infra/main.tf deleted file mode 100644 index 33e62d4..0000000 --- a/scripts/package/infra/main.tf +++ /dev/null @@ -1,14 +0,0 @@ -provider "azurerm" { - features {} -} -resource "azurerm_resource_group" "rg" { - name = "aztfy" - location = "WestEurope" -} -resource "azurerm_container_registry" "acr" { - name = "aztfy" - resource_group_name = azurerm_resource_group.rg.name - location = azurerm_resource_group.rg.location - sku = "Standard" - admin_enabled = true -} From 0cfa7a3dc1bfb1324bb0b4a945a3dc88e1cf6bb4 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 18:18:47 +0800 Subject: [PATCH 37/94] fix --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 5f0efeb..5b13104 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -143,7 +143,7 @@ stages: version=${VERSION:1} # Build the image - cd $WORKDIR/scripts/linux + cd $WORKDIR/scripts/package/linux docker build -t aztfybuild . # Build deb package From 60c13ed2eb46f77d191aa0e3319aa661ce70a9cb Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 11 Aug 2022 18:34:58 +0800 Subject: [PATCH 38/94] sign linux packages --- azure-pipelines.yml | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 5b13104..a2c6b96 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -137,7 +137,6 @@ stages: chmod +x $WORKDIR/dist/source/aztfy - declare -A deb_arch_map=( [386]=i386 [amd64]=amd64 [arm]=armhf [arm64]=arm64 ) declare -A rpm_arch_map=( [386]=i686 [amd64]=x86_64 [arm]=armv7hl [arm64]=aarch64 ) version=${VERSION:1} @@ -186,9 +185,26 @@ stages: env: VERSION: ${{ parameters.version }} WORKDIR: $(system.defaultWorkingDirectory) - - script: | - echo TODO - displayName: "Sign Packages" + - task: EsrpCodeSigning@1 + displayName: "Sign Package" + inputs: + ConnectedServiceName: 'ESRP Signing Service' + FolderPath: '$(system.defaultWorkingDirectory)/dist/output' + Pattern: '*.rpm,*.deb' + signConfigType: 'inlineSignParams' + inlineOperation: | + [ + { + "KeyCode": "CP-450779-Pgp", + "OperationCode": "LinuxSign", + "Parameters": {}, + "ToolName": "sign", + "ToolVersion": "1.0" + } + ] + SessionTimeout: '60' + MaxConcurrency: '50' + MaxRetryAttempts: '5' - task: PublishPipelineArtifact@1 displayName: "Publish Packages" inputs: From 3d0cdd040330bc46ce1886f7d59ce1f3cee9a491 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 17 Aug 2022 14:44:58 +0800 Subject: [PATCH 39/94] Update azure-pipelines.yml for Azure Pipelines --- azure-pipelines.yml | 94 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 92 insertions(+), 2 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index a2c6b96..a1e8dad 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -210,8 +210,98 @@ stages: inputs: targetPath: '$(system.defaultWorkingDirectory)/dist/output' artifactName: $(OS)-$(ARCH)-pkg - # - stage: release_linux_packages - # displayName: "Release Linux Packages" + - stage: publish_linux_packages + displayName: "Publish Linux Packages" + jobs: + - job: publish + displayName: "Publish Packages" + strategy: + matrix: + ubuntu-bionic-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 5a9dc3f2424a5c053cc3ff2e + ubuntu-focal-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 5e852952e45fffa1beda61fe + ubuntu-jammy-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 61faea6cea3a770ab120ac8a + debian-buster-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 5d23b16c9a6e3b375bbba42e + debian-bullseye-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 611ab3a32acdcd0744c8c841 + centos-8-x86_64: + TYPE: rpm + ARCH: amd64 + REPO_ID: 5e5ed94a523a8019fe47607e + rhel-8-x86_64: + TYPE: rpm + ARCH: amd64 + REPO_ID: 5d4470e1eebce7156eee5407 + rhel-9-x86_64: + TYPE: rpm + ARCH: amd64 + REPO_ID: 627067cc3ac6d7548f4d66cd + fedora-34-x86_64: + TYPE: rpm + ARCH: amd64 + REPO_ID: 606e1da573e50659b0803a7b + fedora-35-x86_64: + TYPE: rpm + ARCH: amd64 + REPO_ID: 6196d483ea3a770f011f63fb + fedora-36-x86_64: + TYPE: rpm + ARCH: amd64 + REPO_ID: 6271bc683ac6d73aa84d6737 + steps: + - task: DownloadPipelineArtifact@2 + inputs: + artifact: linux-$(ARCH)-pkg + path: $(system.defaultWorkingDirectory)/dist/pkg + - task: UniversalPackages@0 + displayName: 'Download repoclient' + inputs: + command: download + vstsFeed: 'release/aztfy' + vstsFeedPackage: 'azure-repoapi-client' + vstsPackageVersion: '2.2.1' + downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool + - script: | + set -e + cd dist/tool + dpkg -i azure-repoapi-client_2.2.1_amd64.deb + mkdir ~/.repoclient + cat << EOF > ~/.repoclient + { + "server": "azure-apt-cat.cloudapp.net", + "port": "443", + "AADClientId": "$(LINUX_REPO_SP_CLIENT_ID)", + "AADClientSecret": "$(LINUX_REPO_SP_CLIENT_SECRET)", + "AADResource": "https://microsoft.onmicrosoft.com/945999e9-da09-4b5b-878f-b66c414602c0", + "AADTenant": "72f988bf-86f1-41af-91ab-2d7cd011db47", + "AADAuthorityUrl": "https://login.microsoftonline.com", + "repositoryId": "IGNORE" + } + EOF + ls ./dist/pkg/*.${TYPE} + pkg=(./dist/pkg/*.${TYPE}) + [[ ${#pkg[@]} == 1 ]] || { echo "not exactly one target packages found: $(declare -p pkg)" > 2; exit 1; } + pkg=${pkg[0]} + cat << EOF + repoclient package add -r $(REPO_ID) ${pkg} + EOF + echo "TODO: check result" + displayName: "Publish via repoclient" + env: + TYPE: $(TYPE) # - stage: release_windows_setup # displayName: "Release Windows Setup" - stage: release From fed68eb511d152251691fb4f9377d01086b84f0f Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 17 Aug 2022 14:48:58 +0800 Subject: [PATCH 40/94] debug --- azure-pipelines.yml | 635 ++++++++++++++++++++++---------------------- 1 file changed, 321 insertions(+), 314 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index a1e8dad..4a2a5aa 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -9,270 +9,276 @@ parameters: type: string stages: - - stage: build - displayName: "Build aztfy" - jobs: - - job: build - displayName: "Build Binaries" - strategy: - matrix: - windows-386: - OS: windows - ARCH: 386 - windows-amd64: - OS: windows - ARCH: amd64 - linux-386: - OS: linux - ARCH: 386 - linux-amd64: - OS: linux - ARCH: amd64 - linux-arm: - OS: linux - ARCH: arm - linux-arm64: - OS: linux - ARCH: arm64 - darwin-amd64: - OS: darwin - ARCH: amd64 - darwin-arm64: - OS: darwin - ARCH: arm64 - steps: - - task: GoTool@0 - displayName: 'Install Go' - inputs: - version: 1.19 - - script: | - set -e - REVISION=`git rev-parse --short HEAD` - mkdir build - name=aztfy - if [[ $OS = windows ]]; then - name=aztfy.exe - fi - GOOS="${OS}" GOARCH="${ARCH}" CGO_ENABLED=0 go build -trimpath -ldflags="-s -w -X 'main.version=${VERSION}' -X 'main.revision=${REVISION}'" -o build/$name - displayName: "Go Build" - env: - OS: $(OS) - ARCH: $(ARCH) - VERSION: ${{ parameters.version }} - - task: EsrpCodeSigning@1 - displayName: "Sign Binary (Windows Only)" - condition: eq(variables.OS, 'windows') - inputs: - ConnectedServiceName: 'ESRP Signing Service' - FolderPath: '$(system.defaultWorkingDirectory)/build' - Pattern: '*.exe' - signConfigType: 'inlineSignParams' - inlineOperation: | - [ - { - "KeyCode" : "CP-230012", - "OperationCode" : "SigntoolSign", - "Parameters" : { - "OpusName" : "Microsoft", - "OpusInfo" : "http://www.microsoft.com", - "PageHash" : "/NPH", - "TimeStamp" : "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256", - "FileDigest": "/fd \"SHA256\"" - }, - "ToolName" : "sign", - "ToolVersion" : "1.0" - }, - { - "KeyCode" : "CP-230012", - "OperationCode" : "SigntoolVerify", - "Parameters" : {}, - "ToolName" : "sign", - "ToolVersion" : "1.0" - } - ] - SessionTimeout: '60' - MaxConcurrency: '50' - MaxRetryAttempts: '5' - - task: PublishPipelineArtifact@1 - displayName: "Publish Binary" - inputs: - targetPath: '$(system.defaultWorkingDirectory)/build' - artifactName: '$(OS)-$(ARCH)' + # - stage: build + # displayName: "Build aztfy" + # jobs: + # - job: build + # displayName: "Build Binaries" + # strategy: + # matrix: + # windows-386: + # OS: windows + # ARCH: 386 + # windows-amd64: + # OS: windows + # ARCH: amd64 + # linux-386: + # OS: linux + # ARCH: 386 + # linux-amd64: + # OS: linux + # ARCH: amd64 + # linux-arm: + # OS: linux + # ARCH: arm + # linux-arm64: + # OS: linux + # ARCH: arm64 + # darwin-amd64: + # OS: darwin + # ARCH: amd64 + # darwin-arm64: + # OS: darwin + # ARCH: arm64 + # steps: + # - task: GoTool@0 + # displayName: "Install Go" + # inputs: + # version: 1.19 + # - script: | + # set -e + # REVISION=`git rev-parse --short HEAD` + # mkdir build + # name=aztfy + # if [[ $OS = windows ]]; then + # name=aztfy.exe + # fi + # GOOS="${OS}" GOARCH="${ARCH}" CGO_ENABLED=0 go build -trimpath -ldflags="-s -w -X 'main.version=${VERSION}' -X 'main.revision=${REVISION}'" -o build/$name + # displayName: "Go Build" + # env: + # OS: $(OS) + # ARCH: $(ARCH) + # VERSION: ${{ parameters.version }} + # - task: EsrpCodeSigning@1 + # displayName: "Sign Binary (Windows Only)" + # condition: eq(variables.OS, 'windows') + # inputs: + # ConnectedServiceName: "ESRP Signing Service" + # FolderPath: "$(system.defaultWorkingDirectory)/build" + # Pattern: "*.exe" + # signConfigType: "inlineSignParams" + # inlineOperation: | + # [ + # { + # "KeyCode" : "CP-230012", + # "OperationCode" : "SigntoolSign", + # "Parameters" : { + # "OpusName" : "Microsoft", + # "OpusInfo" : "http://www.microsoft.com", + # "PageHash" : "/NPH", + # "TimeStamp" : "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256", + # "FileDigest": "/fd \"SHA256\"" + # }, + # "ToolName" : "sign", + # "ToolVersion" : "1.0" + # }, + # { + # "KeyCode" : "CP-230012", + # "OperationCode" : "SigntoolVerify", + # "Parameters" : {}, + # "ToolName" : "sign", + # "ToolVersion" : "1.0" + # } + # ] + # SessionTimeout: "60" + # MaxConcurrency: "50" + # MaxRetryAttempts: "5" + # - task: PublishPipelineArtifact@1 + # displayName: "Publish Binary" + # inputs: + # targetPath: "$(system.defaultWorkingDirectory)/build" + # artifactName: "$(OS)-$(ARCH)" - - job: build_windows_setup - displayName: "Build Windows Setup" - dependsOn: build - steps: - - script: echo TODO + # - job: build_windows_setup + # displayName: "Build Windows Setup" + # dependsOn: build + # steps: + # - script: echo TODO - - job: build_linux_packages - displayName: "Build Linux RPM/Debian Packages" - dependsOn: build - strategy: - matrix: - linux-386: - OS: linux - ARCH: 386 - linux-amd64: - OS: linux - ARCH: amd64 - linux-arm: - OS: linux - ARCH: arm - linux-arm64: - OS: linux - ARCH: arm64 - steps: - - task: DownloadPipelineArtifact@2 - inputs: - artifact: $(OS)-$(ARCH) - path: $(system.defaultWorkingDirectory)/dist/source - - script: | - mkdir $workdir/dist/output - displayName: "Prepare the output directory" - env: - workdir: $(system.defaultWorkingDirectory) - - script: | - set -e + # - job: build_linux_packages + # displayName: "Build Linux RPM/Debian Packages" + # dependsOn: build + # strategy: + # matrix: + # linux-386: + # OS: linux + # ARCH: 386 + # linux-amd64: + # OS: linux + # ARCH: amd64 + # linux-arm: + # OS: linux + # ARCH: arm + # linux-arm64: + # OS: linux + # ARCH: arm64 + # steps: + # - task: DownloadPipelineArtifact@2 + # inputs: + # artifact: $(OS)-$(ARCH) + # path: $(system.defaultWorkingDirectory)/dist/source + # - script: | + # mkdir $workdir/dist/output + # displayName: "Prepare the output directory" + # env: + # workdir: $(system.defaultWorkingDirectory) + # - script: | + # set -e - chmod +x $WORKDIR/dist/source/aztfy + # chmod +x $WORKDIR/dist/source/aztfy - declare -A deb_arch_map=( [386]=i386 [amd64]=amd64 [arm]=armhf [arm64]=arm64 ) - declare -A rpm_arch_map=( [386]=i686 [amd64]=x86_64 [arm]=armv7hl [arm64]=aarch64 ) - version=${VERSION:1} + # declare -A deb_arch_map=( [386]=i386 [amd64]=amd64 [arm]=armhf [arm64]=arm64 ) + # declare -A rpm_arch_map=( [386]=i686 [amd64]=x86_64 [arm]=armv7hl [arm64]=aarch64 ) + # version=${VERSION:1} - # Build the image - cd $WORKDIR/scripts/package/linux - docker build -t aztfybuild . + # # Build the image + # cd $WORKDIR/scripts/package/linux + # docker build -t aztfybuild . - # Build deb package - docker run -t --rm \ - -v $WORKDIR/dist/source:/build/source \ - -v $WORKDIR/dist/output:/build/output \ - aztfybuild \ - fpm \ - --name aztfy \ - --license MPL-2.0 \ - --version $version \ - --description "A tool to bring existing Azure resources under Terraform's management" \ - --url "https://github.com/Azure/aztfy" \ - --maintainer "magodo " \ - --input-type dir \ - --output-type deb \ - --architecture ${deb_arch_map[$ARCH]} \ - --package /build/output/aztfy-$version-1-${deb_arch_map[$ARCH]}.deb \ - /build/source/aztfy=/usr/bin/aztfy + # # Build deb package + # docker run -t --rm \ + # -v $WORKDIR/dist/source:/build/source \ + # -v $WORKDIR/dist/output:/build/output \ + # aztfybuild \ + # fpm \ + # --name aztfy \ + # --license MPL-2.0 \ + # --version $version \ + # --description "A tool to bring existing Azure resources under Terraform's management" \ + # --url "https://github.com/Azure/aztfy" \ + # --maintainer "magodo " \ + # --input-type dir \ + # --output-type deb \ + # --architecture ${deb_arch_map[$ARCH]} \ + # --package /build/output/aztfy-$version-1-${deb_arch_map[$ARCH]}.deb \ + # /build/source/aztfy=/usr/bin/aztfy - # Build rpm package - echo $version - docker run -t --rm \ - -v $WORKDIR/dist/source:/build/source \ - -v $WORKDIR/dist/output:/build/output \ - aztfybuild \ - fpm \ - --name aztfy \ - --license MPL-2.0 \ - --version ${version} \ - --description "A tool to bring existing Azure resources under Terraform's management" \ - --url "https://github.com/Azure/aztfy" \ - --maintainer "magodo " \ - --input-type dir \ - --output-type rpm \ - --architecture ${rpm_arch_map[$ARCH]} \ - --package /build/output/aztfy-$version-1-${rpm_arch_map[$ARCH]}.rpm \ - /build/source/aztfy=/usr/bin/aztfy - displayName: "Build Packages" - env: - VERSION: ${{ parameters.version }} - WORKDIR: $(system.defaultWorkingDirectory) - - task: EsrpCodeSigning@1 - displayName: "Sign Package" - inputs: - ConnectedServiceName: 'ESRP Signing Service' - FolderPath: '$(system.defaultWorkingDirectory)/dist/output' - Pattern: '*.rpm,*.deb' - signConfigType: 'inlineSignParams' - inlineOperation: | - [ - { - "KeyCode": "CP-450779-Pgp", - "OperationCode": "LinuxSign", - "Parameters": {}, - "ToolName": "sign", - "ToolVersion": "1.0" - } - ] - SessionTimeout: '60' - MaxConcurrency: '50' - MaxRetryAttempts: '5' - - task: PublishPipelineArtifact@1 - displayName: "Publish Packages" - inputs: - targetPath: '$(system.defaultWorkingDirectory)/dist/output' - artifactName: $(OS)-$(ARCH)-pkg + # # Build rpm package + # echo $version + # docker run -t --rm \ + # -v $WORKDIR/dist/source:/build/source \ + # -v $WORKDIR/dist/output:/build/output \ + # aztfybuild \ + # fpm \ + # --name aztfy \ + # --license MPL-2.0 \ + # --version ${version} \ + # --description "A tool to bring existing Azure resources under Terraform's management" \ + # --url "https://github.com/Azure/aztfy" \ + # --maintainer "magodo " \ + # --input-type dir \ + # --output-type rpm \ + # --architecture ${rpm_arch_map[$ARCH]} \ + # --package /build/output/aztfy-$version-1-${rpm_arch_map[$ARCH]}.rpm \ + # /build/source/aztfy=/usr/bin/aztfy + # displayName: "Build Packages" + # env: + # VERSION: ${{ parameters.version }} + # WORKDIR: $(system.defaultWorkingDirectory) + # - task: EsrpCodeSigning@1 + # displayName: "Sign Package" + # inputs: + # ConnectedServiceName: "ESRP Signing Service" + # FolderPath: "$(system.defaultWorkingDirectory)/dist/output" + # Pattern: "*.rpm,*.deb" + # signConfigType: "inlineSignParams" + # inlineOperation: | + # [ + # { + # "KeyCode": "CP-450779-Pgp", + # "OperationCode": "LinuxSign", + # "Parameters": {}, + # "ToolName": "sign", + # "ToolVersion": "1.0" + # } + # ] + # SessionTimeout: "60" + # MaxConcurrency: "50" + # MaxRetryAttempts: "5" + # - task: PublishPipelineArtifact@1 + # displayName: "Publish Packages" + # inputs: + # targetPath: "$(system.defaultWorkingDirectory)/dist/output" + # artifactName: $(OS)-$(ARCH)-pkg - stage: publish_linux_packages displayName: "Publish Linux Packages" jobs: - job: publish displayName: "Publish Packages" strategy: - matrix: - ubuntu-bionic-amd64: - TYPE: deb - ARCH: amd64 - REPO_ID: 5a9dc3f2424a5c053cc3ff2e - ubuntu-focal-amd64: - TYPE: deb - ARCH: amd64 - REPO_ID: 5e852952e45fffa1beda61fe - ubuntu-jammy-amd64: - TYPE: deb - ARCH: amd64 - REPO_ID: 61faea6cea3a770ab120ac8a - debian-buster-amd64: - TYPE: deb - ARCH: amd64 - REPO_ID: 5d23b16c9a6e3b375bbba42e - debian-bullseye-amd64: - TYPE: deb - ARCH: amd64 - REPO_ID: 611ab3a32acdcd0744c8c841 - centos-8-x86_64: - TYPE: rpm - ARCH: amd64 - REPO_ID: 5e5ed94a523a8019fe47607e - rhel-8-x86_64: - TYPE: rpm - ARCH: amd64 - REPO_ID: 5d4470e1eebce7156eee5407 - rhel-9-x86_64: - TYPE: rpm - ARCH: amd64 - REPO_ID: 627067cc3ac6d7548f4d66cd - fedora-34-x86_64: - TYPE: rpm - ARCH: amd64 - REPO_ID: 606e1da573e50659b0803a7b - fedora-35-x86_64: - TYPE: rpm - ARCH: amd64 - REPO_ID: 6196d483ea3a770f011f63fb - fedora-36-x86_64: - TYPE: rpm - ARCH: amd64 - REPO_ID: 6271bc683ac6d73aa84d6737 + matrix: + ubuntu-bionic-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 5a9dc3f2424a5c053cc3ff2e + # ubuntu-focal-amd64: + # TYPE: deb + # ARCH: amd64 + # REPO_ID: 5e852952e45fffa1beda61fe + # ubuntu-jammy-amd64: + # TYPE: deb + # ARCH: amd64 + # REPO_ID: 61faea6cea3a770ab120ac8a + # debian-buster-amd64: + # TYPE: deb + # ARCH: amd64 + # REPO_ID: 5d23b16c9a6e3b375bbba42e + # debian-bullseye-amd64: + # TYPE: deb + # ARCH: amd64 + # REPO_ID: 611ab3a32acdcd0744c8c841 + # centos-8-x86_64: + # TYPE: rpm + # ARCH: amd64 + # REPO_ID: 5e5ed94a523a8019fe47607e + # rhel-8-x86_64: + # TYPE: rpm + # ARCH: amd64 + # REPO_ID: 5d4470e1eebce7156eee5407 + # rhel-9-x86_64: + # TYPE: rpm + # ARCH: amd64 + # REPO_ID: 627067cc3ac6d7548f4d66cd + # fedora-34-x86_64: + # TYPE: rpm + # ARCH: amd64 + # REPO_ID: 606e1da573e50659b0803a7b + # fedora-35-x86_64: + # TYPE: rpm + # ARCH: amd64 + # REPO_ID: 6196d483ea3a770f011f63fb + # fedora-36-x86_64: + # TYPE: rpm + # ARCH: amd64 + # REPO_ID: 6271bc683ac6d73aa84d6737 steps: - task: DownloadPipelineArtifact@2 inputs: artifact: linux-$(ARCH)-pkg path: $(system.defaultWorkingDirectory)/dist/pkg + + # TODO: remove this + source: "specific" + pipeline: 22 + runId: 3448 + - task: UniversalPackages@0 - displayName: 'Download repoclient' + displayName: "Download repoclient" inputs: command: download - vstsFeed: 'release/aztfy' - vstsFeedPackage: 'azure-repoapi-client' - vstsPackageVersion: '2.2.1' + vstsFeed: "release/aztfy" + vstsFeedPackage: "azure-repoapi-client" + vstsPackageVersion: "2.2.1" downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool - script: | set -e @@ -304,74 +310,75 @@ stages: TYPE: $(TYPE) # - stage: release_windows_setup # displayName: "Release Windows Setup" - - stage: release - displayName: "Release" - jobs: - - job: release - displayName: "Release" - steps: - - task: DownloadPipelineArtifact@2 - inputs: - path: $(system.defaultWorkingDirectory)/dist - - script: | - set -e - NAME="aztfy" - OS_ARCH=( - "windows:amd64" - "windows:386" - "linux:amd64" - "linux:386" - "linux:arm" - "linux:arm64" - "darwin:amd64" - "darwin:arm64" - ) - mkdir release - for os_arch in "${OS_ARCH[@]}" ; do - OS=${os_arch%%:*} - ARCH=${os_arch#*:} - name=aztfy - if [[ $OS = windows ]]; then - name=aztfy.exe - fi - chmod +x dist/${OS}-${ARCH}/${name} - zip -j release/${NAME}_${VERSION}_${OS}_${ARCH}.zip dist/${OS}-${ARCH}/${name} - done - cd release - shasum -a 256 *.zip > ${NAME}_SHA256SUMS - cp ${NAME}_SHA256SUMS ${NAME}_SHA256SUMS.sig - displayName: "Prepare Binary Archives & Digests" - env: - VERSION: ${{ parameters.version }} - - task: EsrpCodeSigning@1 - displayName: "Sign Binary Archive Digests" - inputs: - ConnectedServiceName: 'ESRP Signing Service' - FolderPath: '$(system.defaultWorkingDirectory)/release' - Pattern: '*_SHA256SUMS.sig' - signConfigType: 'inlineSignParams' - inlineOperation: | - [ - { - "KeyCode": "CP-450779-Pgp", - "OperationCode": "LinuxSign", - "Parameters": {}, - "ToolName": "sign", - "ToolVersion": "1.0" - } - ] - SessionTimeout: '60' - MaxConcurrency: '50' - MaxRetryAttempts: '5' - - task: GitHubRelease@1 - displayName: "Draft Github Release" - inputs: - gitHubConnection: 'Github' - repositoryName: '$(Build.Repository.Name)' - action: 'create' - target: '$(Build.SourceVersion)' - tagSource: 'gitTag' - tagPattern: '^v\d+\.\d+\.\d+' - assets: '$(system.defaultWorkingDirectory)/release/*' - isDraft: true - addChangeLog: false \ No newline at end of file + + # - stage: release + # displayName: "Release" + # jobs: + # - job: release + # displayName: "Release" + # steps: + # - task: DownloadPipelineArtifact@2 + # inputs: + # path: $(system.defaultWorkingDirectory)/dist + # - script: | + # set -e + # NAME="aztfy" + # OS_ARCH=( + # "windows:amd64" + # "windows:386" + # "linux:amd64" + # "linux:386" + # "linux:arm" + # "linux:arm64" + # "darwin:amd64" + # "darwin:arm64" + # ) + # mkdir release + # for os_arch in "${OS_ARCH[@]}" ; do + # OS=${os_arch%%:*} + # ARCH=${os_arch#*:} + # name=aztfy + # if [[ $OS = windows ]]; then + # name=aztfy.exe + # fi + # chmod +x dist/${OS}-${ARCH}/${name} + # zip -j release/${NAME}_${VERSION}_${OS}_${ARCH}.zip dist/${OS}-${ARCH}/${name} + # done + # cd release + # shasum -a 256 *.zip > ${NAME}_SHA256SUMS + # cp ${NAME}_SHA256SUMS ${NAME}_SHA256SUMS.sig + # displayName: "Prepare Binary Archives & Digests" + # env: + # VERSION: ${{ parameters.version }} + # - task: EsrpCodeSigning@1 + # displayName: "Sign Binary Archive Digests" + # inputs: + # ConnectedServiceName: 'ESRP Signing Service' + # FolderPath: '$(system.defaultWorkingDirectory)/release' + # Pattern: '*_SHA256SUMS.sig' + # signConfigType: 'inlineSignParams' + # inlineOperation: | + # [ + # { + # "KeyCode": "CP-450779-Pgp", + # "OperationCode": "LinuxSign", + # "Parameters": {}, + # "ToolName": "sign", + # "ToolVersion": "1.0" + # } + # ] + # SessionTimeout: '60' + # MaxConcurrency: '50' + # MaxRetryAttempts: '5' + # - task: GitHubRelease@1 + # displayName: "Draft Github Release" + # inputs: + # gitHubConnection: 'Github' + # repositoryName: '$(Build.Repository.Name)' + # action: 'create' + # target: '$(Build.SourceVersion)' + # tagSource: 'gitTag' + # tagPattern: '^v\d+\.\d+\.\d+' + # assets: '$(system.defaultWorkingDirectory)/release/*' + # isDraft: true + # addChangeLog: false From befb286734758cb599470a4881decae2f18a3d5d Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 17 Aug 2022 15:02:13 +0800 Subject: [PATCH 41/94] debug --- azure-pipelines.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 4a2a5aa..72bbf2f 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -269,6 +269,7 @@ stages: # TODO: remove this source: "specific" + project: "release" pipeline: 22 runId: 3448 From ef36c51fdc5fd2195cdbe8a2806ef02fbaeb2064 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 17 Aug 2022 15:09:45 +0800 Subject: [PATCH 42/94] sudo --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 72bbf2f..5cf084f 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -284,7 +284,7 @@ stages: - script: | set -e cd dist/tool - dpkg -i azure-repoapi-client_2.2.1_amd64.deb + sudo dpkg -i azure-repoapi-client_2.2.1_amd64.deb mkdir ~/.repoclient cat << EOF > ~/.repoclient { From fd46db56aaf99f1938de38ff690c092ade35114d Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 17 Aug 2022 15:24:15 +0800 Subject: [PATCH 43/94] debug --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 5cf084f..00fb6db 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -284,7 +284,7 @@ stages: - script: | set -e cd dist/tool - sudo dpkg -i azure-repoapi-client_2.2.1_amd64.deb + sudo apt install -y azure-repoapi-client_2.2.1_amd64.deb mkdir ~/.repoclient cat << EOF > ~/.repoclient { From ac2e90768baf37356ed0967c23c3f2dd0d6cde20 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 17 Aug 2022 15:27:26 +0800 Subject: [PATCH 44/94] fix --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 00fb6db..d826969 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -284,7 +284,7 @@ stages: - script: | set -e cd dist/tool - sudo apt install -y azure-repoapi-client_2.2.1_amd64.deb + sudo apt install -y ./azure-repoapi-client_2.2.1_amd64.deb mkdir ~/.repoclient cat << EOF > ~/.repoclient { From 06149527a8ab873f000caf128017bfd34ed423f1 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 17 Aug 2022 15:29:46 +0800 Subject: [PATCH 45/94] fix --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index d826969..2c68bff 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -286,7 +286,7 @@ stages: cd dist/tool sudo apt install -y ./azure-repoapi-client_2.2.1_amd64.deb mkdir ~/.repoclient - cat << EOF > ~/.repoclient + cat << EOF > ~/.repoclient/config.json { "server": "azure-apt-cat.cloudapp.net", "port": "443", From 1c888d1dea22f2bb63d8d59b7c7729d7aa95ef83 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 17 Aug 2022 15:33:54 +0800 Subject: [PATCH 46/94] debug --- azure-pipelines.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 2c68bff..1d707b9 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -298,6 +298,9 @@ stages: "repositoryId": "IGNORE" } EOF + cat ~/.repoclient/config.json + pwd + tree dist ls ./dist/pkg/*.${TYPE} pkg=(./dist/pkg/*.${TYPE}) [[ ${#pkg[@]} == 1 ]] || { echo "not exactly one target packages found: $(declare -p pkg)" > 2; exit 1; } From 3b1d8126004adaecafe90faaa66ec744d3d661cd Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 17 Aug 2022 15:36:17 +0800 Subject: [PATCH 47/94] fix --- azure-pipelines.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 1d707b9..fc57c58 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -283,8 +283,7 @@ stages: downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool - script: | set -e - cd dist/tool - sudo apt install -y ./azure-repoapi-client_2.2.1_amd64.deb + sudo apt install -y ./dist/tool/azure-repoapi-client_2.2.1_amd64.deb mkdir ~/.repoclient cat << EOF > ~/.repoclient/config.json { From 8f6f62ec6bea940278ccc0626acdd49697b92bb2 Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 17 Aug 2022 16:44:36 +0800 Subject: [PATCH 48/94] do the publish --- azure-pipelines.yml | 31 +++++++++++++++++++++++-------- 1 file changed, 23 insertions(+), 8 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index fc57c58..2dfa261 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -297,20 +297,35 @@ stages: "repositoryId": "IGNORE" } EOF - cat ~/.repoclient/config.json - pwd - tree dist - ls ./dist/pkg/*.${TYPE} pkg=(./dist/pkg/*.${TYPE}) [[ ${#pkg[@]} == 1 ]] || { echo "not exactly one target packages found: $(declare -p pkg)" > 2; exit 1; } pkg=${pkg[0]} - cat << EOF - repoclient package add -r $(REPO_ID) ${pkg} - EOF - echo "TODO: check result" + + # Allow error's to occur prior to quit the task, as we are capturing the command output, otherwise, we will have no chance to output that in stdout/stderr. + set +e + ret=$(repoclient package add -r ${REPO_ID} $pkg) + [[ $? == 0 ]] || { echo "Error: repoclient package add failed: $ret" >&2; exit 1; } + echo -e "repoclient package add returns:\n$ret\n" + + location=$(jq -r '.Location' <<< $ret) + package_id=${location##*/} + [[ -n $package_id ]] || { echo "Error: empty package id got" >&2; exit 1; } + echo "package id: $package_id" + + ret=$(repoclient package check $package_id) + [[ $? == 0 ]] || { echo "Error: repoclient package check failed: $ret" >&2; exit 1; } + echo -e "repoclient package check returns:\n$ret\n" + + msg=$(jq -r .message <<< $ret) + [[ -z $msg ]] || { + echo "Error: non zero message indicates an error. removing the package" >&2 + ret=$(repoclient package delete $package_id) + echo -e "repoclient package delete returns:\n$ret\n" + } displayName: "Publish via repoclient" env: TYPE: $(TYPE) + REPO_ID: $(REPO_ID) # - stage: release_windows_setup # displayName: "Release Windows Setup" From c162f418097f2ed5f79743feb210bd127ea4f25c Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 17 Aug 2022 17:12:22 +0800 Subject: [PATCH 49/94] enable the build --- azure-pipelines.yml | 397 ++++++++++++++++++++++---------------------- 1 file changed, 199 insertions(+), 198 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 2dfa261..a76d19b 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -9,207 +9,208 @@ parameters: type: string stages: - # - stage: build - # displayName: "Build aztfy" - # jobs: - # - job: build - # displayName: "Build Binaries" - # strategy: - # matrix: - # windows-386: - # OS: windows - # ARCH: 386 - # windows-amd64: - # OS: windows - # ARCH: amd64 - # linux-386: - # OS: linux - # ARCH: 386 - # linux-amd64: - # OS: linux - # ARCH: amd64 - # linux-arm: - # OS: linux - # ARCH: arm - # linux-arm64: - # OS: linux - # ARCH: arm64 - # darwin-amd64: - # OS: darwin - # ARCH: amd64 - # darwin-arm64: - # OS: darwin - # ARCH: arm64 - # steps: - # - task: GoTool@0 - # displayName: "Install Go" - # inputs: - # version: 1.19 - # - script: | - # set -e - # REVISION=`git rev-parse --short HEAD` - # mkdir build - # name=aztfy - # if [[ $OS = windows ]]; then - # name=aztfy.exe - # fi - # GOOS="${OS}" GOARCH="${ARCH}" CGO_ENABLED=0 go build -trimpath -ldflags="-s -w -X 'main.version=${VERSION}' -X 'main.revision=${REVISION}'" -o build/$name - # displayName: "Go Build" - # env: - # OS: $(OS) - # ARCH: $(ARCH) - # VERSION: ${{ parameters.version }} - # - task: EsrpCodeSigning@1 - # displayName: "Sign Binary (Windows Only)" - # condition: eq(variables.OS, 'windows') - # inputs: - # ConnectedServiceName: "ESRP Signing Service" - # FolderPath: "$(system.defaultWorkingDirectory)/build" - # Pattern: "*.exe" - # signConfigType: "inlineSignParams" - # inlineOperation: | - # [ - # { - # "KeyCode" : "CP-230012", - # "OperationCode" : "SigntoolSign", - # "Parameters" : { - # "OpusName" : "Microsoft", - # "OpusInfo" : "http://www.microsoft.com", - # "PageHash" : "/NPH", - # "TimeStamp" : "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256", - # "FileDigest": "/fd \"SHA256\"" - # }, - # "ToolName" : "sign", - # "ToolVersion" : "1.0" - # }, - # { - # "KeyCode" : "CP-230012", - # "OperationCode" : "SigntoolVerify", - # "Parameters" : {}, - # "ToolName" : "sign", - # "ToolVersion" : "1.0" - # } - # ] - # SessionTimeout: "60" - # MaxConcurrency: "50" - # MaxRetryAttempts: "5" - # - task: PublishPipelineArtifact@1 - # displayName: "Publish Binary" - # inputs: - # targetPath: "$(system.defaultWorkingDirectory)/build" - # artifactName: "$(OS)-$(ARCH)" + - stage: build + displayName: "Build aztfy" + jobs: + - job: build + displayName: "Build Binaries" + strategy: + matrix: + windows-386: + OS: windows + ARCH: 386 + windows-amd64: + OS: windows + ARCH: amd64 + linux-386: + OS: linux + ARCH: 386 + linux-amd64: + OS: linux + ARCH: amd64 + linux-arm: + OS: linux + ARCH: arm + linux-arm64: + OS: linux + ARCH: arm64 + darwin-amd64: + OS: darwin + ARCH: amd64 + darwin-arm64: + OS: darwin + ARCH: arm64 + steps: + - task: GoTool@0 + displayName: "Install Go" + inputs: + version: 1.19 + - script: | + set -e + REVISION=`git rev-parse --short HEAD` + mkdir build + name=aztfy + if [[ $OS = windows ]]; then + name=aztfy.exe + fi + GOOS="${OS}" GOARCH="${ARCH}" CGO_ENABLED=0 go build -trimpath -ldflags="-s -w -X 'main.version=${VERSION}' -X 'main.revision=${REVISION}'" -o build/$name + displayName: "Go Build" + env: + OS: $(OS) + ARCH: $(ARCH) + VERSION: ${{ parameters.version }} + - task: EsrpCodeSigning@1 + displayName: "Sign Binary (Windows Only)" + condition: eq(variables.OS, 'windows') + inputs: + ConnectedServiceName: "ESRP Signing Service" + FolderPath: "$(system.defaultWorkingDirectory)/build" + Pattern: "*.exe" + signConfigType: "inlineSignParams" + inlineOperation: | + [ + { + "KeyCode" : "CP-230012", + "OperationCode" : "SigntoolSign", + "Parameters" : { + "OpusName" : "Microsoft", + "OpusInfo" : "http://www.microsoft.com", + "PageHash" : "/NPH", + "TimeStamp" : "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256", + "FileDigest": "/fd \"SHA256\"" + }, + "ToolName" : "sign", + "ToolVersion" : "1.0" + }, + { + "KeyCode" : "CP-230012", + "OperationCode" : "SigntoolVerify", + "Parameters" : {}, + "ToolName" : "sign", + "ToolVersion" : "1.0" + } + ] + SessionTimeout: "60" + MaxConcurrency: "50" + MaxRetryAttempts: "5" + - task: PublishPipelineArtifact@1 + displayName: "Publish Binary" + inputs: + targetPath: "$(system.defaultWorkingDirectory)/build" + artifactName: "$(OS)-$(ARCH)" - # - job: build_windows_setup - # displayName: "Build Windows Setup" - # dependsOn: build - # steps: - # - script: echo TODO + - job: build_windows_setup + displayName: "Build Windows Setup" + dependsOn: build + steps: + - script: echo TODO - # - job: build_linux_packages - # displayName: "Build Linux RPM/Debian Packages" - # dependsOn: build - # strategy: - # matrix: - # linux-386: - # OS: linux - # ARCH: 386 - # linux-amd64: - # OS: linux - # ARCH: amd64 - # linux-arm: - # OS: linux - # ARCH: arm - # linux-arm64: - # OS: linux - # ARCH: arm64 - # steps: - # - task: DownloadPipelineArtifact@2 - # inputs: - # artifact: $(OS)-$(ARCH) - # path: $(system.defaultWorkingDirectory)/dist/source - # - script: | - # mkdir $workdir/dist/output - # displayName: "Prepare the output directory" - # env: - # workdir: $(system.defaultWorkingDirectory) - # - script: | - # set -e + - job: build_linux_packages + displayName: "Build Linux RPM/Debian Packages" + dependsOn: build + strategy: + matrix: + linux-386: + OS: linux + ARCH: 386 + linux-amd64: + OS: linux + ARCH: amd64 + linux-arm: + OS: linux + ARCH: arm + linux-arm64: + OS: linux + ARCH: arm64 + steps: + - task: DownloadPipelineArtifact@2 + inputs: + artifact: $(OS)-$(ARCH) + path: $(system.defaultWorkingDirectory)/dist/source + - script: | + mkdir $workdir/dist/output + displayName: "Prepare the output directory" + env: + workdir: $(system.defaultWorkingDirectory) + - script: | + set -e - # chmod +x $WORKDIR/dist/source/aztfy + chmod +x $WORKDIR/dist/source/aztfy - # declare -A deb_arch_map=( [386]=i386 [amd64]=amd64 [arm]=armhf [arm64]=arm64 ) - # declare -A rpm_arch_map=( [386]=i686 [amd64]=x86_64 [arm]=armv7hl [arm64]=aarch64 ) - # version=${VERSION:1} + declare -A deb_arch_map=( [386]=i386 [amd64]=amd64 [arm]=armhf [arm64]=arm64 ) + declare -A rpm_arch_map=( [386]=i686 [amd64]=x86_64 [arm]=armv7hl [arm64]=aarch64 ) + version=${VERSION:1} - # # Build the image - # cd $WORKDIR/scripts/package/linux - # docker build -t aztfybuild . + # Build the image + cd $WORKDIR/scripts/package/linux + docker build -t aztfybuild . - # # Build deb package - # docker run -t --rm \ - # -v $WORKDIR/dist/source:/build/source \ - # -v $WORKDIR/dist/output:/build/output \ - # aztfybuild \ - # fpm \ - # --name aztfy \ - # --license MPL-2.0 \ - # --version $version \ - # --description "A tool to bring existing Azure resources under Terraform's management" \ - # --url "https://github.com/Azure/aztfy" \ - # --maintainer "magodo " \ - # --input-type dir \ - # --output-type deb \ - # --architecture ${deb_arch_map[$ARCH]} \ - # --package /build/output/aztfy-$version-1-${deb_arch_map[$ARCH]}.deb \ - # /build/source/aztfy=/usr/bin/aztfy + # Build deb package + docker run -t --rm \ + -v $WORKDIR/dist/source:/build/source \ + -v $WORKDIR/dist/output:/build/output \ + aztfybuild \ + fpm \ + --name aztfy \ + --license MPL-2.0 \ + --version $version \ + --description "A tool to bring existing Azure resources under Terraform's management" \ + --url "https://github.com/Azure/aztfy" \ + --maintainer "magodo " \ + --input-type dir \ + --output-type deb \ + --architecture ${deb_arch_map[$ARCH]} \ + --package /build/output/aztfy-$version-1-${deb_arch_map[$ARCH]}.deb \ + /build/source/aztfy=/usr/bin/aztfy + + # Build rpm package + echo $version + docker run -t --rm \ + -v $WORKDIR/dist/source:/build/source \ + -v $WORKDIR/dist/output:/build/output \ + aztfybuild \ + fpm \ + --name aztfy \ + --license MPL-2.0 \ + --version ${version} \ + --description "A tool to bring existing Azure resources under Terraform's management" \ + --url "https://github.com/Azure/aztfy" \ + --maintainer "magodo " \ + --input-type dir \ + --output-type rpm \ + --architecture ${rpm_arch_map[$ARCH]} \ + --package /build/output/aztfy-$version-1-${rpm_arch_map[$ARCH]}.rpm \ + /build/source/aztfy=/usr/bin/aztfy + displayName: "Build Packages" + env: + VERSION: ${{ parameters.version }} + WORKDIR: $(system.defaultWorkingDirectory) + - task: EsrpCodeSigning@1 + displayName: "Sign Package" + inputs: + ConnectedServiceName: "ESRP Signing Service" + FolderPath: "$(system.defaultWorkingDirectory)/dist/output" + Pattern: "*.rpm,*.deb" + signConfigType: "inlineSignParams" + inlineOperation: | + [ + { + "KeyCode": "CP-450779-Pgp", + "OperationCode": "LinuxSign", + "Parameters": {}, + "ToolName": "sign", + "ToolVersion": "1.0" + } + ] + SessionTimeout: "60" + MaxConcurrency: "50" + MaxRetryAttempts: "5" + - task: PublishPipelineArtifact@1 + displayName: "Publish Packages" + inputs: + targetPath: "$(system.defaultWorkingDirectory)/dist/output" + artifactName: $(OS)-$(ARCH)-pkg - # # Build rpm package - # echo $version - # docker run -t --rm \ - # -v $WORKDIR/dist/source:/build/source \ - # -v $WORKDIR/dist/output:/build/output \ - # aztfybuild \ - # fpm \ - # --name aztfy \ - # --license MPL-2.0 \ - # --version ${version} \ - # --description "A tool to bring existing Azure resources under Terraform's management" \ - # --url "https://github.com/Azure/aztfy" \ - # --maintainer "magodo " \ - # --input-type dir \ - # --output-type rpm \ - # --architecture ${rpm_arch_map[$ARCH]} \ - # --package /build/output/aztfy-$version-1-${rpm_arch_map[$ARCH]}.rpm \ - # /build/source/aztfy=/usr/bin/aztfy - # displayName: "Build Packages" - # env: - # VERSION: ${{ parameters.version }} - # WORKDIR: $(system.defaultWorkingDirectory) - # - task: EsrpCodeSigning@1 - # displayName: "Sign Package" - # inputs: - # ConnectedServiceName: "ESRP Signing Service" - # FolderPath: "$(system.defaultWorkingDirectory)/dist/output" - # Pattern: "*.rpm,*.deb" - # signConfigType: "inlineSignParams" - # inlineOperation: | - # [ - # { - # "KeyCode": "CP-450779-Pgp", - # "OperationCode": "LinuxSign", - # "Parameters": {}, - # "ToolName": "sign", - # "ToolVersion": "1.0" - # } - # ] - # SessionTimeout: "60" - # MaxConcurrency: "50" - # MaxRetryAttempts: "5" - # - task: PublishPipelineArtifact@1 - # displayName: "Publish Packages" - # inputs: - # targetPath: "$(system.defaultWorkingDirectory)/dist/output" - # artifactName: $(OS)-$(ARCH)-pkg - stage: publish_linux_packages displayName: "Publish Linux Packages" jobs: @@ -268,10 +269,10 @@ stages: path: $(system.defaultWorkingDirectory)/dist/pkg # TODO: remove this - source: "specific" - project: "release" - pipeline: 22 - runId: 3448 + # source: "specific" + # project: "release" + # pipeline: 22 + # runId: 3448 - task: UniversalPackages@0 displayName: "Download repoclient" From e23e15d01ed45a20e1be61670665e06f02b841b6 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 18 Aug 2022 10:51:40 +0800 Subject: [PATCH 50/94] debug --- azure-pipelines.yml | 457 ++++++++++++++++++++++++-------------------- 1 file changed, 249 insertions(+), 208 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index a76d19b..485c241 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -9,207 +9,207 @@ parameters: type: string stages: - - stage: build - displayName: "Build aztfy" - jobs: - - job: build - displayName: "Build Binaries" - strategy: - matrix: - windows-386: - OS: windows - ARCH: 386 - windows-amd64: - OS: windows - ARCH: amd64 - linux-386: - OS: linux - ARCH: 386 - linux-amd64: - OS: linux - ARCH: amd64 - linux-arm: - OS: linux - ARCH: arm - linux-arm64: - OS: linux - ARCH: arm64 - darwin-amd64: - OS: darwin - ARCH: amd64 - darwin-arm64: - OS: darwin - ARCH: arm64 - steps: - - task: GoTool@0 - displayName: "Install Go" - inputs: - version: 1.19 - - script: | - set -e - REVISION=`git rev-parse --short HEAD` - mkdir build - name=aztfy - if [[ $OS = windows ]]; then - name=aztfy.exe - fi - GOOS="${OS}" GOARCH="${ARCH}" CGO_ENABLED=0 go build -trimpath -ldflags="-s -w -X 'main.version=${VERSION}' -X 'main.revision=${REVISION}'" -o build/$name - displayName: "Go Build" - env: - OS: $(OS) - ARCH: $(ARCH) - VERSION: ${{ parameters.version }} - - task: EsrpCodeSigning@1 - displayName: "Sign Binary (Windows Only)" - condition: eq(variables.OS, 'windows') - inputs: - ConnectedServiceName: "ESRP Signing Service" - FolderPath: "$(system.defaultWorkingDirectory)/build" - Pattern: "*.exe" - signConfigType: "inlineSignParams" - inlineOperation: | - [ - { - "KeyCode" : "CP-230012", - "OperationCode" : "SigntoolSign", - "Parameters" : { - "OpusName" : "Microsoft", - "OpusInfo" : "http://www.microsoft.com", - "PageHash" : "/NPH", - "TimeStamp" : "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256", - "FileDigest": "/fd \"SHA256\"" - }, - "ToolName" : "sign", - "ToolVersion" : "1.0" - }, - { - "KeyCode" : "CP-230012", - "OperationCode" : "SigntoolVerify", - "Parameters" : {}, - "ToolName" : "sign", - "ToolVersion" : "1.0" - } - ] - SessionTimeout: "60" - MaxConcurrency: "50" - MaxRetryAttempts: "5" - - task: PublishPipelineArtifact@1 - displayName: "Publish Binary" - inputs: - targetPath: "$(system.defaultWorkingDirectory)/build" - artifactName: "$(OS)-$(ARCH)" + # - stage: build + # displayName: "Build aztfy" + # jobs: + # - job: build + # displayName: "Build Binaries" + # strategy: + # matrix: + # windows-386: + # OS: windows + # ARCH: 386 + # windows-amd64: + # OS: windows + # ARCH: amd64 + # linux-386: + # OS: linux + # ARCH: 386 + # linux-amd64: + # OS: linux + # ARCH: amd64 + # linux-arm: + # OS: linux + # ARCH: arm + # linux-arm64: + # OS: linux + # ARCH: arm64 + # darwin-amd64: + # OS: darwin + # ARCH: amd64 + # darwin-arm64: + # OS: darwin + # ARCH: arm64 + # steps: + # - task: GoTool@0 + # displayName: "Install Go" + # inputs: + # version: 1.19 + # - script: | + # set -e + # REVISION=`git rev-parse --short HEAD` + # mkdir build + # name=aztfy + # if [[ $OS = windows ]]; then + # name=aztfy.exe + # fi + # GOOS="${OS}" GOARCH="${ARCH}" CGO_ENABLED=0 go build -trimpath -ldflags="-s -w -X 'main.version=${VERSION}' -X 'main.revision=${REVISION}'" -o build/$name + # displayName: "Go Build" + # env: + # OS: $(OS) + # ARCH: $(ARCH) + # VERSION: ${{ parameters.version }} + # - task: EsrpCodeSigning@1 + # displayName: "Sign Binary (Windows Only)" + # condition: eq(variables.OS, 'windows') + # inputs: + # ConnectedServiceName: "ESRP Signing Service" + # FolderPath: "$(system.defaultWorkingDirectory)/build" + # Pattern: "*.exe" + # signConfigType: "inlineSignParams" + # inlineOperation: | + # [ + # { + # "KeyCode" : "CP-230012", + # "OperationCode" : "SigntoolSign", + # "Parameters" : { + # "OpusName" : "Microsoft", + # "OpusInfo" : "http://www.microsoft.com", + # "PageHash" : "/NPH", + # "TimeStamp" : "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256", + # "FileDigest": "/fd \"SHA256\"" + # }, + # "ToolName" : "sign", + # "ToolVersion" : "1.0" + # }, + # { + # "KeyCode" : "CP-230012", + # "OperationCode" : "SigntoolVerify", + # "Parameters" : {}, + # "ToolName" : "sign", + # "ToolVersion" : "1.0" + # } + # ] + # SessionTimeout: "60" + # MaxConcurrency: "50" + # MaxRetryAttempts: "5" + # - task: PublishPipelineArtifact@1 + # displayName: "Publish Binary" + # inputs: + # targetPath: "$(system.defaultWorkingDirectory)/build" + # artifactName: "$(OS)-$(ARCH)" - - job: build_windows_setup - displayName: "Build Windows Setup" - dependsOn: build - steps: - - script: echo TODO + # - job: build_windows_setup + # displayName: "Build Windows Setup" + # dependsOn: build + # steps: + # - script: echo TODO - - job: build_linux_packages - displayName: "Build Linux RPM/Debian Packages" - dependsOn: build - strategy: - matrix: - linux-386: - OS: linux - ARCH: 386 - linux-amd64: - OS: linux - ARCH: amd64 - linux-arm: - OS: linux - ARCH: arm - linux-arm64: - OS: linux - ARCH: arm64 - steps: - - task: DownloadPipelineArtifact@2 - inputs: - artifact: $(OS)-$(ARCH) - path: $(system.defaultWorkingDirectory)/dist/source - - script: | - mkdir $workdir/dist/output - displayName: "Prepare the output directory" - env: - workdir: $(system.defaultWorkingDirectory) - - script: | - set -e + # - job: build_linux_packages + # displayName: "Build Linux RPM/Debian Packages" + # dependsOn: build + # strategy: + # matrix: + # linux-386: + # OS: linux + # ARCH: 386 + # linux-amd64: + # OS: linux + # ARCH: amd64 + # linux-arm: + # OS: linux + # ARCH: arm + # linux-arm64: + # OS: linux + # ARCH: arm64 + # steps: + # - task: DownloadPipelineArtifact@2 + # inputs: + # artifact: $(OS)-$(ARCH) + # path: $(system.defaultWorkingDirectory)/dist/source + # - script: | + # mkdir $workdir/dist/output + # displayName: "Prepare the output directory" + # env: + # workdir: $(system.defaultWorkingDirectory) + # - script: | + # set -e - chmod +x $WORKDIR/dist/source/aztfy + # chmod +x $WORKDIR/dist/source/aztfy - declare -A deb_arch_map=( [386]=i386 [amd64]=amd64 [arm]=armhf [arm64]=arm64 ) - declare -A rpm_arch_map=( [386]=i686 [amd64]=x86_64 [arm]=armv7hl [arm64]=aarch64 ) - version=${VERSION:1} + # declare -A deb_arch_map=( [386]=i386 [amd64]=amd64 [arm]=armhf [arm64]=arm64 ) + # declare -A rpm_arch_map=( [386]=i686 [amd64]=x86_64 [arm]=armv7hl [arm64]=aarch64 ) + # version=${VERSION:1} - # Build the image - cd $WORKDIR/scripts/package/linux - docker build -t aztfybuild . + # # Build the image + # cd $WORKDIR/scripts/package/linux + # docker build -t aztfybuild . - # Build deb package - docker run -t --rm \ - -v $WORKDIR/dist/source:/build/source \ - -v $WORKDIR/dist/output:/build/output \ - aztfybuild \ - fpm \ - --name aztfy \ - --license MPL-2.0 \ - --version $version \ - --description "A tool to bring existing Azure resources under Terraform's management" \ - --url "https://github.com/Azure/aztfy" \ - --maintainer "magodo " \ - --input-type dir \ - --output-type deb \ - --architecture ${deb_arch_map[$ARCH]} \ - --package /build/output/aztfy-$version-1-${deb_arch_map[$ARCH]}.deb \ - /build/source/aztfy=/usr/bin/aztfy + # # Build deb package + # docker run -t --rm \ + # -v $WORKDIR/dist/source:/build/source \ + # -v $WORKDIR/dist/output:/build/output \ + # aztfybuild \ + # fpm \ + # --name aztfy \ + # --license MPL-2.0 \ + # --version $version \ + # --description "A tool to bring existing Azure resources under Terraform's management" \ + # --url "https://github.com/Azure/aztfy" \ + # --maintainer "magodo " \ + # --input-type dir \ + # --output-type deb \ + # --architecture ${deb_arch_map[$ARCH]} \ + # --package /build/output/aztfy-$version-1-${deb_arch_map[$ARCH]}.deb \ + # /build/source/aztfy=/usr/bin/aztfy - # Build rpm package - echo $version - docker run -t --rm \ - -v $WORKDIR/dist/source:/build/source \ - -v $WORKDIR/dist/output:/build/output \ - aztfybuild \ - fpm \ - --name aztfy \ - --license MPL-2.0 \ - --version ${version} \ - --description "A tool to bring existing Azure resources under Terraform's management" \ - --url "https://github.com/Azure/aztfy" \ - --maintainer "magodo " \ - --input-type dir \ - --output-type rpm \ - --architecture ${rpm_arch_map[$ARCH]} \ - --package /build/output/aztfy-$version-1-${rpm_arch_map[$ARCH]}.rpm \ - /build/source/aztfy=/usr/bin/aztfy - displayName: "Build Packages" - env: - VERSION: ${{ parameters.version }} - WORKDIR: $(system.defaultWorkingDirectory) - - task: EsrpCodeSigning@1 - displayName: "Sign Package" - inputs: - ConnectedServiceName: "ESRP Signing Service" - FolderPath: "$(system.defaultWorkingDirectory)/dist/output" - Pattern: "*.rpm,*.deb" - signConfigType: "inlineSignParams" - inlineOperation: | - [ - { - "KeyCode": "CP-450779-Pgp", - "OperationCode": "LinuxSign", - "Parameters": {}, - "ToolName": "sign", - "ToolVersion": "1.0" - } - ] - SessionTimeout: "60" - MaxConcurrency: "50" - MaxRetryAttempts: "5" - - task: PublishPipelineArtifact@1 - displayName: "Publish Packages" - inputs: - targetPath: "$(system.defaultWorkingDirectory)/dist/output" - artifactName: $(OS)-$(ARCH)-pkg + # # Build rpm package + # echo $version + # docker run -t --rm \ + # -v $WORKDIR/dist/source:/build/source \ + # -v $WORKDIR/dist/output:/build/output \ + # aztfybuild \ + # fpm \ + # --name aztfy \ + # --license MPL-2.0 \ + # --version ${version} \ + # --description "A tool to bring existing Azure resources under Terraform's management" \ + # --url "https://github.com/Azure/aztfy" \ + # --maintainer "magodo " \ + # --input-type dir \ + # --output-type rpm \ + # --architecture ${rpm_arch_map[$ARCH]} \ + # --package /build/output/aztfy-$version-1-${rpm_arch_map[$ARCH]}.rpm \ + # /build/source/aztfy=/usr/bin/aztfy + # displayName: "Build Packages" + # env: + # VERSION: ${{ parameters.version }} + # WORKDIR: $(system.defaultWorkingDirectory) + # - task: EsrpCodeSigning@1 + # displayName: "Sign Package" + # inputs: + # ConnectedServiceName: "ESRP Signing Service" + # FolderPath: "$(system.defaultWorkingDirectory)/dist/output" + # Pattern: "*.rpm,*.deb" + # signConfigType: "inlineSignParams" + # inlineOperation: | + # [ + # { + # "KeyCode": "CP-450779-Pgp", + # "OperationCode": "LinuxSign", + # "Parameters": {}, + # "ToolName": "sign", + # "ToolVersion": "1.0" + # } + # ] + # SessionTimeout: "60" + # MaxConcurrency: "50" + # MaxRetryAttempts: "5" + # - task: PublishPipelineArtifact@1 + # displayName: "Publish Packages" + # inputs: + # targetPath: "$(system.defaultWorkingDirectory)/dist/output" + # artifactName: $(OS)-$(ARCH)-pkg - stage: publish_linux_packages displayName: "Publish Linux Packages" @@ -218,18 +218,30 @@ stages: displayName: "Publish Packages" strategy: matrix: - ubuntu-bionic-amd64: + # ubuntu-bionic-amd64: + # TYPE: deb + # ARCH: amd64 + # REPO_ID: 5d16326637164fbc1139c4e1 + ubuntu-bionic-arm64: TYPE: deb - ARCH: amd64 - REPO_ID: 5a9dc3f2424a5c053cc3ff2e + ARCH: arm64 + REPO_ID: 5d16326637164fbc1139c4e1 # ubuntu-focal-amd64: # TYPE: deb # ARCH: amd64 # REPO_ID: 5e852952e45fffa1beda61fe + # ubuntu-focal-arm64: + # TYPE: deb + # ARCH: arm64 + # REPO_ID: 5e852952e45fffa1beda61fe # ubuntu-jammy-amd64: # TYPE: deb # ARCH: amd64 # REPO_ID: 61faea6cea3a770ab120ac8a + # ubuntu-jammy-arm64: + # TYPE: deb + # ARCH: arm64 + # REPO_ID: 61faea6cea3a770ab120ac8a # debian-buster-amd64: # TYPE: deb # ARCH: amd64 @@ -238,41 +250,69 @@ stages: # TYPE: deb # ARCH: amd64 # REPO_ID: 611ab3a32acdcd0744c8c841 + # debian-bullseye-arm64: + # TYPE: deb + # ARCH: arm64 + # REPO_ID: 611ab3a32acdcd0744c8c841 # centos-8-x86_64: # TYPE: rpm # ARCH: amd64 # REPO_ID: 5e5ed94a523a8019fe47607e + # centos-8-aarch64: + # TYPE: rpm + # ARCH: arm64 + # REPO_ID: 5e5ed94a523a8019fe47607e # rhel-8-x86_64: # TYPE: rpm # ARCH: amd64 # REPO_ID: 5d4470e1eebce7156eee5407 + # rhel-8-aarch64: + # TYPE: rpm + # ARCH: arm64 + # REPO_ID: 5d4470e1eebce7156eee5407 # rhel-9-x86_64: # TYPE: rpm # ARCH: amd64 # REPO_ID: 627067cc3ac6d7548f4d66cd + # rhel-9-aarch64: + # TYPE: rpm + # ARCH: arm64 + # REPO_ID: 627067cc3ac6d7548f4d66cd # fedora-34-x86_64: # TYPE: rpm # ARCH: amd64 # REPO_ID: 606e1da573e50659b0803a7b + # fedora-34-aarch64: + # TYPE: rpm + # ARCH: arm64 + # REPO_ID: 606e1da573e50659b0803a7b # fedora-35-x86_64: # TYPE: rpm # ARCH: amd64 # REPO_ID: 6196d483ea3a770f011f63fb + # fedora-35-aarch64: + # TYPE: rpm + # ARCH: arm64 + # REPO_ID: 6196d483ea3a770f011f63fb # fedora-36-x86_64: # TYPE: rpm # ARCH: amd64 # REPO_ID: 6271bc683ac6d73aa84d6737 + # fedora-36-aarch64: + # TYPE: rpm + # ARCH: arm64 + # REPO_ID: 6271bc683ac6d73aa84d6737 steps: - task: DownloadPipelineArtifact@2 inputs: artifact: linux-$(ARCH)-pkg path: $(system.defaultWorkingDirectory)/dist/pkg - # TODO: remove this - # source: "specific" - # project: "release" - # pipeline: 22 - # runId: 3448 + # Debug purpose only: Accelerate debugging on this stage + source: "specific" + project: "release" + pipeline: 22 + runId: 3678 - task: UniversalPackages@0 displayName: "Download repoclient" @@ -317,12 +357,13 @@ stages: [[ $? == 0 ]] || { echo "Error: repoclient package check failed: $ret" >&2; exit 1; } echo -e "repoclient package check returns:\n$ret\n" - msg=$(jq -r .message <<< $ret) - [[ -z $msg ]] || { - echo "Error: non zero message indicates an error. removing the package" >&2 - ret=$(repoclient package delete $package_id) - echo -e "repoclient package delete returns:\n$ret\n" - } + # TODO: how to verify? + # msg=$(jq -r .message <<< $ret) + # [[ -z $msg ]] || { + # echo "Error: non zero message indicates an error. removing the package" >&2 + # ret=$(repoclient package delete $package_id) + # echo -e "repoclient package delete returns:\n$ret\n" + # } displayName: "Publish via repoclient" env: TYPE: $(TYPE) From 3dc515afdabc5324993b22c8154d9b6a699d2d06 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 18 Aug 2022 11:22:02 +0800 Subject: [PATCH 51/94] re-layout the scripts dir --- azure-pipelines.yml | 2 +- scripts/package/linux/{ => build}/Dockerfile | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename scripts/package/linux/{ => build}/Dockerfile (100%) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 485c241..08e5f49 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -142,7 +142,7 @@ stages: # version=${VERSION:1} # # Build the image - # cd $WORKDIR/scripts/package/linux + # cd $WORKDIR/scripts/package/linux/build # docker build -t aztfybuild . # # Build deb package diff --git a/scripts/package/linux/Dockerfile b/scripts/package/linux/build/Dockerfile similarity index 100% rename from scripts/package/linux/Dockerfile rename to scripts/package/linux/build/Dockerfile From bcb01b25974734ca763840f9e1f6826a8f727866 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 18 Aug 2022 17:29:59 +0800 Subject: [PATCH 52/94] publish all debian packages --- azure-pipelines.yml | 68 ++++++++++++++++++++++++--------------------- 1 file changed, 36 insertions(+), 32 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 08e5f49..01d973d 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -218,42 +218,46 @@ stages: displayName: "Publish Packages" strategy: matrix: - # ubuntu-bionic-amd64: - # TYPE: deb - # ARCH: amd64 - # REPO_ID: 5d16326637164fbc1139c4e1 + ubuntu-bionic-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 5d16326637164fbc1139c4e1 ubuntu-bionic-arm64: TYPE: deb ARCH: arm64 REPO_ID: 5d16326637164fbc1139c4e1 - # ubuntu-focal-amd64: - # TYPE: deb - # ARCH: amd64 - # REPO_ID: 5e852952e45fffa1beda61fe - # ubuntu-focal-arm64: - # TYPE: deb - # ARCH: arm64 - # REPO_ID: 5e852952e45fffa1beda61fe - # ubuntu-jammy-amd64: - # TYPE: deb - # ARCH: amd64 - # REPO_ID: 61faea6cea3a770ab120ac8a - # ubuntu-jammy-arm64: - # TYPE: deb - # ARCH: arm64 - # REPO_ID: 61faea6cea3a770ab120ac8a - # debian-buster-amd64: - # TYPE: deb - # ARCH: amd64 - # REPO_ID: 5d23b16c9a6e3b375bbba42e - # debian-bullseye-amd64: - # TYPE: deb - # ARCH: amd64 - # REPO_ID: 611ab3a32acdcd0744c8c841 - # debian-bullseye-arm64: - # TYPE: deb - # ARCH: arm64 - # REPO_ID: 611ab3a32acdcd0744c8c841 + ubuntu-focal-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 5e852952e45fffa1beda61fe + ubuntu-focal-arm64: + TYPE: deb + ARCH: arm64 + REPO_ID: 5e852952e45fffa1beda61fe + ubuntu-jammy-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 61faea6cea3a770ab120ac8a + ubuntu-jammy-arm64: + TYPE: deb + ARCH: arm64 + REPO_ID: 61faea6cea3a770ab120ac8a + debian-buster-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 5d23b16c9a6e3b375bbba42e + debian-buster-arm64: + TYPE: deb + ARCH: arm64 + REPO_ID: 5d23b16c9a6e3b375bbba42e + debian-bullseye-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 611ab3a32acdcd0744c8c841 + debian-bullseye-arm64: + TYPE: deb + ARCH: arm64 + REPO_ID: 611ab3a32acdcd0744c8c841 # centos-8-x86_64: # TYPE: rpm # ARCH: amd64 From 352791a3cf1005a1002cf15f4351939a2af7e56d Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 18 Aug 2022 17:59:29 +0800 Subject: [PATCH 53/94] enable build --- azure-pipelines.yml | 388 ++++++++++++++++++++++---------------------- 1 file changed, 194 insertions(+), 194 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 01d973d..caf6841 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -9,207 +9,207 @@ parameters: type: string stages: - # - stage: build - # displayName: "Build aztfy" - # jobs: - # - job: build - # displayName: "Build Binaries" - # strategy: - # matrix: - # windows-386: - # OS: windows - # ARCH: 386 - # windows-amd64: - # OS: windows - # ARCH: amd64 - # linux-386: - # OS: linux - # ARCH: 386 - # linux-amd64: - # OS: linux - # ARCH: amd64 - # linux-arm: - # OS: linux - # ARCH: arm - # linux-arm64: - # OS: linux - # ARCH: arm64 - # darwin-amd64: - # OS: darwin - # ARCH: amd64 - # darwin-arm64: - # OS: darwin - # ARCH: arm64 - # steps: - # - task: GoTool@0 - # displayName: "Install Go" - # inputs: - # version: 1.19 - # - script: | - # set -e - # REVISION=`git rev-parse --short HEAD` - # mkdir build - # name=aztfy - # if [[ $OS = windows ]]; then - # name=aztfy.exe - # fi - # GOOS="${OS}" GOARCH="${ARCH}" CGO_ENABLED=0 go build -trimpath -ldflags="-s -w -X 'main.version=${VERSION}' -X 'main.revision=${REVISION}'" -o build/$name - # displayName: "Go Build" - # env: - # OS: $(OS) - # ARCH: $(ARCH) - # VERSION: ${{ parameters.version }} - # - task: EsrpCodeSigning@1 - # displayName: "Sign Binary (Windows Only)" - # condition: eq(variables.OS, 'windows') - # inputs: - # ConnectedServiceName: "ESRP Signing Service" - # FolderPath: "$(system.defaultWorkingDirectory)/build" - # Pattern: "*.exe" - # signConfigType: "inlineSignParams" - # inlineOperation: | - # [ - # { - # "KeyCode" : "CP-230012", - # "OperationCode" : "SigntoolSign", - # "Parameters" : { - # "OpusName" : "Microsoft", - # "OpusInfo" : "http://www.microsoft.com", - # "PageHash" : "/NPH", - # "TimeStamp" : "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256", - # "FileDigest": "/fd \"SHA256\"" - # }, - # "ToolName" : "sign", - # "ToolVersion" : "1.0" - # }, - # { - # "KeyCode" : "CP-230012", - # "OperationCode" : "SigntoolVerify", - # "Parameters" : {}, - # "ToolName" : "sign", - # "ToolVersion" : "1.0" - # } - # ] - # SessionTimeout: "60" - # MaxConcurrency: "50" - # MaxRetryAttempts: "5" - # - task: PublishPipelineArtifact@1 - # displayName: "Publish Binary" - # inputs: - # targetPath: "$(system.defaultWorkingDirectory)/build" - # artifactName: "$(OS)-$(ARCH)" + - stage: build + displayName: "Build aztfy" + jobs: + - job: build + displayName: "Build Binaries" + strategy: + matrix: + windows-386: + OS: windows + ARCH: 386 + windows-amd64: + OS: windows + ARCH: amd64 + linux-386: + OS: linux + ARCH: 386 + linux-amd64: + OS: linux + ARCH: amd64 + linux-arm: + OS: linux + ARCH: arm + linux-arm64: + OS: linux + ARCH: arm64 + darwin-amd64: + OS: darwin + ARCH: amd64 + darwin-arm64: + OS: darwin + ARCH: arm64 + steps: + - task: GoTool@0 + displayName: "Install Go" + inputs: + version: 1.19 + - script: | + set -e + REVISION=`git rev-parse --short HEAD` + mkdir build + name=aztfy + if [[ $OS = windows ]]; then + name=aztfy.exe + fi + GOOS="${OS}" GOARCH="${ARCH}" CGO_ENABLED=0 go build -trimpath -ldflags="-s -w -X 'main.version=${VERSION}' -X 'main.revision=${REVISION}'" -o build/$name + displayName: "Go Build" + env: + OS: $(OS) + ARCH: $(ARCH) + VERSION: ${{ parameters.version }} + - task: EsrpCodeSigning@1 + displayName: "Sign Binary (Windows Only)" + condition: eq(variables.OS, 'windows') + inputs: + ConnectedServiceName: "ESRP Signing Service" + FolderPath: "$(system.defaultWorkingDirectory)/build" + Pattern: "*.exe" + signConfigType: "inlineSignParams" + inlineOperation: | + [ + { + "KeyCode" : "CP-230012", + "OperationCode" : "SigntoolSign", + "Parameters" : { + "OpusName" : "Microsoft", + "OpusInfo" : "http://www.microsoft.com", + "PageHash" : "/NPH", + "TimeStamp" : "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256", + "FileDigest": "/fd \"SHA256\"" + }, + "ToolName" : "sign", + "ToolVersion" : "1.0" + }, + { + "KeyCode" : "CP-230012", + "OperationCode" : "SigntoolVerify", + "Parameters" : {}, + "ToolName" : "sign", + "ToolVersion" : "1.0" + } + ] + SessionTimeout: "60" + MaxConcurrency: "50" + MaxRetryAttempts: "5" + - task: PublishPipelineArtifact@1 + displayName: "Publish Binary" + inputs: + targetPath: "$(system.defaultWorkingDirectory)/build" + artifactName: "$(OS)-$(ARCH)" - # - job: build_windows_setup - # displayName: "Build Windows Setup" - # dependsOn: build - # steps: - # - script: echo TODO + - job: build_windows_setup + displayName: "Build Windows Setup" + dependsOn: build + steps: + - script: echo TODO - # - job: build_linux_packages - # displayName: "Build Linux RPM/Debian Packages" - # dependsOn: build - # strategy: - # matrix: - # linux-386: - # OS: linux - # ARCH: 386 - # linux-amd64: - # OS: linux - # ARCH: amd64 - # linux-arm: - # OS: linux - # ARCH: arm - # linux-arm64: - # OS: linux - # ARCH: arm64 - # steps: - # - task: DownloadPipelineArtifact@2 - # inputs: - # artifact: $(OS)-$(ARCH) - # path: $(system.defaultWorkingDirectory)/dist/source - # - script: | - # mkdir $workdir/dist/output - # displayName: "Prepare the output directory" - # env: - # workdir: $(system.defaultWorkingDirectory) - # - script: | - # set -e + - job: build_linux_packages + displayName: "Build Linux RPM/Debian Packages" + dependsOn: build + strategy: + matrix: + linux-386: + OS: linux + ARCH: 386 + linux-amd64: + OS: linux + ARCH: amd64 + linux-arm: + OS: linux + ARCH: arm + linux-arm64: + OS: linux + ARCH: arm64 + steps: + - task: DownloadPipelineArtifact@2 + inputs: + artifact: $(OS)-$(ARCH) + path: $(system.defaultWorkingDirectory)/dist/source + - script: | + mkdir $workdir/dist/output + displayName: "Prepare the output directory" + env: + workdir: $(system.defaultWorkingDirectory) + - script: | + set -e - # chmod +x $WORKDIR/dist/source/aztfy + chmod +x $WORKDIR/dist/source/aztfy - # declare -A deb_arch_map=( [386]=i386 [amd64]=amd64 [arm]=armhf [arm64]=arm64 ) - # declare -A rpm_arch_map=( [386]=i686 [amd64]=x86_64 [arm]=armv7hl [arm64]=aarch64 ) - # version=${VERSION:1} + declare -A deb_arch_map=( [386]=i386 [amd64]=amd64 [arm]=armhf [arm64]=arm64 ) + declare -A rpm_arch_map=( [386]=i686 [amd64]=x86_64 [arm]=armv7hl [arm64]=aarch64 ) + version=${VERSION:1} - # # Build the image - # cd $WORKDIR/scripts/package/linux/build - # docker build -t aztfybuild . + # Build the image + cd $WORKDIR/scripts/package/linux/build + docker build -t aztfybuild . - # # Build deb package - # docker run -t --rm \ - # -v $WORKDIR/dist/source:/build/source \ - # -v $WORKDIR/dist/output:/build/output \ - # aztfybuild \ - # fpm \ - # --name aztfy \ - # --license MPL-2.0 \ - # --version $version \ - # --description "A tool to bring existing Azure resources under Terraform's management" \ - # --url "https://github.com/Azure/aztfy" \ - # --maintainer "magodo " \ - # --input-type dir \ - # --output-type deb \ - # --architecture ${deb_arch_map[$ARCH]} \ - # --package /build/output/aztfy-$version-1-${deb_arch_map[$ARCH]}.deb \ - # /build/source/aztfy=/usr/bin/aztfy + # Build deb package + docker run -t --rm \ + -v $WORKDIR/dist/source:/build/source \ + -v $WORKDIR/dist/output:/build/output \ + aztfybuild \ + fpm \ + --name aztfy \ + --license MPL-2.0 \ + --version $version \ + --description "A tool to bring existing Azure resources under Terraform's management" \ + --url "https://github.com/Azure/aztfy" \ + --maintainer "magodo " \ + --input-type dir \ + --output-type deb \ + --architecture ${deb_arch_map[$ARCH]} \ + --package /build/output/aztfy-$version-1-${deb_arch_map[$ARCH]}.deb \ + /build/source/aztfy=/usr/bin/aztfy - # # Build rpm package - # echo $version - # docker run -t --rm \ - # -v $WORKDIR/dist/source:/build/source \ - # -v $WORKDIR/dist/output:/build/output \ - # aztfybuild \ - # fpm \ - # --name aztfy \ - # --license MPL-2.0 \ - # --version ${version} \ - # --description "A tool to bring existing Azure resources under Terraform's management" \ - # --url "https://github.com/Azure/aztfy" \ - # --maintainer "magodo " \ - # --input-type dir \ - # --output-type rpm \ - # --architecture ${rpm_arch_map[$ARCH]} \ - # --package /build/output/aztfy-$version-1-${rpm_arch_map[$ARCH]}.rpm \ - # /build/source/aztfy=/usr/bin/aztfy - # displayName: "Build Packages" - # env: - # VERSION: ${{ parameters.version }} - # WORKDIR: $(system.defaultWorkingDirectory) - # - task: EsrpCodeSigning@1 - # displayName: "Sign Package" - # inputs: - # ConnectedServiceName: "ESRP Signing Service" - # FolderPath: "$(system.defaultWorkingDirectory)/dist/output" - # Pattern: "*.rpm,*.deb" - # signConfigType: "inlineSignParams" - # inlineOperation: | - # [ - # { - # "KeyCode": "CP-450779-Pgp", - # "OperationCode": "LinuxSign", - # "Parameters": {}, - # "ToolName": "sign", - # "ToolVersion": "1.0" - # } - # ] - # SessionTimeout: "60" - # MaxConcurrency: "50" - # MaxRetryAttempts: "5" - # - task: PublishPipelineArtifact@1 - # displayName: "Publish Packages" - # inputs: - # targetPath: "$(system.defaultWorkingDirectory)/dist/output" - # artifactName: $(OS)-$(ARCH)-pkg + # Build rpm package + echo $version + docker run -t --rm \ + -v $WORKDIR/dist/source:/build/source \ + -v $WORKDIR/dist/output:/build/output \ + aztfybuild \ + fpm \ + --name aztfy \ + --license MPL-2.0 \ + --version ${version} \ + --description "A tool to bring existing Azure resources under Terraform's management" \ + --url "https://github.com/Azure/aztfy" \ + --maintainer "magodo " \ + --input-type dir \ + --output-type rpm \ + --architecture ${rpm_arch_map[$ARCH]} \ + --package /build/output/aztfy-$version-1-${rpm_arch_map[$ARCH]}.rpm \ + /build/source/aztfy=/usr/bin/aztfy + displayName: "Build Packages" + env: + VERSION: ${{ parameters.version }} + WORKDIR: $(system.defaultWorkingDirectory) + - task: EsrpCodeSigning@1 + displayName: "Sign Package" + inputs: + ConnectedServiceName: "ESRP Signing Service" + FolderPath: "$(system.defaultWorkingDirectory)/dist/output" + Pattern: "*.rpm,*.deb" + signConfigType: "inlineSignParams" + inlineOperation: | + [ + { + "KeyCode": "CP-450779-Pgp", + "OperationCode": "LinuxSign", + "Parameters": {}, + "ToolName": "sign", + "ToolVersion": "1.0" + } + ] + SessionTimeout: "60" + MaxConcurrency: "50" + MaxRetryAttempts: "5" + - task: PublishPipelineArtifact@1 + displayName: "Publish Packages" + inputs: + targetPath: "$(system.defaultWorkingDirectory)/dist/output" + artifactName: $(OS)-$(ARCH)-pkg - stage: publish_linux_packages displayName: "Publish Linux Packages" From 2b788a402df6bda474920ed39bb42d81f08e6397 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 18 Aug 2022 18:04:31 +0800 Subject: [PATCH 54/94] disable debug artifact dl --- azure-pipelines.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index caf6841..855cf94 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -313,10 +313,10 @@ stages: path: $(system.defaultWorkingDirectory)/dist/pkg # Debug purpose only: Accelerate debugging on this stage - source: "specific" - project: "release" - pipeline: 22 - runId: 3678 + # source: "specific" + # project: "release" + # pipeline: 22 + # runId: 3678 - task: UniversalPackages@0 displayName: "Download repoclient" From 0430e12fcee779fa1bca1026919a79a5cd685d47 Mon Sep 17 00:00:00 2001 From: magodo Date: Fri, 19 Aug 2022 16:24:56 +0800 Subject: [PATCH 55/94] update the download artifact task with runVersion --- azure-pipelines.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 855cf94..cc90f2a 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -316,7 +316,8 @@ stages: # source: "specific" # project: "release" # pipeline: 22 - # runId: 3678 + # runVersion: "specific" + # runId: 3760 - task: UniversalPackages@0 displayName: "Download repoclient" From 11110d5803920456723ee9ba79e509db7531b600 Mon Sep 17 00:00:00 2001 From: magodo Date: Fri, 19 Aug 2022 17:25:15 +0800 Subject: [PATCH 56/94] verify ubuntu bionic --- azure-pipelines.yml | 386 ++++++++++-------- scripts/package/linux/verify/ubuntu-bionic.sh | 10 + 2 files changed, 236 insertions(+), 160 deletions(-) create mode 100755 scripts/package/linux/verify/ubuntu-bionic.sh diff --git a/azure-pipelines.yml b/azure-pipelines.yml index cc90f2a..49db102 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -218,232 +218,298 @@ stages: displayName: "Publish Packages" strategy: matrix: + # deb platforms ubuntu-bionic-amd64: TYPE: deb ARCH: amd64 REPO_ID: 5d16326637164fbc1139c4e1 + REPO_DISTRO: ubuntu + REPO_RELEASE: bionic ubuntu-bionic-arm64: TYPE: deb ARCH: arm64 REPO_ID: 5d16326637164fbc1139c4e1 - ubuntu-focal-amd64: - TYPE: deb - ARCH: amd64 - REPO_ID: 5e852952e45fffa1beda61fe - ubuntu-focal-arm64: - TYPE: deb - ARCH: arm64 - REPO_ID: 5e852952e45fffa1beda61fe - ubuntu-jammy-amd64: - TYPE: deb - ARCH: amd64 - REPO_ID: 61faea6cea3a770ab120ac8a - ubuntu-jammy-arm64: - TYPE: deb - ARCH: arm64 - REPO_ID: 61faea6cea3a770ab120ac8a - debian-buster-amd64: - TYPE: deb - ARCH: amd64 - REPO_ID: 5d23b16c9a6e3b375bbba42e - debian-buster-arm64: - TYPE: deb - ARCH: arm64 - REPO_ID: 5d23b16c9a6e3b375bbba42e - debian-bullseye-amd64: - TYPE: deb - ARCH: amd64 - REPO_ID: 611ab3a32acdcd0744c8c841 - debian-bullseye-arm64: - TYPE: deb - ARCH: arm64 - REPO_ID: 611ab3a32acdcd0744c8c841 + REPO_DISTRO: ubuntu + REPO_RELEASE: bionic + # ubuntu-focal-amd64: + # TYPE: deb + # ARCH: amd64 + # REPO_ID: 5e852952e45fffa1beda61fe + # REPO_DISTRO: ubuntu + # REPO_RELEASE: focal + # ubuntu-focal-arm64: + # TYPE: deb + # ARCH: arm64 + # REPO_ID: 5e852952e45fffa1beda61fe + # REPO_DISTRO: ubuntu + # REPO_RELEASE: focal + # ubuntu-jammy-amd64: + # TYPE: deb + # ARCH: amd64 + # REPO_ID: 61faea6cea3a770ab120ac8a + # REPO_DISTRO: ubuntu + # REPO_RELEASE: jammy + # ubuntu-jammy-arm64: + # TYPE: deb + # ARCH: arm64 + # REPO_ID: 61faea6cea3a770ab120ac8a + # REPO_DISTRO: ubuntu + # REPO_RELEASE: jammy + # debian-buster-amd64: + # TYPE: deb + # ARCH: amd64 + # REPO_ID: 5d23b16c9a6e3b375bbba42e + # REPO_DISTRO: debian + # REPO_RELEASE: buster + # debian-buster-arm64: + # TYPE: deb + # ARCH: arm64 + # REPO_ID: 5d23b16c9a6e3b375bbba42e + # REPO_DISTRO: debian + # REPO_RELEASE: buster + # debian-bullseye-amd64: + # TYPE: deb + # ARCH: amd64 + # REPO_ID: 611ab3a32acdcd0744c8c841 + # REPO_DISTRO: debian + # REPO_RELEASE: bullseye + # debian-bullseye-arm64: + # TYPE: deb + # ARCH: arm64 + # REPO_ID: 611ab3a32acdcd0744c8c841 + # REPO_DISTRO: debian + # REPO_RELEASE: bullseye + + # rpm platforms # centos-8-x86_64: # TYPE: rpm # ARCH: amd64 # REPO_ID: 5e5ed94a523a8019fe47607e + # REPO_DISTRO: centos + # REPO_RELEASE: 8 # centos-8-aarch64: # TYPE: rpm # ARCH: arm64 # REPO_ID: 5e5ed94a523a8019fe47607e + # REPO_DISTRO: centos + # REPO_RELEASE: 8 # rhel-8-x86_64: # TYPE: rpm # ARCH: amd64 # REPO_ID: 5d4470e1eebce7156eee5407 + # REPO_DISTRO: rhel + # REPO_RELEASE: 8 # rhel-8-aarch64: # TYPE: rpm # ARCH: arm64 # REPO_ID: 5d4470e1eebce7156eee5407 + # REPO_DISTRO: rhel + # REPO_RELEASE: 8 # rhel-9-x86_64: # TYPE: rpm # ARCH: amd64 # REPO_ID: 627067cc3ac6d7548f4d66cd + # REPO_DISTRO: rhel + # REPO_RELEASE: 9 # rhel-9-aarch64: # TYPE: rpm # ARCH: arm64 # REPO_ID: 627067cc3ac6d7548f4d66cd + # REPO_DISTRO: rhel + # REPO_RELEASE: 9 # fedora-34-x86_64: # TYPE: rpm # ARCH: amd64 # REPO_ID: 606e1da573e50659b0803a7b + # REPO_DISTRO: fedora + # REPO_RELEASE: 34 # fedora-34-aarch64: # TYPE: rpm # ARCH: arm64 # REPO_ID: 606e1da573e50659b0803a7b + # REPO_DISTRO: fedora + # REPO_RELEASE: 34 # fedora-35-x86_64: # TYPE: rpm # ARCH: amd64 # REPO_ID: 6196d483ea3a770f011f63fb + # REPO_DISTRO: fedora + # REPO_RELEASE: 35 # fedora-35-aarch64: # TYPE: rpm # ARCH: arm64 # REPO_ID: 6196d483ea3a770f011f63fb + # REPO_DISTRO: fedora + # REPO_RELEASE: 35 # fedora-36-x86_64: # TYPE: rpm # ARCH: amd64 # REPO_ID: 6271bc683ac6d73aa84d6737 + # REPO_DISTRO: fedora + # REPO_RELEASE: 36 # fedora-36-aarch64: # TYPE: rpm # ARCH: arm64 # REPO_ID: 6271bc683ac6d73aa84d6737 + # REPO_DISTRO: fedora + # REPO_RELEASE: 36 steps: - - task: DownloadPipelineArtifact@2 - inputs: - artifact: linux-$(ARCH)-pkg - path: $(system.defaultWorkingDirectory)/dist/pkg + # - task: DownloadPipelineArtifact@2 + # inputs: + # artifact: linux-$(ARCH)-pkg + # path: $(system.defaultWorkingDirectory)/dist/pkg - # Debug purpose only: Accelerate debugging on this stage - # source: "specific" - # project: "release" - # pipeline: 22 - # runVersion: "specific" - # runId: 3760 + # # Debug purpose only: Accelerate debugging on this stage + # # source: "specific" + # # project: "release" + # # pipeline: 22 + # # runVersion: "specific" + # # runId: 3760 - - task: UniversalPackages@0 - displayName: "Download repoclient" - inputs: - command: download - vstsFeed: "release/aztfy" - vstsFeedPackage: "azure-repoapi-client" - vstsPackageVersion: "2.2.1" - downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool + # - task: UniversalPackages@0 + # displayName: "Download repoclient" + # inputs: + # command: download + # vstsFeed: "release/aztfy" + # vstsFeedPackage: "azure-repoapi-client" + # vstsPackageVersion: "2.2.1" + # downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool + # - script: | + # set -e + # sudo apt install -y ./dist/tool/azure-repoapi-client_2.2.1_amd64.deb + # mkdir ~/.repoclient + # cat << EOF > ~/.repoclient/config.json + # { + # "server": "azure-apt-cat.cloudapp.net", + # "port": "443", + # "AADClientId": "$(LINUX_REPO_SP_CLIENT_ID)", + # "AADClientSecret": "$(LINUX_REPO_SP_CLIENT_SECRET)", + # "AADResource": "https://microsoft.onmicrosoft.com/945999e9-da09-4b5b-878f-b66c414602c0", + # "AADTenant": "72f988bf-86f1-41af-91ab-2d7cd011db47", + # "AADAuthorityUrl": "https://login.microsoftonline.com", + # "repositoryId": "IGNORE" + # } + # EOF + # pkg=(./dist/pkg/*.${TYPE}) + # [[ ${#pkg[@]} == 1 ]] || { echo "not exactly one target packages found: $(declare -p pkg)" > 2; exit 1; } + # pkg=${pkg[0]} + + # # Allow error's to occur prior to quit the task, as we are capturing the command output, otherwise, we will have no chance to output that in stdout/stderr. + # set +e + # ret=$(repoclient package add -r ${REPO_ID} $pkg) + # [[ $? == 0 ]] || { echo "Error: repoclient package add failed: $ret" >&2; exit 1; } + # echo -e "repoclient package add returns:\n$ret\n" + + # location=$(jq -r '.Location' <<< $ret) + # package_id=${location##*/} + # [[ -n $package_id ]] || { echo "Error: empty package id got" >&2; exit 1; } + # echo "package id: $package_id" + + # ret=$(repoclient package check $package_id) + # [[ $? == 0 ]] || { echo "Error: repoclient package check failed: $ret" >&2; exit 1; } + # echo -e "repoclient package check returns:\n$ret\n" + # displayName: "Publish via repoclient" + # env: + # TYPE: $(TYPE) + # REPO_ID: $(REPO_ID) - script: | set -e - sudo apt install -y ./dist/tool/azure-repoapi-client_2.2.1_amd64.deb - mkdir ~/.repoclient - cat << EOF > ~/.repoclient/config.json - { - "server": "azure-apt-cat.cloudapp.net", - "port": "443", - "AADClientId": "$(LINUX_REPO_SP_CLIENT_ID)", - "AADClientSecret": "$(LINUX_REPO_SP_CLIENT_SECRET)", - "AADResource": "https://microsoft.onmicrosoft.com/945999e9-da09-4b5b-878f-b66c414602c0", - "AADTenant": "72f988bf-86f1-41af-91ab-2d7cd011db47", - "AADAuthorityUrl": "https://login.microsoftonline.com", - "repositoryId": "IGNORE" - } - EOF - pkg=(./dist/pkg/*.${TYPE}) - [[ ${#pkg[@]} == 1 ]] || { echo "not exactly one target packages found: $(declare -p pkg)" > 2; exit 1; } - pkg=${pkg[0]} + + # Skip verifying rhel distros as they don't have a docker image available + [[ $REPO_DISTRO == rhel ]] && exit 0 - # Allow error's to occur prior to quit the task, as we are capturing the command output, otherwise, we will have no chance to output that in stdout/stderr. - set +e - ret=$(repoclient package add -r ${REPO_ID} $pkg) - [[ $? == 0 ]] || { echo "Error: repoclient package add failed: $ret" >&2; exit 1; } - echo -e "repoclient package add returns:\n$ret\n" + # Install and run kvm service + sudo apt install qemu-kvm libvirt-clients libvirt-daemon-system bridge-utils virtinst libvirt-daemon + sudo systemctl enable --now libvirtd - location=$(jq -r '.Location' <<< $ret) - package_id=${location##*/} - [[ -n $package_id ]] || { echo "Error: empty package id got" >&2; exit 1; } - echo "package id: $package_id" + # Setup binfmt_misc to enable multi arch + docker run --rm --privileged multiarch/qemu-user-static --reset -p yes - ret=$(repoclient package check $package_id) - [[ $? == 0 ]] || { echo "Error: repoclient package check failed: $ret" >&2; exit 1; } - echo -e "repoclient package check returns:\n$ret\n" + # Launch the base container of the correct architecture + cid=$(docker run --rm -dit --platform=linux/$ARCH ${REPO_DISTRO}:${REPO_RELEASE}) - # TODO: how to verify? - # msg=$(jq -r .message <<< $ret) - # [[ -z $msg ]] || { - # echo "Error: non zero message indicates an error. removing the package" >&2 - # ret=$(repoclient package delete $package_id) - # echo -e "repoclient package delete returns:\n$ret\n" - # } - displayName: "Publish via repoclient" + docker cp ./${REPO_DISTRO}-${REPO_RELEASE}.sh ${cid}:/verify.sh + docker exec $cid /verify.sh + displayName: "Verify" env: + workdir: $(system.defaultWorkingDirectory) TYPE: $(TYPE) + ARCH: $(ARCH) REPO_ID: $(REPO_ID) - # - stage: release_windows_setup - # displayName: "Release Windows Setup" + REPO_DISTRO: $(REPO_DISTRO) + REPO_RELEASE: $(REPO_RELEASE) + + # - stage: publish_windows_setup + # displayName: "Publish Windows Setup" - # - stage: release - # displayName: "Release" - # jobs: - # - job: release - # displayName: "Release" - # steps: - # - task: DownloadPipelineArtifact@2 - # inputs: - # path: $(system.defaultWorkingDirectory)/dist - # - script: | - # set -e - # NAME="aztfy" - # OS_ARCH=( - # "windows:amd64" - # "windows:386" - # "linux:amd64" - # "linux:386" - # "linux:arm" - # "linux:arm64" - # "darwin:amd64" - # "darwin:arm64" - # ) - # mkdir release - # for os_arch in "${OS_ARCH[@]}" ; do - # OS=${os_arch%%:*} - # ARCH=${os_arch#*:} - # name=aztfy - # if [[ $OS = windows ]]; then - # name=aztfy.exe - # fi - # chmod +x dist/${OS}-${ARCH}/${name} - # zip -j release/${NAME}_${VERSION}_${OS}_${ARCH}.zip dist/${OS}-${ARCH}/${name} - # done - # cd release - # shasum -a 256 *.zip > ${NAME}_SHA256SUMS - # cp ${NAME}_SHA256SUMS ${NAME}_SHA256SUMS.sig - # displayName: "Prepare Binary Archives & Digests" - # env: - # VERSION: ${{ parameters.version }} - # - task: EsrpCodeSigning@1 - # displayName: "Sign Binary Archive Digests" - # inputs: - # ConnectedServiceName: 'ESRP Signing Service' - # FolderPath: '$(system.defaultWorkingDirectory)/release' - # Pattern: '*_SHA256SUMS.sig' - # signConfigType: 'inlineSignParams' - # inlineOperation: | - # [ - # { - # "KeyCode": "CP-450779-Pgp", - # "OperationCode": "LinuxSign", - # "Parameters": {}, - # "ToolName": "sign", - # "ToolVersion": "1.0" - # } - # ] - # SessionTimeout: '60' - # MaxConcurrency: '50' - # MaxRetryAttempts: '5' - # - task: GitHubRelease@1 - # displayName: "Draft Github Release" - # inputs: - # gitHubConnection: 'Github' - # repositoryName: '$(Build.Repository.Name)' - # action: 'create' - # target: '$(Build.SourceVersion)' - # tagSource: 'gitTag' - # tagPattern: '^v\d+\.\d+\.\d+' - # assets: '$(system.defaultWorkingDirectory)/release/*' - # isDraft: true - # addChangeLog: false + - stage: release + displayName: "Release" + jobs: + - job: release + displayName: "Release" + steps: + - task: DownloadPipelineArtifact@2 + inputs: + path: $(system.defaultWorkingDirectory)/dist + - script: | + set -e + NAME="aztfy" + OS_ARCH=( + "windows:amd64" + "windows:386" + "linux:amd64" + "linux:386" + "linux:arm" + "linux:arm64" + "darwin:amd64" + "darwin:arm64" + ) + mkdir release + for os_arch in "${OS_ARCH[@]}" ; do + OS=${os_arch%%:*} + ARCH=${os_arch#*:} + name=aztfy + if [[ $OS = windows ]]; then + name=aztfy.exe + fi + chmod +x dist/${OS}-${ARCH}/${name} + zip -j release/${NAME}_${VERSION}_${OS}_${ARCH}.zip dist/${OS}-${ARCH}/${name} + done + cd release + shasum -a 256 *.zip > ${NAME}_SHA256SUMS + cp ${NAME}_SHA256SUMS ${NAME}_SHA256SUMS.sig + displayName: "Prepare Binary Archives & Digests" + env: + VERSION: ${{ parameters.version }} + - task: EsrpCodeSigning@1 + displayName: "Sign Binary Archive Digests" + inputs: + ConnectedServiceName: 'ESRP Signing Service' + FolderPath: '$(system.defaultWorkingDirectory)/release' + Pattern: '*_SHA256SUMS.sig' + signConfigType: 'inlineSignParams' + inlineOperation: | + [ + { + "KeyCode": "CP-450779-Pgp", + "OperationCode": "LinuxSign", + "Parameters": {}, + "ToolName": "sign", + "ToolVersion": "1.0" + } + ] + SessionTimeout: '60' + MaxConcurrency: '50' + MaxRetryAttempts: '5' + - task: GitHubRelease@1 + displayName: "Draft Github Release" + inputs: + gitHubConnection: 'Github' + repositoryName: '$(Build.Repository.Name)' + action: 'create' + target: '$(Build.SourceVersion)' + tagSource: 'gitTag' + tagPattern: '^v\d+\.\d+\.\d+' + assets: '$(system.defaultWorkingDirectory)/release/*' + isDraft: true + addChangeLog: false diff --git a/scripts/package/linux/verify/ubuntu-bionic.sh b/scripts/package/linux/verify/ubuntu-bionic.sh new file mode 100755 index 0000000..85eac2c --- /dev/null +++ b/scripts/package/linux/verify/ubuntu-bionic.sh @@ -0,0 +1,10 @@ +#!/bin/bash +set -e + +apt-get update +apt-get install -y curl software-properties-common gpg +curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - +apt-add-repository https://packages.microsoft.com/repos/microsoft-ubuntu-bionic-multiarch-prod +apt-get update +apt-get install -y aztfy +aztfy -v From c4c8c4b2fe8dc479edd66e76991cea2b2c3dc549 Mon Sep 17 00:00:00 2001 From: magodo Date: Fri, 19 Aug 2022 17:26:03 +0800 Subject: [PATCH 57/94] correct the path --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 49db102..b80703c 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -428,7 +428,7 @@ stages: # Launch the base container of the correct architecture cid=$(docker run --rm -dit --platform=linux/$ARCH ${REPO_DISTRO}:${REPO_RELEASE}) - docker cp ./${REPO_DISTRO}-${REPO_RELEASE}.sh ${cid}:/verify.sh + docker cp ${workdir}/scripts/package/linux/verify/${REPO_DISTRO}-${REPO_RELEASE}.sh ${cid}:/verify.sh docker exec $cid /verify.sh displayName: "Verify" env: From 9296eadedc7227ee1d30754f7af14a4072f6b923 Mon Sep 17 00:00:00 2001 From: magodo Date: Fri, 19 Aug 2022 17:32:27 +0800 Subject: [PATCH 58/94] verify the correct version is installed --- azure-pipelines.yml | 3 ++- scripts/package/linux/verify/ubuntu-bionic.sh | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index b80703c..57a62e4 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -429,7 +429,7 @@ stages: cid=$(docker run --rm -dit --platform=linux/$ARCH ${REPO_DISTRO}:${REPO_RELEASE}) docker cp ${workdir}/scripts/package/linux/verify/${REPO_DISTRO}-${REPO_RELEASE}.sh ${cid}:/verify.sh - docker exec $cid /verify.sh + docker exec $cid /verify.sh $VERSION displayName: "Verify" env: workdir: $(system.defaultWorkingDirectory) @@ -438,6 +438,7 @@ stages: REPO_ID: $(REPO_ID) REPO_DISTRO: $(REPO_DISTRO) REPO_RELEASE: $(REPO_RELEASE) + VERSION: ${{ parameters.version }} # - stage: publish_windows_setup # displayName: "Publish Windows Setup" diff --git a/scripts/package/linux/verify/ubuntu-bionic.sh b/scripts/package/linux/verify/ubuntu-bionic.sh index 85eac2c..2357b78 100755 --- a/scripts/package/linux/verify/ubuntu-bionic.sh +++ b/scripts/package/linux/verify/ubuntu-bionic.sh @@ -1,10 +1,12 @@ #!/bin/bash set -e +version=${1:?"version not specified"} + apt-get update apt-get install -y curl software-properties-common gpg curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - apt-add-repository https://packages.microsoft.com/repos/microsoft-ubuntu-bionic-multiarch-prod apt-get update apt-get install -y aztfy -aztfy -v +grep $version <(aztfy -v) From 532755693f0bc283182aabaf2a82ed64253e4c7e Mon Sep 17 00:00:00 2001 From: magodo Date: Fri, 19 Aug 2022 17:44:27 +0800 Subject: [PATCH 59/94] verify all ubuntu releases --- azure-pipelines.yml | 48 +++++++++---------- scripts/package/linux/verify/ubuntu-bionic.sh | 2 +- scripts/package/linux/verify/ubuntu-focal.sh | 12 +++++ scripts/package/linux/verify/ubuntu-jammy.sh | 12 +++++ 4 files changed, 49 insertions(+), 25 deletions(-) create mode 100755 scripts/package/linux/verify/ubuntu-focal.sh create mode 100755 scripts/package/linux/verify/ubuntu-jammy.sh diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 57a62e4..f784d93 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -231,30 +231,30 @@ stages: REPO_ID: 5d16326637164fbc1139c4e1 REPO_DISTRO: ubuntu REPO_RELEASE: bionic - # ubuntu-focal-amd64: - # TYPE: deb - # ARCH: amd64 - # REPO_ID: 5e852952e45fffa1beda61fe - # REPO_DISTRO: ubuntu - # REPO_RELEASE: focal - # ubuntu-focal-arm64: - # TYPE: deb - # ARCH: arm64 - # REPO_ID: 5e852952e45fffa1beda61fe - # REPO_DISTRO: ubuntu - # REPO_RELEASE: focal - # ubuntu-jammy-amd64: - # TYPE: deb - # ARCH: amd64 - # REPO_ID: 61faea6cea3a770ab120ac8a - # REPO_DISTRO: ubuntu - # REPO_RELEASE: jammy - # ubuntu-jammy-arm64: - # TYPE: deb - # ARCH: arm64 - # REPO_ID: 61faea6cea3a770ab120ac8a - # REPO_DISTRO: ubuntu - # REPO_RELEASE: jammy + ubuntu-focal-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 5e852952e45fffa1beda61fe + REPO_DISTRO: ubuntu + REPO_RELEASE: focal + ubuntu-focal-arm64: + TYPE: deb + ARCH: arm64 + REPO_ID: 5e852952e45fffa1beda61fe + REPO_DISTRO: ubuntu + REPO_RELEASE: focal + ubuntu-jammy-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 61faea6cea3a770ab120ac8a + REPO_DISTRO: ubuntu + REPO_RELEASE: jammy + ubuntu-jammy-arm64: + TYPE: deb + ARCH: arm64 + REPO_ID: 61faea6cea3a770ab120ac8a + REPO_DISTRO: ubuntu + REPO_RELEASE: jammy # debian-buster-amd64: # TYPE: deb # ARCH: amd64 diff --git a/scripts/package/linux/verify/ubuntu-bionic.sh b/scripts/package/linux/verify/ubuntu-bionic.sh index 2357b78..22759ca 100755 --- a/scripts/package/linux/verify/ubuntu-bionic.sh +++ b/scripts/package/linux/verify/ubuntu-bionic.sh @@ -6,7 +6,7 @@ version=${1:?"version not specified"} apt-get update apt-get install -y curl software-properties-common gpg curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - -apt-add-repository https://packages.microsoft.com/repos/microsoft-ubuntu-bionic-multiarch-prod +apt-add-repository https://packages.microsoft.com/ubuntu/18.04/multiarch apt-get update apt-get install -y aztfy grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/ubuntu-focal.sh b/scripts/package/linux/verify/ubuntu-focal.sh new file mode 100755 index 0000000..c09b28a --- /dev/null +++ b/scripts/package/linux/verify/ubuntu-focal.sh @@ -0,0 +1,12 @@ +#!/bin/bash +set -e + +version=${1:?"version not specified"} + +apt-get update +apt-get install -y curl software-properties-common gpg +curl -sSL https://packages.microsoft.com/keys/microsoft.asc > /etc/apt/trusted.gpg.d/microsoft.asc +apt-add-repository https://packages.microsoft.com/ubuntu/20.04/prod +apt-get update +apt-get install -y aztfy +grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/ubuntu-jammy.sh b/scripts/package/linux/verify/ubuntu-jammy.sh new file mode 100755 index 0000000..c09b28a --- /dev/null +++ b/scripts/package/linux/verify/ubuntu-jammy.sh @@ -0,0 +1,12 @@ +#!/bin/bash +set -e + +version=${1:?"version not specified"} + +apt-get update +apt-get install -y curl software-properties-common gpg +curl -sSL https://packages.microsoft.com/keys/microsoft.asc > /etc/apt/trusted.gpg.d/microsoft.asc +apt-add-repository https://packages.microsoft.com/ubuntu/20.04/prod +apt-get update +apt-get install -y aztfy +grep $version <(aztfy -v) From bf1fc46fdaf8729f77acf879b26b292174c66be3 Mon Sep 17 00:00:00 2001 From: magodo Date: Fri, 19 Aug 2022 17:51:55 +0800 Subject: [PATCH 60/94] fix --- scripts/package/linux/verify/ubuntu-bionic.sh | 2 +- scripts/package/linux/verify/ubuntu-jammy.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/package/linux/verify/ubuntu-bionic.sh b/scripts/package/linux/verify/ubuntu-bionic.sh index 22759ca..83c3450 100755 --- a/scripts/package/linux/verify/ubuntu-bionic.sh +++ b/scripts/package/linux/verify/ubuntu-bionic.sh @@ -6,7 +6,7 @@ version=${1:?"version not specified"} apt-get update apt-get install -y curl software-properties-common gpg curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - -apt-add-repository https://packages.microsoft.com/ubuntu/18.04/multiarch +apt-add-repository https://packages.microsoft.com/ubuntu/18.04/multiarch/prod apt-get update apt-get install -y aztfy grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/ubuntu-jammy.sh b/scripts/package/linux/verify/ubuntu-jammy.sh index c09b28a..e5b186f 100755 --- a/scripts/package/linux/verify/ubuntu-jammy.sh +++ b/scripts/package/linux/verify/ubuntu-jammy.sh @@ -6,7 +6,7 @@ version=${1:?"version not specified"} apt-get update apt-get install -y curl software-properties-common gpg curl -sSL https://packages.microsoft.com/keys/microsoft.asc > /etc/apt/trusted.gpg.d/microsoft.asc -apt-add-repository https://packages.microsoft.com/ubuntu/20.04/prod +apt-add-repository https://packages.microsoft.com/ubuntu/22.04/prod apt-get update apt-get install -y aztfy grep $version <(aztfy -v) From 1a0b815c2d74dabe9a52d8d606a8b0f68ac1e62e Mon Sep 17 00:00:00 2001 From: magodo Date: Fri, 19 Aug 2022 18:14:46 +0800 Subject: [PATCH 61/94] verify debian releases --- azure-pipelines.yml | 48 +++++++++---------- .../package/linux/verify/debian-bullseye.sh | 12 +++++ scripts/package/linux/verify/debian-buster.sh | 12 +++++ 3 files changed, 48 insertions(+), 24 deletions(-) create mode 100755 scripts/package/linux/verify/debian-bullseye.sh create mode 100755 scripts/package/linux/verify/debian-buster.sh diff --git a/azure-pipelines.yml b/azure-pipelines.yml index f784d93..6b05548 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -255,30 +255,30 @@ stages: REPO_ID: 61faea6cea3a770ab120ac8a REPO_DISTRO: ubuntu REPO_RELEASE: jammy - # debian-buster-amd64: - # TYPE: deb - # ARCH: amd64 - # REPO_ID: 5d23b16c9a6e3b375bbba42e - # REPO_DISTRO: debian - # REPO_RELEASE: buster - # debian-buster-arm64: - # TYPE: deb - # ARCH: arm64 - # REPO_ID: 5d23b16c9a6e3b375bbba42e - # REPO_DISTRO: debian - # REPO_RELEASE: buster - # debian-bullseye-amd64: - # TYPE: deb - # ARCH: amd64 - # REPO_ID: 611ab3a32acdcd0744c8c841 - # REPO_DISTRO: debian - # REPO_RELEASE: bullseye - # debian-bullseye-arm64: - # TYPE: deb - # ARCH: arm64 - # REPO_ID: 611ab3a32acdcd0744c8c841 - # REPO_DISTRO: debian - # REPO_RELEASE: bullseye + debian-buster-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 5d23b16c9a6e3b375bbba42e + REPO_DISTRO: debian + REPO_RELEASE: buster + debian-buster-arm64: + TYPE: deb + ARCH: arm64 + REPO_ID: 5d23b16c9a6e3b375bbba42e + REPO_DISTRO: debian + REPO_RELEASE: buster + debian-bullseye-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 611ab3a32acdcd0744c8c841 + REPO_DISTRO: debian + REPO_RELEASE: bullseye + debian-bullseye-arm64: + TYPE: deb + ARCH: arm64 + REPO_ID: 611ab3a32acdcd0744c8c841 + REPO_DISTRO: debian + REPO_RELEASE: bullseye # rpm platforms # centos-8-x86_64: diff --git a/scripts/package/linux/verify/debian-bullseye.sh b/scripts/package/linux/verify/debian-bullseye.sh new file mode 100755 index 0000000..e1c7904 --- /dev/null +++ b/scripts/package/linux/verify/debian-bullseye.sh @@ -0,0 +1,12 @@ +#!/bin/bash +set -e + +version=${1:?"version not specified"} + +apt-get update +apt-get install -y curl software-properties-common gpg +curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - +apt-add-repository https://packages.microsoft.com/debian/11/prod +apt-get update +apt-get install -y aztfy +grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/debian-buster.sh b/scripts/package/linux/verify/debian-buster.sh new file mode 100755 index 0000000..ba9e947 --- /dev/null +++ b/scripts/package/linux/verify/debian-buster.sh @@ -0,0 +1,12 @@ +#!/bin/bash +set -e + +version=${1:?"version not specified"} + +apt-get update +apt-get install -y curl software-properties-common gpg +curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - +apt-add-repository https://packages.microsoft.com/debian/10/prod +apt-get update +apt-get install -y aztfy +grep $version <(aztfy -v) From b53a87f59b1bcb9472cc18a135aa88e93435eb9f Mon Sep 17 00:00:00 2001 From: magodo Date: Fri, 19 Aug 2022 18:38:50 +0800 Subject: [PATCH 62/94] publish for rpm --- azure-pipelines.yml | 398 ++++++++++++++++++++++---------------------- 1 file changed, 199 insertions(+), 199 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 6b05548..7833680 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -219,226 +219,226 @@ stages: strategy: matrix: # deb platforms - ubuntu-bionic-amd64: - TYPE: deb - ARCH: amd64 - REPO_ID: 5d16326637164fbc1139c4e1 - REPO_DISTRO: ubuntu - REPO_RELEASE: bionic - ubuntu-bionic-arm64: - TYPE: deb - ARCH: arm64 - REPO_ID: 5d16326637164fbc1139c4e1 - REPO_DISTRO: ubuntu - REPO_RELEASE: bionic - ubuntu-focal-amd64: - TYPE: deb - ARCH: amd64 - REPO_ID: 5e852952e45fffa1beda61fe - REPO_DISTRO: ubuntu - REPO_RELEASE: focal - ubuntu-focal-arm64: - TYPE: deb - ARCH: arm64 - REPO_ID: 5e852952e45fffa1beda61fe - REPO_DISTRO: ubuntu - REPO_RELEASE: focal - ubuntu-jammy-amd64: - TYPE: deb - ARCH: amd64 - REPO_ID: 61faea6cea3a770ab120ac8a - REPO_DISTRO: ubuntu - REPO_RELEASE: jammy - ubuntu-jammy-arm64: - TYPE: deb - ARCH: arm64 - REPO_ID: 61faea6cea3a770ab120ac8a - REPO_DISTRO: ubuntu - REPO_RELEASE: jammy - debian-buster-amd64: - TYPE: deb - ARCH: amd64 - REPO_ID: 5d23b16c9a6e3b375bbba42e - REPO_DISTRO: debian - REPO_RELEASE: buster - debian-buster-arm64: - TYPE: deb - ARCH: arm64 - REPO_ID: 5d23b16c9a6e3b375bbba42e - REPO_DISTRO: debian - REPO_RELEASE: buster - debian-bullseye-amd64: - TYPE: deb - ARCH: amd64 - REPO_ID: 611ab3a32acdcd0744c8c841 - REPO_DISTRO: debian - REPO_RELEASE: bullseye - debian-bullseye-arm64: - TYPE: deb - ARCH: arm64 - REPO_ID: 611ab3a32acdcd0744c8c841 - REPO_DISTRO: debian - REPO_RELEASE: bullseye - - # rpm platforms - # centos-8-x86_64: - # TYPE: rpm - # ARCH: amd64 - # REPO_ID: 5e5ed94a523a8019fe47607e - # REPO_DISTRO: centos - # REPO_RELEASE: 8 - # centos-8-aarch64: - # TYPE: rpm - # ARCH: arm64 - # REPO_ID: 5e5ed94a523a8019fe47607e - # REPO_DISTRO: centos - # REPO_RELEASE: 8 - # rhel-8-x86_64: - # TYPE: rpm + # ubuntu-bionic-amd64: + # TYPE: deb # ARCH: amd64 - # REPO_ID: 5d4470e1eebce7156eee5407 - # REPO_DISTRO: rhel - # REPO_RELEASE: 8 - # rhel-8-aarch64: - # TYPE: rpm + # REPO_ID: 5d16326637164fbc1139c4e1 + # REPO_DISTRO: ubuntu + # REPO_RELEASE: bionic + # ubuntu-bionic-arm64: + # TYPE: deb # ARCH: arm64 - # REPO_ID: 5d4470e1eebce7156eee5407 - # REPO_DISTRO: rhel - # REPO_RELEASE: 8 - # rhel-9-x86_64: - # TYPE: rpm + # REPO_ID: 5d16326637164fbc1139c4e1 + # REPO_DISTRO: ubuntu + # REPO_RELEASE: bionic + # ubuntu-focal-amd64: + # TYPE: deb # ARCH: amd64 - # REPO_ID: 627067cc3ac6d7548f4d66cd - # REPO_DISTRO: rhel - # REPO_RELEASE: 9 - # rhel-9-aarch64: - # TYPE: rpm + # REPO_ID: 5e852952e45fffa1beda61fe + # REPO_DISTRO: ubuntu + # REPO_RELEASE: focal + # ubuntu-focal-arm64: + # TYPE: deb # ARCH: arm64 - # REPO_ID: 627067cc3ac6d7548f4d66cd - # REPO_DISTRO: rhel - # REPO_RELEASE: 9 - # fedora-34-x86_64: - # TYPE: rpm + # REPO_ID: 5e852952e45fffa1beda61fe + # REPO_DISTRO: ubuntu + # REPO_RELEASE: focal + # ubuntu-jammy-amd64: + # TYPE: deb # ARCH: amd64 - # REPO_ID: 606e1da573e50659b0803a7b - # REPO_DISTRO: fedora - # REPO_RELEASE: 34 - # fedora-34-aarch64: - # TYPE: rpm + # REPO_ID: 61faea6cea3a770ab120ac8a + # REPO_DISTRO: ubuntu + # REPO_RELEASE: jammy + # ubuntu-jammy-arm64: + # TYPE: deb # ARCH: arm64 - # REPO_ID: 606e1da573e50659b0803a7b - # REPO_DISTRO: fedora - # REPO_RELEASE: 34 - # fedora-35-x86_64: - # TYPE: rpm + # REPO_ID: 61faea6cea3a770ab120ac8a + # REPO_DISTRO: ubuntu + # REPO_RELEASE: jammy + # debian-buster-amd64: + # TYPE: deb # ARCH: amd64 - # REPO_ID: 6196d483ea3a770f011f63fb - # REPO_DISTRO: fedora - # REPO_RELEASE: 35 - # fedora-35-aarch64: - # TYPE: rpm + # REPO_ID: 5d23b16c9a6e3b375bbba42e + # REPO_DISTRO: debian + # REPO_RELEASE: buster + # debian-buster-arm64: + # TYPE: deb # ARCH: arm64 - # REPO_ID: 6196d483ea3a770f011f63fb - # REPO_DISTRO: fedora - # REPO_RELEASE: 35 - # fedora-36-x86_64: - # TYPE: rpm + # REPO_ID: 5d23b16c9a6e3b375bbba42e + # REPO_DISTRO: debian + # REPO_RELEASE: buster + # debian-bullseye-amd64: + # TYPE: deb # ARCH: amd64 - # REPO_ID: 6271bc683ac6d73aa84d6737 - # REPO_DISTRO: fedora - # REPO_RELEASE: 36 - # fedora-36-aarch64: - # TYPE: rpm + # REPO_ID: 611ab3a32acdcd0744c8c841 + # REPO_DISTRO: debian + # REPO_RELEASE: bullseye + # debian-bullseye-arm64: + # TYPE: deb # ARCH: arm64 - # REPO_ID: 6271bc683ac6d73aa84d6737 - # REPO_DISTRO: fedora - # REPO_RELEASE: 36 - steps: - # - task: DownloadPipelineArtifact@2 - # inputs: - # artifact: linux-$(ARCH)-pkg - # path: $(system.defaultWorkingDirectory)/dist/pkg - - # # Debug purpose only: Accelerate debugging on this stage - # # source: "specific" - # # project: "release" - # # pipeline: 22 - # # runVersion: "specific" - # # runId: 3760 + # REPO_ID: 611ab3a32acdcd0744c8c841 + # REPO_DISTRO: debian + # REPO_RELEASE: bullseye - # - task: UniversalPackages@0 - # displayName: "Download repoclient" - # inputs: - # command: download - # vstsFeed: "release/aztfy" - # vstsFeedPackage: "azure-repoapi-client" - # vstsPackageVersion: "2.2.1" - # downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool - # - script: | - # set -e - # sudo apt install -y ./dist/tool/azure-repoapi-client_2.2.1_amd64.deb - # mkdir ~/.repoclient - # cat << EOF > ~/.repoclient/config.json - # { - # "server": "azure-apt-cat.cloudapp.net", - # "port": "443", - # "AADClientId": "$(LINUX_REPO_SP_CLIENT_ID)", - # "AADClientSecret": "$(LINUX_REPO_SP_CLIENT_SECRET)", - # "AADResource": "https://microsoft.onmicrosoft.com/945999e9-da09-4b5b-878f-b66c414602c0", - # "AADTenant": "72f988bf-86f1-41af-91ab-2d7cd011db47", - # "AADAuthorityUrl": "https://login.microsoftonline.com", - # "repositoryId": "IGNORE" - # } - # EOF - # pkg=(./dist/pkg/*.${TYPE}) - # [[ ${#pkg[@]} == 1 ]] || { echo "not exactly one target packages found: $(declare -p pkg)" > 2; exit 1; } - # pkg=${pkg[0]} - - # # Allow error's to occur prior to quit the task, as we are capturing the command output, otherwise, we will have no chance to output that in stdout/stderr. - # set +e - # ret=$(repoclient package add -r ${REPO_ID} $pkg) - # [[ $? == 0 ]] || { echo "Error: repoclient package add failed: $ret" >&2; exit 1; } - # echo -e "repoclient package add returns:\n$ret\n" + # rpm platforms + centos-8-x86_64: + TYPE: rpm + ARCH: amd64 + REPO_ID: 5e5ed94a523a8019fe47607e + REPO_DISTRO: centos + REPO_RELEASE: 8 + centos-8-aarch64: + TYPE: rpm + ARCH: arm64 + REPO_ID: 5e5ed94a523a8019fe47607e + REPO_DISTRO: centos + REPO_RELEASE: 8 + rhel-8-x86_64: + TYPE: rpm + ARCH: amd64 + REPO_ID: 5d4470e1eebce7156eee5407 + REPO_DISTRO: rhel + REPO_RELEASE: 8 + rhel-8-aarch64: + TYPE: rpm + ARCH: arm64 + REPO_ID: 5d4470e1eebce7156eee5407 + REPO_DISTRO: rhel + REPO_RELEASE: 8 + rhel-9-x86_64: + TYPE: rpm + ARCH: amd64 + REPO_ID: 627067cc3ac6d7548f4d66cd + REPO_DISTRO: rhel + REPO_RELEASE: 9 + rhel-9-aarch64: + TYPE: rpm + ARCH: arm64 + REPO_ID: 627067cc3ac6d7548f4d66cd + REPO_DISTRO: rhel + REPO_RELEASE: 9 + fedora-34-x86_64: + TYPE: rpm + ARCH: amd64 + REPO_ID: 606e1da573e50659b0803a7b + REPO_DISTRO: fedora + REPO_RELEASE: 34 + fedora-34-aarch64: + TYPE: rpm + ARCH: arm64 + REPO_ID: 606e1da573e50659b0803a7b + REPO_DISTRO: fedora + REPO_RELEASE: 34 + fedora-35-x86_64: + TYPE: rpm + ARCH: amd64 + REPO_ID: 6196d483ea3a770f011f63fb + REPO_DISTRO: fedora + REPO_RELEASE: 35 + fedora-35-aarch64: + TYPE: rpm + ARCH: arm64 + REPO_ID: 6196d483ea3a770f011f63fb + REPO_DISTRO: fedora + REPO_RELEASE: 35 + fedora-36-x86_64: + TYPE: rpm + ARCH: amd64 + REPO_ID: 6271bc683ac6d73aa84d6737 + REPO_DISTRO: fedora + REPO_RELEASE: 36 + fedora-36-aarch64: + TYPE: rpm + ARCH: arm64 + REPO_ID: 6271bc683ac6d73aa84d6737 + REPO_DISTRO: fedora + REPO_RELEASE: 36 + steps: + - task: DownloadPipelineArtifact@2 + inputs: + artifact: linux-$(ARCH)-pkg + path: $(system.defaultWorkingDirectory)/dist/pkg - # location=$(jq -r '.Location' <<< $ret) - # package_id=${location##*/} - # [[ -n $package_id ]] || { echo "Error: empty package id got" >&2; exit 1; } - # echo "package id: $package_id" + # Debug purpose only: Accelerate debugging on this stage + source: "specific" + project: "release" + pipeline: 22 + runVersion: "specific" + runId: 3760 - # ret=$(repoclient package check $package_id) - # [[ $? == 0 ]] || { echo "Error: repoclient package check failed: $ret" >&2; exit 1; } - # echo -e "repoclient package check returns:\n$ret\n" - # displayName: "Publish via repoclient" - # env: - # TYPE: $(TYPE) - # REPO_ID: $(REPO_ID) + - task: UniversalPackages@0 + displayName: "Download repoclient" + inputs: + command: download + vstsFeed: "release/aztfy" + vstsFeedPackage: "azure-repoapi-client" + vstsPackageVersion: "2.2.1" + downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool - script: | set -e - - # Skip verifying rhel distros as they don't have a docker image available - [[ $REPO_DISTRO == rhel ]] && exit 0 - - # Install and run kvm service - sudo apt install qemu-kvm libvirt-clients libvirt-daemon-system bridge-utils virtinst libvirt-daemon - sudo systemctl enable --now libvirtd + sudo apt install -y ./dist/tool/azure-repoapi-client_2.2.1_amd64.deb + mkdir ~/.repoclient + cat << EOF > ~/.repoclient/config.json + { + "server": "azure-apt-cat.cloudapp.net", + "port": "443", + "AADClientId": "$(LINUX_REPO_SP_CLIENT_ID)", + "AADClientSecret": "$(LINUX_REPO_SP_CLIENT_SECRET)", + "AADResource": "https://microsoft.onmicrosoft.com/945999e9-da09-4b5b-878f-b66c414602c0", + "AADTenant": "72f988bf-86f1-41af-91ab-2d7cd011db47", + "AADAuthorityUrl": "https://login.microsoftonline.com", + "repositoryId": "IGNORE" + } + EOF + pkg=(./dist/pkg/*.${TYPE}) + [[ ${#pkg[@]} == 1 ]] || { echo "not exactly one target packages found: $(declare -p pkg)" > 2; exit 1; } + pkg=${pkg[0]} - # Setup binfmt_misc to enable multi arch - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes + # Allow error's to occur prior to quit the task, as we are capturing the command output, otherwise, we will have no chance to output that in stdout/stderr. + set +e + ret=$(repoclient package add -r ${REPO_ID} $pkg) + [[ $? == 0 ]] || { echo "Error: repoclient package add failed: $ret" >&2; exit 1; } + echo -e "repoclient package add returns:\n$ret\n" - # Launch the base container of the correct architecture - cid=$(docker run --rm -dit --platform=linux/$ARCH ${REPO_DISTRO}:${REPO_RELEASE}) + location=$(jq -r '.Location' <<< $ret) + package_id=${location##*/} + [[ -n $package_id ]] || { echo "Error: empty package id got" >&2; exit 1; } + echo "package id: $package_id" - docker cp ${workdir}/scripts/package/linux/verify/${REPO_DISTRO}-${REPO_RELEASE}.sh ${cid}:/verify.sh - docker exec $cid /verify.sh $VERSION - displayName: "Verify" + ret=$(repoclient package check $package_id) + [[ $? == 0 ]] || { echo "Error: repoclient package check failed: $ret" >&2; exit 1; } + echo -e "repoclient package check returns:\n$ret\n" + displayName: "Publish via repoclient" env: - workdir: $(system.defaultWorkingDirectory) TYPE: $(TYPE) - ARCH: $(ARCH) REPO_ID: $(REPO_ID) - REPO_DISTRO: $(REPO_DISTRO) - REPO_RELEASE: $(REPO_RELEASE) - VERSION: ${{ parameters.version }} + # - script: | + # set -e + + # # Skip verifying rhel distros as they don't have a docker image available + # [[ $REPO_DISTRO == rhel ]] && exit 0 + + # # Install and run kvm service + # sudo apt install qemu-kvm libvirt-clients libvirt-daemon-system bridge-utils virtinst libvirt-daemon + # sudo systemctl enable --now libvirtd + + # # Setup binfmt_misc to enable multi arch + # docker run --rm --privileged multiarch/qemu-user-static --reset -p yes + + # # Launch the base container of the correct architecture + # cid=$(docker run --rm -dit --platform=linux/$ARCH ${REPO_DISTRO}:${REPO_RELEASE}) + + # docker cp ${workdir}/scripts/package/linux/verify/${REPO_DISTRO}-${REPO_RELEASE}.sh ${cid}:/verify.sh + # docker exec $cid /verify.sh $VERSION + # displayName: "Verify" + # env: + # workdir: $(system.defaultWorkingDirectory) + # TYPE: $(TYPE) + # ARCH: $(ARCH) + # REPO_ID: $(REPO_ID) + # REPO_DISTRO: $(REPO_DISTRO) + # REPO_RELEASE: $(REPO_RELEASE) + # VERSION: ${{ parameters.version }} # - stage: publish_windows_setup # displayName: "Publish Windows Setup" From 3cad6321d4dc091216656a10114c2bbc46958179 Mon Sep 17 00:00:00 2001 From: magodo Date: Fri, 19 Aug 2022 19:29:24 +0800 Subject: [PATCH 63/94] republish for fedora34-amd64 and rhel9-amd64 --- azure-pipelines.yml | 120 ++++++++++++++++++++++---------------------- 1 file changed, 60 insertions(+), 60 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 7833680..07cbdce 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -281,78 +281,78 @@ stages: # REPO_RELEASE: bullseye # rpm platforms - centos-8-x86_64: - TYPE: rpm - ARCH: amd64 - REPO_ID: 5e5ed94a523a8019fe47607e - REPO_DISTRO: centos - REPO_RELEASE: 8 - centos-8-aarch64: - TYPE: rpm - ARCH: arm64 - REPO_ID: 5e5ed94a523a8019fe47607e - REPO_DISTRO: centos - REPO_RELEASE: 8 - rhel-8-x86_64: - TYPE: rpm - ARCH: amd64 - REPO_ID: 5d4470e1eebce7156eee5407 - REPO_DISTRO: rhel - REPO_RELEASE: 8 - rhel-8-aarch64: - TYPE: rpm - ARCH: arm64 - REPO_ID: 5d4470e1eebce7156eee5407 - REPO_DISTRO: rhel - REPO_RELEASE: 8 + # centos-8-x86_64: + # TYPE: rpm + # ARCH: amd64 + # REPO_ID: 5e5ed94a523a8019fe47607e + # REPO_DISTRO: centos + # REPO_RELEASE: 8 + # centos-8-aarch64: + # TYPE: rpm + # ARCH: arm64 + # REPO_ID: 5e5ed94a523a8019fe47607e + # REPO_DISTRO: centos + # REPO_RELEASE: 8 + # rhel-8-x86_64: + # TYPE: rpm + # ARCH: amd64 + # REPO_ID: 5d4470e1eebce7156eee5407 + # REPO_DISTRO: rhel + # REPO_RELEASE: 8 + # rhel-8-aarch64: + # TYPE: rpm + # ARCH: arm64 + # REPO_ID: 5d4470e1eebce7156eee5407 + # REPO_DISTRO: rhel + # REPO_RELEASE: 8 rhel-9-x86_64: TYPE: rpm ARCH: amd64 REPO_ID: 627067cc3ac6d7548f4d66cd REPO_DISTRO: rhel REPO_RELEASE: 9 - rhel-9-aarch64: - TYPE: rpm - ARCH: arm64 - REPO_ID: 627067cc3ac6d7548f4d66cd - REPO_DISTRO: rhel - REPO_RELEASE: 9 + # rhel-9-aarch64: + # TYPE: rpm + # ARCH: arm64 + # REPO_ID: 627067cc3ac6d7548f4d66cd + # REPO_DISTRO: rhel + # REPO_RELEASE: 9 fedora-34-x86_64: TYPE: rpm ARCH: amd64 REPO_ID: 606e1da573e50659b0803a7b REPO_DISTRO: fedora REPO_RELEASE: 34 - fedora-34-aarch64: - TYPE: rpm - ARCH: arm64 - REPO_ID: 606e1da573e50659b0803a7b - REPO_DISTRO: fedora - REPO_RELEASE: 34 - fedora-35-x86_64: - TYPE: rpm - ARCH: amd64 - REPO_ID: 6196d483ea3a770f011f63fb - REPO_DISTRO: fedora - REPO_RELEASE: 35 - fedora-35-aarch64: - TYPE: rpm - ARCH: arm64 - REPO_ID: 6196d483ea3a770f011f63fb - REPO_DISTRO: fedora - REPO_RELEASE: 35 - fedora-36-x86_64: - TYPE: rpm - ARCH: amd64 - REPO_ID: 6271bc683ac6d73aa84d6737 - REPO_DISTRO: fedora - REPO_RELEASE: 36 - fedora-36-aarch64: - TYPE: rpm - ARCH: arm64 - REPO_ID: 6271bc683ac6d73aa84d6737 - REPO_DISTRO: fedora - REPO_RELEASE: 36 + # fedora-34-aarch64: + # TYPE: rpm + # ARCH: arm64 + # REPO_ID: 606e1da573e50659b0803a7b + # REPO_DISTRO: fedora + # REPO_RELEASE: 34 + # fedora-35-x86_64: + # TYPE: rpm + # ARCH: amd64 + # REPO_ID: 6196d483ea3a770f011f63fb + # REPO_DISTRO: fedora + # REPO_RELEASE: 35 + # fedora-35-aarch64: + # TYPE: rpm + # ARCH: arm64 + # REPO_ID: 6196d483ea3a770f011f63fb + # REPO_DISTRO: fedora + # REPO_RELEASE: 35 + # fedora-36-x86_64: + # TYPE: rpm + # ARCH: amd64 + # REPO_ID: 6271bc683ac6d73aa84d6737 + # REPO_DISTRO: fedora + # REPO_RELEASE: 36 + # fedora-36-aarch64: + # TYPE: rpm + # ARCH: arm64 + # REPO_ID: 6271bc683ac6d73aa84d6737 + # REPO_DISTRO: fedora + # REPO_RELEASE: 36 steps: - task: DownloadPipelineArtifact@2 inputs: From 6e9b14bac12b531d078d966ea646a52dd1ad8ff0 Mon Sep 17 00:00:00 2001 From: magodo Date: Fri, 19 Aug 2022 19:32:16 +0800 Subject: [PATCH 64/94] uncomment all --- azure-pipelines.yml | 294 ++++++++++++++++++++++---------------------- 1 file changed, 147 insertions(+), 147 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 07cbdce..33c7070 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -219,140 +219,140 @@ stages: strategy: matrix: # deb platforms - # ubuntu-bionic-amd64: - # TYPE: deb - # ARCH: amd64 - # REPO_ID: 5d16326637164fbc1139c4e1 - # REPO_DISTRO: ubuntu - # REPO_RELEASE: bionic - # ubuntu-bionic-arm64: - # TYPE: deb - # ARCH: arm64 - # REPO_ID: 5d16326637164fbc1139c4e1 - # REPO_DISTRO: ubuntu - # REPO_RELEASE: bionic - # ubuntu-focal-amd64: - # TYPE: deb - # ARCH: amd64 - # REPO_ID: 5e852952e45fffa1beda61fe - # REPO_DISTRO: ubuntu - # REPO_RELEASE: focal - # ubuntu-focal-arm64: - # TYPE: deb - # ARCH: arm64 - # REPO_ID: 5e852952e45fffa1beda61fe - # REPO_DISTRO: ubuntu - # REPO_RELEASE: focal - # ubuntu-jammy-amd64: - # TYPE: deb - # ARCH: amd64 - # REPO_ID: 61faea6cea3a770ab120ac8a - # REPO_DISTRO: ubuntu - # REPO_RELEASE: jammy - # ubuntu-jammy-arm64: - # TYPE: deb - # ARCH: arm64 - # REPO_ID: 61faea6cea3a770ab120ac8a - # REPO_DISTRO: ubuntu - # REPO_RELEASE: jammy - # debian-buster-amd64: - # TYPE: deb - # ARCH: amd64 - # REPO_ID: 5d23b16c9a6e3b375bbba42e - # REPO_DISTRO: debian - # REPO_RELEASE: buster - # debian-buster-arm64: - # TYPE: deb - # ARCH: arm64 - # REPO_ID: 5d23b16c9a6e3b375bbba42e - # REPO_DISTRO: debian - # REPO_RELEASE: buster - # debian-bullseye-amd64: - # TYPE: deb - # ARCH: amd64 - # REPO_ID: 611ab3a32acdcd0744c8c841 - # REPO_DISTRO: debian - # REPO_RELEASE: bullseye - # debian-bullseye-arm64: - # TYPE: deb - # ARCH: arm64 - # REPO_ID: 611ab3a32acdcd0744c8c841 - # REPO_DISTRO: debian - # REPO_RELEASE: bullseye + ubuntu-bionic-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 5d16326637164fbc1139c4e1 + REPO_DISTRO: ubuntu + REPO_RELEASE: bionic + ubuntu-bionic-arm64: + TYPE: deb + ARCH: arm64 + REPO_ID: 5d16326637164fbc1139c4e1 + REPO_DISTRO: ubuntu + REPO_RELEASE: bionic + ubuntu-focal-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 5e852952e45fffa1beda61fe + REPO_DISTRO: ubuntu + REPO_RELEASE: focal + ubuntu-focal-arm64: + TYPE: deb + ARCH: arm64 + REPO_ID: 5e852952e45fffa1beda61fe + REPO_DISTRO: ubuntu + REPO_RELEASE: focal + ubuntu-jammy-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 61faea6cea3a770ab120ac8a + REPO_DISTRO: ubuntu + REPO_RELEASE: jammy + ubuntu-jammy-arm64: + TYPE: deb + ARCH: arm64 + REPO_ID: 61faea6cea3a770ab120ac8a + REPO_DISTRO: ubuntu + REPO_RELEASE: jammy + debian-buster-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 5d23b16c9a6e3b375bbba42e + REPO_DISTRO: debian + REPO_RELEASE: buster + debian-buster-arm64: + TYPE: deb + ARCH: arm64 + REPO_ID: 5d23b16c9a6e3b375bbba42e + REPO_DISTRO: debian + REPO_RELEASE: buster + debian-bullseye-amd64: + TYPE: deb + ARCH: amd64 + REPO_ID: 611ab3a32acdcd0744c8c841 + REPO_DISTRO: debian + REPO_RELEASE: bullseye + debian-bullseye-arm64: + TYPE: deb + ARCH: arm64 + REPO_ID: 611ab3a32acdcd0744c8c841 + REPO_DISTRO: debian + REPO_RELEASE: bullseye # rpm platforms - # centos-8-x86_64: - # TYPE: rpm - # ARCH: amd64 - # REPO_ID: 5e5ed94a523a8019fe47607e - # REPO_DISTRO: centos - # REPO_RELEASE: 8 - # centos-8-aarch64: - # TYPE: rpm - # ARCH: arm64 - # REPO_ID: 5e5ed94a523a8019fe47607e - # REPO_DISTRO: centos - # REPO_RELEASE: 8 - # rhel-8-x86_64: - # TYPE: rpm - # ARCH: amd64 - # REPO_ID: 5d4470e1eebce7156eee5407 - # REPO_DISTRO: rhel - # REPO_RELEASE: 8 - # rhel-8-aarch64: - # TYPE: rpm - # ARCH: arm64 - # REPO_ID: 5d4470e1eebce7156eee5407 - # REPO_DISTRO: rhel - # REPO_RELEASE: 8 + centos-8-x86_64: + TYPE: rpm + ARCH: amd64 + REPO_ID: 5e5ed94a523a8019fe47607e + REPO_DISTRO: centos + REPO_RELEASE: 8 + centos-8-aarch64: + TYPE: rpm + ARCH: arm64 + REPO_ID: 5e5ed94a523a8019fe47607e + REPO_DISTRO: centos + REPO_RELEASE: 8 + rhel-8-x86_64: + TYPE: rpm + ARCH: amd64 + REPO_ID: 5d4470e1eebce7156eee5407 + REPO_DISTRO: rhel + REPO_RELEASE: 8 + rhel-8-aarch64: + TYPE: rpm + ARCH: arm64 + REPO_ID: 5d4470e1eebce7156eee5407 + REPO_DISTRO: rhel + REPO_RELEASE: 8 rhel-9-x86_64: TYPE: rpm ARCH: amd64 REPO_ID: 627067cc3ac6d7548f4d66cd REPO_DISTRO: rhel REPO_RELEASE: 9 - # rhel-9-aarch64: - # TYPE: rpm - # ARCH: arm64 - # REPO_ID: 627067cc3ac6d7548f4d66cd - # REPO_DISTRO: rhel - # REPO_RELEASE: 9 + rhel-9-aarch64: + TYPE: rpm + ARCH: arm64 + REPO_ID: 627067cc3ac6d7548f4d66cd + REPO_DISTRO: rhel + REPO_RELEASE: 9 fedora-34-x86_64: TYPE: rpm ARCH: amd64 REPO_ID: 606e1da573e50659b0803a7b REPO_DISTRO: fedora REPO_RELEASE: 34 - # fedora-34-aarch64: - # TYPE: rpm - # ARCH: arm64 - # REPO_ID: 606e1da573e50659b0803a7b - # REPO_DISTRO: fedora - # REPO_RELEASE: 34 - # fedora-35-x86_64: - # TYPE: rpm - # ARCH: amd64 - # REPO_ID: 6196d483ea3a770f011f63fb - # REPO_DISTRO: fedora - # REPO_RELEASE: 35 - # fedora-35-aarch64: - # TYPE: rpm - # ARCH: arm64 - # REPO_ID: 6196d483ea3a770f011f63fb - # REPO_DISTRO: fedora - # REPO_RELEASE: 35 - # fedora-36-x86_64: - # TYPE: rpm - # ARCH: amd64 - # REPO_ID: 6271bc683ac6d73aa84d6737 - # REPO_DISTRO: fedora - # REPO_RELEASE: 36 - # fedora-36-aarch64: - # TYPE: rpm - # ARCH: arm64 - # REPO_ID: 6271bc683ac6d73aa84d6737 - # REPO_DISTRO: fedora - # REPO_RELEASE: 36 + fedora-34-aarch64: + TYPE: rpm + ARCH: arm64 + REPO_ID: 606e1da573e50659b0803a7b + REPO_DISTRO: fedora + REPO_RELEASE: 34 + fedora-35-x86_64: + TYPE: rpm + ARCH: amd64 + REPO_ID: 6196d483ea3a770f011f63fb + REPO_DISTRO: fedora + REPO_RELEASE: 35 + fedora-35-aarch64: + TYPE: rpm + ARCH: arm64 + REPO_ID: 6196d483ea3a770f011f63fb + REPO_DISTRO: fedora + REPO_RELEASE: 35 + fedora-36-x86_64: + TYPE: rpm + ARCH: amd64 + REPO_ID: 6271bc683ac6d73aa84d6737 + REPO_DISTRO: fedora + REPO_RELEASE: 36 + fedora-36-aarch64: + TYPE: rpm + ARCH: arm64 + REPO_ID: 6271bc683ac6d73aa84d6737 + REPO_DISTRO: fedora + REPO_RELEASE: 36 steps: - task: DownloadPipelineArtifact@2 inputs: @@ -360,11 +360,11 @@ stages: path: $(system.defaultWorkingDirectory)/dist/pkg # Debug purpose only: Accelerate debugging on this stage - source: "specific" - project: "release" - pipeline: 22 - runVersion: "specific" - runId: 3760 + # source: "specific" + # project: "release" + # pipeline: 22 + # runVersion: "specific" + # runId: 3760 - task: UniversalPackages@0 displayName: "Download repoclient" @@ -412,33 +412,33 @@ stages: env: TYPE: $(TYPE) REPO_ID: $(REPO_ID) - # - script: | - # set -e + - script: | + set -e - # # Skip verifying rhel distros as they don't have a docker image available - # [[ $REPO_DISTRO == rhel ]] && exit 0 + # Skip verifying rhel distros as they don't have a docker image available + [[ $REPO_DISTRO == rhel ]] && exit 0 - # # Install and run kvm service - # sudo apt install qemu-kvm libvirt-clients libvirt-daemon-system bridge-utils virtinst libvirt-daemon - # sudo systemctl enable --now libvirtd + # Install and run kvm service + sudo apt install qemu-kvm libvirt-clients libvirt-daemon-system bridge-utils virtinst libvirt-daemon + sudo systemctl enable --now libvirtd - # # Setup binfmt_misc to enable multi arch - # docker run --rm --privileged multiarch/qemu-user-static --reset -p yes + # Setup binfmt_misc to enable multi arch + docker run --rm --privileged multiarch/qemu-user-static --reset -p yes - # # Launch the base container of the correct architecture - # cid=$(docker run --rm -dit --platform=linux/$ARCH ${REPO_DISTRO}:${REPO_RELEASE}) + # Launch the base container of the correct architecture + cid=$(docker run --rm -dit --platform=linux/$ARCH ${REPO_DISTRO}:${REPO_RELEASE}) - # docker cp ${workdir}/scripts/package/linux/verify/${REPO_DISTRO}-${REPO_RELEASE}.sh ${cid}:/verify.sh - # docker exec $cid /verify.sh $VERSION - # displayName: "Verify" - # env: - # workdir: $(system.defaultWorkingDirectory) - # TYPE: $(TYPE) - # ARCH: $(ARCH) - # REPO_ID: $(REPO_ID) - # REPO_DISTRO: $(REPO_DISTRO) - # REPO_RELEASE: $(REPO_RELEASE) - # VERSION: ${{ parameters.version }} + docker cp ${workdir}/scripts/package/linux/verify/${REPO_DISTRO}-${REPO_RELEASE}.sh ${cid}:/verify.sh + docker exec $cid /verify.sh $VERSION + displayName: "Verify" + env: + workdir: $(system.defaultWorkingDirectory) + TYPE: $(TYPE) + ARCH: $(ARCH) + REPO_ID: $(REPO_ID) + REPO_DISTRO: $(REPO_DISTRO) + REPO_RELEASE: $(REPO_RELEASE) + VERSION: ${{ parameters.version }} # - stage: publish_windows_setup # displayName: "Publish Windows Setup" From 159d406e0e37074ae911a6afac0cf63a13ba72d1 Mon Sep 17 00:00:00 2001 From: magodo Date: Sat, 20 Aug 2022 11:14:57 +0800 Subject: [PATCH 65/94] verify all --- azure-pipelines.yml | 106 +++++++++++----------- scripts/package/linux/verify/centos-8.sh | 12 +++ scripts/package/linux/verify/fedora-34.sh | 10 ++ scripts/package/linux/verify/fedora-35.sh | 10 ++ scripts/package/linux/verify/fedora-36.sh | 10 ++ 5 files changed, 95 insertions(+), 53 deletions(-) create mode 100755 scripts/package/linux/verify/centos-8.sh create mode 100755 scripts/package/linux/verify/fedora-34.sh create mode 100755 scripts/package/linux/verify/fedora-35.sh create mode 100755 scripts/package/linux/verify/fedora-36.sh diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 33c7070..7d11fbc 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -354,64 +354,64 @@ stages: REPO_DISTRO: fedora REPO_RELEASE: 36 steps: - - task: DownloadPipelineArtifact@2 - inputs: - artifact: linux-$(ARCH)-pkg - path: $(system.defaultWorkingDirectory)/dist/pkg + # - task: DownloadPipelineArtifact@2 + # inputs: + # artifact: linux-$(ARCH)-pkg + # path: $(system.defaultWorkingDirectory)/dist/pkg - # Debug purpose only: Accelerate debugging on this stage - # source: "specific" - # project: "release" - # pipeline: 22 - # runVersion: "specific" - # runId: 3760 + # # Debug purpose only: Accelerate debugging on this stage + # # source: "specific" + # # project: "release" + # # pipeline: 22 + # # runVersion: "specific" + # # runId: 3760 - - task: UniversalPackages@0 - displayName: "Download repoclient" - inputs: - command: download - vstsFeed: "release/aztfy" - vstsFeedPackage: "azure-repoapi-client" - vstsPackageVersion: "2.2.1" - downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool - - script: | - set -e - sudo apt install -y ./dist/tool/azure-repoapi-client_2.2.1_amd64.deb - mkdir ~/.repoclient - cat << EOF > ~/.repoclient/config.json - { - "server": "azure-apt-cat.cloudapp.net", - "port": "443", - "AADClientId": "$(LINUX_REPO_SP_CLIENT_ID)", - "AADClientSecret": "$(LINUX_REPO_SP_CLIENT_SECRET)", - "AADResource": "https://microsoft.onmicrosoft.com/945999e9-da09-4b5b-878f-b66c414602c0", - "AADTenant": "72f988bf-86f1-41af-91ab-2d7cd011db47", - "AADAuthorityUrl": "https://login.microsoftonline.com", - "repositoryId": "IGNORE" - } - EOF - pkg=(./dist/pkg/*.${TYPE}) - [[ ${#pkg[@]} == 1 ]] || { echo "not exactly one target packages found: $(declare -p pkg)" > 2; exit 1; } - pkg=${pkg[0]} + # - task: UniversalPackages@0 + # displayName: "Download repoclient" + # inputs: + # command: download + # vstsFeed: "release/aztfy" + # vstsFeedPackage: "azure-repoapi-client" + # vstsPackageVersion: "2.2.1" + # downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool + # - script: | + # set -e + # sudo apt install -y ./dist/tool/azure-repoapi-client_2.2.1_amd64.deb + # mkdir ~/.repoclient + # cat << EOF > ~/.repoclient/config.json + # { + # "server": "azure-apt-cat.cloudapp.net", + # "port": "443", + # "AADClientId": "$(LINUX_REPO_SP_CLIENT_ID)", + # "AADClientSecret": "$(LINUX_REPO_SP_CLIENT_SECRET)", + # "AADResource": "https://microsoft.onmicrosoft.com/945999e9-da09-4b5b-878f-b66c414602c0", + # "AADTenant": "72f988bf-86f1-41af-91ab-2d7cd011db47", + # "AADAuthorityUrl": "https://login.microsoftonline.com", + # "repositoryId": "IGNORE" + # } + # EOF + # pkg=(./dist/pkg/*.${TYPE}) + # [[ ${#pkg[@]} == 1 ]] || { echo "not exactly one target packages found: $(declare -p pkg)" > 2; exit 1; } + # pkg=${pkg[0]} - # Allow error's to occur prior to quit the task, as we are capturing the command output, otherwise, we will have no chance to output that in stdout/stderr. - set +e - ret=$(repoclient package add -r ${REPO_ID} $pkg) - [[ $? == 0 ]] || { echo "Error: repoclient package add failed: $ret" >&2; exit 1; } - echo -e "repoclient package add returns:\n$ret\n" + # # Allow error's to occur prior to quit the task, as we are capturing the command output, otherwise, we will have no chance to output that in stdout/stderr. + # set +e + # ret=$(repoclient package add -r ${REPO_ID} $pkg) + # [[ $? == 0 ]] || { echo "Error: repoclient package add failed: $ret" >&2; exit 1; } + # echo -e "repoclient package add returns:\n$ret\n" - location=$(jq -r '.Location' <<< $ret) - package_id=${location##*/} - [[ -n $package_id ]] || { echo "Error: empty package id got" >&2; exit 1; } - echo "package id: $package_id" + # location=$(jq -r '.Location' <<< $ret) + # package_id=${location##*/} + # [[ -n $package_id ]] || { echo "Error: empty package id got" >&2; exit 1; } + # echo "package id: $package_id" - ret=$(repoclient package check $package_id) - [[ $? == 0 ]] || { echo "Error: repoclient package check failed: $ret" >&2; exit 1; } - echo -e "repoclient package check returns:\n$ret\n" - displayName: "Publish via repoclient" - env: - TYPE: $(TYPE) - REPO_ID: $(REPO_ID) + # ret=$(repoclient package check $package_id) + # [[ $? == 0 ]] || { echo "Error: repoclient package check failed: $ret" >&2; exit 1; } + # echo -e "repoclient package check returns:\n$ret\n" + # displayName: "Publish via repoclient" + # env: + # TYPE: $(TYPE) + # REPO_ID: $(REPO_ID) - script: | set -e diff --git a/scripts/package/linux/verify/centos-8.sh b/scripts/package/linux/verify/centos-8.sh new file mode 100755 index 0000000..807c844 --- /dev/null +++ b/scripts/package/linux/verify/centos-8.sh @@ -0,0 +1,12 @@ +#!/bin/bash +set -e + +version=${1:?"version not specified"} + +sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-* +sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-* +rpm --import https://packages.microsoft.com/keys/microsoft.asc +dnf install -y https://packages.microsoft.com/config/centos/8/packages-microsoft-prod.rpm +dnf check-update +dnf install -y aztfy +grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/fedora-34.sh b/scripts/package/linux/verify/fedora-34.sh new file mode 100755 index 0000000..4593c88 --- /dev/null +++ b/scripts/package/linux/verify/fedora-34.sh @@ -0,0 +1,10 @@ +#!/bin/bash +set -e + +version=${1:?"version not specified"} + +rpm --import https://packages.microsoft.com/keys/microsoft.asc +dnf install -y https://packages.microsoft.com/config/fedora/34/packages-microsoft-prod.rpm +dnf check-update +dnf install -y aztfy +grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/fedora-35.sh b/scripts/package/linux/verify/fedora-35.sh new file mode 100755 index 0000000..39c5b3c --- /dev/null +++ b/scripts/package/linux/verify/fedora-35.sh @@ -0,0 +1,10 @@ +#!/bin/bash +set -e + +version=${1:?"version not specified"} + +rpm --import https://packages.microsoft.com/keys/microsoft.asc +dnf install -y https://packages.microsoft.com/config/fedora/35/packages-microsoft-prod.rpm +dnf check-update +dnf install -y aztfy +grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/fedora-36.sh b/scripts/package/linux/verify/fedora-36.sh new file mode 100755 index 0000000..b803c6d --- /dev/null +++ b/scripts/package/linux/verify/fedora-36.sh @@ -0,0 +1,10 @@ +#!/bin/bash +set -e + +version=${1:?"version not specified"} + +rpm --import https://packages.microsoft.com/keys/microsoft.asc +dnf install -y https://packages.microsoft.com/config/fedora/36/packages-microsoft-prod.rpm +dnf check-update +dnf install -y aztfy +grep $version <(aztfy -v) From 491125e92831af26f03c2b6c3108d4dd28d6bcfa Mon Sep 17 00:00:00 2001 From: magodo Date: Sat, 20 Aug 2022 11:28:07 +0800 Subject: [PATCH 66/94] handle dnf check-update returns 100 --- scripts/package/linux/verify/centos-8.sh | 5 ++++- scripts/package/linux/verify/fedora-34.sh | 5 ++++- scripts/package/linux/verify/fedora-35.sh | 5 ++++- scripts/package/linux/verify/fedora-36.sh | 5 ++++- 4 files changed, 16 insertions(+), 4 deletions(-) diff --git a/scripts/package/linux/verify/centos-8.sh b/scripts/package/linux/verify/centos-8.sh index 807c844..1a46b3e 100755 --- a/scripts/package/linux/verify/centos-8.sh +++ b/scripts/package/linux/verify/centos-8.sh @@ -7,6 +7,9 @@ sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-* sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-* rpm --import https://packages.microsoft.com/keys/microsoft.asc dnf install -y https://packages.microsoft.com/config/centos/8/packages-microsoft-prod.rpm -dnf check-update + +# See: https://access.redhat.com/solutions/2779441 +dnf check-update || [[ $? == 100 ]] + dnf install -y aztfy grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/fedora-34.sh b/scripts/package/linux/verify/fedora-34.sh index 4593c88..9aeb445 100755 --- a/scripts/package/linux/verify/fedora-34.sh +++ b/scripts/package/linux/verify/fedora-34.sh @@ -5,6 +5,9 @@ version=${1:?"version not specified"} rpm --import https://packages.microsoft.com/keys/microsoft.asc dnf install -y https://packages.microsoft.com/config/fedora/34/packages-microsoft-prod.rpm -dnf check-update + +# See: https://access.redhat.com/solutions/2779441 +dnf check-update || [[ $? == 100 ]] + dnf install -y aztfy grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/fedora-35.sh b/scripts/package/linux/verify/fedora-35.sh index 39c5b3c..604935f 100755 --- a/scripts/package/linux/verify/fedora-35.sh +++ b/scripts/package/linux/verify/fedora-35.sh @@ -5,6 +5,9 @@ version=${1:?"version not specified"} rpm --import https://packages.microsoft.com/keys/microsoft.asc dnf install -y https://packages.microsoft.com/config/fedora/35/packages-microsoft-prod.rpm -dnf check-update + +# See: https://access.redhat.com/solutions/2779441 +dnf check-update || [[ $? == 100 ]] + dnf install -y aztfy grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/fedora-36.sh b/scripts/package/linux/verify/fedora-36.sh index b803c6d..b939a28 100755 --- a/scripts/package/linux/verify/fedora-36.sh +++ b/scripts/package/linux/verify/fedora-36.sh @@ -5,6 +5,9 @@ version=${1:?"version not specified"} rpm --import https://packages.microsoft.com/keys/microsoft.asc dnf install -y https://packages.microsoft.com/config/fedora/36/packages-microsoft-prod.rpm -dnf check-update + +# See: https://access.redhat.com/solutions/2779441 +dnf check-update || [[ $? == 100 ]] + dnf install -y aztfy grep $version <(aztfy -v) From a9d9baa3d76faeec7494ab54ddd379212af7c4a5 Mon Sep 17 00:00:00 2001 From: magodo Date: Sat, 20 Aug 2022 13:00:04 +0800 Subject: [PATCH 67/94] uncomment all --- azure-pipelines.yml | 114 ++++++++++++++++++++++---------------------- 1 file changed, 56 insertions(+), 58 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 7d11fbc..5aef707 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -1,8 +1,3 @@ -# Go -# Build your Go project. -# Add steps that test, save build artifacts, deploy, and more: -# https://docs.microsoft.com/azure/devops/pipelines/languages/go - parameters: - name: version displayName: Release Version (e.g. v0.1.0) @@ -354,64 +349,67 @@ stages: REPO_DISTRO: fedora REPO_RELEASE: 36 steps: - # - task: DownloadPipelineArtifact@2 - # inputs: - # artifact: linux-$(ARCH)-pkg - # path: $(system.defaultWorkingDirectory)/dist/pkg + - task: DownloadPipelineArtifact@2 + inputs: + artifact: linux-$(ARCH)-pkg + path: $(system.defaultWorkingDirectory)/dist/pkg - # # Debug purpose only: Accelerate debugging on this stage - # # source: "specific" - # # project: "release" - # # pipeline: 22 - # # runVersion: "specific" - # # runId: 3760 + # Debug purpose only: Accelerate debugging on this stage + # source: "specific" + # project: "release" + # pipeline: 22 + # runVersion: "specific" + # runId: 3760 - # - task: UniversalPackages@0 - # displayName: "Download repoclient" - # inputs: - # command: download - # vstsFeed: "release/aztfy" - # vstsFeedPackage: "azure-repoapi-client" - # vstsPackageVersion: "2.2.1" - # downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool - # - script: | - # set -e - # sudo apt install -y ./dist/tool/azure-repoapi-client_2.2.1_amd64.deb - # mkdir ~/.repoclient - # cat << EOF > ~/.repoclient/config.json - # { - # "server": "azure-apt-cat.cloudapp.net", - # "port": "443", - # "AADClientId": "$(LINUX_REPO_SP_CLIENT_ID)", - # "AADClientSecret": "$(LINUX_REPO_SP_CLIENT_SECRET)", - # "AADResource": "https://microsoft.onmicrosoft.com/945999e9-da09-4b5b-878f-b66c414602c0", - # "AADTenant": "72f988bf-86f1-41af-91ab-2d7cd011db47", - # "AADAuthorityUrl": "https://login.microsoftonline.com", - # "repositoryId": "IGNORE" - # } - # EOF - # pkg=(./dist/pkg/*.${TYPE}) - # [[ ${#pkg[@]} == 1 ]] || { echo "not exactly one target packages found: $(declare -p pkg)" > 2; exit 1; } - # pkg=${pkg[0]} + - task: UniversalPackages@0 + displayName: "Download repoclient" + inputs: + command: download + vstsFeed: "release/aztfy" + vstsFeedPackage: "azure-repoapi-client" + vstsPackageVersion: "2.2.1" + downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool + - script: | + set -e + sudo apt install -y ./dist/tool/azure-repoapi-client_2.2.1_amd64.deb + mkdir ~/.repoclient + cat << EOF > ~/.repoclient/config.json + { + "server": "azure-apt-cat.cloudapp.net", + "port": "443", + "AADClientId": "$(LINUX_REPO_SP_CLIENT_ID)", + "AADClientSecret": "$(LINUX_REPO_SP_CLIENT_SECRET)", + "AADResource": "https://microsoft.onmicrosoft.com/945999e9-da09-4b5b-878f-b66c414602c0", + "AADTenant": "72f988bf-86f1-41af-91ab-2d7cd011db47", + "AADAuthorityUrl": "https://login.microsoftonline.com", + "repositoryId": "IGNORE" + } + EOF + pkg=(./dist/pkg/*.${TYPE}) + [[ ${#pkg[@]} == 1 ]] || { echo "not exactly one target packages found: $(declare -p pkg)" > 2; exit 1; } + pkg=${pkg[0]} - # # Allow error's to occur prior to quit the task, as we are capturing the command output, otherwise, we will have no chance to output that in stdout/stderr. - # set +e - # ret=$(repoclient package add -r ${REPO_ID} $pkg) - # [[ $? == 0 ]] || { echo "Error: repoclient package add failed: $ret" >&2; exit 1; } - # echo -e "repoclient package add returns:\n$ret\n" + # Allow error's to occur prior to quit the task, as we are capturing the command output, otherwise, we will have no chance to output that in stdout/stderr. + set +e + ret=$(repoclient package add -r ${REPO_ID} $pkg) + [[ $? == 0 ]] || { echo "Error: repoclient package add failed: $ret" >&2; exit 1; } + echo -e "repoclient package add returns:\n$ret\n" - # location=$(jq -r '.Location' <<< $ret) - # package_id=${location##*/} - # [[ -n $package_id ]] || { echo "Error: empty package id got" >&2; exit 1; } - # echo "package id: $package_id" + location=$(jq -r '.Location' <<< $ret) + package_id=${location##*/} + [[ -n $package_id ]] || { echo "Error: empty package id got" >&2; exit 1; } + echo "package id: $package_id" - # ret=$(repoclient package check $package_id) - # [[ $? == 0 ]] || { echo "Error: repoclient package check failed: $ret" >&2; exit 1; } - # echo -e "repoclient package check returns:\n$ret\n" - # displayName: "Publish via repoclient" - # env: - # TYPE: $(TYPE) - # REPO_ID: $(REPO_ID) + ret=$(repoclient package check $package_id) + [[ $? == 0 ]] || { echo "Error: repoclient package check failed: $ret" >&2; exit 1; } + echo -e "repoclient package check returns:\n$ret\n" + displayName: "Publish via repoclient" + env: + TYPE: $(TYPE) + REPO_ID: $(REPO_ID) + - script: | + #TODO + displayName: "Wait for package publish finish" - script: | set -e From 4f6cc6bec1d2f18d6946de63c9dd0491e8bb65bb Mon Sep 17 00:00:00 2001 From: magodo Date: Mon, 22 Aug 2022 16:47:59 +0800 Subject: [PATCH 68/94] a simple msi wix source code --- scripts/package/windows/setup.wxs | 36 +++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 scripts/package/windows/setup.wxs diff --git a/scripts/package/windows/setup.wxs b/scripts/package/windows/setup.wxs new file mode 100644 index 0000000..9244d76 --- /dev/null +++ b/scripts/package/windows/setup.wxs @@ -0,0 +1,36 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +` From 5f9fd3d1b1c73a649dc12b46653b94268e187b2d Mon Sep 17 00:00:00 2001 From: magodo Date: Mon, 22 Aug 2022 21:12:34 +0800 Subject: [PATCH 69/94] pipeline: try building msi --- azure-pipelines.yml | 79 ++++++++++++++++++++++++------- scripts/package/windows/setup.wxs | 2 +- 2 files changed, 64 insertions(+), 17 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 5aef707..44893a8 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -412,7 +412,7 @@ stages: displayName: "Wait for package publish finish" - script: | set -e - + # Skip verifying rhel distros as they don't have a docker image available [[ $REPO_DISTRO == rhel ]] && exit 0 @@ -438,8 +438,55 @@ stages: REPO_RELEASE: $(REPO_RELEASE) VERSION: ${{ parameters.version }} - # - stage: publish_windows_setup - # displayName: "Publish Windows Setup" + - stage: publish_windows_setup + displayName: "Publish Windows Setup" + jobs: + - job: build_msi + pool: + vmImage: "windows-2019" + displayName: "Build MSI" + strategy: + matrix: + 386: + ARCH: 386 + amd64: + ARCH: amd64 + steps: + - task: DownloadPipelineArtifact@2 + inputs: + artifact: windows-$(ARCH) + path: $(system.defaultWorkingDirectory)/dist/pkg + + # Debug purpose only: Accelerate debugging on this stage + # source: "specific" + # project: "release" + # pipeline: 22 + # runVersion: "specific" + # runId: 3760 + - script: | + set -e + + # Setup wix + curl -O /tmp/wix311.exe https://github.com/wixtoolset/wix3/releases/download/wix3112rtm/wix311.exe + msiexec.exe /i /tmp/wix311.exe /qn + export PATH=$PATH:"/c/Program Files (x86)/WiX Toolset v3.11/bin" + + # Build + mkdir $workdir/dist/output + cd $WORKDIR/scripts/package/windows + declare -A map=( [386]=x86 [amd64]=x64 ) + export VERSION=${VERSION:1} + candle.exe -arch ${map[$ARCH]} -o setup.wxobj ./setup.wxs + light.exe -out $workdir/dist/output/aztfy.msi ./setup.wxobj + env: + workdir: $(system.defaultWorkingDirectory) + VERSION: ${{ parameters.version }} + ARCH: $(ARCH) + - task: PublishPipelineArtifact@1 + displayName: "Publish MSI" + inputs: + targetPath: "$(system.defaultWorkingDirectory)/dist/output" + artifactName: windows-$(ARCH)-msi - stage: release displayName: "Release" @@ -483,10 +530,10 @@ stages: - task: EsrpCodeSigning@1 displayName: "Sign Binary Archive Digests" inputs: - ConnectedServiceName: 'ESRP Signing Service' - FolderPath: '$(system.defaultWorkingDirectory)/release' - Pattern: '*_SHA256SUMS.sig' - signConfigType: 'inlineSignParams' + ConnectedServiceName: "ESRP Signing Service" + FolderPath: "$(system.defaultWorkingDirectory)/release" + Pattern: "*_SHA256SUMS.sig" + signConfigType: "inlineSignParams" inlineOperation: | [ { @@ -497,18 +544,18 @@ stages: "ToolVersion": "1.0" } ] - SessionTimeout: '60' - MaxConcurrency: '50' - MaxRetryAttempts: '5' + SessionTimeout: "60" + MaxConcurrency: "50" + MaxRetryAttempts: "5" - task: GitHubRelease@1 displayName: "Draft Github Release" inputs: - gitHubConnection: 'Github' - repositoryName: '$(Build.Repository.Name)' - action: 'create' - target: '$(Build.SourceVersion)' - tagSource: 'gitTag' + gitHubConnection: "Github" + repositoryName: "$(Build.Repository.Name)" + action: "create" + target: "$(Build.SourceVersion)" + tagSource: "gitTag" tagPattern: '^v\d+\.\d+\.\d+' - assets: '$(system.defaultWorkingDirectory)/release/*' + assets: "$(system.defaultWorkingDirectory)/release/*" isDraft: true addChangeLog: false diff --git a/scripts/package/windows/setup.wxs b/scripts/package/windows/setup.wxs index 9244d76..d90f8c1 100644 --- a/scripts/package/windows/setup.wxs +++ b/scripts/package/windows/setup.wxs @@ -33,4 +33,4 @@ -` + From 22de97c648147d31c0c778e0f8840d6bc6e5f8bf Mon Sep 17 00:00:00 2001 From: magodo Date: Mon, 22 Aug 2022 21:17:49 +0800 Subject: [PATCH 70/94] enable the acc download --- azure-pipelines.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 44893a8..97eef04 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -457,12 +457,12 @@ stages: artifact: windows-$(ARCH) path: $(system.defaultWorkingDirectory)/dist/pkg - # Debug purpose only: Accelerate debugging on this stage - # source: "specific" - # project: "release" - # pipeline: 22 - # runVersion: "specific" - # runId: 3760 + Debug purpose only: Accelerate debugging on this stage + source: "specific" + project: "release" + pipeline: 22 + runVersion: "specific" + runId: 3760 - script: | set -e From fd72d917250df72d9254e8d893f2c48d7dd22131 Mon Sep 17 00:00:00 2001 From: magodo Date: Mon, 22 Aug 2022 21:22:59 +0800 Subject: [PATCH 71/94] use bash --- azure-pipelines.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 97eef04..66556a3 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -453,6 +453,7 @@ stages: ARCH: amd64 steps: - task: DownloadPipelineArtifact@2 + displayName: "Download aztfy binary" inputs: artifact: windows-$(ARCH) path: $(system.defaultWorkingDirectory)/dist/pkg @@ -463,7 +464,7 @@ stages: pipeline: 22 runVersion: "specific" runId: 3760 - - script: | + - bash: | set -e # Setup wix @@ -482,6 +483,7 @@ stages: workdir: $(system.defaultWorkingDirectory) VERSION: ${{ parameters.version }} ARCH: $(ARCH) + displayName: "Build" - task: PublishPipelineArtifact@1 displayName: "Publish MSI" inputs: From a08f7042a8586f214779532e62c4aa4be3d93b59 Mon Sep 17 00:00:00 2001 From: magodo Date: Mon, 22 Aug 2022 21:46:09 +0800 Subject: [PATCH 72/94] setup wix --- azure-pipelines.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 66556a3..9f440d2 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -468,8 +468,8 @@ stages: set -e # Setup wix - curl -O /tmp/wix311.exe https://github.com/wixtoolset/wix3/releases/download/wix3112rtm/wix311.exe - msiexec.exe /i /tmp/wix311.exe /qn + curl -o wix311.exe "https://github.com/wixtoolset/wix3/releases/download/wix3112rtm/wix311.exe" + wix311.exe -install -quiet -norestart export PATH=$PATH:"/c/Program Files (x86)/WiX Toolset v3.11/bin" # Build From 6748b5310da898c3ec7ddbce3f1a193353e10c47 Mon Sep 17 00:00:00 2001 From: magodo Date: Mon, 22 Aug 2022 21:58:27 +0800 Subject: [PATCH 73/94] download wix311.exe from artifact (as win curl not support -L) --- azure-pipelines.yml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 9f440d2..5841818 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -464,12 +464,19 @@ stages: pipeline: 22 runVersion: "specific" runId: 3760 + - task: UniversalPackages@0 + displayName: "Download wix toolset" + inputs: + command: download + vstsFeed: "release/aztfy" + vstsFeedPackage: "wixsetup" + vstsPackageVersion: "3.11.2" + downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool - bash: | set -e # Setup wix - curl -o wix311.exe "https://github.com/wixtoolset/wix3/releases/download/wix3112rtm/wix311.exe" - wix311.exe -install -quiet -norestart + ./dist/tool/wix311.exe -install -quiet -norestart export PATH=$PATH:"/c/Program Files (x86)/WiX Toolset v3.11/bin" # Build From 34e2840d47f46ea1eb2143a82310b880014aa3e0 Mon Sep 17 00:00:00 2001 From: magodo Date: Mon, 22 Aug 2022 22:01:16 +0800 Subject: [PATCH 74/94] fix --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 5841818..115d699 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -481,7 +481,7 @@ stages: # Build mkdir $workdir/dist/output - cd $WORKDIR/scripts/package/windows + cd $workdir/scripts/package/windows declare -A map=( [386]=x86 [amd64]=x64 ) export VERSION=${VERSION:1} candle.exe -arch ${map[$ARCH]} -o setup.wxobj ./setup.wxs From 29258760a2a062e051c3dc6645db8ec8133b3a12 Mon Sep 17 00:00:00 2001 From: magodo Date: Mon, 22 Aug 2022 22:04:53 +0800 Subject: [PATCH 75/94] fix --- azure-pipelines.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 115d699..d080466 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -456,7 +456,7 @@ stages: displayName: "Download aztfy binary" inputs: artifact: windows-$(ARCH) - path: $(system.defaultWorkingDirectory)/dist/pkg + path: $(system.defaultWorkingDirectory)/dist/bin Debug purpose only: Accelerate debugging on this stage source: "specific" @@ -480,11 +480,12 @@ stages: export PATH=$PATH:"/c/Program Files (x86)/WiX Toolset v3.11/bin" # Build - mkdir $workdir/dist/output cd $workdir/scripts/package/windows declare -A map=( [386]=x86 [amd64]=x64 ) export VERSION=${VERSION:1} + cp $workdir/dist/bin/aztfy.exe . candle.exe -arch ${map[$ARCH]} -o setup.wxobj ./setup.wxs + mkdir $workdir/dist/output light.exe -out $workdir/dist/output/aztfy.msi ./setup.wxobj env: workdir: $(system.defaultWorkingDirectory) From 53184542f5b05aa81747f3b83c7027bb77fab7aa Mon Sep 17 00:00:00 2001 From: magodo Date: Mon, 22 Aug 2022 22:13:16 +0800 Subject: [PATCH 76/94] disable the acc dl --- azure-pipelines.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index d080466..7ba01d7 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -458,12 +458,12 @@ stages: artifact: windows-$(ARCH) path: $(system.defaultWorkingDirectory)/dist/bin - Debug purpose only: Accelerate debugging on this stage - source: "specific" - project: "release" - pipeline: 22 - runVersion: "specific" - runId: 3760 + # Debug purpose only: Accelerate debugging on this stage + # source: "specific" + # project: "release" + # pipeline: 22 + # runVersion: "specific" + # runId: 3760 - task: UniversalPackages@0 displayName: "Download wix toolset" inputs: From e21a96eeb566699d7e3a614c17eb6cc2a32f6586 Mon Sep 17 00:00:00 2001 From: magodo Date: Tue, 23 Aug 2022 11:16:50 +0800 Subject: [PATCH 77/94] fedora repos remove repo configs for accelarating --- scripts/package/linux/verify/fedora-34.sh | 4 ++++ scripts/package/linux/verify/fedora-35.sh | 4 ++++ scripts/package/linux/verify/fedora-36.sh | 4 ++++ 3 files changed, 12 insertions(+) diff --git a/scripts/package/linux/verify/fedora-34.sh b/scripts/package/linux/verify/fedora-34.sh index 9aeb445..043b3f1 100755 --- a/scripts/package/linux/verify/fedora-34.sh +++ b/scripts/package/linux/verify/fedora-34.sh @@ -4,6 +4,10 @@ set -e version=${1:?"version not specified"} rpm --import https://packages.microsoft.com/keys/microsoft.asc + +# To accelarate syncing the repo metadatas +rm -f /etc/yum.repos.d/* + dnf install -y https://packages.microsoft.com/config/fedora/34/packages-microsoft-prod.rpm # See: https://access.redhat.com/solutions/2779441 diff --git a/scripts/package/linux/verify/fedora-35.sh b/scripts/package/linux/verify/fedora-35.sh index 604935f..0edd6ad 100755 --- a/scripts/package/linux/verify/fedora-35.sh +++ b/scripts/package/linux/verify/fedora-35.sh @@ -4,6 +4,10 @@ set -e version=${1:?"version not specified"} rpm --import https://packages.microsoft.com/keys/microsoft.asc + +# To accelarate syncing the repo metadatas +rm -f /etc/yum.repos.d/* + dnf install -y https://packages.microsoft.com/config/fedora/35/packages-microsoft-prod.rpm # See: https://access.redhat.com/solutions/2779441 diff --git a/scripts/package/linux/verify/fedora-36.sh b/scripts/package/linux/verify/fedora-36.sh index b939a28..d85f9fc 100755 --- a/scripts/package/linux/verify/fedora-36.sh +++ b/scripts/package/linux/verify/fedora-36.sh @@ -4,6 +4,10 @@ set -e version=${1:?"version not specified"} rpm --import https://packages.microsoft.com/keys/microsoft.asc + +# To accelarate syncing the repo metadatas +rm -f /etc/yum.repos.d/* + dnf install -y https://packages.microsoft.com/config/fedora/36/packages-microsoft-prod.rpm # See: https://access.redhat.com/solutions/2779441 From a23dc40a408c93fd278834fb8ddf6f5820b7d257 Mon Sep 17 00:00:00 2001 From: magodo Date: Tue, 23 Aug 2022 11:17:49 +0800 Subject: [PATCH 78/94] verify linux package publish --- azure-pipelines.yml | 112 ++++++++++++++++++++++---------------------- 1 file changed, 56 insertions(+), 56 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 7ba01d7..f46c984 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -349,67 +349,67 @@ stages: REPO_DISTRO: fedora REPO_RELEASE: 36 steps: - - task: DownloadPipelineArtifact@2 - inputs: - artifact: linux-$(ARCH)-pkg - path: $(system.defaultWorkingDirectory)/dist/pkg + #- task: DownloadPipelineArtifact@2 + # inputs: + # artifact: linux-$(ARCH)-pkg + # path: $(system.defaultWorkingDirectory)/dist/pkg - # Debug purpose only: Accelerate debugging on this stage - # source: "specific" - # project: "release" - # pipeline: 22 - # runVersion: "specific" - # runId: 3760 + # # Debug purpose only: Accelerate debugging on this stage + # # source: "specific" + # # project: "release" + # # pipeline: 22 + # # runVersion: "specific" + # # runId: 3760 - - task: UniversalPackages@0 - displayName: "Download repoclient" - inputs: - command: download - vstsFeed: "release/aztfy" - vstsFeedPackage: "azure-repoapi-client" - vstsPackageVersion: "2.2.1" - downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool - - script: | - set -e - sudo apt install -y ./dist/tool/azure-repoapi-client_2.2.1_amd64.deb - mkdir ~/.repoclient - cat << EOF > ~/.repoclient/config.json - { - "server": "azure-apt-cat.cloudapp.net", - "port": "443", - "AADClientId": "$(LINUX_REPO_SP_CLIENT_ID)", - "AADClientSecret": "$(LINUX_REPO_SP_CLIENT_SECRET)", - "AADResource": "https://microsoft.onmicrosoft.com/945999e9-da09-4b5b-878f-b66c414602c0", - "AADTenant": "72f988bf-86f1-41af-91ab-2d7cd011db47", - "AADAuthorityUrl": "https://login.microsoftonline.com", - "repositoryId": "IGNORE" - } - EOF - pkg=(./dist/pkg/*.${TYPE}) - [[ ${#pkg[@]} == 1 ]] || { echo "not exactly one target packages found: $(declare -p pkg)" > 2; exit 1; } - pkg=${pkg[0]} + #- task: UniversalPackages@0 + # displayName: "Download repoclient" + # inputs: + # command: download + # vstsFeed: "release/aztfy" + # vstsFeedPackage: "azure-repoapi-client" + # vstsPackageVersion: "2.2.1" + # downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool + #- script: | + # set -e + # sudo apt install -y ./dist/tool/azure-repoapi-client_2.2.1_amd64.deb + # mkdir ~/.repoclient + # cat << EOF > ~/.repoclient/config.json + # { + # "server": "azure-apt-cat.cloudapp.net", + # "port": "443", + # "AADClientId": "$(LINUX_REPO_SP_CLIENT_ID)", + # "AADClientSecret": "$(LINUX_REPO_SP_CLIENT_SECRET)", + # "AADResource": "https://microsoft.onmicrosoft.com/945999e9-da09-4b5b-878f-b66c414602c0", + # "AADTenant": "72f988bf-86f1-41af-91ab-2d7cd011db47", + # "AADAuthorityUrl": "https://login.microsoftonline.com", + # "repositoryId": "IGNORE" + # } + # EOF + # pkg=(./dist/pkg/*.${TYPE}) + # [[ ${#pkg[@]} == 1 ]] || { echo "not exactly one target packages found: $(declare -p pkg)" > 2; exit 1; } + # pkg=${pkg[0]} - # Allow error's to occur prior to quit the task, as we are capturing the command output, otherwise, we will have no chance to output that in stdout/stderr. - set +e - ret=$(repoclient package add -r ${REPO_ID} $pkg) - [[ $? == 0 ]] || { echo "Error: repoclient package add failed: $ret" >&2; exit 1; } - echo -e "repoclient package add returns:\n$ret\n" + # # Allow error's to occur prior to quit the task, as we are capturing the command output, otherwise, we will have no chance to output that in stdout/stderr. + # set +e + # ret=$(repoclient package add -r ${REPO_ID} $pkg) + # [[ $? == 0 ]] || { echo "Error: repoclient package add failed: $ret" >&2; exit 1; } + # echo -e "repoclient package add returns:\n$ret\n" - location=$(jq -r '.Location' <<< $ret) - package_id=${location##*/} - [[ -n $package_id ]] || { echo "Error: empty package id got" >&2; exit 1; } - echo "package id: $package_id" + # location=$(jq -r '.Location' <<< $ret) + # package_id=${location##*/} + # [[ -n $package_id ]] || { echo "Error: empty package id got" >&2; exit 1; } + # echo "package id: $package_id" - ret=$(repoclient package check $package_id) - [[ $? == 0 ]] || { echo "Error: repoclient package check failed: $ret" >&2; exit 1; } - echo -e "repoclient package check returns:\n$ret\n" - displayName: "Publish via repoclient" - env: - TYPE: $(TYPE) - REPO_ID: $(REPO_ID) - - script: | - #TODO - displayName: "Wait for package publish finish" + # ret=$(repoclient package check $package_id) + # [[ $? == 0 ]] || { echo "Error: repoclient package check failed: $ret" >&2; exit 1; } + # echo -e "repoclient package check returns:\n$ret\n" + # displayName: "Publish via repoclient" + # env: + # TYPE: $(TYPE) + # REPO_ID: $(REPO_ID) + #- script: | + # #TODO + # displayName: "Wait for package publish finish" - script: | set -e From 8d1dfe7711094bdd27e9ff64b39a84a8ccb67c5b Mon Sep 17 00:00:00 2001 From: magodo Date: Tue, 23 Aug 2022 12:07:37 +0800 Subject: [PATCH 79/94] uncomment all --- azure-pipelines.yml | 112 ++++++++++++++++++++++---------------------- 1 file changed, 56 insertions(+), 56 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index f46c984..8046cd7 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -349,67 +349,67 @@ stages: REPO_DISTRO: fedora REPO_RELEASE: 36 steps: - #- task: DownloadPipelineArtifact@2 - # inputs: - # artifact: linux-$(ARCH)-pkg - # path: $(system.defaultWorkingDirectory)/dist/pkg + - task: DownloadPipelineArtifact@2 + inputs: + artifact: linux-$(ARCH)-pkg + path: $(system.defaultWorkingDirectory)/dist/pkg - # # Debug purpose only: Accelerate debugging on this stage - # # source: "specific" - # # project: "release" - # # pipeline: 22 - # # runVersion: "specific" - # # runId: 3760 + # Debug purpose only: Accelerate debugging on this stage + # source: "specific" + # project: "release" + # pipeline: 22 + # runVersion: "specific" + # runId: 3760 - #- task: UniversalPackages@0 - # displayName: "Download repoclient" - # inputs: - # command: download - # vstsFeed: "release/aztfy" - # vstsFeedPackage: "azure-repoapi-client" - # vstsPackageVersion: "2.2.1" - # downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool - #- script: | - # set -e - # sudo apt install -y ./dist/tool/azure-repoapi-client_2.2.1_amd64.deb - # mkdir ~/.repoclient - # cat << EOF > ~/.repoclient/config.json - # { - # "server": "azure-apt-cat.cloudapp.net", - # "port": "443", - # "AADClientId": "$(LINUX_REPO_SP_CLIENT_ID)", - # "AADClientSecret": "$(LINUX_REPO_SP_CLIENT_SECRET)", - # "AADResource": "https://microsoft.onmicrosoft.com/945999e9-da09-4b5b-878f-b66c414602c0", - # "AADTenant": "72f988bf-86f1-41af-91ab-2d7cd011db47", - # "AADAuthorityUrl": "https://login.microsoftonline.com", - # "repositoryId": "IGNORE" - # } - # EOF - # pkg=(./dist/pkg/*.${TYPE}) - # [[ ${#pkg[@]} == 1 ]] || { echo "not exactly one target packages found: $(declare -p pkg)" > 2; exit 1; } - # pkg=${pkg[0]} + - task: UniversalPackages@0 + displayName: "Download repoclient" + inputs: + command: download + vstsFeed: "release/aztfy" + vstsFeedPackage: "azure-repoapi-client" + vstsPackageVersion: "2.2.1" + downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool + - script: | + set -e + sudo apt install -y ./dist/tool/azure-repoapi-client_2.2.1_amd64.deb + mkdir ~/.repoclient + cat << EOF > ~/.repoclient/config.json + { + "server": "azure-apt-cat.cloudapp.net", + "port": "443", + "AADClientId": "$(LINUX_REPO_SP_CLIENT_ID)", + "AADClientSecret": "$(LINUX_REPO_SP_CLIENT_SECRET)", + "AADResource": "https://microsoft.onmicrosoft.com/945999e9-da09-4b5b-878f-b66c414602c0", + "AADTenant": "72f988bf-86f1-41af-91ab-2d7cd011db47", + "AADAuthorityUrl": "https://login.microsoftonline.com", + "repositoryId": "IGNORE" + } + EOF + pkg=(./dist/pkg/*.${TYPE}) + [[ ${#pkg[@]} == 1 ]] || { echo "not exactly one target packages found: $(declare -p pkg)" > 2; exit 1; } + pkg=${pkg[0]} - # # Allow error's to occur prior to quit the task, as we are capturing the command output, otherwise, we will have no chance to output that in stdout/stderr. - # set +e - # ret=$(repoclient package add -r ${REPO_ID} $pkg) - # [[ $? == 0 ]] || { echo "Error: repoclient package add failed: $ret" >&2; exit 1; } - # echo -e "repoclient package add returns:\n$ret\n" + # Allow error's to occur prior to quit the task, as we are capturing the command output, otherwise, we will have no chance to output that in stdout/stderr. + set +e + ret=$(repoclient package add -r ${REPO_ID} $pkg) + [[ $? == 0 ]] || { echo "Error: repoclient package add failed: $ret" >&2; exit 1; } + echo -e "repoclient package add returns:\n$ret\n" - # location=$(jq -r '.Location' <<< $ret) - # package_id=${location##*/} - # [[ -n $package_id ]] || { echo "Error: empty package id got" >&2; exit 1; } - # echo "package id: $package_id" + location=$(jq -r '.Location' <<< $ret) + package_id=${location##*/} + [[ -n $package_id ]] || { echo "Error: empty package id got" >&2; exit 1; } + echo "package id: $package_id" - # ret=$(repoclient package check $package_id) - # [[ $? == 0 ]] || { echo "Error: repoclient package check failed: $ret" >&2; exit 1; } - # echo -e "repoclient package check returns:\n$ret\n" - # displayName: "Publish via repoclient" - # env: - # TYPE: $(TYPE) - # REPO_ID: $(REPO_ID) - #- script: | - # #TODO - # displayName: "Wait for package publish finish" + ret=$(repoclient package check $package_id) + [[ $? == 0 ]] || { echo "Error: repoclient package check failed: $ret" >&2; exit 1; } + echo -e "repoclient package check returns:\n$ret\n" + displayName: "Publish via repoclient" + env: + TYPE: $(TYPE) + REPO_ID: $(REPO_ID) + - script: | + sleep 10m + displayName: "Wait for package publish finish" - script: | set -e From 7295ea7f4a919ded045f56f83a284f4cc6c1281e Mon Sep 17 00:00:00 2001 From: magodo Date: Tue, 23 Aug 2022 14:40:54 +0800 Subject: [PATCH 80/94] sign msi && update linux package verify retry --- azure-pipelines.yml | 38 +++++++++++++++++-- scripts/package/linux/verify/centos-8.sh | 12 +++++- .../package/linux/verify/debian-bullseye.sh | 12 +++++- scripts/package/linux/verify/debian-buster.sh | 12 +++++- scripts/package/linux/verify/fedora-34.sh | 11 +++++- scripts/package/linux/verify/fedora-35.sh | 11 +++++- scripts/package/linux/verify/fedora-36.sh | 11 +++++- scripts/package/linux/verify/ubuntu-bionic.sh | 12 +++++- scripts/package/linux/verify/ubuntu-focal.sh | 12 +++++- scripts/package/linux/verify/ubuntu-jammy.sh | 11 +++++- scripts/package/windows/{ => build}/setup.wxs | 0 11 files changed, 129 insertions(+), 13 deletions(-) rename scripts/package/windows/{ => build}/setup.wxs (100%) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 8046cd7..1154f21 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -407,9 +407,6 @@ stages: env: TYPE: $(TYPE) REPO_ID: $(REPO_ID) - - script: | - sleep 10m - displayName: "Wait for package publish finish" - script: | set -e @@ -480,7 +477,7 @@ stages: export PATH=$PATH:"/c/Program Files (x86)/WiX Toolset v3.11/bin" # Build - cd $workdir/scripts/package/windows + cd $workdir/scripts/package/windows/build declare -A map=( [386]=x86 [amd64]=x64 ) export VERSION=${VERSION:1} cp $workdir/dist/bin/aztfy.exe . @@ -492,6 +489,39 @@ stages: VERSION: ${{ parameters.version }} ARCH: $(ARCH) displayName: "Build" + - task: EsrpCodeSigning@1 + displayName: "Sign MSI" + inputs: + ConnectedServiceName: "ESRP Signing Service" + FolderPath: "$(system.defaultWorkingDirectory)/dist/output" + Pattern: "aztfy.msi" + signConfigType: "inlineSignParams" + inlineOperation: | + [ + { + "KeyCode" : "CP-230012", + "OperationCode" : "SigntoolSign", + "Parameters" : { + "OpusName" : "Microsoft", + "OpusInfo" : "http://www.microsoft.com", + "PageHash" : "/NPH", + "TimeStamp" : "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256", + "FileDigest": "/fd \"SHA256\"" + }, + "ToolName" : "sign", + "ToolVersion" : "1.0" + }, + { + "KeyCode" : "CP-230012", + "OperationCode" : "SigntoolVerify", + "Parameters" : {}, + "ToolName" : "sign", + "ToolVersion" : "1.0" + } + ] + SessionTimeout: "60" + MaxConcurrency: "50" + MaxRetryAttempts: "5" - task: PublishPipelineArtifact@1 displayName: "Publish MSI" inputs: diff --git a/scripts/package/linux/verify/centos-8.sh b/scripts/package/linux/verify/centos-8.sh index 1a46b3e..cb73753 100755 --- a/scripts/package/linux/verify/centos-8.sh +++ b/scripts/package/linux/verify/centos-8.sh @@ -11,5 +11,15 @@ dnf install -y https://packages.microsoft.com/config/centos/8/packages-microsoft # See: https://access.redhat.com/solutions/2779441 dnf check-update || [[ $? == 100 ]] -dnf install -y aztfy + +total=20 +count=1 +while ((count <= total)); do + dnf install -y aztfy && break + echo "Retry ($count/$total)" + sleep 1m + ((count++)) +done +(( count <= total )) + grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/debian-bullseye.sh b/scripts/package/linux/verify/debian-bullseye.sh index e1c7904..5bc6643 100755 --- a/scripts/package/linux/verify/debian-bullseye.sh +++ b/scripts/package/linux/verify/debian-bullseye.sh @@ -8,5 +8,15 @@ apt-get install -y curl software-properties-common gpg curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - apt-add-repository https://packages.microsoft.com/debian/11/prod apt-get update -apt-get install -y aztfy + +total=20 +count=1 +while ((count <= total)); do + apt-get install -y aztfy && break + echo "Retry ($count/$total)" + sleep 1m + ((count++)) +done +(( count <= total )) + grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/debian-buster.sh b/scripts/package/linux/verify/debian-buster.sh index ba9e947..0482f71 100755 --- a/scripts/package/linux/verify/debian-buster.sh +++ b/scripts/package/linux/verify/debian-buster.sh @@ -8,5 +8,15 @@ apt-get install -y curl software-properties-common gpg curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - apt-add-repository https://packages.microsoft.com/debian/10/prod apt-get update -apt-get install -y aztfy + +total=20 +count=1 +while ((count <= total)); do + apt-get install -y aztfy && break + echo "Retry ($count/$total)" + sleep 1m + ((count++)) +done +(( count <= total )) + grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/fedora-34.sh b/scripts/package/linux/verify/fedora-34.sh index 043b3f1..5d48ebe 100755 --- a/scripts/package/linux/verify/fedora-34.sh +++ b/scripts/package/linux/verify/fedora-34.sh @@ -13,5 +13,14 @@ dnf install -y https://packages.microsoft.com/config/fedora/34/packages-microsof # See: https://access.redhat.com/solutions/2779441 dnf check-update || [[ $? == 100 ]] -dnf install -y aztfy +total=20 +count=1 +while ((count <= total)); do + dnf install -y aztfy && break + echo "Retry ($count/$total)" + sleep 1m + ((count++)) +done +(( count <= total )) + grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/fedora-35.sh b/scripts/package/linux/verify/fedora-35.sh index 0edd6ad..4543c32 100755 --- a/scripts/package/linux/verify/fedora-35.sh +++ b/scripts/package/linux/verify/fedora-35.sh @@ -13,5 +13,14 @@ dnf install -y https://packages.microsoft.com/config/fedora/35/packages-microsof # See: https://access.redhat.com/solutions/2779441 dnf check-update || [[ $? == 100 ]] -dnf install -y aztfy +total=20 +count=1 +while ((count <= total)); do + dnf install -y aztfy && break + echo "Retry ($count/$total)" + sleep 1m + ((count++)) +done +(( count <= total )) + grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/fedora-36.sh b/scripts/package/linux/verify/fedora-36.sh index d85f9fc..91093cb 100755 --- a/scripts/package/linux/verify/fedora-36.sh +++ b/scripts/package/linux/verify/fedora-36.sh @@ -13,5 +13,14 @@ dnf install -y https://packages.microsoft.com/config/fedora/36/packages-microsof # See: https://access.redhat.com/solutions/2779441 dnf check-update || [[ $? == 100 ]] -dnf install -y aztfy +total=20 +count=1 +while ((count <= total)); do + dnf install -y aztfy && break + echo "Retry ($count/$total)" + sleep 1m + ((count++)) +done +(( count <= total )) + grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/ubuntu-bionic.sh b/scripts/package/linux/verify/ubuntu-bionic.sh index 83c3450..7433539 100755 --- a/scripts/package/linux/verify/ubuntu-bionic.sh +++ b/scripts/package/linux/verify/ubuntu-bionic.sh @@ -8,5 +8,15 @@ apt-get install -y curl software-properties-common gpg curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - apt-add-repository https://packages.microsoft.com/ubuntu/18.04/multiarch/prod apt-get update -apt-get install -y aztfy + +total=20 +count=1 +while ((count <= total)); do + apt-get install -y aztfy && break + echo "Retry ($count/$total)" + sleep 1m + ((count++)) +done +(( count <= total )) + grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/ubuntu-focal.sh b/scripts/package/linux/verify/ubuntu-focal.sh index c09b28a..54ec333 100755 --- a/scripts/package/linux/verify/ubuntu-focal.sh +++ b/scripts/package/linux/verify/ubuntu-focal.sh @@ -8,5 +8,15 @@ apt-get install -y curl software-properties-common gpg curl -sSL https://packages.microsoft.com/keys/microsoft.asc > /etc/apt/trusted.gpg.d/microsoft.asc apt-add-repository https://packages.microsoft.com/ubuntu/20.04/prod apt-get update -apt-get install -y aztfy + +total=20 +count=1 +while ((count <= total)); do + apt-get install -y aztfy && break + echo "Retry ($count/$total)" + sleep 1m + ((count++)) +done +(( count <= total )) + grep $version <(aztfy -v) diff --git a/scripts/package/linux/verify/ubuntu-jammy.sh b/scripts/package/linux/verify/ubuntu-jammy.sh index e5b186f..70a26ae 100755 --- a/scripts/package/linux/verify/ubuntu-jammy.sh +++ b/scripts/package/linux/verify/ubuntu-jammy.sh @@ -8,5 +8,14 @@ apt-get install -y curl software-properties-common gpg curl -sSL https://packages.microsoft.com/keys/microsoft.asc > /etc/apt/trusted.gpg.d/microsoft.asc apt-add-repository https://packages.microsoft.com/ubuntu/22.04/prod apt-get update -apt-get install -y aztfy + +total=20 +count=1 +while ((count <= total)); do + apt-get install -y aztfy && break + echo "Retry ($count/$total)" + sleep 1m + ((count++)) +done + grep $version <(aztfy -v) diff --git a/scripts/package/windows/setup.wxs b/scripts/package/windows/build/setup.wxs similarity index 100% rename from scripts/package/windows/setup.wxs rename to scripts/package/windows/build/setup.wxs From e17f57105d88f6b6d2bd0badd6f251e8e50842ec Mon Sep 17 00:00:00 2001 From: magodo Date: Tue, 23 Aug 2022 14:53:36 +0800 Subject: [PATCH 81/94] update the acc artifact runId --- azure-pipelines.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 1154f21..e06edff 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -354,12 +354,12 @@ stages: artifact: linux-$(ARCH)-pkg path: $(system.defaultWorkingDirectory)/dist/pkg - # Debug purpose only: Accelerate debugging on this stage - # source: "specific" - # project: "release" - # pipeline: 22 - # runVersion: "specific" - # runId: 3760 + Debug purpose only: Accelerate debugging on this stage + source: "specific" + project: "release" + pipeline: 22 + runVersion: "specific" + runId: 3913 - task: UniversalPackages@0 displayName: "Download repoclient" @@ -460,7 +460,7 @@ stages: # project: "release" # pipeline: 22 # runVersion: "specific" - # runId: 3760 + # runId: 3913 - task: UniversalPackages@0 displayName: "Download wix toolset" inputs: From 972dce40460c2ac43909532a0a0464c61b226d4c Mon Sep 17 00:00:00 2001 From: magodo Date: Tue, 23 Aug 2022 15:24:29 +0800 Subject: [PATCH 82/94] linux pkg verify: update count from 20->60 --- scripts/package/linux/verify/centos-8.sh | 2 +- scripts/package/linux/verify/debian-bullseye.sh | 2 +- scripts/package/linux/verify/debian-buster.sh | 2 +- scripts/package/linux/verify/fedora-34.sh | 2 +- scripts/package/linux/verify/fedora-35.sh | 2 +- scripts/package/linux/verify/fedora-36.sh | 2 +- scripts/package/linux/verify/ubuntu-bionic.sh | 2 +- scripts/package/linux/verify/ubuntu-focal.sh | 2 +- scripts/package/linux/verify/ubuntu-jammy.sh | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/scripts/package/linux/verify/centos-8.sh b/scripts/package/linux/verify/centos-8.sh index cb73753..a54ec03 100755 --- a/scripts/package/linux/verify/centos-8.sh +++ b/scripts/package/linux/verify/centos-8.sh @@ -12,7 +12,7 @@ dnf install -y https://packages.microsoft.com/config/centos/8/packages-microsoft dnf check-update || [[ $? == 100 ]] -total=20 +total=60 count=1 while ((count <= total)); do dnf install -y aztfy && break diff --git a/scripts/package/linux/verify/debian-bullseye.sh b/scripts/package/linux/verify/debian-bullseye.sh index 5bc6643..a1bb113 100755 --- a/scripts/package/linux/verify/debian-bullseye.sh +++ b/scripts/package/linux/verify/debian-bullseye.sh @@ -9,7 +9,7 @@ curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - apt-add-repository https://packages.microsoft.com/debian/11/prod apt-get update -total=20 +total=60 count=1 while ((count <= total)); do apt-get install -y aztfy && break diff --git a/scripts/package/linux/verify/debian-buster.sh b/scripts/package/linux/verify/debian-buster.sh index 0482f71..3afe4ca 100755 --- a/scripts/package/linux/verify/debian-buster.sh +++ b/scripts/package/linux/verify/debian-buster.sh @@ -9,7 +9,7 @@ curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - apt-add-repository https://packages.microsoft.com/debian/10/prod apt-get update -total=20 +total=60 count=1 while ((count <= total)); do apt-get install -y aztfy && break diff --git a/scripts/package/linux/verify/fedora-34.sh b/scripts/package/linux/verify/fedora-34.sh index 5d48ebe..a791798 100755 --- a/scripts/package/linux/verify/fedora-34.sh +++ b/scripts/package/linux/verify/fedora-34.sh @@ -13,7 +13,7 @@ dnf install -y https://packages.microsoft.com/config/fedora/34/packages-microsof # See: https://access.redhat.com/solutions/2779441 dnf check-update || [[ $? == 100 ]] -total=20 +total=60 count=1 while ((count <= total)); do dnf install -y aztfy && break diff --git a/scripts/package/linux/verify/fedora-35.sh b/scripts/package/linux/verify/fedora-35.sh index 4543c32..762fb0a 100755 --- a/scripts/package/linux/verify/fedora-35.sh +++ b/scripts/package/linux/verify/fedora-35.sh @@ -13,7 +13,7 @@ dnf install -y https://packages.microsoft.com/config/fedora/35/packages-microsof # See: https://access.redhat.com/solutions/2779441 dnf check-update || [[ $? == 100 ]] -total=20 +total=60 count=1 while ((count <= total)); do dnf install -y aztfy && break diff --git a/scripts/package/linux/verify/fedora-36.sh b/scripts/package/linux/verify/fedora-36.sh index 91093cb..da7aaa3 100755 --- a/scripts/package/linux/verify/fedora-36.sh +++ b/scripts/package/linux/verify/fedora-36.sh @@ -13,7 +13,7 @@ dnf install -y https://packages.microsoft.com/config/fedora/36/packages-microsof # See: https://access.redhat.com/solutions/2779441 dnf check-update || [[ $? == 100 ]] -total=20 +total=60 count=1 while ((count <= total)); do dnf install -y aztfy && break diff --git a/scripts/package/linux/verify/ubuntu-bionic.sh b/scripts/package/linux/verify/ubuntu-bionic.sh index 7433539..12f1209 100755 --- a/scripts/package/linux/verify/ubuntu-bionic.sh +++ b/scripts/package/linux/verify/ubuntu-bionic.sh @@ -9,7 +9,7 @@ curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - apt-add-repository https://packages.microsoft.com/ubuntu/18.04/multiarch/prod apt-get update -total=20 +total=60 count=1 while ((count <= total)); do apt-get install -y aztfy && break diff --git a/scripts/package/linux/verify/ubuntu-focal.sh b/scripts/package/linux/verify/ubuntu-focal.sh index 54ec333..adfa1ad 100755 --- a/scripts/package/linux/verify/ubuntu-focal.sh +++ b/scripts/package/linux/verify/ubuntu-focal.sh @@ -9,7 +9,7 @@ curl -sSL https://packages.microsoft.com/keys/microsoft.asc > /etc/apt/trusted.g apt-add-repository https://packages.microsoft.com/ubuntu/20.04/prod apt-get update -total=20 +total=60 count=1 while ((count <= total)); do apt-get install -y aztfy && break diff --git a/scripts/package/linux/verify/ubuntu-jammy.sh b/scripts/package/linux/verify/ubuntu-jammy.sh index 70a26ae..83bfbd5 100755 --- a/scripts/package/linux/verify/ubuntu-jammy.sh +++ b/scripts/package/linux/verify/ubuntu-jammy.sh @@ -9,7 +9,7 @@ curl -sSL https://packages.microsoft.com/keys/microsoft.asc > /etc/apt/trusted.g apt-add-repository https://packages.microsoft.com/ubuntu/22.04/prod apt-get update -total=20 +total=60 count=1 while ((count <= total)); do apt-get install -y aztfy && break From d40febb4081dc218583b6027b2cc86117c5cf325 Mon Sep 17 00:00:00 2001 From: magodo Date: Tue, 23 Aug 2022 15:41:14 +0800 Subject: [PATCH 83/94] linux pkg verify: each try also update repo metadta --- scripts/package/linux/verify/centos-8.sh | 9 ++++----- scripts/package/linux/verify/debian-bullseye.sh | 5 +++-- scripts/package/linux/verify/debian-buster.sh | 5 +++-- scripts/package/linux/verify/fedora-34.sh | 8 ++++---- scripts/package/linux/verify/fedora-35.sh | 8 ++++---- scripts/package/linux/verify/fedora-36.sh | 8 ++++---- scripts/package/linux/verify/ubuntu-bionic.sh | 5 +++-- scripts/package/linux/verify/ubuntu-focal.sh | 5 +++-- scripts/package/linux/verify/ubuntu-jammy.sh | 5 +++-- 9 files changed, 31 insertions(+), 27 deletions(-) diff --git a/scripts/package/linux/verify/centos-8.sh b/scripts/package/linux/verify/centos-8.sh index a54ec03..862a80c 100755 --- a/scripts/package/linux/verify/centos-8.sh +++ b/scripts/package/linux/verify/centos-8.sh @@ -8,15 +8,14 @@ sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' / rpm --import https://packages.microsoft.com/keys/microsoft.asc dnf install -y https://packages.microsoft.com/config/centos/8/packages-microsoft-prod.rpm -# See: https://access.redhat.com/solutions/2779441 -dnf check-update || [[ $? == 100 ]] - - total=60 count=1 while ((count <= total)); do + echo "Try ($count/$total)" + # See: https://access.redhat.com/solutions/2779441 + dnf check-update || [[ $? == 100 ]] dnf install -y aztfy && break - echo "Retry ($count/$total)" + sleep 1m ((count++)) done diff --git a/scripts/package/linux/verify/debian-bullseye.sh b/scripts/package/linux/verify/debian-bullseye.sh index a1bb113..dc2d50d 100755 --- a/scripts/package/linux/verify/debian-bullseye.sh +++ b/scripts/package/linux/verify/debian-bullseye.sh @@ -7,13 +7,14 @@ apt-get update apt-get install -y curl software-properties-common gpg curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - apt-add-repository https://packages.microsoft.com/debian/11/prod -apt-get update total=60 count=1 while ((count <= total)); do + echo "Try ($count/$total)" + apt-get update apt-get install -y aztfy && break - echo "Retry ($count/$total)" + sleep 1m ((count++)) done diff --git a/scripts/package/linux/verify/debian-buster.sh b/scripts/package/linux/verify/debian-buster.sh index 3afe4ca..a9f0708 100755 --- a/scripts/package/linux/verify/debian-buster.sh +++ b/scripts/package/linux/verify/debian-buster.sh @@ -7,13 +7,14 @@ apt-get update apt-get install -y curl software-properties-common gpg curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - apt-add-repository https://packages.microsoft.com/debian/10/prod -apt-get update total=60 count=1 while ((count <= total)); do + echo "Try ($count/$total)" + apt-get update apt-get install -y aztfy && break - echo "Retry ($count/$total)" + sleep 1m ((count++)) done diff --git a/scripts/package/linux/verify/fedora-34.sh b/scripts/package/linux/verify/fedora-34.sh index a791798..1a8dd90 100755 --- a/scripts/package/linux/verify/fedora-34.sh +++ b/scripts/package/linux/verify/fedora-34.sh @@ -10,14 +10,14 @@ rm -f /etc/yum.repos.d/* dnf install -y https://packages.microsoft.com/config/fedora/34/packages-microsoft-prod.rpm -# See: https://access.redhat.com/solutions/2779441 -dnf check-update || [[ $? == 100 ]] - total=60 count=1 while ((count <= total)); do + echo "Try ($count/$total)" + # See: https://access.redhat.com/solutions/2779441 + dnf check-update || [[ $? == 100 ]] dnf install -y aztfy && break - echo "Retry ($count/$total)" + sleep 1m ((count++)) done diff --git a/scripts/package/linux/verify/fedora-35.sh b/scripts/package/linux/verify/fedora-35.sh index 762fb0a..ff54f98 100755 --- a/scripts/package/linux/verify/fedora-35.sh +++ b/scripts/package/linux/verify/fedora-35.sh @@ -10,14 +10,14 @@ rm -f /etc/yum.repos.d/* dnf install -y https://packages.microsoft.com/config/fedora/35/packages-microsoft-prod.rpm -# See: https://access.redhat.com/solutions/2779441 -dnf check-update || [[ $? == 100 ]] - total=60 count=1 while ((count <= total)); do + echo "Try ($count/$total)" + # See: https://access.redhat.com/solutions/2779441 + dnf check-update || [[ $? == 100 ]] dnf install -y aztfy && break - echo "Retry ($count/$total)" + sleep 1m ((count++)) done diff --git a/scripts/package/linux/verify/fedora-36.sh b/scripts/package/linux/verify/fedora-36.sh index da7aaa3..7d9c134 100755 --- a/scripts/package/linux/verify/fedora-36.sh +++ b/scripts/package/linux/verify/fedora-36.sh @@ -10,14 +10,14 @@ rm -f /etc/yum.repos.d/* dnf install -y https://packages.microsoft.com/config/fedora/36/packages-microsoft-prod.rpm -# See: https://access.redhat.com/solutions/2779441 -dnf check-update || [[ $? == 100 ]] - total=60 count=1 while ((count <= total)); do + echo "Try ($count/$total)" + # See: https://access.redhat.com/solutions/2779441 + dnf check-update || [[ $? == 100 ]] dnf install -y aztfy && break - echo "Retry ($count/$total)" + sleep 1m ((count++)) done diff --git a/scripts/package/linux/verify/ubuntu-bionic.sh b/scripts/package/linux/verify/ubuntu-bionic.sh index 12f1209..7f335e8 100755 --- a/scripts/package/linux/verify/ubuntu-bionic.sh +++ b/scripts/package/linux/verify/ubuntu-bionic.sh @@ -7,13 +7,14 @@ apt-get update apt-get install -y curl software-properties-common gpg curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - apt-add-repository https://packages.microsoft.com/ubuntu/18.04/multiarch/prod -apt-get update total=60 count=1 while ((count <= total)); do + echo "Try ($count/$total)" + apt-get update apt-get install -y aztfy && break - echo "Retry ($count/$total)" + sleep 1m ((count++)) done diff --git a/scripts/package/linux/verify/ubuntu-focal.sh b/scripts/package/linux/verify/ubuntu-focal.sh index adfa1ad..8f9ca00 100755 --- a/scripts/package/linux/verify/ubuntu-focal.sh +++ b/scripts/package/linux/verify/ubuntu-focal.sh @@ -7,13 +7,14 @@ apt-get update apt-get install -y curl software-properties-common gpg curl -sSL https://packages.microsoft.com/keys/microsoft.asc > /etc/apt/trusted.gpg.d/microsoft.asc apt-add-repository https://packages.microsoft.com/ubuntu/20.04/prod -apt-get update total=60 count=1 while ((count <= total)); do + echo "Try ($count/$total)" + apt-get update apt-get install -y aztfy && break - echo "Retry ($count/$total)" + sleep 1m ((count++)) done diff --git a/scripts/package/linux/verify/ubuntu-jammy.sh b/scripts/package/linux/verify/ubuntu-jammy.sh index 83bfbd5..90c72b0 100755 --- a/scripts/package/linux/verify/ubuntu-jammy.sh +++ b/scripts/package/linux/verify/ubuntu-jammy.sh @@ -7,13 +7,14 @@ apt-get update apt-get install -y curl software-properties-common gpg curl -sSL https://packages.microsoft.com/keys/microsoft.asc > /etc/apt/trusted.gpg.d/microsoft.asc apt-add-repository https://packages.microsoft.com/ubuntu/22.04/prod -apt-get update total=60 count=1 while ((count <= total)); do + echo "Try ($count/$total)" + apt-get update apt-get install -y aztfy && break - echo "Retry ($count/$total)" + sleep 1m ((count++)) done From 9122f6ac22bd018a93158b61768091041e8b2af5 Mon Sep 17 00:00:00 2001 From: magodo Date: Tue, 23 Aug 2022 15:41:43 +0800 Subject: [PATCH 84/94] vmImage changes to name --- azure-pipelines.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index e06edff..d789f06 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -5,6 +5,8 @@ parameters: stages: - stage: build + pool: + name: pool-ubuntu-2004 displayName: "Build aztfy" jobs: - job: build @@ -208,6 +210,8 @@ stages: - stage: publish_linux_packages displayName: "Publish Linux Packages" + pool: + name: pool-ubuntu-2004 jobs: - job: publish displayName: "Publish Packages" @@ -437,10 +441,12 @@ stages: - stage: publish_windows_setup displayName: "Publish Windows Setup" + pool: + name: pool-ubuntu-2004 jobs: - job: build_msi pool: - vmImage: "windows-2019" + name: pool-windows-2019 displayName: "Build MSI" strategy: matrix: @@ -530,6 +536,8 @@ stages: - stage: release displayName: "Release" + pool: + name: pool-ubuntu-2004 jobs: - job: release displayName: "Release" From 8e6220fc45b8f713ff3f29d3f9860807de5afd5c Mon Sep 17 00:00:00 2001 From: magodo Date: Tue, 23 Aug 2022 16:28:40 +0800 Subject: [PATCH 85/94] dnf check-update --refresh --- scripts/package/linux/verify/centos-8.sh | 2 +- scripts/package/linux/verify/fedora-34.sh | 2 +- scripts/package/linux/verify/fedora-35.sh | 2 +- scripts/package/linux/verify/fedora-36.sh | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/package/linux/verify/centos-8.sh b/scripts/package/linux/verify/centos-8.sh index 862a80c..64a0cfa 100755 --- a/scripts/package/linux/verify/centos-8.sh +++ b/scripts/package/linux/verify/centos-8.sh @@ -13,7 +13,7 @@ count=1 while ((count <= total)); do echo "Try ($count/$total)" # See: https://access.redhat.com/solutions/2779441 - dnf check-update || [[ $? == 100 ]] + dnf check-update --refresh || [[ $? == 100 ]] dnf install -y aztfy && break sleep 1m diff --git a/scripts/package/linux/verify/fedora-34.sh b/scripts/package/linux/verify/fedora-34.sh index 1a8dd90..3b9d849 100755 --- a/scripts/package/linux/verify/fedora-34.sh +++ b/scripts/package/linux/verify/fedora-34.sh @@ -15,7 +15,7 @@ count=1 while ((count <= total)); do echo "Try ($count/$total)" # See: https://access.redhat.com/solutions/2779441 - dnf check-update || [[ $? == 100 ]] + dnf check-update --refresh || [[ $? == 100 ]] dnf install -y aztfy && break sleep 1m diff --git a/scripts/package/linux/verify/fedora-35.sh b/scripts/package/linux/verify/fedora-35.sh index ff54f98..30ba916 100755 --- a/scripts/package/linux/verify/fedora-35.sh +++ b/scripts/package/linux/verify/fedora-35.sh @@ -15,7 +15,7 @@ count=1 while ((count <= total)); do echo "Try ($count/$total)" # See: https://access.redhat.com/solutions/2779441 - dnf check-update || [[ $? == 100 ]] + dnf check-update --refresh || [[ $? == 100 ]] dnf install -y aztfy && break sleep 1m diff --git a/scripts/package/linux/verify/fedora-36.sh b/scripts/package/linux/verify/fedora-36.sh index 7d9c134..33b6018 100755 --- a/scripts/package/linux/verify/fedora-36.sh +++ b/scripts/package/linux/verify/fedora-36.sh @@ -15,7 +15,7 @@ count=1 while ((count <= total)); do echo "Try ($count/$total)" # See: https://access.redhat.com/solutions/2779441 - dnf check-update || [[ $? == 100 ]] + dnf check-update --refresh || [[ $? == 100 ]] dnf install -y aztfy && break sleep 1m From 568468cea898e33a26a92126a9a4e98d0cbe9ee7 Mon Sep 17 00:00:00 2001 From: magodo Date: Tue, 23 Aug 2022 16:51:34 +0800 Subject: [PATCH 86/94] move the build msi to build stage --- azure-pipelines.yml | 174 ++++++++++++++++++++------------------------ 1 file changed, 79 insertions(+), 95 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index d789f06..2fe4ba4 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -99,8 +99,84 @@ stages: - job: build_windows_setup displayName: "Build Windows Setup" dependsOn: build + strategy: + matrix: + 386: + ARCH: 386 + amd64: + ARCH: amd64 steps: - - script: echo TODO + - task: DownloadPipelineArtifact@2 + displayName: "Download aztfy binary" + inputs: + artifact: windows-$(ARCH) + path: $(system.defaultWorkingDirectory)/dist/bin + - task: UniversalPackages@0 + displayName: "Download wix toolset" + inputs: + command: download + vstsFeed: "release/aztfy" + vstsFeedPackage: "wixsetup" + vstsPackageVersion: "3.11.2" + downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool + - bash: | + set -e + + # Setup wix + ./dist/tool/wix311.exe -install -quiet -norestart + export PATH=$PATH:"/c/Program Files (x86)/WiX Toolset v3.11/bin" + + # Build + cd $workdir/scripts/package/windows/build + declare -A map=( [386]=x86 [amd64]=x64 ) + export VERSION=${VERSION:1} + cp $workdir/dist/bin/aztfy.exe . + candle.exe -arch ${map[$ARCH]} -o setup.wxobj ./setup.wxs + mkdir $workdir/dist/output + light.exe -out $workdir/dist/output/aztfy.msi ./setup.wxobj + env: + workdir: $(system.defaultWorkingDirectory) + VERSION: ${{ parameters.version }} + ARCH: $(ARCH) + displayName: "Build" + - task: EsrpCodeSigning@1 + displayName: "Sign MSI" + inputs: + ConnectedServiceName: "ESRP Signing Service" + FolderPath: "$(system.defaultWorkingDirectory)/dist/output" + Pattern: "*.msi" + signConfigType: "inlineSignParams" + inlineOperation: | + [ + { + "KeyCode" : "CP-230012", + "OperationCode" : "SigntoolSign", + "Parameters" : { + "OpusName" : "Microsoft", + "OpusInfo" : "http://www.microsoft.com", + "PageHash" : "/NPH", + "TimeStamp" : "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256", + "FileDigest": "/fd \"SHA256\"" + }, + "ToolName" : "sign", + "ToolVersion" : "1.0" + }, + { + "KeyCode" : "CP-230012", + "OperationCode" : "SigntoolVerify", + "Parameters" : {}, + "ToolName" : "sign", + "ToolVersion" : "1.0" + } + ] + SessionTimeout: "60" + MaxConcurrency: "50" + MaxRetryAttempts: "5" + - task: PublishPipelineArtifact@1 + displayName: "Publish MSI" + inputs: + targetPath: "$(system.defaultWorkingDirectory)/dist/output" + artifactName: windows-$(ARCH)-msi - job: build_linux_packages displayName: "Build Linux RPM/Debian Packages" @@ -439,100 +515,8 @@ stages: REPO_RELEASE: $(REPO_RELEASE) VERSION: ${{ parameters.version }} - - stage: publish_windows_setup - displayName: "Publish Windows Setup" - pool: - name: pool-ubuntu-2004 - jobs: - - job: build_msi - pool: - name: pool-windows-2019 - displayName: "Build MSI" - strategy: - matrix: - 386: - ARCH: 386 - amd64: - ARCH: amd64 - steps: - - task: DownloadPipelineArtifact@2 - displayName: "Download aztfy binary" - inputs: - artifact: windows-$(ARCH) - path: $(system.defaultWorkingDirectory)/dist/bin - - # Debug purpose only: Accelerate debugging on this stage - # source: "specific" - # project: "release" - # pipeline: 22 - # runVersion: "specific" - # runId: 3913 - - task: UniversalPackages@0 - displayName: "Download wix toolset" - inputs: - command: download - vstsFeed: "release/aztfy" - vstsFeedPackage: "wixsetup" - vstsPackageVersion: "3.11.2" - downloadDirectory: $(system.defaultWorkingDirectory)/dist/tool - - bash: | - set -e - - # Setup wix - ./dist/tool/wix311.exe -install -quiet -norestart - export PATH=$PATH:"/c/Program Files (x86)/WiX Toolset v3.11/bin" - - # Build - cd $workdir/scripts/package/windows/build - declare -A map=( [386]=x86 [amd64]=x64 ) - export VERSION=${VERSION:1} - cp $workdir/dist/bin/aztfy.exe . - candle.exe -arch ${map[$ARCH]} -o setup.wxobj ./setup.wxs - mkdir $workdir/dist/output - light.exe -out $workdir/dist/output/aztfy.msi ./setup.wxobj - env: - workdir: $(system.defaultWorkingDirectory) - VERSION: ${{ parameters.version }} - ARCH: $(ARCH) - displayName: "Build" - - task: EsrpCodeSigning@1 - displayName: "Sign MSI" - inputs: - ConnectedServiceName: "ESRP Signing Service" - FolderPath: "$(system.defaultWorkingDirectory)/dist/output" - Pattern: "aztfy.msi" - signConfigType: "inlineSignParams" - inlineOperation: | - [ - { - "KeyCode" : "CP-230012", - "OperationCode" : "SigntoolSign", - "Parameters" : { - "OpusName" : "Microsoft", - "OpusInfo" : "http://www.microsoft.com", - "PageHash" : "/NPH", - "TimeStamp" : "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256", - "FileDigest": "/fd \"SHA256\"" - }, - "ToolName" : "sign", - "ToolVersion" : "1.0" - }, - { - "KeyCode" : "CP-230012", - "OperationCode" : "SigntoolVerify", - "Parameters" : {}, - "ToolName" : "sign", - "ToolVersion" : "1.0" - } - ] - SessionTimeout: "60" - MaxConcurrency: "50" - MaxRetryAttempts: "5" - - task: PublishPipelineArtifact@1 - displayName: "Publish MSI" - inputs: - targetPath: "$(system.defaultWorkingDirectory)/dist/output" - artifactName: windows-$(ARCH)-msi + # - stage: publish_windows_setup + # displayName: "Publish Windows Setup" - stage: release displayName: "Release" From fce3d21d6c768cfd77c2d21fe1df5ddb1d736c11 Mon Sep 17 00:00:00 2001 From: magodo Date: Tue, 23 Aug 2022 17:16:50 +0800 Subject: [PATCH 87/94] disable the acc dl --- azure-pipelines.yml | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 2fe4ba4..68ad1ed 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -434,12 +434,13 @@ stages: artifact: linux-$(ARCH)-pkg path: $(system.defaultWorkingDirectory)/dist/pkg - Debug purpose only: Accelerate debugging on this stage - source: "specific" - project: "release" - pipeline: 22 - runVersion: "specific" - runId: 3913 + # Debug purpose only: Accelerate debugging on this stage + + # source: "specific" + # project: "release" + # pipeline: 22 + # runVersion: "specific" + # runId: 3913 - task: UniversalPackages@0 displayName: "Download repoclient" From d7cd953525d6f148772e332f94398b576b45622e Mon Sep 17 00:00:00 2001 From: magodo Date: Tue, 23 Aug 2022 18:00:33 +0800 Subject: [PATCH 88/94] debug msi --- azure-pipelines.yml | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 68ad1ed..baf8131 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -19,24 +19,24 @@ stages: windows-amd64: OS: windows ARCH: amd64 - linux-386: - OS: linux - ARCH: 386 - linux-amd64: - OS: linux - ARCH: amd64 - linux-arm: - OS: linux - ARCH: arm - linux-arm64: - OS: linux - ARCH: arm64 - darwin-amd64: - OS: darwin - ARCH: amd64 - darwin-arm64: - OS: darwin - ARCH: arm64 + # linux-386: + # OS: linux + # ARCH: 386 + # linux-amd64: + # OS: linux + # ARCH: amd64 + # linux-arm: + # OS: linux + # ARCH: arm + # linux-arm64: + # OS: linux + # ARCH: arm64 + # darwin-amd64: + # OS: darwin + # ARCH: amd64 + # darwin-arm64: + # OS: darwin + # ARCH: arm64 steps: - task: GoTool@0 displayName: "Install Go" @@ -123,6 +123,7 @@ stages: set -e # Setup wix + chmod +x ./dist/tool/wix311.exe ./dist/tool/wix311.exe -install -quiet -norestart export PATH=$PATH:"/c/Program Files (x86)/WiX Toolset v3.11/bin" From 5dc6491c9c3b50dcb69d5b55eb2b895a91a0c414 Mon Sep 17 00:00:00 2001 From: magodo Date: Tue, 23 Aug 2022 18:33:49 +0800 Subject: [PATCH 89/94] use windows vm for building msi --- azure-pipelines.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index baf8131..5fdfa41 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -98,6 +98,8 @@ stages: - job: build_windows_setup displayName: "Build Windows Setup" + pool: + name: pool-windows-2019 dependsOn: build strategy: matrix: @@ -123,7 +125,6 @@ stages: set -e # Setup wix - chmod +x ./dist/tool/wix311.exe ./dist/tool/wix311.exe -install -quiet -norestart export PATH=$PATH:"/c/Program Files (x86)/WiX Toolset v3.11/bin" From bdc56c602db51dcfe3096b817ebe9f0ca379b8be Mon Sep 17 00:00:00 2001 From: magodo Date: Tue, 23 Aug 2022 19:11:59 +0800 Subject: [PATCH 90/94] build all --- azure-pipelines.yml | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 5fdfa41..91334c9 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -19,24 +19,24 @@ stages: windows-amd64: OS: windows ARCH: amd64 - # linux-386: - # OS: linux - # ARCH: 386 - # linux-amd64: - # OS: linux - # ARCH: amd64 - # linux-arm: - # OS: linux - # ARCH: arm - # linux-arm64: - # OS: linux - # ARCH: arm64 - # darwin-amd64: - # OS: darwin - # ARCH: amd64 - # darwin-arm64: - # OS: darwin - # ARCH: arm64 + linux-386: + OS: linux + ARCH: 386 + linux-amd64: + OS: linux + ARCH: amd64 + linux-arm: + OS: linux + ARCH: arm + linux-arm64: + OS: linux + ARCH: arm64 + darwin-amd64: + OS: darwin + ARCH: amd64 + darwin-arm64: + OS: darwin + ARCH: arm64 steps: - task: GoTool@0 displayName: "Install Go" From c240274b964cb5f6aa9aa16e47edd7b9630f1e7b Mon Sep 17 00:00:00 2001 From: magodo Date: Wed, 24 Aug 2022 16:49:26 +0800 Subject: [PATCH 91/94] Linux package: only enble the latest two versions of ubuntu and redhat --- azure-pipelines.yml | 168 ++++++++++++++++++++++---------------------- 1 file changed, 84 insertions(+), 84 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 91334c9..3fcd078 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -296,18 +296,18 @@ stages: strategy: matrix: # deb platforms - ubuntu-bionic-amd64: - TYPE: deb - ARCH: amd64 - REPO_ID: 5d16326637164fbc1139c4e1 - REPO_DISTRO: ubuntu - REPO_RELEASE: bionic - ubuntu-bionic-arm64: - TYPE: deb - ARCH: arm64 - REPO_ID: 5d16326637164fbc1139c4e1 - REPO_DISTRO: ubuntu - REPO_RELEASE: bionic + # ubuntu-bionic-amd64: + # TYPE: deb + # ARCH: amd64 + # REPO_ID: 5d16326637164fbc1139c4e1 + # REPO_DISTRO: ubuntu + # REPO_RELEASE: bionic + # ubuntu-bionic-arm64: + # TYPE: deb + # ARCH: arm64 + # REPO_ID: 5d16326637164fbc1139c4e1 + # REPO_DISTRO: ubuntu + # REPO_RELEASE: bionic ubuntu-focal-amd64: TYPE: deb ARCH: amd64 @@ -332,44 +332,44 @@ stages: REPO_ID: 61faea6cea3a770ab120ac8a REPO_DISTRO: ubuntu REPO_RELEASE: jammy - debian-buster-amd64: - TYPE: deb - ARCH: amd64 - REPO_ID: 5d23b16c9a6e3b375bbba42e - REPO_DISTRO: debian - REPO_RELEASE: buster - debian-buster-arm64: - TYPE: deb - ARCH: arm64 - REPO_ID: 5d23b16c9a6e3b375bbba42e - REPO_DISTRO: debian - REPO_RELEASE: buster - debian-bullseye-amd64: - TYPE: deb - ARCH: amd64 - REPO_ID: 611ab3a32acdcd0744c8c841 - REPO_DISTRO: debian - REPO_RELEASE: bullseye - debian-bullseye-arm64: - TYPE: deb - ARCH: arm64 - REPO_ID: 611ab3a32acdcd0744c8c841 - REPO_DISTRO: debian - REPO_RELEASE: bullseye + # debian-buster-amd64: + # TYPE: deb + # ARCH: amd64 + # REPO_ID: 5d23b16c9a6e3b375bbba42e + # REPO_DISTRO: debian + # REPO_RELEASE: buster + # debian-buster-arm64: + # TYPE: deb + # ARCH: arm64 + # REPO_ID: 5d23b16c9a6e3b375bbba42e + # REPO_DISTRO: debian + # REPO_RELEASE: buster + # debian-bullseye-amd64: + # TYPE: deb + # ARCH: amd64 + # REPO_ID: 611ab3a32acdcd0744c8c841 + # REPO_DISTRO: debian + # REPO_RELEASE: bullseye + # debian-bullseye-arm64: + # TYPE: deb + # ARCH: arm64 + # REPO_ID: 611ab3a32acdcd0744c8c841 + # REPO_DISTRO: debian + # REPO_RELEASE: bullseye # rpm platforms - centos-8-x86_64: - TYPE: rpm - ARCH: amd64 - REPO_ID: 5e5ed94a523a8019fe47607e - REPO_DISTRO: centos - REPO_RELEASE: 8 - centos-8-aarch64: - TYPE: rpm - ARCH: arm64 - REPO_ID: 5e5ed94a523a8019fe47607e - REPO_DISTRO: centos - REPO_RELEASE: 8 + # centos-8-x86_64: + # TYPE: rpm + # ARCH: amd64 + # REPO_ID: 5e5ed94a523a8019fe47607e + # REPO_DISTRO: centos + # REPO_RELEASE: 8 + # centos-8-aarch64: + # TYPE: rpm + # ARCH: arm64 + # REPO_ID: 5e5ed94a523a8019fe47607e + # REPO_DISTRO: centos + # REPO_RELEASE: 8 rhel-8-x86_64: TYPE: rpm ARCH: amd64 @@ -394,42 +394,42 @@ stages: REPO_ID: 627067cc3ac6d7548f4d66cd REPO_DISTRO: rhel REPO_RELEASE: 9 - fedora-34-x86_64: - TYPE: rpm - ARCH: amd64 - REPO_ID: 606e1da573e50659b0803a7b - REPO_DISTRO: fedora - REPO_RELEASE: 34 - fedora-34-aarch64: - TYPE: rpm - ARCH: arm64 - REPO_ID: 606e1da573e50659b0803a7b - REPO_DISTRO: fedora - REPO_RELEASE: 34 - fedora-35-x86_64: - TYPE: rpm - ARCH: amd64 - REPO_ID: 6196d483ea3a770f011f63fb - REPO_DISTRO: fedora - REPO_RELEASE: 35 - fedora-35-aarch64: - TYPE: rpm - ARCH: arm64 - REPO_ID: 6196d483ea3a770f011f63fb - REPO_DISTRO: fedora - REPO_RELEASE: 35 - fedora-36-x86_64: - TYPE: rpm - ARCH: amd64 - REPO_ID: 6271bc683ac6d73aa84d6737 - REPO_DISTRO: fedora - REPO_RELEASE: 36 - fedora-36-aarch64: - TYPE: rpm - ARCH: arm64 - REPO_ID: 6271bc683ac6d73aa84d6737 - REPO_DISTRO: fedora - REPO_RELEASE: 36 + # fedora-34-x86_64: + # TYPE: rpm + # ARCH: amd64 + # REPO_ID: 606e1da573e50659b0803a7b + # REPO_DISTRO: fedora + # REPO_RELEASE: 34 + # fedora-34-aarch64: + # TYPE: rpm + # ARCH: arm64 + # REPO_ID: 606e1da573e50659b0803a7b + # REPO_DISTRO: fedora + # REPO_RELEASE: 34 + # fedora-35-x86_64: + # TYPE: rpm + # ARCH: amd64 + # REPO_ID: 6196d483ea3a770f011f63fb + # REPO_DISTRO: fedora + # REPO_RELEASE: 35 + # fedora-35-aarch64: + # TYPE: rpm + # ARCH: arm64 + # REPO_ID: 6196d483ea3a770f011f63fb + # REPO_DISTRO: fedora + # REPO_RELEASE: 35 + # fedora-36-x86_64: + # TYPE: rpm + # ARCH: amd64 + # REPO_ID: 6271bc683ac6d73aa84d6737 + # REPO_DISTRO: fedora + # REPO_RELEASE: 36 + # fedora-36-aarch64: + # TYPE: rpm + # ARCH: arm64 + # REPO_ID: 6271bc683ac6d73aa84d6737 + # REPO_DISTRO: fedora + # REPO_RELEASE: 36 steps: - task: DownloadPipelineArtifact@2 inputs: From e859cf686cb4542ad8833e25c4e863cb85e975e9 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 25 Aug 2022 10:16:01 +0800 Subject: [PATCH 92/94] Wix: modify PATH on (un)install --- scripts/package/windows/build/setup.wxs | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/scripts/package/windows/build/setup.wxs b/scripts/package/windows/build/setup.wxs index d90f8c1..9e102a1 100644 --- a/scripts/package/windows/build/setup.wxs +++ b/scripts/package/windows/build/setup.wxs @@ -1,5 +1,4 @@ - - + @@ -30,6 +29,14 @@ + From e5266ceeb86e87e5cb24873fa04ac5ce713bb299 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 25 Aug 2022 16:34:58 +0800 Subject: [PATCH 93/94] reorder the release and publish linux pipeline & introduce new param: `artifactBuildId` --- azure-pipelines.yml | 199 +++++++++++++++++++++++++------------------- 1 file changed, 112 insertions(+), 87 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 3fcd078..2e2a3cd 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -2,6 +2,14 @@ parameters: - name: version displayName: Release Version (e.g. v0.1.0) type: string + - name: artifactBuildId + displayName: "Artifact source build id (defaults uses this build)" + type: number + deafult: 0 + +variables: + - name: pipelineId + value: 22 stages: - stage: build @@ -286,6 +294,95 @@ stages: targetPath: "$(system.defaultWorkingDirectory)/dist/output" artifactName: $(OS)-$(ARCH)-pkg + - stage: github_release + displayName: "Github Draft Release" + pool: + name: pool-ubuntu-2004 + jobs: + - job: release + displayName: "Github Release" + steps: + - ${{ if eq(parameters.artifactBuildId, 0) }}: + - task: DownloadPipelineArtifact@2 + inputs: + path: $(system.defaultWorkingDirectory)/dist + - ${{ else }}: + - task: DownloadPipelineArtifact@2 + inputs: + path: $(system.defaultWorkingDirectory)/dist + source: "specific" + project: "release" + pipeline: $(pipelineId) + runVersion: "specific" + runId: ${{ parameters.artifactBuildId }} + - script: | + set -e + NAME="aztfy" + OS_ARCH=( + "windows:amd64" + "windows:386" + "linux:amd64" + "linux:386" + "linux:arm" + "linux:arm64" + "darwin:amd64" + "darwin:arm64" + ) + mkdir release + for os_arch in "${OS_ARCH[@]}" ; do + OS=${os_arch%%:*} + ARCH=${os_arch#*:} + name=aztfy + if [[ $OS = windows ]]; then + name=aztfy.exe + fi + chmod +x dist/${OS}-${ARCH}/${name} + zip -j release/${NAME}_${VERSION}_${OS}_${ARCH}.zip dist/${OS}-${ARCH}/${name} + done + + # Copy MSI + cp dist/windows-386-msi/aztfy.msi release/${NAME}_${VERSION}_x86.msi + cp dist/windows-amd64-msi/aztfy.msi release/${NAME}_${VERSION}_x64.msi + + cd release + shasum -a 256 *.zip *.msi > ${NAME}_SHA256SUMS + cp ${NAME}_SHA256SUMS ${NAME}_SHA256SUMS.sig + displayName: "Prepare Binary Archives & Digests" + env: + VERSION: ${{ parameters.version }} + - task: EsrpCodeSigning@1 + displayName: "Sign Binary Archive Digests" + inputs: + ConnectedServiceName: "ESRP Signing Service" + FolderPath: "$(system.defaultWorkingDirectory)/release" + Pattern: "*_SHA256SUMS.sig" + signConfigType: "inlineSignParams" + inlineOperation: | + [ + { + "KeyCode": "CP-450779-Pgp", + "OperationCode": "LinuxSign", + "Parameters": {}, + "ToolName": "sign", + "ToolVersion": "1.0" + } + ] + SessionTimeout: "60" + MaxConcurrency: "50" + MaxRetryAttempts: "5" + - task: GitHubRelease@1 + displayName: "Draft Github Release" + inputs: + gitHubConnection: "Github" + repositoryName: "$(Build.Repository.Name)" + action: "create" + target: "$(Build.SourceVersion)" + tagSource: "gitTag" + tagPattern: '^v\d+\.\d+\.\d+' + assets: "$(system.defaultWorkingDirectory)/release/*" + isDraft: true + addChangeLog: false + - stage: publish_linux_packages displayName: "Publish Linux Packages" pool: @@ -431,19 +528,21 @@ stages: # REPO_DISTRO: fedora # REPO_RELEASE: 36 steps: - - task: DownloadPipelineArtifact@2 - inputs: - artifact: linux-$(ARCH)-pkg - path: $(system.defaultWorkingDirectory)/dist/pkg - - # Debug purpose only: Accelerate debugging on this stage - - # source: "specific" - # project: "release" - # pipeline: 22 - # runVersion: "specific" - # runId: 3913 - + - ${{ if eq(parameters.artifactBuildId, 0) }}: + - task: DownloadPipelineArtifact@2 + inputs: + artifact: linux-$(ARCH)-pkg + path: $(system.defaultWorkingDirectory)/dist/pkg + - ${{ else }}: + - task: DownloadPipelineArtifact@2 + inputs: + artifact: linux-$(ARCH)-pkg + path: $(system.defaultWorkingDirectory)/dist/pkg + source: "specific" + project: "release" + pipeline: $(pipelineId) + runVersion: "specific" + runId: ${{ parameters.artifactBuildId }} - task: UniversalPackages@0 displayName: "Download repoclient" inputs: @@ -520,77 +619,3 @@ stages: # - stage: publish_windows_setup # displayName: "Publish Windows Setup" - - - stage: release - displayName: "Release" - pool: - name: pool-ubuntu-2004 - jobs: - - job: release - displayName: "Release" - steps: - - task: DownloadPipelineArtifact@2 - inputs: - path: $(system.defaultWorkingDirectory)/dist - - script: | - set -e - NAME="aztfy" - OS_ARCH=( - "windows:amd64" - "windows:386" - "linux:amd64" - "linux:386" - "linux:arm" - "linux:arm64" - "darwin:amd64" - "darwin:arm64" - ) - mkdir release - for os_arch in "${OS_ARCH[@]}" ; do - OS=${os_arch%%:*} - ARCH=${os_arch#*:} - name=aztfy - if [[ $OS = windows ]]; then - name=aztfy.exe - fi - chmod +x dist/${OS}-${ARCH}/${name} - zip -j release/${NAME}_${VERSION}_${OS}_${ARCH}.zip dist/${OS}-${ARCH}/${name} - done - cd release - shasum -a 256 *.zip > ${NAME}_SHA256SUMS - cp ${NAME}_SHA256SUMS ${NAME}_SHA256SUMS.sig - displayName: "Prepare Binary Archives & Digests" - env: - VERSION: ${{ parameters.version }} - - task: EsrpCodeSigning@1 - displayName: "Sign Binary Archive Digests" - inputs: - ConnectedServiceName: "ESRP Signing Service" - FolderPath: "$(system.defaultWorkingDirectory)/release" - Pattern: "*_SHA256SUMS.sig" - signConfigType: "inlineSignParams" - inlineOperation: | - [ - { - "KeyCode": "CP-450779-Pgp", - "OperationCode": "LinuxSign", - "Parameters": {}, - "ToolName": "sign", - "ToolVersion": "1.0" - } - ] - SessionTimeout: "60" - MaxConcurrency: "50" - MaxRetryAttempts: "5" - - task: GitHubRelease@1 - displayName: "Draft Github Release" - inputs: - gitHubConnection: "Github" - repositoryName: "$(Build.Repository.Name)" - action: "create" - target: "$(Build.SourceVersion)" - tagSource: "gitTag" - tagPattern: '^v\d+\.\d+\.\d+' - assets: "$(system.defaultWorkingDirectory)/release/*" - isDraft: true - addChangeLog: false From 291264e89de2f4d1d562de4ac7ab5e71ae8a758f Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 25 Aug 2022 16:35:35 +0800 Subject: [PATCH 94/94] typo --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 2e2a3cd..e42f6dc 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -5,7 +5,7 @@ parameters: - name: artifactBuildId displayName: "Artifact source build id (defaults uses this build)" type: number - deafult: 0 + default: 0 variables: - name: pipelineId