diff --git a/.config/tsaoptions.json b/.config/tsaoptions.json new file mode 100644 index 0000000..5d98ee6 --- /dev/null +++ b/.config/tsaoptions.json @@ -0,0 +1,11 @@ +{ + "hasDynamicRouting": true, + "areaPath": "OS", + "notificationAliases": [ + "adityap@microsoft.com", + "dongbow@microsoft.com", + "pmeinecke@microsoft.com", + "tplunk@microsoft.com" + ], + "codebaseName": "TFSMSAzure_powershell-native" +} diff --git a/.pipelines/release.yml b/.pipelines/release.yml new file mode 100644 index 0000000..a33a2a0 --- /dev/null +++ b/.pipelines/release.yml @@ -0,0 +1,181 @@ +trigger: none + +parameters: + - name: OfficialBuild + type: boolean + default: false + - name: disableNetworkIsolation + type: boolean + default: false + +variables: + - name: ob_outputDirectory + value: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT' + - name: LinuxContainerImage + value: mcr.microsoft.com/onebranch/azurelinux/build:3.0 + - name: WindowsContainerImage + value: onebranch.azurecr.io/windows/ltsc2022/vse2022:latest + - name: templateFile + value: ${{ iif ( parameters.OfficialBuild, 'v2/OneBranch.Official.CrossPlat.yml@templates', 'v2/OneBranch.NonOfficial.CrossPlat.yml@templates' ) }} + - name: disableNetworkIsolation + value: ${{ parameters.disableNetworkIsolation }} + +resources: + repositories: + - repository: templates + type: git + name: OneBranch.Pipelines/GovernedTemplates + ref: refs/heads/main + +extends: + template: ${{ variables.templateFile }} # The Official template may only be used by Production-classified pipelines + + parameters: + release: + category: NonAzure + featureFlags: + WindowsHostVersion: + Disk: Large + Version: 2022 + Network: KS1 + incrementalSDLBinaryAnalysis: true + needExceptionForUbuntuUsage: true + disableNetworkIsolation: ${{ variables.disableNetworkIsolation }} + cloudvault: + enabled: false + globalSdl: + isNativeCode: true + prefast: + enabled: true + tsa: + useDynamicRouting: true + enabled: true + sbom: + enabled: true + packageName: Microsoft.PowerShell.Native + codeql: + tsaEnabled: true + compiled: + enabled: true + armory: + enabled: false + credscan: + enabled: true + scanFolder: $(Build.SourcesDirectory) + binskim: + enabled: true + exactToolVersion: 4.4.2 + apiscan: + enabled: false + tsaOptionsFile: .config\tsaoptions.json + + stages: + - stage: WinBuildAndSign + displayName: Windows Build and Sign + jobs: + - template: .pipelines/templates/build-sign-windows.yml@self + parameters: + ARCHITECTURE: 'x64' + + - template: .pipelines/templates/build-sign-windows.yml@self + parameters: + ARCHITECTURE: 'x86' + + - template: .pipelines/templates/build-sign-windows.yml@self + parameters: + ARCHITECTURE: 'x64_arm64' + + - stage: LinuxBuild + displayName: Linux Build + jobs: + - template: .pipelines/templates/build-linux.yml@self + parameters: + ARCHITECTURE: 'linux-x64' + Name: 'Build_Linux_x64' + + - template: .pipelines/templates/build-linux.yml@self + parameters: + ARCHITECTURE: 'linux-arm64' + Name: 'Build_Linux_arm64' + hostArchitecture: 'arm64' + + - template: .pipelines/templates/build-linux.yml@self + parameters: + ARCHITECTURE: 'linux-musl-x64' + Name: 'Build_Linux_musl_x64' + + - template: .pipelines/templates/build-linux.yml@self + parameters: + ARCHITECTURE: 'osx' + Name: 'Build_osx' + + - stage: LinuxBuildARM + displayName: Linux ARM Build + variables: + - name: LinuxContainerImage + value: onebranch.azurecr.io/linux/ubuntu-2204:latest + + jobs: + - template: .pipelines/templates/build-linux.yml@self + parameters: + ARCHITECTURE: 'linux-arm' + Name: 'Build_Linux_arm' + + - stage: Build_Nuget + dependsOn: [WinBuildAndSign, LinuxBuild, LinuxBuildARM] + displayName: Build NuGet + jobs: + - template: .pipelines/templates/build-nuget.yml@self + + - stage: Release_NuGet + displayName: Release NuGet + dependsOn: [Build_Nuget] + variables: + - name: Version + value: $[ stageDependencies.Build_Nuget.Build_Nuget_Job.outputs['SetVersion.NugetPackageVersion'] ] + - name: ob_release_environment + value: ${{ iif ( parameters.OfficialBuild, 'Production', 'Test' ) }} + jobs: + - job: NuGetPublish + displayName: Publish to NuGet + condition: succeeded() + pool: + type: release + os: windows + templateContext: + inputs: + - input: pipelineArtifact + artifactName: drop_Build_Nuget_Build_Nuget_Job + steps: + - task: PowerShell@2 + inputs: + targetType: inline + script: | + Write-Verbose -Verbose "Version: $(Version)" + Get-ChildItem Env:\ + displayName: 'Capture Environment Variables' + + - task: PowerShell@2 + inputs: + targetType: inline + script: | + $DestPath = New-Item -ItemType Directory -Path "$(Pipeline.Workspace)\release" + $nupkgFile = Get-ChildItem "$(Pipeline.Workspace)\Microsoft.PowerShell.Native.*.nupkg" -Recurse + if (-not $nupkgFile) { + throw "No nupkg files found in '$(Pipeline.Workspace)'" + } + + Copy-Item $nupkgFile -Destination $DestPath -Recurse -Force -Verbose + Write-Verbose -Verbose "The .nupkgs below will be pushed:" + Get-ChildItem "$(Pipeline.Workspace)/release" -recurse + displayName: Download and capture nupkgs + + - task: NuGetCommand@2 + displayName: 'NuGet push' + condition: and(eq('${{ parameters.OfficialBuild }}', 'true'), succeeded()) + inputs: + command: push + packagesToPush: '$(Pipeline.Workspace)\release\*.nupkg' + nuGetFeedType: external + publishFeedCredentials: PowerShellNuGetOrgPush + diff --git a/.pipelines/templates/build-linux.yml b/.pipelines/templates/build-linux.yml new file mode 100644 index 0000000..2296044 --- /dev/null +++ b/.pipelines/templates/build-linux.yml @@ -0,0 +1,83 @@ +parameters: + - name: ARCHITECTURE + type: string + default: 'x64' + - name: Name + type: string + default: 'Build_Linux_x64' + - name: hostArchitecture + type: string + default: 'amd64' + +jobs: +- job: ${{ parameters.Name }} + pool: + type: linux + ${{ if eq(parameters.ARCHITECTURE, 'osx') }}: + isCustom: true + name: Azure Pipelines + vmImage: 'macOS-latest' + ${{ if eq(parameters.hostArchitecture, 'arm64') }}: + hostArchitecture: 'arm64' + displayName: Linux_${{ parameters.ARCHITECTURE }} + variables: + - name: ob_outputDirectory + value: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT' + - name: ob_signing_setup_enabled + value: true + - name: ARCHITECTURE + value: ${{ parameters.ARCHITECTURE }} + - name: DOTNET_SYSTEM_GLOBALIZATION_INVARIANT + value: 1 + - ${{ if eq(parameters.ARCHITECTURE, 'linux-arm64') }}: + - name: ob_sdl_binskim_enabled + value: false + - name: ob_sdl_credscan_enabled + value: false + steps: + - pwsh: | + Get-ChildItem Env:\ | Out-String -Stream | Write-Verbose -Verbose + displayName: Capture environment variables + + - pwsh: | + $Arch = "$(ARCHITECTURE)" + $repoRoot = '$(Build.SourcesDirectory)' + Import-Module $repoRoot\build.psm1 -Force + + if ($Arch -eq 'linux-x64' -or $Arch -eq 'linux-musl-x64' -or $Arch -eq 'osx') { + Start-PSBootstrap + Write-Verbose "Starting Start-Start-BuildNativeUnixBinaries" -Verbose + Start-BuildNativeUnixBinaries + Write-Verbose "Completed Start-BuildNativeUnixBinaries" -Verbose + } + elseif ($Arch -eq 'linux-arm64') { + Start-PSBootstrap -BuildLinuxArm64 + Write-Verbose "Starting Start-BuildNativeUnixBinaries" -Verbose + Start-BuildNativeUnixBinaries -BuildLinuxArm64 + Write-Verbose "Completed Start-BuildNativeUnixBinaries" -Verbose + } + elseif ($Arch -eq 'linux-arm') { + Start-PSBootstrap -BuildLinuxArm + Write-Verbose "Starting Start-BuildNativeUnixBinaries" -Verbose + Start-BuildNativeUnixBinaries -BuildLinuxArm + Write-Verbose "Completed Start-BuildNativeUnixBinaries" -Verbose + } + else { + throw "Unsupported architecture: $Arch" + } + + $buildOutputPath = Join-Path $RepoRoot "src/powershell-unix" + + if (-not (Test-Path $(ob_outputDirectory))) { + New-Item -ItemType Directory -Path $(ob_outputDirectory) -Force -Verbose + } + + Copy-Item -Path "$buildOutputPath/libpsl-native.*" -Destination "$(ob_outputDirectory)" -Force + + if ($Arch -eq 'osx') { + Write-Host "##vso[artifact.upload containerfolder=drop_osx;artifactname=drop_osx]$(ob_outputDirectory)" + } + displayName: 'Build' + + + diff --git a/.pipelines/templates/build-nuget.yml b/.pipelines/templates/build-nuget.yml new file mode 100644 index 0000000..dc002b3 --- /dev/null +++ b/.pipelines/templates/build-nuget.yml @@ -0,0 +1,119 @@ +jobs: +- job: Build_Nuget_Job + pool: + type: windows + displayName: Build NuGet + variables: + - name: ob_outputDirectory + value: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT' + - name: ob_signing_setup_enabled + value: true + steps: + - pwsh: | + if (-not (Test-Path -Path "$(ob_outputDirectory)")) { + New-Item -ItemType Directory -Path "$(ob_outputDirectory)" | Out-Null + } + displayName: 'Create output directory' + + - download: current + + - pwsh: | + Get-ChildItem -Path $(Pipeline.Workspace) + displayName: 'List files in workspace' + + - task: NuGetToolInstaller@0 + displayName: 'Install NuGet 5.3.1' + inputs: + versionSpec: 5.3.1 + + - template: setVersion.yml@self + + - pwsh: | + Get-ChildItem Env:\ | Out-String -Stream | Write-Verbose -Verbose + displayName: Capture environment variables + + - pwsh: | + $platforms = @("drop_LinuxBuild_Build_Linux_arm64", + "drop_LinuxBuild_Build_Linux_musl_x64", + "drop_LinuxBuild_Build_Linux_x64", + "drop_LinuxBuildARM_Build_Linux_arm", + "drop_WinBuildAndSign_Build_Sign_x64", + "drop_WinBuildAndSign_Build_Sign_x86", + "drop_WinBuildAndSign_Build_Sign_x64_arm64", + "drop_osx" + ) + + $WindowsX64ZipPath = "$(ob_outputDirectory)/drop_WinBuildAndSign_Build_Sign_x64.zip" + $WindowsX86ZipPath = "$(ob_outputDirectory)/drop_WinBuildAndSign_Build_Sign_x86.zip" + $WindowsARMZipPath = "$(ob_outputDirectory)/drop_WinBuildAndSign_Build_Sign_arm.zip" + $WindowsARM64ZipPath = "$(ob_outputDirectory)/drop_WinBuildAndSign_Build_Sign_x64_arm64.zip" + $LinuxZipPath = "$(ob_outputDirectory)/drop_LinuxBuild_Build_Linux_x64.zip" + $LinuxARMZipPath = "$(ob_outputDirectory)/drop_LinuxBuildARM_Build_Linux_arm.zip" + $LinuxARM64ZipPath = "$(ob_outputDirectory)/drop_LinuxBuild_Build_Linux_arm64.zip" + $LinuxAlpineZipPath = "$(ob_outputDirectory)/drop_LinuxBuild_Build_Linux_musl_x64.zip" + $macOSZipPath = "$(ob_outputDirectory)/drop_osx.zip" + + $symbolsRoot = "$(ob_outputDirectory)/symbols" + New-Item -ItemType Directory -Path $symbolsRoot -Force | Out-Null + + $platforms | ForEach-Object { + $platform = $_ + $compressedFile = "$(ob_outputDirectory)/$platform.zip" + Compress-Archive -Path "$(Pipeline.Workspace)/$platform/*" -DestinationPath $compressedFile -Force + $DestPath = Join-Path $symbolsRoot $platform + New-Item -Path $DestPath -ItemType Directory -Force | Out-Null + Get-ChildItem -Path "$(Pipeline.Workspace)/$platform/*.pdb" -Recurse | ForEach-Object { + Copy-Item -Path $_.FullName -Destination $DestPath -Force -Verbose + } + } + + Import-Module $(Build.SourcesDirectory)/build.psm1 -Force + $PackageRoot = New-Item -ItemType Directory -Path $(ob_outputDirectory)\NugetPackageSrc + Start-BuildPowerShellNativePackage -PackageRoot $PackageRoot -Version $(PackageVersion) -WindowsX64ZipPath $WindowsX64ZipPath -WindowsX86ZipPath $WindowsX86ZipPath -WindowsARM64ZipPath $WindowsARM64ZipPath -LinuxZipPath $LinuxZipPath -LinuxARMZipPath $LinuxARMZipPath -LinuxARM64ZipPath $LinuxARM64ZipPath -LinuxAlpineZipPath $LinuxAlpineZipPath -macOSZipPath $macOSZipPath + + Write-Verbose -Verbose "Enumerating $symbolsRoot" + Get-ChildItem -Path $symbolsRoot -Recurse + + $vstsCommandString = "vso[task.setvariable variable=SymbolsPath]$symbolsRoot" + Write-Verbose -Message "$vstsCommandString" -Verbose + Write-Host -Object "##$vstsCommandString" + + Write-Verbose -Verbose "Build nupkg" + New-NugetPackage -PackageRoot $PackageRoot -NuGetOutputPath '$(ob_outputDirectory)\NugetPackage' + + Write-Verbose -Verbose "Cleanup output folder" + Get-ChildItem -Path "$(ob_outputDirectory)" -Exclude "NugetPackage", "symbols" | Remove-Item -Recurse -Force -Verbose + + Write-Verbose -Verbose "Enumerating $(ob_outputDirectory)" + Get-ChildItem -Path "$(ob_outputDirectory)" -Recurse + displayName: 'Build NuPkg' + + - pwsh: | + Get-ChildItem -Path "$(ob_outputDirectory)\NugetPackage" -Recurse | ForEach-Object { + $file = $_ + Write-Verbose -Message "Found NuGet package: $($file.FullName)" -Verbose + } + + Get-ChildItem -Path "$(SymbolsPath)" -Recurse | ForEach-Object { + $file = $_ + Write-Verbose -Message "Found symbol file: $($file.FullName)" -Verbose + } + displayName: 'Capture Packages' + + - task: PublishSymbols@2 + inputs: + symbolsFolder: '$(SymbolsPath)' + searchPattern: '**/*.pdb' + indexSources: false + publishSymbols: true + symbolServerType: teamServices + detailedLog: true + + - task: onebranch.pipeline.signing@1 + displayName: Sign files + inputs: + command: 'sign' + cp_code: 'CP-401405' + files_to_sign: | + **\*.nupkg; + search_root: $(ob_outputDirectory) diff --git a/.pipelines/templates/build-sign-windows.yml b/.pipelines/templates/build-sign-windows.yml new file mode 100644 index 0000000..5ab0ccc --- /dev/null +++ b/.pipelines/templates/build-sign-windows.yml @@ -0,0 +1,67 @@ +parameters: + - name: ARCHITECTURE + type: string + default: 'x64' + +jobs: +- job: Build_Sign_${{ parameters.ARCHITECTURE }} + pool: + type: windows + displayName: Windows_${{ parameters.ARCHITECTURE }} + variables: + - name: ob_outputDirectory + value: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT' + - name: ob_signing_setup_enabled + value: true + - name: ARCHITECTURE + value: ${{ parameters.ARCHITECTURE }} + - name: OBP_SIGNING_SETUP_TIMEOUT_IN_SECONDS + value: 300 + steps: + - pwsh: | + Get-ChildItem Env:\ | Out-String -Stream | Write-Verbose -Verbose + displayName: Capture environment variables + env: + ob_restore_phase: true # Set ob_restore_phase to run this step before '🔒 Setup Signing' step. + + - task: CodeQL3000Init@0 # Add CodeQL Init task right before your 'Build' step. + env: + ob_restore_phase: true # Set ob_restore_phase to run this step before '🔒 Setup Signing' step. + inputs: + Enabled: true + # AnalyzeInPipeline: false = upload results + # AnalyzeInPipeline: true = do not upload results + AnalyzeInPipeline: false + Language: cpp + + - pwsh: | + $repoRoot = '$(Build.SourcesDirectory)' + Import-Module $repoRoot\build.psm1 -Force + Start-PSBootstrap -BuildWindowsNative + Write-Verbose "Starting Start-BuildNativeWindowsBinaries" -Verbose + Start-BuildNativeWindowsBinaries -Configuration 'Release' -Arch $(ARCHITECTURE) -Clean + Write-Verbose "Completed Start-BuildNativeWindowsBinaries" -Verbose + $buildOutputPath = Join-Path $repoRoot "src/powershell-win-core" + + if (-not (Test-Path $(ob_outputDirectory))) { + New-Item -ItemType Directory -Path $(ob_outputDirectory) -Force -Verbose + } + + Copy-Item -Path "$buildOutputPath/*.dll","$buildOutputPath/*.pdb" -Destination "$(ob_outputDirectory)" -Force + displayName: 'Build' + env: + ob_restore_phase: true # Set ob_restore_phase to run this step before '🔒 Setup Signing' step. + + - task: CodeQL3000Finalize@0 # Add CodeQL Finalize task right after your 'Build' step. + env: + ob_restore_phase: true # Set ob_restore_phase to run this step before '🔒 Setup Signing' step. + + - task: onebranch.pipeline.signing@1 + displayName: Sign files + inputs: + command: 'sign' + signing_profile: external_distribution + files_to_sign: | + **\*.dll; + search_root: $(ob_outputDirectory) + retryCountOnTaskFailure: 3 diff --git a/.pipelines/templates/setVersion.yml b/.pipelines/templates/setVersion.yml new file mode 100644 index 0000000..8a99d13 --- /dev/null +++ b/.pipelines/templates/setVersion.yml @@ -0,0 +1,37 @@ +steps: +- pwsh: | + $Branch = $env:BUILD_SOURCEBRANCH + $branchOnly = $Branch -replace '^refs/heads/'; + $branchOnly = $branchOnly -replace '[_\-]' + + Write-Verbose -Verbose "Branch == $Branch" + Write-Verbose -Verbose "BranchOnly == $branchOnly" + + $packageVersion = if($env:PACKAGE_VERSION -eq 'fromBranch' -or !$env:PACKAGE_VERSION) + { + if($Branch -match '^.*(release[-/])') + { + Write-verbose "release branch:" -verbose + $Branch -replace '^.*(release[-/]v)' + } + else + { + Write-Verbose -Verbose "Branch is not a release branch. Defaulting to 99.99.99" + "99.99.99" + } + } + else { + Write-Verbose -Verbose "PACKAGE_VERSION is not equal to 'fromBranch'" + "99.99.99" + } + + $vstsCommandString = "vso[task.setvariable variable=NuGetPackageVersion;isOutput=true]$packageVersion" + Write-Verbose -Message "setting $Variable to $packageVersion" -Verbose + Write-Host -Object "##$vstsCommandString" + + $vstsCommandString = "vso[task.setvariable variable=PackageVersion]$packageVersion" + Write-Verbose -Message "setting $Variable to $packageVersion" -Verbose + Write-Host -Object "##$vstsCommandString" + + displayName: Set version variable + name: SetVersion diff --git a/.vsts-ci/windows.yml b/.vsts-ci/windows.yml index 1ccfab5..31a777e 100644 --- a/.vsts-ci/windows.yml +++ b/.vsts-ci/windows.yml @@ -24,8 +24,6 @@ jobs: buildName: x86 Windows x64: buildName: x64 - Windows x64_arm: - buildName: x64_arm Windows x64_arm64: buildName: x64_arm64 diff --git a/azurepipelines-coverage.yml b/azurepipelines-coverage.yml new file mode 100644 index 0000000..3c44161 --- /dev/null +++ b/azurepipelines-coverage.yml @@ -0,0 +1,5 @@ +coverage: + status: # Code coverage status will be posted to pull requests based on targets defined below. + comments: on # When on, details about coverage for each file changed will be posted as a pull request comment. + diff: # Diff coverage is code coverage only for the lines changed in a pull request. + target: 50% # The threshold for differential code coverage requirements. diff --git a/build.psm1 b/build.psm1 index 9c4ec58..3380eb7 100644 --- a/build.psm1 +++ b/build.psm1 @@ -125,28 +125,40 @@ function Get-EnvironmentInformation } if ($Environment.IsLinux) { + $environment += @{ 'OSArchitecture' = [System.Runtime.InteropServices.RuntimeInformation]::ProcessArchitecture } $LinuxInfo = Get-Content /etc/os-release -Raw | ConvertFrom-StringData + $lsb_release = Get-Command lsb_release -Type Application -ErrorAction Ignore | Select-Object -First 1 + if ($lsb_release) { + $LinuxID = & $lsb_release -is + } + else { + $LinuxID = "" + } $environment += @{'LinuxInfo' = $LinuxInfo} - $environment += @{'IsDebian' = $LinuxInfo.ID -match 'debian'} - $environment += @{'IsDebian8' = $Environment.IsDebian -and $LinuxInfo.VERSION_ID -match '8'} - $environment += @{'IsDebian9' = $Environment.IsDebian -and $LinuxInfo.VERSION_ID -match '9'} - $environment += @{'IsUbuntu' = $LinuxInfo.ID -match 'ubuntu'} - $environment += @{'IsUbuntu14' = $Environment.IsUbuntu -and $LinuxInfo.VERSION_ID -match '14.04'} - $environment += @{'IsUbuntu16' = $Environment.IsUbuntu -and $LinuxInfo.VERSION_ID -match '16.04'} - $environment += @{'IsUbuntu17' = $Environment.IsUbuntu -and $LinuxInfo.VERSION_ID -match '17.10'} - $environment += @{'IsUbuntu18' = $Environment.IsUbuntu -and $LinuxInfo.VERSION_ID -match '18.04'} - $environment += @{'IsUbuntu22' = $Environment.IsUbuntu -and $LinuxInfo.VERSION_ID -match '22.04'} + $environment += @{'IsDebian' = $LinuxInfo.ID -match 'debian' -or $LinuxInfo.ID -match 'kali'} + $environment += @{'IsDebian9' = $environment.IsDebian -and $LinuxInfo.VERSION_ID -match '9'} + $environment += @{'IsDebian10' = $environment.IsDebian -and $LinuxInfo.VERSION_ID -match '10'} + $environment += @{'IsDebian11' = $environment.IsDebian -and $LinuxInfo.PRETTY_NAME -match 'bullseye'} + $environment += @{'IsUbuntu' = $LinuxInfo.ID -match 'ubuntu' -or $LinuxID -match 'Ubuntu'} + $environment += @{'IsUbuntu16' = $environment.IsUbuntu -and $LinuxInfo.VERSION_ID -match '16.04'} + $environment += @{'IsUbuntu18' = $environment.IsUbuntu -and $LinuxInfo.VERSION_ID -match '18.04'} + $environment += @{'IsUbuntu20' = $environment.IsUbuntu -and $LinuxInfo.VERSION_ID -match '20.04'} + $environment += @{'IsUbuntu22' = $environment.IsUbuntu -and $LinuxInfo.VERSION_ID -match '22.04'} + $environment += @{'IsUbuntu24' = $environment.IsUbuntu -and $LinuxInfo.VERSION_ID -match '24.04'} $environment += @{'IsCentOS' = $LinuxInfo.ID -match 'centos' -and $LinuxInfo.VERSION_ID -match '7'} $environment += @{'IsFedora' = $LinuxInfo.ID -match 'fedora' -and $LinuxInfo.VERSION_ID -ge 24} - $environment += @{'IsRedHat' = $LinuxInfo.ID -match 'rhel'} $environment += @{'IsOpenSUSE' = $LinuxInfo.ID -match 'opensuse'} $environment += @{'IsSLES' = $LinuxInfo.ID -match 'sles'} - $environment += @{'IsOpenSUSE13' = $Environmenst.IsOpenSUSE -and $LinuxInfo.VERSION_ID -match '13'} - $environment += @{'IsOpenSUSE42.1' = $Environment.IsOpenSUSE -and $LinuxInfo.VERSION_ID -match '42.1'} - $environment += @{'IsRedHatFamily' = $Environment.IsCentOS -or $Environment.IsFedora -or $Environment.IsRedHat} - $environment += @{'IsSUSEFamily' = $Environment.IsSLES -or $Environment.IsOpenSUSE} + $environment += @{'IsRedHat' = $LinuxInfo.ID -match 'rhel'} + $environment += @{'IsRedHat7' = $environment.IsRedHat -and $LinuxInfo.VERSION_ID -match '7' } + $environment += @{'IsOpenSUSE13' = $environment.IsOpenSUSE -and $LinuxInfo.VERSION_ID -match '13'} + $environment += @{'IsOpenSUSE42.1' = $environment.IsOpenSUSE -and $LinuxInfo.VERSION_ID -match '42.1'} + $environment += @{'IsDebianFamily' = $environment.IsDebian -or $environment.IsUbuntu} + $environment += @{'IsRedHatFamily' = $environment.IsCentOS -or $environment.IsFedora -or $environment.IsRedHat} + $environment += @{'IsSUSEFamily' = $environment.IsSLES -or $environment.IsOpenSUSE} $environment += @{'IsAlpine' = $LinuxInfo.ID -match 'alpine'} + $environment += @{'IsMariner' = $LinuxInfo.ID -match 'mariner' -or $LinuxInfo.ID -match 'azurelinux'} # Workaround for temporary LD_LIBRARY_PATH hack for Fedora 24 # https://github.com/PowerShell/PowerShell/issues/2511 @@ -154,6 +166,21 @@ function Get-EnvironmentInformation Remove-Item -Force ENV:\LD_LIBRARY_PATH Get-ChildItem ENV: } + + if( -not( + $environment.IsDebian -or + $environment.IsUbuntu -or + $environment.IsRedHatFamily -or + $environment.IsSUSEFamily -or + $environment.IsAlpine -or + $environment.IsMariner) + ) { + if ($SkipLinuxDistroCheck) { + Write-Warning "The current OS : $($LinuxInfo.ID) is not supported for building PowerShell." + } else { + throw "The current OS : $($LinuxInfo.ID) is not supported for building PowerShell. Import this module with '-ArgumentList `$true' to bypass this check." + } + } } return [PSCustomObject] $environment @@ -220,7 +247,16 @@ function Start-BuildNativeWindowsBinaries { } Write-Verbose -Verbose "VCPath: $vcPath" - $alternateVCPath = (Get-ChildItem "${env:ProgramFiles(x86)}\Microsoft Visual Studio\2017" -Filter "VC" -Directory -Recurse).FullName + $alternateVCPath = (Get-ChildItem "${env:ProgramFiles}\Microsoft Visual Studio\2017" -Filter "VC" -Directory -Recurse -ErrorAction SilentlyContinue) | Select-Object -First 1 -ExpandProperty FullName + + if (-not $alternateVCPath) { + $alternateVCPath = (Get-ChildItem "${env:ProgramFiles(x86)}\Microsoft Visual Studio\2017" -Filter "VC" -Directory -Recurse -ErrorAction SilentlyContinue) | Select-Object -First 1 -ExpandProperty FullName + } + + if (-not $alternateVCPath) { + $alternateVCPath = (Get-ChildItem "${env:ProgramFiles}\Microsoft Visual Studio\2022" -Filter "VC" -Directory -Recurse -ErrorAction SilentlyContinue) | Select-Object -First 1 -ExpandProperty FullName + } + Write-Verbose -Verbose "alternateVCPath: $alternateVCPath" $atlBaseFound = $false @@ -256,14 +292,23 @@ function Start-BuildNativeWindowsBinaries { # vcvarsall.bat is used to setup environment variables $vcvarsallbatPath = "$vcPath\vcvarsall.bat" - $vcvarsallbatPathVS2017 = ( Get-ChildItem $alternateVCPath -Filter vcvarsall.bat -Recurse -File | Select-Object -First 1).FullName + Write-Verbose -Verbose "vcvarsallbatPath: $vcvarsallbatPath" - if(Test-Path $vcvarsallbatPathVS2017) + if ($alternateVCPath) { - # prefer VS2017 path - $vcvarsallbatPath = $vcvarsallbatPathVS2017 + Write-Verbose -Verbose "checking 2017 path" + $vcvarsallbatPathVS2017 = ( Get-ChildItem $alternateVCPath -Filter vcvarsall.bat -Recurse -File -ErrorAction SilentlyContinue | Select-Object -First 1 -ExpandProperty FullName) + Write-Verbose -Verbose "vcvarsallbatPathVS2017: $vcvarsallbatPathVS2017" + + if(Test-Path $vcvarsallbatPathVS2017) + { + # prefer VS2017 path + $vcvarsallbatPath = $vcvarsallbatPathVS2017 + } } + Write-Verbose -Verbose "Checking if we found vcvarsall.bat" + if ([string]::IsNullOrEmpty($vcvarsallbatPath) -or (Test-Path -Path $vcvarsallbatPath) -eq $false) { throw "Could not find Visual Studio vcvarsall.bat at $vcvarsallbatPath. Please ensure the optional feature 'Common Tools for Visual C++' is installed." } @@ -285,23 +330,38 @@ function Start-BuildNativeWindowsBinaries { try { Push-Location "$PSScriptRoot\src\powershell-native" - # setup cmakeGenerator - $cmakeGeneratorPlatform = "" - if ($Arch -eq 'x86') { - $cmakeGenerator = 'Visual Studio 15 2017' - $cmakeArch = 'x86' - } elseif ($Arch -eq 'x64_arm') { - $cmakeGenerator = 'Visual Studio 15 2017 ARM' - $cmakeArch = 'arm' - } elseif ($Arch -eq 'x64_arm64') { - $cmakeGenerator = 'Visual Studio 15 2017' - $cmakeArch = 'arm64' - $cmakeGeneratorPlatform = "-A ARM64" - } else { - $cmakeGenerator = 'Visual Studio 15 2017 Win64' - $cmakeArch = 'x64' + if ($vcPath -notlike '*14.0*') { + # setup cmakeGenerator + $cmakeGeneratorPlatform = "" + if ($Arch -eq 'x86') { + $cmakeGenerator = 'Visual Studio 17 2022' + $cmakeArch = 'x86' + $cmakeGeneratorPlatform = "-A Win32" + } elseif ($Arch -eq 'x64_arm64') { + $cmakeGenerator = 'Visual Studio 17 2022' + $cmakeArch = 'arm64' + $cmakeGeneratorPlatform = "-A ARM64" + } else { + $cmakeGenerator = 'Visual Studio 17 2022' + $cmakeArch = 'x64' + $cmakeGeneratorPlatform = "-A x64" + } + } + else { + # setup cmakeGenerator + $cmakeGeneratorPlatform = "" + if ($Arch -eq 'x86') { + $cmakeGenerator = 'Visual Studio 15 2017' + $cmakeArch = 'x86' + } elseif ($Arch -eq 'x64_arm64') { + $cmakeGenerator = 'Visual Studio 15 2017' + $cmakeArch = 'arm64' + $cmakeGeneratorPlatform = "-A ARM64" + } else { + $cmakeGenerator = 'Visual Studio 15 2017 Win64' + $cmakeArch = 'x64' + } } - # Compile native resources $currentLocation = Get-Location $savedPath = $env:PATH @@ -403,8 +463,8 @@ function Start-BuildNativeUnixBinaries { return } - if (($BuildLinuxArm -or $BuildLinuxArm64) -and -not $Environment.IsUbuntu) { - throw "Cross compiling for linux-arm/linux-arm64 are only supported on Ubuntu environment" + if (($BuildLinuxArm -or $BuildLinuxArm64) -and -not ($Environment.IsUbuntu -or $Environment.IsMariner)) { + throw "Cross compiling for linux-arm/linux-arm64 are only supported on Ubuntu environment: Environment IsMariner: $($Environment.IsMariner) IsUbuntu: $($Environment.IsUbuntu)" } # Verify we have all tools in place to do the build @@ -413,12 +473,12 @@ function Start-BuildNativeUnixBinaries { $precheck = $precheck -and (precheck $Dependency "Build dependency '$Dependency' not found. Run 'Start-PSBootstrap'.") } - if ($BuildLinuxArm) { - foreach ($Dependency in 'arm-linux-gnueabihf-gcc', 'arm-linux-gnueabihf-g++') { + if ($BuildLinuxArm64) { + foreach ($Dependency in 'cmake', 'make', 'g++') { $precheck = $precheck -and (precheck $Dependency "Build dependency '$Dependency' not found. Run 'Start-PSBootstrap'.") } - } elseif ($BuildLinuxArm64) { - foreach ($Dependency in 'aarch64-linux-gnu-gcc', 'aarch64-linux-gnu-g++') { + } elseif ($BuildLinuxArm) { + foreach ($Dependency in 'arm-linux-gnueabihf-gcc', 'arm-linux-gnueabihf-g++') { $precheck = $precheck -and (precheck $Dependency "Build dependency '$Dependency' not found. Run 'Start-PSBootstrap'.") } } @@ -465,7 +525,7 @@ function Start-BuildNativeUnixBinaries { Start-NativeExecution { make -j } } elseif ($IsMacOS) { - Start-NativeExecution { cmake -DCMAKE_TOOLCHAIN_FILE="./macos.toolchain.cmake" . } + Start-NativeExecution { cmake -DCMAKE_POLICY_VERSION_MINIMUM='3.5' -DCMAKE_TOOLCHAIN_FILE="./macos.toolchain.cmake" . } Start-NativeExecution { make -j } Start-NativeExecution { ctest --verbose } } @@ -505,10 +565,6 @@ function Start-BuildPowerShellNativePackage [ValidateScript({Test-Path $_ -PathType Leaf})] [string] $WindowsX86ZipPath, - [Parameter(Mandatory = $true)] - [ValidateScript({Test-Path $_ -PathType Leaf})] - [string] $WindowsARMZipPath, - [Parameter(Mandatory = $true)] [ValidateScript({Test-Path $_ -PathType Leaf})] [string] $WindowsARM64ZipPath, @@ -545,7 +601,6 @@ function Start-BuildPowerShellNativePackage $BinFolderX64 = Join-Path $tempExtractionPath "x64" $BinFolderX86 = Join-Path $tempExtractionPath "x86" - $BinFolderARM = Join-Path $tempExtractionPath "ARM" $BinFolderARM64 = Join-Path $tempExtractionPath "ARM64" $BinFolderLinux = Join-Path $tempExtractionPath "Linux" $BinFolderLinuxARM = Join-Path $tempExtractionPath "LinuxARM" @@ -555,7 +610,6 @@ function Start-BuildPowerShellNativePackage Expand-Archive -Path $WindowsX64ZipPath -DestinationPath $BinFolderX64 -Force Expand-Archive -Path $WindowsX86ZipPath -DestinationPath $BinFolderX86 -Force - Expand-Archive -Path $WindowsARMZipPath -DestinationPath $BinFolderARM -Force Expand-Archive -Path $WindowsARM64ZipPath -DestinationPath $BinFolderARM64 -Force Expand-Archive -Path $LinuxZipPath -DestinationPath $BinFolderLinux -Force Expand-Archive -Path $LinuxAlpineZipPath -DestinationPath $BinFolderLinuxAlpine -Force @@ -563,7 +617,7 @@ function Start-BuildPowerShellNativePackage Expand-Archive -Path $LinuxARM64ZipPath -DestinationPath $BinFolderLinuxARM64 -Force Expand-Archive -Path $macOSZipPath -DestinationPath $BinFolderMacOS -Force - PlaceWindowsNativeBinaries -PackageRoot $PackageRoot -BinFolderX64 $BinFolderX64 -BinFolderX86 $BinFolderX86 -BinFolderARM $BinFolderARM -BinFolderARM64 $BinFolderARM64 + PlaceWindowsNativeBinaries -PackageRoot $PackageRoot -BinFolderX64 $BinFolderX64 -BinFolderX86 $BinFolderX86 -BinFolderARM64 $BinFolderARM64 PlaceUnixBinaries -PackageRoot $PackageRoot -BinFolderLinux $BinFolderLinux -BinFolderLinuxARM $BinFolderLinuxARM -BinFolderLinuxARM64 $BinFolderLinuxARM64 -BinFolderOSX $BinFolderMacOS -BinFolderLinuxAlpine $BinFolderLinuxAlpine @@ -688,10 +742,6 @@ function PlaceWindowsNativeBinaries [ValidateScript({Test-Path $_ -PathType Container})] $BinFolderX86, - [Parameter(Mandatory = $true)] - [ValidateScript({Test-Path $_ -PathType Container})] - $BinFolderARM, - [Parameter(Mandatory = $true)] [ValidateScript({Test-Path $_ -PathType Container})] $BinFolderARM64 @@ -699,12 +749,10 @@ function PlaceWindowsNativeBinaries $RuntimePathX64 = New-Item -ItemType Directory -Path (Join-Path $PackageRoot -ChildPath 'runtimes/win-x64/native') -Force $RuntimePathX86 = New-Item -ItemType Directory -Path (Join-Path $PackageRoot -ChildPath 'runtimes/win-x86/native') -Force - $RuntimePathARM = New-Item -ItemType Directory -Path (Join-Path $PackageRoot -ChildPath 'runtimes/win-arm/native') -Force $RuntimePathARM64 = New-Item -ItemType Directory -Path (Join-Path $PackageRoot -ChildPath 'runtimes/win-arm64/native') -Force Copy-Item "$BinFolderX64\*" -Destination $RuntimePathX64 -Verbose -Exclude '*.pdb' Copy-Item "$BinFolderX86\*" -Destination $RuntimePathX86 -Verbose -Exclude '*.pdb' - Copy-Item "$BinFolderARM\*" -Destination $RuntimePathARM -Verbose -Exclude '*.pdb' Copy-Item "$BinFolderARM64\*" -Destination $RuntimePathARM64 -Verbose -Exclude '*.pdb' } @@ -787,8 +835,8 @@ function Start-PSBuild { [string]$ReleaseTag ) - if (($Runtime -eq "linux-arm" -or $Runtime -eq "linux-arm64") -and -not $Environment.IsUbuntu) { - throw "Cross compiling for linux-arm/linux-arm64 are only supported on Ubuntu environment" + if (($Runtime -eq "linux-arm" -or $Runtime -eq "linux-arm64") -and -not ($Environment.IsUbuntu -or $Environment.IsMariner)) { + throw "Cross compiling for linux-arm/linux-arm64 are only supported on Ubuntu environment: Environment IsMariner: $($Environment.IsMariner) IsUbuntu: $($Environment.IsUbuntu)" } if ("win-arm","win-arm64" -contains $Runtime -and -not $Environment.IsWindows) { @@ -1893,10 +1941,12 @@ function Install-Dotnet { } function Get-RedHatPackageManager { - if ($Environment.IsCentOS -or $Environment.IsRedHat) { + if ($environment.IsCentOS -or (Get-Command -Name yum -CommandType Application -ErrorAction SilentlyContinue)) { "yum install -y -q" - } elseif ($Environment.IsFedora) { + } elseif ($environment.IsFedora -or (Get-Command -Name dnf -CommandType Application -ErrorAction SilentlyContinue)) { "dnf install -y -q" + } elseif ($environment.IsMariner -or (Get-Command -Name tdnf -CommandType Application -ErrorAction SilentlyContinue)) { + "tdnf install -y" } else { throw "Error determining package manager for this distribution." } @@ -1939,8 +1989,8 @@ function Start-PSBootstrap { Pop-Location } - if (($BuildLinuxArm -or $BuildLinuxArm64) -and -not $Environment.IsUbuntu) { - Write-Error "Cross compiling for linux-arm/linux-arm64 are only supported on Ubuntu environment" + if (($BuildLinuxArm -or $BuildLinuxArm64) -and -not ($Environment.IsUbuntu -or $Environment.IsMariner)) { + Write-Error "Cross compiling for linux-arm/linux-arm64 are only supported on Ubuntu environment: Environment IsMariner: $($Environment.IsMariner) IsUbuntu: $($Environment.IsUbuntu)" return } @@ -1978,7 +2028,7 @@ function Start-PSBootstrap { # change the apt frontend back to the original $env:DEBIAN_FRONTEND=$originalDebianFrontEnd } - } elseif ($Environment.IsRedHatFamily) { + } elseif ($Environment.IsRedHatFamily -or $Environment.IsMariner) { # Build tools $Deps += "which", "curl", "wget" @@ -2052,7 +2102,7 @@ function Start-PSBootstrap { Start-NativeExecution { brew install $Deps } -IgnoreExitcode # Install patched version of curl - Start-NativeExecution { brew install curl --with-openssl --with-gssapi } -IgnoreExitcode + Start-NativeExecution { brew install curl } -IgnoreExitcode } elseif ($Environment.IsAlpine) { $Deps += "build-base", "gcc", "abuild", "binutils", "git", "python3", "bash", "cmake" diff --git a/owners.txt b/owners.txt new file mode 100644 index 0000000..e1ce71c --- /dev/null +++ b/owners.txt @@ -0,0 +1,12 @@ +; This owners.txt file was initially populated by StartRight. Every code +; change inside of an Ownership Enforcer enabled branch (such as master) must be +; approved by at least one expert listed in an applicable owners.txt file. This +; root owners.txt file is applicable to every change. Targeted experts can be +; defined by placing an owners.txt file inside any subdirectory. More information +; about Ownership Enforcer can be found at https://aka.ms/ownershipenforcer. +anwieber +adityap +andschwa +tplunk +slee +dongbow \ No newline at end of file diff --git a/src/libpsl-native/CMakeLists.txt b/src/libpsl-native/CMakeLists.txt index dc7be71..0b357be 100644 --- a/src/libpsl-native/CMakeLists.txt +++ b/src/libpsl-native/CMakeLists.txt @@ -1,4 +1,4 @@ -cmake_minimum_required(VERSION 2.8.11) +cmake_minimum_required(VERSION 3.5) project(PSL-NATIVE) # Can't use add_compile_options with 2.8.11 diff --git a/src/libpsl-native/arm64.toolchain.cmake b/src/libpsl-native/arm64.toolchain.cmake index 09a4d9d..13d60df 100644 --- a/src/libpsl-native/arm64.toolchain.cmake +++ b/src/libpsl-native/arm64.toolchain.cmake @@ -1,9 +1,9 @@ set(CMAKE_SYSTEM_NAME Linux) set(CMAKE_SYSTEM_VERSION 1) set(CMAKE_SYSTEM_PROCESSOR aarch64) -set(CMAKE_CXX_COMPILER aarch64-linux-gnu-g++ -fstack-protector-strong -fpie -D_FORTIFY_SOURCE=2) +set(CMAKE_CXX_COMPILER g++ -fstack-protector-strong -fpie -D_FORTIFY_SOURCE=2) set(CMAKE_SHARED_LINKER_FLAGS "-Wl,-z,relro,-z,now") -set(CMAKE_C_COMPILER aarch64-linux-gnu-gcc) +set(CMAKE_C_COMPILER gcc) add_compile_options(-g) diff --git a/src/libpsl-native/macos.toolchain.cmake b/src/libpsl-native/macos.toolchain.cmake index 2f9ccd2..f70c9e9 100644 --- a/src/libpsl-native/macos.toolchain.cmake +++ b/src/libpsl-native/macos.toolchain.cmake @@ -1,4 +1,4 @@ -cmake_minimum_required(VERSION 3.19) +cmake_minimum_required(VERSION 3.10...4.1) SET(CMAKE_OSX_ARCHITECTURES "x86_64;arm64" CACHE STRING "" FORCE) add_compile_options(-g -mmacosx-version-min=10.9) diff --git a/src/libpsl-native/test/CMakeLists.txt b/src/libpsl-native/test/CMakeLists.txt index 9d3f4f5..21a25fc 100644 --- a/src/libpsl-native/test/CMakeLists.txt +++ b/src/libpsl-native/test/CMakeLists.txt @@ -2,7 +2,6 @@ add_subdirectory(googletest) add_executable(psl-native-test test-getfileowner.cpp - test-locale.cpp test-getuserfrompid.cpp test-getcurrentprocessid.cpp test-getcomputername.cpp diff --git a/src/libpsl-native/test/test-locale.cpp b/src/libpsl-native/test/test-locale.cpp deleted file mode 100644 index f2d15ed..0000000 --- a/src/libpsl-native/test/test-locale.cpp +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT License. - -//! @brief Unit tests for linux locale - -#include -#include -#include -#include -#include -//! Test fixture for LocaleTest - -class LocaleTest : public ::testing::Test -{ -}; - -TEST_F(LocaleTest, Success) -{ - setlocale(LC_ALL, ""); - ASSERT_FALSE(nl_langinfo(CODESET) == NULL); - ASSERT_STREQ(nl_langinfo(CODESET), "UTF-8"); -} diff --git a/tools/releaseBuild/PowershellNative.ps1 b/tools/releaseBuild/PowershellNative.ps1 index 1bb9beb..609302d 100644 --- a/tools/releaseBuild/PowershellNative.ps1 +++ b/tools/releaseBuild/PowershellNative.ps1 @@ -6,7 +6,7 @@ param ( [Parameter(Mandatory, ParameterSetName = 'Build')] - [ValidateSet('x64', 'x86', 'x64_arm', 'x64_arm64', 'linux-x64', 'osx', 'linux-arm', 'linux-arm64', 'linux-musl-x64')] + [ValidateSet('x64', 'x86', 'x64_arm64', 'linux-x64', 'osx', 'linux-arm', 'linux-arm64', 'linux-musl-x64')] [string] $Arch,