diff --git a/.gdn/.gdnsettings b/.gdn/.gdnsettings new file mode 100644 index 00000000..9ebd4133 --- /dev/null +++ b/.gdn/.gdnsettings @@ -0,0 +1,7 @@ +{ + "files": { }, + "folders": { }, + "overwriteLogs": true, + "telemetryFlushTimeout": 10, + "variables": { } +} diff --git a/.gdn/.gdnsuppress b/.gdn/.gdnsuppress new file mode 100644 index 00000000..db137921 --- /dev/null +++ b/.gdn/.gdnsuppress @@ -0,0 +1,160 @@ +{ + "hydrated": false, + "properties": { + "helpUri": "https://eng.ms/docs/microsoft-security/security/azure-security/cloudai-security-fundamentals-engineering/security-integration/guardian-wiki/microsoft-guardian/general/suppressions", + "hydrationStatus": "This file does not contain identifying data. It is safe to check into your repo. To hydrate this file with identifying data, run `guardian hydrate --help` and follow the guidance." + }, + "version": "1.0.0", + "suppressionSets": { + "default": { + "name": "default", + "createdDate": "2024-02-13 23:43:02Z", + "lastUpdatedDate": "2024-02-15 20:19:17Z" + } + }, + "results": { + "106ebf57147abe7cd400e99216306929d7fa316d10e3d30dc218c74b9bd7795e": { + "signature": "106ebf57147abe7cd400e99216306929d7fa316d10e3d30dc218c74b9bd7795e", + "alternativeSignatures": [ + "f7e9384d5be4600dadfdbeceff23d1468f682e9d6998ce6d54f9379bbe1e535a" + ], + "memberOf": [ + "default" + ], + "justification": "Reference to an external vcpkg .ps1 file.", + "createdDate": "2024-02-13 23:43:02Z" + }, + "cb309d5a322c6d545bc8304bc6bc21953f5d953dcc2ef54f9f66e9d2a41cd5af": { + "signature": "cb309d5a322c6d545bc8304bc6bc21953f5d953dcc2ef54f9f66e9d2a41cd5af", + "alternativeSignatures": [ + "ff4304de20e5d510170ae65c7fe48212f33fcfa5c0a3d8a45eee175c04101153" + ], + "memberOf": [ + "default" + ], + "justification": "Suppressing BA2007 triggered by the addition of -wd4996 required to build external bzip2 dependency with /sdl flag.", + "createdDate": "2024-02-15 19:39:18Z" + }, + "47d725f1446c35b0410c9774133d814fd3200f89bc0857bd81df4ac73ffcb90e": { + "signature": "47d725f1446c35b0410c9774133d814fd3200f89bc0857bd81df4ac73ffcb90e", + "alternativeSignatures": [ + "4394b51c48c696764500c59f00680af353a9a744a82906347a413359f9cfd452" + ], + "memberOf": [ + "default" + ], + "justification": "Suppressing BA2007 triggered by the addition of -wd4996 required to build external bzip2 dependency with /sdl flag.", + "createdDate": "2024-02-15 19:39:18Z" + }, + "5f3b04604481e5a1f6a33d01a244db1fc6b2fd02b3b078cf7dfe6cc04e076276": { + "signature": "5f3b04604481e5a1f6a33d01a244db1fc6b2fd02b3b078cf7dfe6cc04e076276", + "alternativeSignatures": [ + "ba25311c4c43e2873bee240e8c4c68682272eb5bc58c97339791be287e8c96a2" + ], + "memberOf": [ + "default" + ], + "justification": "Suppressing BA2007 triggered by the addition of -wd4996 required to build external bzip2 dependency with /sdl flag.", + "createdDate": "2024-02-15 19:39:18Z" + }, + "39b5eea31b6779ed59ae6854d2c15e17ceb93e3067a87138748fc8f02d734625": { + "signature": "39b5eea31b6779ed59ae6854d2c15e17ceb93e3067a87138748fc8f02d734625", + "alternativeSignatures": [ + "59a87f4e078c6ab72fe39adc6139c86d18cddbcd40221114c4a683666bcaadf4" + ], + "memberOf": [ + "default" + ], + "justification": "Unable to resolve BA2007 for external lzsbuild/deps/win32 file 'example.exe'.", + "createdDate": "2024-02-15 20:19:17Z" + }, + "4b61adeeb4b0237fbe2352c290a84dc686067351e66810c27192c6a00d9ecbc7": { + "signature": "4b61adeeb4b0237fbe2352c290a84dc686067351e66810c27192c6a00d9ecbc7", + "alternativeSignatures": [ + "cf7a67d41e8f7415d089d7007de01417f73c41b842480682686b6b326042ef12" + ], + "memberOf": [ + "default" + ], + "justification": "Unable to resolve BA2007 for external lzsbuild/deps/win32 file 'minigzip.exe'.", + "createdDate": "2024-02-15 20:19:17Z" + }, + "14d9bf44b59382ea3316fb01edba5c49251fac10cfa0b0e1c5e4053ea2daf7a7": { + "signature": "14d9bf44b59382ea3316fb01edba5c49251fac10cfa0b0e1c5e4053ea2daf7a7", + "alternativeSignatures": [ + "34132c90cef21d1559d791ca3374054b3498293e9af99ebaf0a97ebdf2117359" + ], + "memberOf": [ + "default" + ], + "justification": "Unable to resolve BA2007 for external lzsbuild/deps/win32 file 'zlib.dll'.", + "createdDate": "2024-02-15 20:19:17Z" + }, + "32c95027d0378e43655c6ae1d1d94d175b5ae0a80f7a09ab5ef877c82c8613cf": { + "signature": "32c95027d0378e43655c6ae1d1d94d175b5ae0a80f7a09ab5ef877c82c8613cf", + "alternativeSignatures": [ + "3b8cc35f6043d60895fc2b58aa0e340f26168e7276e77d32a2290ce8f52e87a7" + ], + "memberOf": [ + "default" + ], + "justification": "Unable to resolve BA2007 for external lzsbuild/deps/win64 file 'example.exe'.", + "createdDate": "2024-02-15 20:19:17Z" + }, + "714c09b687b522c384ad4f562ad7fc22b4a3cc486f4e111da2ef9f9f7049bbd9": { + "signature": "714c09b687b522c384ad4f562ad7fc22b4a3cc486f4e111da2ef9f9f7049bbd9", + "alternativeSignatures": [ + "c319ab28b12c0772a32e11a1b8adfbf5d31d940c26f65d547508fbbe067479c7" + ], + "memberOf": [ + "default" + ], + "justification": "Unable to resolve BA2007 for external lzsbuild/deps/win64 file 'minigzip.exe'.", + "createdDate": "2024-02-15 20:19:17Z" + }, + "7d646d44fc117d94d024aeb65acccd6a6c78ea2f7a67a9925ec0720ca14fc16d": { + "signature": "7d646d44fc117d94d024aeb65acccd6a6c78ea2f7a67a9925ec0720ca14fc16d", + "alternativeSignatures": [ + "b6cd355613757ef82eba700719a1957211688374b0841271340c10a65ca913ba" + ], + "memberOf": [ + "default" + ], + "justification": "Unable to resolve BA2007 for external lzsbuild/deps/win64 file 'zlib.dll'.", + "createdDate": "2024-02-15 20:19:17Z" + }, + "075eeab70a88345e6e142f97544de5be84cb85c87ba36ec229a2a4df5d482337": { + "signature": "075eeab70a88345e6e142f97544de5be84cb85c87ba36ec229a2a4df5d482337", + "alternativeSignatures": [ + "4cc6ffe05f61e35bd7fa57a5a4b4f82d050e684f11e15ce6eade601aa86d2b11" + ], + "memberOf": [ + "default" + ], + "justification": "Unable to resolve BA2007 for external lzsbuild/deps/winarm64 file 'example.exe'.", + "createdDate": "2024-02-15 20:19:17Z" + }, + "f9e7e5e304a91532f7615d252ba18ea11e52ba6eb28cd78f872a480423351256": { + "signature": "f9e7e5e304a91532f7615d252ba18ea11e52ba6eb28cd78f872a480423351256", + "alternativeSignatures": [ + "13987557036db098921cee21a62d8dc557c4e4136a10220442388eb2f9f18607" + ], + "memberOf": [ + "default" + ], + "justification": "Unable to resolve BA2007 for external lzsbuild/deps/winarm64 file 'minigzip.exe'.", + "createdDate": "2024-02-15 20:19:17Z" + }, + "0ed7f92df9b8d3bf93cf6898af876e9e159b351ce0b2afeb6f153b453be5cdf9": { + "signature": "0ed7f92df9b8d3bf93cf6898af876e9e159b351ce0b2afeb6f153b453be5cdf9", + "alternativeSignatures": [ + "d2dc95e0c5edbdb8ddf1de2e9585c7d55cc1a529edc5c3319da8ed818dc72abf" + ], + "memberOf": [ + "default" + ], + "justification": "Unable to resolve BA2007 for external lzsbuild/deps/winarm64 file 'zlib.dll'.", + "createdDate": "2024-02-15 20:19:17Z" + } + } +} diff --git a/.gdn/.gitignore b/.gdn/.gitignore new file mode 100644 index 00000000..de1a20ab --- /dev/null +++ b/.gdn/.gitignore @@ -0,0 +1,11 @@ +## Ignore Guardian internal files +.r/ +rc/ +rs/ +i/ +p/ +c/ +o/ + +## Ignore Guardian Local settings +LocalSettings.gdn.json diff --git a/.gitmodules b/.gitmodules index 1730679f..916d5ebd 100644 --- a/.gitmodules +++ b/.gitmodules @@ -14,9 +14,7 @@ branch = master [submodule "external/xz"] path = external/xz - url = https://git.tukaani.org/xz.git - branch = master - + url = https://github.com/tukaani-project/xz [submodule "zlib"] path = external/zlib url = https://github.com/madler/zlib.git @@ -24,5 +22,3 @@ [submodule "external/zstd"] path = external/zstd url = https://github.com/facebook/zstd.git -[submodule "https://git.tukaani.org/xz.git"] - url = external/xz diff --git a/CMakeLists.txt b/CMakeLists.txt index f1d5c5db..c38d1ba8 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -228,7 +228,21 @@ if(UNIX) LINKER:-z,relro LINKER:-z,noexecstack LINKER:--no-undefined - ) + ) +else() + set(COMMON_COMPILE_OPTIONS + /Qspectre + /guard:cf + /sdl + /wd4996 + ) + + set(LINKER_OPTIONS + LINKER:/PROFILE + LINKER:/DYNAMICBASE + LINKER:/CETCOMPAT + LINKER:/guard:cf + ) endif() if(APPLE AND BUILD_LIBZIP) @@ -576,7 +590,6 @@ else() target_link_options( ${PROJECT_NAME} PRIVATE - /PROFILE /wholearchive:$ ) endif() diff --git a/azure-pipelines.yml b/azure-pipelines.yml index ff3ae3cc..fdeaba37 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -3,6 +3,7 @@ trigger: include: - main - refs/tags/* + resources: repositories: - repository: internal-templates @@ -10,309 +11,358 @@ resources: name: xamarin/yaml-templates endpoint: xamarin ref: refs/heads/main + - repository: 1esPipelines + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release + +parameters: +- name: OneLocSourceBranch + default: refs/heads/main +- name: Skip1ESComplianceTasks + default: false +- name: SignArtifacts + default: false + variables: - - group: Xamarin-Secrets - - name: DisablePipelineConfigDetector - value: true -stages: - - stage: Build - jobs: - - job: buildWindows - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesWindows2022compliant - variables: - Codeql.Enabled: true - steps: - - script: | - echo "Hello" - git submodule update --init --recursive - displayName: "Update Submodules" - - script: | - build_windows.bat - displayName: "Build" - - task: ArchiveFiles@2 - inputs: - rootFolderOrFile: lzsbuild\lib\win32\RelWithDebInfo\ - includeRootFolder: false - archiveType: 7z - replaceExistingArchive: true - archiveFile: $(Build.ArtifactStagingDirectory)\libzip-windows-x86.7z - - task: ArchiveFiles@2 - inputs: - rootFolderOrFile: lzsbuild\lib\win64\RelWithDebInfo\ - includeRootFolder: false - archiveType: 7z - replaceExistingArchive: true - archiveFile: $(Build.ArtifactStagingDirectory)\libzip-windows-x64.7z - - task: ArchiveFiles@2 - inputs: - rootFolderOrFile: lzsbuild\lib\winarm64\RelWithDebInfo\ - includeRootFolder: false - archiveType: 7z - replaceExistingArchive: true - archiveFile: $(Build.ArtifactStagingDirectory)\libzip-windows-arm-x64.7z - - task: PublishBuildArtifacts@1 - displayName: upload artifacts - inputs: - artifactName: 'native' - pathtoPublish: $(Build.ArtifactStagingDirectory) - - job: buildLinux - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu18.04compliant - variables: - Codeql.Enabled: true - steps: - - bash: | - sudo dpkg --add-architecture i386 - sudo apt -y update - sudo apt -f -u install ninja-build -y - git submodule update --init --recursive - displayName: 'Install Tools' - - bash: | - ./build.sh -v - displayName: 'Build Linux x64' - - task: ArchiveFiles@2 - inputs: - rootFolderOrFile: lzsbuild/lib/Linux/ - includeRootFolder: false - archiveType: 7z - replaceExistingArchive: true - archiveFile: $(Build.ArtifactStagingDirectory)/libzip-linux-x64.7z - - task: PublishBuildArtifacts@1 - displayName: upload artifacts - inputs: - artifactName: 'native' - pathtoPublish: $(Build.ArtifactStagingDirectory) - - job: buildMacOS - dependsOn: - - buildlinux - - buildWindows - pool: - vmImage: internal-macos-11 - variables: - Codeql.Enabled: true - steps: - - bash: | - brew install ninja - git submodule update --init --recursive - displayName: 'Install toolchain' - - bash: | - ./build.sh -v - mkdir -p lzsbuild/lib/Linux - mkdir -p lzsbuild/lib/win64 - mkdir -p lzsbuild/lib/win32 - find lzsbuild -name '*ZipSharpNative*' - displayName: 'Build native' - - task: DownloadBuildArtifacts@0 - displayName: download artifacts - inputs: - artifactName: native - downloadPath: $(Build.ArtifactStagingDirectory) - - task: ExtractFiles@1 - displayName: Extract 64 bit Linux native - inputs: - archiveFilePatterns: $(Build.ArtifactStagingDirectory)/native/libzip-linux-x64.7z - destinationFolder: lzsbuild/lib/Linux - - task: ExtractFiles@1 - displayName: Extract 64 bit Windows native - inputs: - archiveFilePatterns: $(Build.ArtifactStagingDirectory)/native/libzip-windows-x64.7z - destinationFolder: lzsbuild/lib/win64 - - task: ExtractFiles@1 - displayName: Extract 64 bit ARM Windows native - inputs: - archiveFilePatterns: $(Build.ArtifactStagingDirectory)/native/libzip-windows-arm-x64.7z - destinationFolder: lzsbuild/lib/winarm64 - - task: ExtractFiles@1 - displayName: Extract 32 bit Windows native - inputs: - archiveFilePatterns: $(Build.ArtifactStagingDirectory)/native/libzip-windows-x86.7z - destinationFolder: lzsbuild/lib/win32 - - bash: | - rm $(Build.ArtifactStagingDirectory)/native/libzip-linux-*.7z - rm $(Build.ArtifactStagingDirectory)/native/libzip-windows-*.7z - displayName: 'Find libzip' - - task: DotNetCoreCLI@2 - displayName: 'Build solution libZipSharp.csproj' - inputs: - projects: LibZipSharp/libZipSharp.csproj - configuration: Release - arguments: -v:diag -p:RunningOnCI=true - - task: DotNetCoreCLI@2 - displayName: NuGet pack libZipSharp - inputs: - projects: LibZipSharp/libZipSharp.csproj - configuration: Release - arguments: -t:Pack - - task: CopyFiles@2 - displayName: Copy nupkg - inputs: - contents: 'LibZipSharp/*.nupkg' - flattenFolders: true - targetFolder: $(Build.ArtifactStagingDirectory) - - task: CopyFiles@2 - displayName: Copy SignList - inputs: - contents: 'SignList.xml' - targetFolder: $(Build.ArtifactStagingDirectory) - - task: CopyFiles@2 - displayName: Copy snupkg - inputs: - contents: 'LibZipSharp/*.snupkg' - flattenFolders: true - targetFolder: $(Build.ArtifactStagingDirectory) - - task: PublishBuildArtifacts@1 - displayName: upload artifacts - inputs: - artifactName: 'nuget' - pathtoPublish: $(Build.ArtifactStagingDirectory) - - stage: Test - dependsOn: Build - variables: - DotNetCoreVersion: 3.1.201 - DotNetVersion: 7.0.203 - jobs: - - job: testlinux - displayName: 'Test Linux' - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu18.04compliant - steps: - - template: yaml-templates/use-dot-net.yaml - parameters: - version: $(DotNetCoreVersion) - - template: yaml-templates/use-dot-net.yaml - parameters: - version: $(DotNetVersion) - - task: DownloadBuildArtifacts@0 - displayName: download artifacts - inputs: - artifactName: NuGet - downloadPath: $(Build.SourcesDirectory) - - task: DotNetCoreCLI@2 - displayName: 'Build solution LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj' - inputs: - projects: LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj - configuration: Release - arguments: -p:ReferenceNuget=True -v:diag - - task: DotNetCoreCLI@2 - displayName: 'Run Unit tests for .net' - inputs: - command: test - projects: LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj - configuration: Release - arguments: -p:ReferenceNuget=True -v:diag - - job: testmacos - displayName: 'Test MacOS' - pool: - vmImage: internal-macos-11 - steps: - - template: yaml-templates/use-dot-net.yaml - parameters: - version: $(DotNetCoreVersion) - - template: yaml-templates/use-dot-net.yaml - parameters: - version: $(DotNetVersion) - - task: DownloadBuildArtifacts@0 - displayName: download artifacts - inputs: - artifactName: NuGet - downloadPath: $(Build.SourcesDirectory) - - task: DotNetCoreCLI@2 - displayName: 'Build solution LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj' - inputs: - projects: LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj - configuration: Release - arguments: -p:ReferenceNuget=True -v:diag - - task: DotNetCoreCLI@2 - displayName: 'Run Tests under .net' - inputs: - command: test - projects: LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj - configuration: Release - arguments: -p:ReferenceNuget=True -v:diag - - job: testwindows - displayName: 'Test Windows' - pool: +- group: Xamarin-Secrets +- name: DisablePipelineConfigDetector + value: true +- name: WindowsPoolImage1ESPT + value: 1ESPT-Windows2022 +- name: LinuxPoolImage1ESPT + value: 1ESPT-Ubuntu22.04 + +extends: + ${{ if or(eq(variables['Build.Reason'], 'PullRequest'), eq('${{ parameters.Skip1ESComplianceTasks }}', 'true')) }}: + template: v1/1ES.Unofficial.PipelineTemplate.yml@1esPipelines + ${{ else }}: + template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines + parameters: + sdl: + ${{ if eq('${{ parameters.Skip1ESComplianceTasks }}', 'true') }}: + enableAllTools: false + codeql: + runSourceLanguagesInSourceAnalysis: true + suppression: + suppressionFile: $(Build.SourcesDirectory)\.gdn\.gdnsuppress + sourceAnalysisPool: name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesWindows2022compliant - steps: - - template: yaml-templates/use-dot-net.yaml - parameters: - version: $(DotNetCoreVersion) - - template: yaml-templates/use-dot-net.yaml - parameters: - version: $(DotNetVersion) - - task: DownloadBuildArtifacts@0 - displayName: download artifacts - inputs: - artifactName: NuGet - downloadPath: $(Build.SourcesDirectory) - - task: DotNetCoreCLI@2 - displayName: 'Build solution LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj' - inputs: - projects: LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj - configuration: Release - arguments: -p:ReferenceNuget=True -v:diag - - task: DotNetCoreCLI@2 - displayName: 'Run Tests LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj' - inputs: - command: test - projects: LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj - configuration: Release - arguments: -p:ReferenceNuget=True -v:diag + image: $(WindowsPoolImage1ESPT) + os: windows + stages: + - stage: Build + jobs: + - job: buildWindows + pool: + name: AzurePipelines-EO + image: $(WindowsPoolImage1ESPT) + os: windows + variables: + Codeql.Enabled: true + templateContext: + outputs: + - output: pipelineArtifact + displayName: upload artifacts + artifactName: native - windows + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - script: | + echo "Hello" + git submodule update --init --recursive + displayName: "Update Submodules" + - script: | + build_windows.bat + displayName: "Build" + - task: ArchiveFiles@2 + inputs: + rootFolderOrFile: lzsbuild\lib\win32\RelWithDebInfo\ + includeRootFolder: false + archiveType: 7z + replaceExistingArchive: true + archiveFile: $(Build.ArtifactStagingDirectory)\libzip-windows-x86.7z + - task: ArchiveFiles@2 + inputs: + rootFolderOrFile: lzsbuild\lib\win64\RelWithDebInfo\ + includeRootFolder: false + archiveType: 7z + replaceExistingArchive: true + archiveFile: $(Build.ArtifactStagingDirectory)\libzip-windows-x64.7z + - task: ArchiveFiles@2 + inputs: + rootFolderOrFile: lzsbuild\lib\winarm64\RelWithDebInfo\ + includeRootFolder: false + archiveType: 7z + replaceExistingArchive: true + archiveFile: $(Build.ArtifactStagingDirectory)\libzip-windows-arm-x64.7z + + - job: buildLinux + pool: + name: AzurePipelines-EO + image: $(LinuxPoolImage1ESPT) + os: linux + templateContext: + outputs: + - output: pipelineArtifact + displayName: upload artifacts + artifactName: native - linux + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - bash: | + sudo dpkg --add-architecture i386 + sudo apt -y update + sudo apt -f -u install ninja-build -y + git submodule update --init --recursive + displayName: 'Install Tools' + - bash: | + ./build.sh -v + displayName: 'Build Linux x64' + - task: ArchiveFiles@2 + inputs: + rootFolderOrFile: lzsbuild/lib/Linux/ + includeRootFolder: false + archiveType: 7z + replaceExistingArchive: true + archiveFile: $(Build.ArtifactStagingDirectory)/libzip-linux-x64.7z - - stage: Publish - dependsOn: Test - condition: eq(variables['System.TeamProject'], 'devdiv') # only sign the packages when running on Windows, and using the private server which has the certificates - jobs: - - template: sign-artifacts/jobs/v2.yml@internal-templates - parameters: - signListPath: 'SignList.xml' - condition: startsWith(variables['Build.SourceBranch'], 'refs/tags/') + - job: buildMacOS + dependsOn: + - buildlinux + - buildWindows + pool: + name: Azure Pipelines + vmImage: macOS-12 + os: macOS + templateContext: + outputs: + - output: pipelineArtifact + displayName: upload artifacts + artifactName: nuget + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - bash: | + brew install ninja + git submodule update --init --recursive + displayName: 'Install toolchain' + - bash: | + ./build.sh -v + mkdir -p lzsbuild/lib/Linux + mkdir -p lzsbuild/lib/win64 + mkdir -p lzsbuild/lib/win32 + find lzsbuild -name '*ZipSharpNative*' + displayName: 'Build native' + - task: DownloadPipelineArtifact@2 + displayName: download windows artifacts + inputs: + artifactName: native - windows + downloadPath: $(Build.ArtifactStagingDirectory) + - task: DownloadPipelineArtifact@2 + displayName: download linux artifacts + inputs: + artifactName: native - linux + downloadPath: $(Build.ArtifactStagingDirectory) + - task: ExtractFiles@1 + displayName: Extract 64 bit Linux native + inputs: + archiveFilePatterns: $(Build.ArtifactStagingDirectory)/libzip-linux-x64.7z + destinationFolder: lzsbuild/lib/Linux + - task: ExtractFiles@1 + displayName: Extract 64 bit Windows native + inputs: + archiveFilePatterns: $(Build.ArtifactStagingDirectory)/libzip-windows-x64.7z + destinationFolder: lzsbuild/lib/win64 + - task: ExtractFiles@1 + displayName: Extract 64 bit ARM Windows native + inputs: + archiveFilePatterns: $(Build.ArtifactStagingDirectory)/libzip-windows-arm-x64.7z + destinationFolder: lzsbuild/lib/winarm64 + - task: ExtractFiles@1 + displayName: Extract 32 bit Windows native + inputs: + archiveFilePatterns: $(Build.ArtifactStagingDirectory)/libzip-windows-x86.7z + destinationFolder: lzsbuild/lib/win32 + - bash: | + rm $(Build.ArtifactStagingDirectory)/libzip-linux-*.7z + rm $(Build.ArtifactStagingDirectory)/libzip-windows-*.7z + displayName: 'Find libzip' + - task: DotNetCoreCLI@2 + displayName: 'Build solution libZipSharp.csproj' + inputs: + projects: LibZipSharp/libZipSharp.csproj + configuration: Release + arguments: -v:diag -p:RunningOnCI=true + - task: DotNetCoreCLI@2 + displayName: NuGet pack libZipSharp + inputs: + projects: LibZipSharp/libZipSharp.csproj + configuration: Release + arguments: -t:Pack + - task: CopyFiles@2 + displayName: Copy nupkg + inputs: + contents: 'LibZipSharp/*.nupkg' + flattenFolders: true + targetFolder: $(Build.ArtifactStagingDirectory) + - task: CopyFiles@2 + displayName: Copy SignList + inputs: + contents: 'SignList.xml' + targetFolder: $(Build.ArtifactStagingDirectory) + - task: CopyFiles@2 + displayName: Copy snupkg + inputs: + contents: 'LibZipSharp/*.snupkg' + flattenFolders: true + targetFolder: $(Build.ArtifactStagingDirectory) - - stage: Localization - dependsOn: [] - condition: and(eq(variables['System.TeamProject'], 'DevDiv'), eq(variables['Build.SourceBranch'], 'refs/heads/main')) - jobs: - - job: OneLocBuild - displayName: OneLocBuild - pool: VSEngSS-MicroBuild2022-1ES - timeoutInMinutes: 30 - variables: - - group: Xamarin-Secrets - workspace: - clean: all - steps: - - checkout: self - clean: true + - stage: Test + dependsOn: Build + variables: + DotNetCoreVersion: 3.1.201 + DotNetVersion: 7.0.406 + jobs: + - job: testlinux + displayName: 'Test Linux' + pool: + name: AzurePipelines-EO + image: $(LinuxPoolImage1ESPT) + os: linux + steps: + - template: yaml-templates/use-dot-net.yaml@self + parameters: + version: $(DotNetCoreVersion) + - template: yaml-templates/use-dot-net.yaml@self + parameters: + version: $(DotNetVersion) + - task: DownloadPipelineArtifact@2 + displayName: download artifacts + inputs: + artifactName: nuget + downloadPath: $(Build.SourcesDirectory) + - task: DotNetCoreCLI@2 + displayName: 'Build solution LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj' + inputs: + projects: LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj + configuration: Release + arguments: -p:ReferenceNuget=True -v:diag + - task: DotNetCoreCLI@2 + displayName: 'Run Unit tests for .net' + inputs: + command: test + projects: LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj + configuration: Release + arguments: -p:ReferenceNuget=True -v:diag + + - job: testmacos + displayName: 'Test MacOS' + pool: + name: Azure Pipelines + vmImage: macOS-12 + os: macOS + steps: + - template: yaml-templates/use-dot-net.yaml@self + parameters: + version: $(DotNetCoreVersion) + - template: yaml-templates/use-dot-net.yaml@self + parameters: + version: $(DotNetVersion) + - task: DownloadPipelineArtifact@2 + displayName: download artifacts + inputs: + artifactName: nuget + downloadPath: $(Build.SourcesDirectory) + - task: DotNetCoreCLI@2 + displayName: 'Build solution LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj' + inputs: + projects: LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj + configuration: Release + arguments: -p:ReferenceNuget=True -v:diag + - task: DotNetCoreCLI@2 + displayName: 'Run Tests under .net' + inputs: + command: test + projects: LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj + configuration: Release + arguments: -p:ReferenceNuget=True -v:diag + + - job: testwindows + displayName: 'Test Windows' + pool: + name: AzurePipelines-EO + image: $(WindowsPoolImage1ESPT) + os: windows + steps: + - template: yaml-templates/use-dot-net.yaml@self + parameters: + version: $(DotNetCoreVersion) + - template: yaml-templates/use-dot-net.yaml@self + parameters: + version: $(DotNetVersion) + - task: DownloadPipelineArtifact@2 + displayName: download artifacts + inputs: + artifactName: nuget + downloadPath: $(Build.SourcesDirectory) + - task: DotNetCoreCLI@2 + displayName: 'Build solution LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj' + inputs: + projects: LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj + configuration: Release + arguments: -p:ReferenceNuget=True -v:diag + - task: DotNetCoreCLI@2 + displayName: 'Run Tests LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj' + inputs: + command: test + projects: LibZipSharp.UnitTest/LibZipSharp.UnitTest.csproj + configuration: Release + arguments: -p:ReferenceNuget=True -v:diag + + - stage: Publish + dependsOn: Build + condition: and(eq(dependencies.Build.result, 'Succeeded'), eq(variables['System.TeamProject'], 'devdiv'), or(startsWith(variables['Build.SourceBranch'], 'refs/tags/'), eq('${{ parameters.SignArtifacts }}', 'true'))) # only sign the packages when running on Windows, and using the private server which has the certificates + jobs: + - template: sign-artifacts/jobs/v2.yml@internal-templates + parameters: + usePipelineArtifactTasks: true + use1ESTemplate: true + signListPath: 'SignList.xml' - - task: OneLocBuild@2 - displayName: OneLocBuild - env: - SYSTEM_ACCESSTOKEN: $(System.AccessToken) - inputs: - locProj: Localize/LocProject.json - outDir: $(Build.StagingDirectory) - packageSourceAuth: patAuth - patVariable: $(OneLocBuild--PAT) - isCreatePrSelected: true - repoType: gitHub - gitHubPatVariable: $(github--pat--vs-mobiletools-engineering-service2) - prSourceBranchPrefix: locpr - isShouldReusePrSelected: true - isAutoCompletePrSelected: false - isUseLfLineEndingsSelected: true + - stage: Localization + dependsOn: [] + condition: and(eq(variables['System.TeamProject'], 'DevDiv'), eq(variables['Build.SourceBranch'], '${{ parameters.OneLocSourceBranch }}')) + jobs: + - job: OneLocBuild + displayName: OneLocBuild + pool: VSEngSS-MicroBuild2022-1ES + timeoutInMinutes: 30 + variables: + - group: Xamarin-Secrets + workspace: + clean: all + templateContext: + outputs: + - output: pipelineArtifact + displayName: Publish Localization Files + condition: succeededOrFailed() + targetPath: $(Build.StagingDirectory)/loc + artifactName: Loc + steps: + - checkout: self + clean: true - - task: PublishBuildArtifacts@1 - displayName: Publish Localization Files - inputs: - PathtoPublish: $(Build.StagingDirectory)/loc - ArtifactName: Loc - condition: succeededOrFailed() + - task: OneLocBuild@2 + displayName: OneLocBuild + env: + SYSTEM_ACCESSTOKEN: $(System.AccessToken) + inputs: + locProj: Localize/LocProject.json + outDir: $(Build.StagingDirectory) + packageSourceAuth: patAuth + patVariable: $(OneLocBuild--PAT) + isCreatePrSelected: true + repoType: gitHub + gitHubPatVariable: $(github--pat--vs-mobiletools-engineering-service2) + prSourceBranchPrefix: locpr + isShouldReusePrSelected: true + isAutoCompletePrSelected: false + isUseLfLineEndingsSelected: true diff --git a/build_windows.bat b/build_windows.bat index 412e6ff0..d289c74d 100644 --- a/build_windows.bat +++ b/build_windows.bat @@ -19,6 +19,12 @@ set ARTIFACTS_DIR_ROOT_ARM64=%ARTIFACTS_DIR_ROOT%\winarm64 set CONFIG=RelWithDebInfo set COMMON_CMAKE_PARAMS=-DCMAKE_BUILD_TYPE=%CONFIG% -G "Visual Studio 17 2022" +set CPARAMS_DEPS=-DCMAKE_C_FLAGS_INIT="/Qspectre /guard:cf /sdl /wd4996" +set CPARAMS=-DCMAKE_C_FLAGS_INIT="/Qspectre /guard:cf /sdl" +set CXXPARAMS=-DCMAKE_CXX_FLAGS_INIT="/W3" +set LINKER_PARAMS=-DCMAKE_EXE_LINKER_FLAGS_INIT="/PROFILE /DYNAMICBASE /CETCOMPAT /guard:cf" +set LINKER_PARAMS_ARM64=-DCMAKE_EXE_LINKER_FLAGS_INIT="/PROFILE /DYNAMICBASE /guard:cf" + echo Common cmake params: %COMMON_CMAKE_PARAMS% echo 32-bit dependencies artifacts dir: %ARTIFACTS_DIR_ROOT_32% echo 64-bit dependencies artifacts dir: %ARTIFACTS_DIR_ROOT_64% @@ -43,6 +49,9 @@ if %errorlevel% neq 0 exit /b %errorlevel% REM 64-bit deps mkdir "%DEPS_BUILD_DIR_ROOT_64%" cmake %COMMON_CMAKE_PARAMS% ^ + %CPARAMS_DEPS% ^ + %CXXPARAMS% ^ + %LINKER_PARAMS% ^ -B "%DEPS_BUILD_DIR_ROOT_64%" ^ -DVCPKG_TARGET_TRIPLET=x64-windows-static ^ -DBUILD_DEPENDENCIES=ON ^ @@ -61,6 +70,9 @@ if %errorlevel% neq 0 exit /b %errorlevel% REM 64-bit arm deps mkdir "%DEPS_BUILD_DIR_ROOT_ARM64%" cmake %COMMON_CMAKE_PARAMS% ^ + %CPARAMS_DEPS% ^ + %CXXPARAMS% ^ + %LINKER_PARAMS_ARM64% ^ -B "%DEPS_BUILD_DIR_ROOT_ARM64%" ^ -DVCPKG_TARGET_TRIPLET=arm-windows-static ^ -DBUILD_DEPENDENCIES=ON ^ @@ -79,6 +91,9 @@ if %errorlevel% neq 0 exit /b %errorlevel% REM 32-bit deps mkdir "%DEPS_BUILD_DIR_ROOT_32%" cmake %COMMON_CMAKE_PARAMS% ^ + %CPARAMS_DEPS% ^ + %CXXPARAMS% ^ + %LINKER_PARAMS% ^ -B "%DEPS_BUILD_DIR_ROOT_32%" ^ -DVCPKG_TARGET_TRIPLET=x86-windows-static ^ -DBUILD_DEPENDENCIES=ON ^ @@ -98,6 +113,9 @@ if %errorlevel% neq 0 exit /b %errorlevel% REM 64-bit library mkdir "%LIB_BUILD_DIR_ROOT_64%" cmake %COMMON_CMAKE_PARAMS% ^ + %CPARAMS% ^ + %CXXPARAMS% ^ + %LINKER_PARAMS% ^ -B "%LIB_BUILD_DIR_ROOT_64%" ^ -DVCPKG_TARGET_TRIPLET=x64-windows-static ^ -DBUILD_LIBZIP=ON ^ @@ -113,6 +131,9 @@ if %errorlevel% neq 0 exit /b %errorlevel% REM 64-bit arm library mkdir "%LIB_BUILD_DIR_ROOT_ARM64%" cmake %COMMON_CMAKE_PARAMS% ^ + %CPARAMS% ^ + %CXXPARAMS% ^ + %LINKER_PARAMS_ARM64% ^ -B "%LIB_BUILD_DIR_ROOT_ARM64%" ^ -DVCPKG_TARGET_TRIPLET=arm-windows-static ^ -DBUILD_LIBZIP=ON ^ @@ -128,6 +149,9 @@ if %errorlevel% neq 0 exit /b %errorlevel% REM 32-bit library mkdir "%LIB_BUILD_DIR_ROOT_32%" cmake %COMMON_CMAKE_PARAMS% ^ + %CPARAMS% ^ + %CXXPARAMS% ^ + %LINKER_PARAMS% ^ -B "%LIB_BUILD_DIR_ROOT_32%" ^ -DVCPKG_TARGET_TRIPLET=x86-windows-static ^ -DBUILD_LIBZIP=ON ^