diff --git a/.pipelines/Build-Official.yml b/.pipelines/Build-Official.yml index 69cc7aa7..ffbc4523 100644 --- a/.pipelines/Build-Official.yml +++ b/.pipelines/Build-Official.yml @@ -37,7 +37,7 @@ variables: - name: BUILDSECMON_OPT_IN value: true - name: LinuxContainerImage - value: onebranch.azurecr.io/linux/ubuntu-2004:latest + value: mcr.microsoft.com/onebranch/cbl-mariner/build:2.0 - name: WindowsContainerImage value: onebranch.azurecr.io/windows/ltsc2019/vse2022:latest - name: CDP_DEFINITION_BUILD_COUNT diff --git a/.pipelines/Package-Official.yml b/.pipelines/Package-Official.yml index b7b7d8bc..767eb604 100644 --- a/.pipelines/Package-Official.yml +++ b/.pipelines/Package-Official.yml @@ -142,6 +142,6 @@ extends: - template: /.pipelines/templates/nupkg-package.yml@self - stage: upload - dependsOn: [mac_package, windows_package, linux_package, module, nupkg] + dependsOn: [mac, windows, linux, module, nupkg] jobs: - template: /.pipelines/templates/upload-to-Azure.yml@self diff --git a/.pipelines/templates/check-Azure-container.yml b/.pipelines/templates/check-Azure-container.yml index 554a91a6..3a5ef23a 100644 --- a/.pipelines/templates/check-Azure-container.yml +++ b/.pipelines/templates/check-Azure-container.yml @@ -61,7 +61,8 @@ jobs: scriptType: inlineScript azurePowerShellVersion: latestVersion inline: | - $context = New-AzStorageContext -StorageAccountName '$(PSInfraStorageAccount)' + Write-Verbose -Verbose 'Create storage context for $(PSInfraStorageAccount)' + $context = New-AzStorageContext -StorageAccountName '$(PSInfraStorageAccount)' -UseConnectedAccount $containersToDelete = @{ '$web' = 'aish/$(PackageVersion)' 'aish' = '$(PackageVersion)' @@ -83,10 +84,12 @@ jobs: } else { throw "Azure blob container '$virtualContainer' already exists. To overwrite, use the 'ForceAzureBlobDelete' parameter" } + } else { + Write-Verbose -Verbose "No blob found under '$virtualContainer'" } } catch { - if ($_.FullyQualifiedErrorId -eq 'ResourceNotFoundException,Microsoft.WindowsAzure.Commands.Storage.Blob.Cmdlet.GetAzureStorageContainerCommand') { + if ($_.FullyQualifiedErrorId -eq 'RequestFailedException,Microsoft.WindowsAzure.Commands.Storage.Blob.Cmdlet.GetAzureStorageBlobCommand') { Write-Verbose -Verbose "Container '$virtualContainer' does not exist." } else { throw $_ diff --git a/.pipelines/templates/linux-package.yml b/.pipelines/templates/linux-package.yml index 431e15c6..70ecc4ff 100644 --- a/.pipelines/templates/linux-package.yml +++ b/.pipelines/templates/linux-package.yml @@ -54,7 +54,7 @@ jobs: - pwsh: | $signedFilesPath = "$(Pipeline.Workspace)/AIShellBuildPipeline/drop_linux_sign_$(Architecture)" Write-Verbose -Verbose "Downloaded artifacts: " - Get-ChildItem $signedFilesPath -Recurse + Get-ChildItem $signedFilesPath -Recurse | Out-String -Width 500 -Stream Write-Verbose -Message "Checking 'aish' exists in '$signedFilesPath'" -Verbose if (-not (Test-Path $signedFilesPath/aish)) { @@ -73,14 +73,8 @@ jobs: - pwsh: | Import-Module $(repoRoot)/tools/packaging -Force - $signedFilesPath = "$(Pipeline.Workspace)/AIShellBuildPipeline/drop_macos_sign_$(Architecture)" - - Write-Verbose -Message "Checking 'aish' exists in '$signedFilesPath'" -Verbose - if (-not (Test-Path $signedFilesPath/aish)) { - throw "aish not found in $signedFilesPath" - } + $signedFilesPath = "$(Pipeline.Workspace)/AIShellBuildPipeline/drop_linux_sign_$(Architecture)" - $macosRuntime = "osx-$(Architecture)" $outDir = "$(Pipeline.Workspace)/AIShellBuildPipeline/pkgs" $null = New-Item -ItemType Directory $outDir @@ -95,7 +89,7 @@ jobs: - pwsh: | if (-not (Test-Path $(ob_outputDirectory))) { - New-Item -ItemType Directory -Path $(ob_outputDirectory) -Force + $null = New-Item -ItemType Directory -Path $(ob_outputDirectory) -Force } $pkgFilter = "AIShell-*.tar.gz" @@ -107,5 +101,5 @@ jobs: displayName: 'Copy artifacts to output directory' - pwsh: | - Get-ChildItem -Path $(ob_outputDirectory) -Recurse + Get-ChildItem -Path $(ob_outputDirectory) -Recurse | Out-String -Width 500 -Stream displayName: 'List uploaded artifacts' diff --git a/.pipelines/templates/mac-package.yml b/.pipelines/templates/mac-package.yml index 825871f1..9f2daca6 100644 --- a/.pipelines/templates/mac-package.yml +++ b/.pipelines/templates/mac-package.yml @@ -50,7 +50,7 @@ jobs: - pwsh: | $signedFilesPath = "$(Pipeline.Workspace)/AIShellBuildPipeline/drop_macos_sign_$(Architecture)" Write-Verbose -Verbose "Downloaded artifacts:" - Get-ChildItem $signedFilesPath -Recurse + Get-ChildItem $signedFilesPath -Recurse | Out-String -Width 500 -Stream $version = (Get-Item "$signedFilesPath/AIShell.Abstraction.dll").VersionInfo.ProductVersion $vstsCommandString = "vso[task.setvariable variable=PackageVersion]$version" diff --git a/.pipelines/templates/module-package.yml b/.pipelines/templates/module-package.yml index a26c1c87..b0a9ce4f 100644 --- a/.pipelines/templates/module-package.yml +++ b/.pipelines/templates/module-package.yml @@ -3,7 +3,7 @@ jobs: displayName: Package AIShell module condition: succeeded() pool: - type: windows + type: linux variables: - name: runCodesignValidationInjection @@ -19,13 +19,13 @@ jobs: - name: ob_sdl_sbom_enabled value: false - name: ob_outputDirectory - value: '$(Build.ArtifactStagingDirectory)\ONEBRANCH_ARTIFACT' + value: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT' - name: repoRoot - value: $(Build.SourcesDirectory)\ProjectMercury + value: $(Build.SourcesDirectory)/ProjectMercury - name: ob_sdl_binskim_enabled value: true - name: ob_sdl_tsa_configFile - value: $(repoRoot)\.config\tsaoptions.json + value: $(repoRoot)/.config/tsaoptions.json - name: ob_signing_setup_enabled value: true - name: ob_sdl_codeql_compiled_enabled @@ -50,8 +50,16 @@ jobs: ob_restore_phase: true - pwsh: | + $signedFilePath = "$(Pipeline.Workspace)/AIShellBuildPipeline/drop_module_sign" Write-Verbose -Verbose "Downloaded artifacts: " - Get-ChildItem "$(Pipeline.Workspace)\AIShellBuildPipeline\drop_module_sign" -Recurse + Get-ChildItem $signedFilePath -Recurse | Out-String -Width 500 -Stream + + $moduleFolder = "$(Pipeline.Workspace)/AIShellBuildPipeline/AIShell" + $null = New-Item -ItemType Directory -Path $moduleFolder -Force + + Write-Verbose -Verbose "Move module files to the 'AIShell' module folder: " + Copy-Item -Path "$signedFilePath/*" -Destination $moduleFolder -Recurse -Force -Verbose + Get-ChildItem $moduleFolder -Recurse | Out-String -Width 500 -Stream displayName: 'List downloaded files' # Diagnostics is not critical it passes every time it runs continueOnError: true @@ -59,8 +67,8 @@ jobs: ob_restore_phase: true - pwsh: | - $signedFilePath = "$(Pipeline.Workspace)\AIShellBuildPipeline\drop_module_sign" - $nugetPath = "$(Pipeline.Workspace)\AIShellBuildPipeline\NuGetPackage" + $moduleFolder = "$(Pipeline.Workspace)/AIShellBuildPipeline/AIShell" + $nugetPath = "$(Pipeline.Workspace)/AIShellBuildPipeline/NuGetPackage" New-Item -Path $nugetPath -ItemType Directory > $null $vstsCommandString = "vso[task.setvariable variable=NugetPath]$nugetPath" @@ -70,11 +78,11 @@ jobs: try { $RepoName = "PSRLLocal" Register-PSRepository -Name $RepoName -SourceLocation $nugetPath -PublishLocation $nugetPath -InstallationPolicy Trusted - Publish-Module -Repository $RepoName -Path $signedFilePath + Publish-Module -Repository $RepoName -Path $moduleFolder } finally { Unregister-PSRepository -Name $RepoName -ErrorAction SilentlyContinue } - Get-ChildItem -Path $nugetPath + Get-ChildItem -Path $nugetPath | Out-String -Width 500 -Stream displayName: 'Create the NuGet package' env: ob_restore_phase: true @@ -91,5 +99,5 @@ jobs: displayName: Upload module nupkg inputs: SourceFolder: $(NugetPath) - Contents: '**\*' + Contents: '**/*' TargetFolder: $(ob_outputDirectory) diff --git a/.pipelines/templates/nupkg-package.yml b/.pipelines/templates/nupkg-package.yml index e3ad1227..e0458fe0 100644 --- a/.pipelines/templates/nupkg-package.yml +++ b/.pipelines/templates/nupkg-package.yml @@ -25,6 +25,10 @@ jobs: - group: mscodehub-feed-read-general - group: mscodehub-feed-read-akv - group: DotNetPrivateBuildAccess + - name: ob_sdl_sbom_enabled + value: false + - name: ob_sdl_codeql_compiled_enabled + value: false steps: - checkout: self diff --git a/.pipelines/templates/upload-to-Azure.yml b/.pipelines/templates/upload-to-Azure.yml index 168b35ae..b07f8758 100644 --- a/.pipelines/templates/upload-to-Azure.yml +++ b/.pipelines/templates/upload-to-Azure.yml @@ -40,17 +40,10 @@ jobs: - task: DownloadPipelineArtifact@2 inputs: buildType: 'current' - artifact: drop_mac_package_x64 + artifact: macos-pkgs targetPath: '$(Build.ArtifactStagingDirectory)/downloads' displayName: Download macOS x64 packages - - task: DownloadPipelineArtifact@2 - inputs: - buildType: 'current' - artifact: drop_mac_package_arm64 - targetPath: '$(Build.ArtifactStagingDirectory)/downloads' - displayName: Download macOS arm64 packages - - task: DownloadPipelineArtifact@2 inputs: buildType: 'current' @@ -86,6 +79,20 @@ jobs: targetPath: '$(Build.ArtifactStagingDirectory)/downloads' displayName: Download Windows arm64 packages + - task: DownloadPipelineArtifact@2 + inputs: + buildType: 'current' + artifact: drop_module_package + targetPath: '$(Build.ArtifactStagingDirectory)/downloads' + displayName: Download module package + + - task: DownloadPipelineArtifact@2 + inputs: + buildType: 'current' + artifact: drop_nupkg_package + targetPath: '$(Build.ArtifactStagingDirectory)/downloads' + displayName: Download SDK NuGet package + - pwsh: | Get-ChildItem '$(Build.ArtifactStagingDirectory)/downloads' | ForEach-Object FullName displayName: 'Capture downloads' @@ -121,7 +128,7 @@ jobs: $nupkgName = [System.IO.Path]::GetFileNameWithoutExtension($nupkgFile.Name) $version = $nupkgName.Replace('AIShell.Abstraction.', '') - $storageAccountName = $(PSInfraStorageAccount) + $storageAccountName = '$(PSInfraStorageAccount)' $context = New-AzStorageContext -StorageAccountName $storageAccountName -UseConnectedAccount # Create the public blob container if it doesn't exist diff --git a/.pipelines/templates/windows-package.yml b/.pipelines/templates/windows-package.yml index 6b31582f..08f2bf21 100644 --- a/.pipelines/templates/windows-package.yml +++ b/.pipelines/templates/windows-package.yml @@ -56,7 +56,7 @@ jobs: - pwsh: | $signedFilesPath = "$(Pipeline.Workspace)\AIShellBuildPipeline\drop_windows_build_$(Architecture)" Write-Verbose -Verbose "Downloaded artifacts: " - Get-ChildItem $signedFilesPath -Recurse + Get-ChildItem $signedFilesPath -Recurse | Out-String -Width 500 -Stream Write-Verbose -Message "Checking 'aish.exe' exists in '$signedFilesPath'" -Verbose if (-not (Test-Path $signedFilesPath\aish.exe)) { @@ -99,20 +99,20 @@ jobs: - pwsh: | if (-not (Test-Path $(ob_outputDirectory))) { - New-Item -ItemType Directory -Path $(ob_outputDirectory) -Force + $null = New-Item -ItemType Directory -Path $(ob_outputDirectory) -Force } - $zipPkgNameFilter = "powershell-*.zip" + $zipPkgNameFilter = "AIShell-*.zip" $zipPkgPath = Get-ChildItem -Path $(PackagePath) -Filter $zipPkgNameFilter -File | ForEach-Object FullName Write-Verbose -Verbose "zipPkgPath: $zipPkgPath" Copy-Item -Path $zipPkgPath -Destination '$(ob_outputDirectory)' -Force -Verbose - $msixPkgNameFilter = "powershell-*.msix" + $msixPkgNameFilter = "AIShell-*.msix" $msixPkgPath = Get-ChildItem -Path $(PackagePath) -Filter $msixPkgNameFilter -File | ForEach-Object FullName Write-Verbose -Verbose "msixPkgPath: $msixPkgPath" Copy-Item -Path $msixPkgPath -Destination '$(ob_outputDirectory)' -Force -Verbose displayName: Copy to output directory - pwsh: | - Get-ChildItem -Path $(ob_outputDirectory) -Recurse + Get-ChildItem -Path $(ob_outputDirectory) -Recurse | Out-String -Width 500 -Stream displayName: 'List uploaded artifacts' diff --git a/shell/AIShell.Integration/AIShell.Integration.csproj b/shell/AIShell.Integration/AIShell.Integration.csproj index ba36b1f0..741627d8 100644 --- a/shell/AIShell.Integration/AIShell.Integration.csproj +++ b/shell/AIShell.Integration/AIShell.Integration.csproj @@ -18,7 +18,7 @@ - + contentFiles All