Merge remote-tracking branch 'origin/development'

Author: alerickson

.ci/releaseBuild.yml

@@ -0,0 +1,143 @@
+# The name of the build that will be seen in mscodehub
+name: PowerShellGetv2-Release-$(Build.BuildId)
+# how is the build triggered
+# since this is a release build, no trigger as it's a manual release
+trigger: none
+
+pr:
+  branches:
+    include:
+    - master
+
+# variables to set in the build environment
+variables:
+  DOTNET_CLI_TELEMETRY_OPTOUT: 1
+  POWERSHELL_TELEMETRY_OPTOUT: 1
+
+# since this build relies on templates, we need access to those
+# This needs a service connection in the build to work
+# the *name* of the service connection must be the same as the endpoint
+resources:
+  repositories:
+  - repository: ComplianceRepo
+    type: github
+    endpoint: ComplianceGHRepo
+    name: PowerShell/compliance
+    # this can be any branch of your choosing
+    ref: master
+
+# the stages in this build. There are 2
+# the assumption for PowerShellGetv2 is that test is done as part of
+# CI so we needn't do it here
+stages:
+- stage: Build
+  displayName: Build
+  pool:
+    name: Package ES CodeHub Lab E
+  jobs:
+  - job: Build_Job
+    displayName: Build Microsoft.PowerShell.PowerShellGetv2
+    # note the variable reference to ESRP.
+    # this must be created in Project -> Pipelines -> Library -> VariableGroups
+    # where it describes the link to the SigningServer
+    variables:
+    - group: ESRP
+    steps:
+    - checkout: self
+
+    # the steps for building the module go here
+    - pwsh: |
+        Set-Location "$(Build.SourcesDirectory)/PowerShellGetv2"
+        Import-Module ./tools/build.psm1 -Force
+        Install-Dependencies
+        Update-ModuleManifestFunctions
+        Publish-ModuleArtifacts
+      displayName: Execute build
+
+    # these are setting vso variables which will be persisted between stages
+    - pwsh: |
+        $signSrcPath = "$(Build.SourcesDirectory)/PowerShellGetv2/dist/PowerShellGet"
+        dir
+        # Set signing src path variable
+        $vstsCommandString = "vso[task.setvariable variable=signSrcPath]${signSrcPath}"
+        Write-Host "sending " + $vstsCommandString
+        Write-Host "##$vstsCommandString"
+
+        $signOutPath = "$(Build.SourcesDirectory)/OSS_Microsoft_PowerShellGetv2/signed/PowerShellGet"
+        $null = New-Item -ItemType Directory -Path $signOutPath -force
+        # Set signing out path variable
+        $vstsCommandString = "vso[task.setvariable variable=signOutPath]${signOutPath}"
+        Write-Host "sending " + $vstsCommandString
+        Write-Host "##$vstsCommandString"
+
+        # Set path variable for guardian codesign validation
+        $vstsCommandString = "vso[task.setvariable variable=GDN_CODESIGN_TARGETDIRECTORY]${signOutPath}"
+        Write-Host "sending " + $vstsCommandString
+        Write-Host "##$vstsCommandString"
+
+        # Get version and create a variable
+        $moduleData = Import-PowerShellDataFile "$(Build.SourcesDirectory)/PowerShellGetv2/dist/PowerShellGet/PowerShellGet.psd1"
+        $moduleVersion = $moduleData.ModuleVersion
+        $vstsCommandString = "vso[task.setvariable variable=moduleVersion]${moduleVersion}"
+        Write-Host "sending " + $vstsCommandString
+        Write-Host "##$vstsCommandString"
+      displayName: Setup variables for signing
+
+    # checkout the Compliance repository so it can be used to do the actual signing
+    - checkout: ComplianceRepo
+
+    # this the MS authored step  This cert covers MS autored items
+    # note that the buildOutputPath (where we get the files to sign)
+    # is the same as the signOutputPath in the previous step
+    # at the end of this step we will have all the files signed that should be
+    # signOutPath is the location which contains the files we will use to make the module
+    - template: EsrpSign.yml@ComplianceRepo
+      parameters:
+        # the folder which contains the binaries to sign
+        buildOutputPath: $(signSrcPath)
+        # the location to put the signed output
+        signOutputPath: $(signOutPath)
+        # the certificate ID to use (Authenticode)
+        certificateId: "CP-230012"
+        pattern: |
+          **\*.psd1
+          **\*.psm1
+          **\*.ps1xml
+          **\*.mof
+
+    # finally publish the parts of the build which will be used in the next stages
+    # if it's not published, the subsequent stages will not be able to access it.
+    # This is the build directory (it contains all of the dll/pdb files)
+    - publish: "$(Build.SourcesDirectory)/OSS_Microsoft_PowerShellGetv2"
+      artifact: build
+      displayName: publish build directory
+
+# Now on to the compliance stage
+- stage: compliance
+  displayName: Compliance
+  dependsOn: Build
+  jobs:
+  - job: Compliance_Job
+    pool:
+      name: Package ES CodeHub Lab E
+    steps:
+    - checkout: self
+    - checkout: ComplianceRepo
+    - download: current
+      artifact: build
+
+    # use the templates in the compliance repo
+    # since script analyzer has modules, we're using the assembly-module-compliance template
+    # if you don't have assemblies, you should use script-module-compliance template
+    - template: script-module-compliance.yml@ComplianceRepo
+      parameters:
+        # component-governance - the path to sources
+        sourceScanPath: '$(Build.SourcesDirectory)'
+        # TermCheck
+        optionsRulesDBPath: ''
+        optionsFTPath: ''
+        # tsa-upload
+        # the compliance scanning must be uploaded, which you need to request
+        codeBaseName: 'PowerShellGetv2_20200129'
+        # selections
+        APIScan: false # set to false when not using Windows APIs.

Tests/PSGetFindModule.Tests.ps1

@@ -582,59 +582,3 @@ Describe PowerShell.PSGet.FindModuleTests.P2 -Tags 'P2', 'OuterLoop' {
         $i = $i + 1
     }
 }
-
-
-Describe "Azure Artifacts Credential Provider Integration" -Tags 'BVT' {
-
-    BeforeAll {
-        $repoName = "OneGetTestPrivateFeed"
-        # This pkg source is an Azure DevOps private feed
-        $testLocation = "https://pkgs.dev.azure.com/onegettest/_packaging/onegettest/nuget/v2";
-        $username = "[email protected]"
-        $PAT = "qo2xvzdnfi2mlcq3eq2jkoxup576kt4gnngcicqhup6bbix6sila"
-        # see https://github.com/Microsoft/artifacts-credprovider#environment-variables for more info on env vars for the credential provider
-        # The line below is purely for local testing.  Make sure to update env vars in AppVeyor and Travis CI as necessary.
-        $VSS_NUGET_EXTERNAL_FEED_ENDPOINTS = "{'endpointCredentials': [{'endpoint':'$testLocation', 'username':'$username', 'password':'$PAT'}]}"
-        [System.Environment]::SetEnvironmentVariable("VSS_NUGET_EXTERNAL_FEED_ENDPOINTS", $VSS_NUGET_EXTERNAL_FEED_ENDPOINTS, [System.EnvironmentVariableTarget]::Process)
-
-
-        # Figure out if Visual Studio is installed, and if it is, we'll use the credential provider that's installed there for the first test
-        $VSinstalledCredProvider = $false;
-        $programFiles = [System.Environment]::GetFolderPath([System.Environment+SpecialFolder]::ProgramFilesX86);
-        $vswhereExePath = $programFiles + "\\Microsoft Visual Studio\\Installer\\vswhere.exe";
-        $fullVSwhereExePath = [System.Environment]::ExpandEnvironmentVariables($vswhereExePath);
-        # If the env variable exists, check to see if the path itself exists
-        if (Test-Path ($fullVSwhereExePath)) {
-            $VSinstalledCredProvider = $true;
-        }
-    }
-
-    AfterAll {
-        UnRegister-PSRepository -Name $repoName -ErrorAction SilentlyContinue -WarningAction SilentlyContinue
-    }
-
-    it "Register-PackageSource using Visual Studio installed credential provider" -Skip:(!$VSinstalledCredProvider) {
-        Register-PSRepository $repoName -SourceLocation $testLocation
-
-        (Get-PSRepository -Name $repoName).Name | should match $repoName
-        (Get-PSRepository -Name $repoName).SourceLocation | should match $testLocation
-
-        Unregister-PSRepository -Name $repoName -ErrorAction SilentlyContinue -WarningAction SilentlyContinue
-    }
-
-    it "Register-PackageSource using credential provider" -Skip:(!$IsWindows) {
-        # Make sure the credential provider is installed (works for Windows, Linux, and Mac)
-        # If the credential provider is already installed, will receive the message: "The netcore Credential Provider is already in C:\Users\<alias>\.nuget\plugins"
-        iex ((new-object net.webclient).DownloadString('https://raw.githubusercontent.com/microsoft/artifacts-credprovider/master/helpers/installcredprovider.ps1'))
-
-        Register-PSRepository $repoName -SourceLocation $testLocation
-
-        (Get-PSRepository -Name $repoName).Name | should match $repoName
-        (Get-PSRepository -Name $repoName).SourceLocation | should match $testLocation
-    }
-
-    it "Find-Package using credential provider" -Skip:(!$IsWindows) {
-        $pkg = Find-Module * -Repository $repoName
-        $pkg.Count | should -BeGreaterThan 0
-    }
-}