Skip to content

Re-enable signing validation #13864

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dougbu opened this issue Sep 10, 2019 · 5 comments
Closed

Re-enable signing validation #13864

dougbu opened this issue Sep 10, 2019 · 5 comments
Assignees
@dougbu
Labels
area-infrastructure Includes: MSBuild projects/targets, build scripts, CI, Installers and shared framework Done This issue has been fixed
Milestone
3.0.2

Comments

@dougbu
Copy link
Member

dougbu commented Sep 10, 2019

#13040 will leave us without signing validation for now.

@joeloff is looking into possible bugs in this part of Arcade. Once that is done, we should remove the enableSigningValidation: false line in ci.yml (https://github.com/aspnet/AspNetCore/pull/13040/files#diff-097cdf55e1a931b74fbfe48d7e41c8beR593).
@dougbu dougbu mentioned this issue Sep 10, 2019
Merged
@Pilchie Pilchie added this to the 3.0.0 milestone Sep 10, 2019
@Pilchie Pilchie added the area-infrastructure Includes: MSBuild projects/targets, build scripts, CI, Installers and shared framework label Sep 10, 2019
@Pilchie
Copy link
Member

Pilchie commented Sep 10, 2019

Keeping in 3.0, as I don't want to enter servicing without signing validation.

dougbu added a commit that referenced this issue Sep 11, 2019
@dougbu
Use stages pipeline (#13040)
04705ee 
- #11924
- change ci.yml to use stages and post-build.yml
  - add use of publish-build-assets.yml and post-build.yml
  - create manifests and push to artifacts in last build step of each job
    - pass more MSBuild properties into those builds
    - use Arcade to publish installers
  - use distinct `$(AssetManifestFileName)` values per job
    - set global property to override what's hard-coded in Publish.proj
- change codesign-xplat.yml to use empty.proj and normal Arcade signing and publication process
  - remove XPlatPackageSigner.proj
- change default-build.yml to use job.yml
  - remove unused parameters e.g. `matrix`, `poolName`, `variables`
  - use `enableMicrobuild` and `enablePublishTestResults` to eliminate duplicate build steps
- add .dll's and .exe's as files to sign w/ Microsoft400
  - add signcheck exclusions
- remove custom manifest generation i.e. the `GenerateBuildAssetManifest` target and related artifacts
- update docker infrastructure to use same paths in and out of the container
  - avoids problems adding to artifacts from within the builds
- correct typo in build.sh
- use `$env:DOTNET_INSTALL_DIR` in `DotNetCommands`
  - relax expectations that an arch-specific folder exists under (say) `$env:DOTNET_HOME`
  - avoids need to define `$env:DOTNET_HOME` in all jobs on CI
- update dependencies from dotnet/arcade build '20190908.2'
  - upgrade to eg. Arcade SDK '1.0.0-beta.19458.2' package version
  - pick up dotnet/arcade@dd593acc8b08 fix
    - enable use of `%(PublishFlatContainer)` metadata and correct signing validation issues
- use `$(DotNetFinalVersionKind)` in preparation for servicing builds
  - set `$(IsStableBuild)` for use in Arcade infrastructure
- disable signing validation for now (see #13864)

nits:
- upload logs in first artifact
- remove attempts to package non-existent VSIX
  - follow-up to 29cf7ec
- respect verbosity setting in build.sh
- add more information to Artifacts.md
- enable test signing in internal PRs
@dougbu dougbu self-assigned this Sep 11, 2019
@dougbu dougbu added the Working label Sep 11, 2019
dougbu added a commit that referenced this issue Sep 11, 2019
@dougbu
Re-enable signing validation
0bb0201 
- #13864
- update exclusions to get them working
@dougbu dougbu mentioned this issue Sep 11, 2019
Merged
@dougbu dougbu added the blocked The work on this issue is blocked due to some dependency label Sep 16, 2019
dougbu added a commit that referenced this issue Oct 1, 2019
@dougbu
Re-enable signing validation
e03a57c 
- #13864
- update exclusions to get them working
dougbu added a commit that referenced this issue Oct 13, 2019
@dougbu
Re-enable signing validation
a933ed6 
- #13864
- update exclusions to get them working
@dougbu dougbu removed the blocked The work on this issue is blocked due to some dependency label Oct 13, 2019
@mkArtakMSFT mkArtakMSFT modified the milestones: 3.0.0, 3.0.2 Oct 17, 2019
dougbu added a commit that referenced this issue Nov 5, 2019
@dougbu
Re-enable signing validation
30f1038 
- #13864
- update exclusions to get them working
dougbu added a commit that referenced this issue Nov 6, 2019
@dougbu
Re-enable signing validation
b2105f6 
- #13864
- update exclusions to get them working
@dougbu
Copy link
Member Author

dougbu commented Nov 11, 2019
edited
Loading

Fix (#13899) is ready for 'release/3.0' in this repo.

Also need to track dotnet/arcade#4325 for our 'master' branches. When that's complete and we've picked up the newer Arcade ADK, revert the following commits

@JunTaoLuo please add EF6 to the above checklist once dotnet/ef6#1450 is merged (thanks)

@dougbu dougbu mentioned this issue Nov 13, 2019
Merged
dougbu added a commit to dotnet/efcore that referenced this issue Nov 13, 2019
@dougbu
Revert "Temporarily disable signing validation"
b1f5f26 
- fix dotnet/aspnetcore#13864 for this repo

This reverts commit 922dc15.
dougbu added a commit to dotnet/extensions that referenced this issue Nov 13, 2019
@dougbu
Revert "Disable signing validation temporarily"
9a12b09 
- fix dotnet/aspnetcore#13864 for this repo

This reverts commit 9d8e76f.
dougbu added a commit to dotnet/ef6 that referenced this issue Nov 13, 2019
@dougbu
Revert "Temporarily disable signing validation in master"
46318c1 
- fix dotnet/aspnetcore#13864 for this repo

This reverts commit 6960589.
This was referenced Nov 13, 2019
Merged
Merged
Merged
dougbu added a commit to dotnet/razor that referenced this issue Nov 13, 2019
@dougbu
Revert "Disable signing validation temporarily"
5c63bb7 
- fix dotnet/aspnetcore#13864 for this repo

This reverts commit 75f21c0.
@dougbu
Copy link
Member Author

dougbu commented Nov 13, 2019

Now have PRs out to resolve this issue.

Validation didn't affect Blazor repo because little is signed there. AspNetCore fix (#13899) has to wait a couple more days and then flow from 'release/3.0' through 'release/3.1' and into 'master'.

dotnet-maestro bot added a commit to dotnet/ef6 that referenced this issue Nov 13, 2019
@dotnet-maestro
[master] Update dependencies from dotnet/arcade (#1465)
c18d417 
* Update dependencies from https://github.com/dotnet/arcade build 20191113.2

- Microsoft.DotNet.Arcade.Sdk - 5.0.0-beta.19563.2

* Revert "Temporarily disable signing validation in master"
- fix dotnet/aspnetcore#13864 for this repo

This reverts commit 6960589.
@dougbu dougbu reopened this Nov 13, 2019
@dougbu
Copy link
Member Author

dougbu commented Nov 13, 2019

Extensions change alone should not have automatically closed this issue ☹️

dougbu added a commit to dotnet/razor that referenced this issue Nov 14, 2019
@dougbu
Revert "Disable signing validation temporarily"
4ff5623 
- fix dotnet/aspnetcore#13864 for this repo

This reverts commit 75f21c0.
dougbu added a commit to dotnet/efcore that referenced this issue Nov 14, 2019
@dougbu
Revert "Temporarily disable signing validation"
bfe4ed1 
- fix dotnet/aspnetcore#13864 for this repo

This reverts commit 922dc15.
halter73 pushed a commit to dotnet/razor that referenced this issue Nov 14, 2019
@dotnet-maestro @halter73
Update dependencies from dotnet/arcade aspnet/Extensions (#1317)
11dedbf 
* Revert "Disable signing validation temporarily"
- fix dotnet/aspnetcore#13864 for this repo

This reverts commit 75f21c0.

* Update dependencies from https://github.com/aspnet/Extensions build 20191113.3
- Microsoft.AspNetCore.BenchmarkRunner.Sources - 5.0.0-alpha1.19563.3
- Microsoft.AspNetCore.Testing - 5.0.0-alpha1.19563.3
- Microsoft.Extensions.CommandLineUtils.Sources - 5.0.0-alpha1.19563.3
- Microsoft.Extensions.HashCodeCombiner.Sources - 5.0.0-alpha1.19563.3
- Microsoft.Extensions.NonCapturingTimer.Sources - 5.0.0-alpha1.19563.3
- Microsoft.Extensions.Logging - 5.0.0-alpha1.19563.3

* Update dependencies from https://github.com/dotnet/arcade build 20191113.6
- Microsoft.DotNet.Arcade.Sdk - 5.0.0-beta.19563.6

* Remove "special" feeds from this branch
@dougbu
Copy link
Member Author

dougbu commented Nov 14, 2019

Again, this isn't ready to close yet though remaining work is less

@dougbu dougbu reopened this Nov 14, 2019
dougbu added a commit that referenced this issue Nov 19, 2019
@dougbu
Re-enable signing validation (#13899)
4ba64f5 
- #13864
- use latest Arcade from '.NET 3 Tools'
  - pick up @joeloff's #4083 signing validation fixes
- update signing validation exclusions to get them working
- remove custom embedded package icon bits and use Arcade approach
  - also switch VS.Redist.* packages to use license expressions
@dougbu dougbu added Done This issue has been fixed and removed Working labels Dec 4, 2019
@dougbu dougbu closed this as completed Dec 4, 2019
@ghost ghost locked as resolved and limited conversation to collaborators Jan 4, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@dougbu dougbu

Labels
area-infrastructure Includes: MSBuild projects/targets, build scripts, CI, Installers and shared framework Done This issue has been fixed
Projects
None yet
Milestone
3.0.2
Development

No branches or pull requests
3 participants
@Pilchie @dougbu @mkArtakMSFT