public void CleanupProxySetting()
{
ArgUtil.File(AppConfigRestoreFile, "tf.exe.config.restore");
ExecutionContext.Debug("Restore default tf.exe.config.");
IOUtil.DeleteFile(AppConfigFile);
File.Copy(AppConfigRestoreFile, AppConfigFile);
}
public async Task <List <Capability> > GetCapabilitiesAsync(AgentSettings settings, CancellationToken cancellationToken)
{
Trace.Entering();
var capabilities = new List <Capability>();
string powerShellExe = HostContext.GetService <IPowerShellExeUtil>().GetPath();
string scriptFile = Path.Combine(IOUtil.GetBinPath(), "powershell", "Add-Capabilities.ps1").Replace("'", "''");
ArgUtil.File(scriptFile, nameof(scriptFile));
string arguments = $@"-NoLogo -Sta -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -Command "". '{scriptFile}'""";
using (var processInvoker = HostContext.CreateService <IProcessInvoker>())
{
processInvoker.OutputDataReceived +=
(object sender, ProcessDataReceivedEventArgs args) =>
{
Trace.Info($"STDOUT: {args.Data}");
Capability capability;
if (TryParseCapability(args.Data, out capability))
{
Trace.Info($"Adding '{capability.Name}': '{capability.Value}'");
capabilities.Add(capability);
}
};
processInvoker.ErrorDataReceived +=
(object sender, ProcessDataReceivedEventArgs args) =>
{
Trace.Info($"STDERR: {args.Data}");
};
await processInvoker.ExecuteAsync(
workingDirectory : Path.GetDirectoryName(scriptFile),
fileName : powerShellExe,
arguments : arguments,
environment : null,
cancellationToken : cancellationToken);
}
// Validate .NET Framework x64 4.5 or higher is installed.
var regex = new Regex(pattern: @"DotNetFramework_[0-9]+(\.[0-9]+)+_x64", options: RegexOptions.None);
var minimum = new Version(4, 5);
bool meetsMinimum =
capabilities
// Filter to include only .Net framework x64 capabilities.
.Where(x => regex.IsMatch(x.Name))
// Extract the version number.
.Select(x => x.Name.Substring(startIndex: "DotNetFramework_".Length, length: x.Name.Length - "DotNetFramework__x64".Length))
// Parse the version number.
.Select(x =>
{
Version v;
return((Version.TryParse(x, out v)) ? v : new Version(0, 0));
})
.Any(x => x >= minimum);
if (!meetsMinimum)
{
throw new NonRetryableException(StringUtil.Loc("MinimumNetFramework"));
}
return(capabilities);
}
public async Task RunPluginTaskAsync(IExecutionContext context, string plugin, Dictionary <string, string> inputs, Dictionary <string, string> environment, Variables runtimeVariables, EventHandler <ProcessDataReceivedEventArgs> outputHandler)
{
ArgUtil.NotNullOrEmpty(plugin, nameof(plugin));
// Only allow plugins we defined
if (!_taskPlugins.Contains(plugin))
{
throw new NotSupportedException(plugin);
}
// Resolve the working directory.
string workingDirectory = HostContext.GetDirectory(WellKnownDirectory.Work);
ArgUtil.Directory(workingDirectory, nameof(workingDirectory));
// Agent.PluginHost
string file = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Bin), $"Agent.PluginHost{Util.IOUtil.ExeExtension}");
ArgUtil.File(file, $"Agent.PluginHost{Util.IOUtil.ExeExtension}");
// Agent.PluginHost's arguments
string arguments = $"task \"{plugin}\"";
// construct plugin context
var target = context.StepTarget();
AgentTaskPluginExecutionContext pluginContext = new AgentTaskPluginExecutionContext
{
Inputs = inputs,
Repositories = context.Repositories,
Endpoints = context.Endpoints,
Container = target is ContainerInfo ? target as ContainerInfo : null, //TODO: Figure out if this needs to have all the containers or just the one for the current step
JobSettings = context.JobSettings,
};
// variables
runtimeVariables.CopyInto(pluginContext.Variables);
context.TaskVariables.CopyInto(pluginContext.TaskVariables);
using (var processInvoker = HostContext.CreateService <IProcessInvoker>())
{
var redirectStandardIn = new InputQueue <string>();
redirectStandardIn.Enqueue(JsonUtility.ToString(pluginContext));
processInvoker.OutputDataReceived += outputHandler;
processInvoker.ErrorDataReceived += outputHandler;
// Execute the process. Exit code 0 should always be returned.
// A non-zero exit code indicates infrastructural failure.
// Task failure should be communicated over STDOUT using ## commands.
await processInvoker.ExecuteAsync(workingDirectory : workingDirectory,
fileName : file,
arguments : arguments,
environment : environment,
requireExitCodeZero : true,
outputEncoding : Encoding.UTF8,
killProcessOnCancel : false,
redirectStandardIn : redirectStandardIn,
cancellationToken : context.CancellationToken);
}
}
public async Task LoadGitExecutionInfo(AgentTaskPluginExecutionContext context, bool useBuiltInGit)
{
// Resolve the location of git.
if (useBuiltInGit)
{
#if OS_WINDOWS
string agentHomeDir = context.Variables.GetValueOrDefault("agent.homedirectory")?.Value;
ArgUtil.NotNullOrEmpty(agentHomeDir, nameof(agentHomeDir));
gitPath = Path.Combine(agentHomeDir, "externals", "git", "cmd", $"git.exe");
// Prepend the PATH.
context.Output(StringUtil.Loc("Prepending0WithDirectoryContaining1", "Path", Path.GetFileName(gitPath)));
context.PrependPath(Path.GetDirectoryName(gitPath));
context.Debug($"PATH: '{Environment.GetEnvironmentVariable("PATH")}'");
#else
// There is no built-in git for OSX/Linux
gitPath = null;
#endif
}
else
{
gitPath = WhichUtil.Which("git", require: true, trace: context);
}
ArgUtil.File(gitPath, nameof(gitPath));
// Get the Git version.
gitVersion = await GitVersion(context);
ArgUtil.NotNull(gitVersion, nameof(gitVersion));
context.Debug($"Detect git version: {gitVersion.ToString()}.");
// Resolve the location of git-lfs.
// This should be best effort since checkout lfs objects is an option.
// We will check and ensure git-lfs version later
gitLfsPath = WhichUtil.Which("git-lfs", require: false, trace: context);
// Get the Git-LFS version if git-lfs exist in %PATH%.
if (!string.IsNullOrEmpty(gitLfsPath))
{
gitLfsVersion = await GitLfsVersion(context);
context.Debug($"Detect git-lfs version: '{gitLfsVersion?.ToString() ?? string.Empty}'.");
}
// required 2.0, all git operation commandline args need min git version 2.0
Version minRequiredGitVersion = new Version(2, 0);
EnsureGitVersion(minRequiredGitVersion, throwOnNotMatch: true);
// suggest user upgrade to 2.9 for better git experience
Version recommendGitVersion = new Version(2, 9);
if (!EnsureGitVersion(recommendGitVersion, throwOnNotMatch: false))
{
context.Output(StringUtil.Loc("UpgradeToLatestGit", recommendGitVersion, gitVersion));
}
// Set the user agent.
gitHttpUserAgentEnv = $"git/{gitVersion.ToString()} (vsts-agent-git/{context.Variables.GetValueOrDefault("agent.version")?.Value ?? "unknown"})";
context.Debug($"Set git useragent to: {gitHttpUserAgentEnv}.");
}
// This should only be called from config
public void SetupCertificate(string caCert, string clientCert, string clientCertPrivateKey, string clientCertArchive, string clientCertPassword)
{
Trace.Info("Setup agent certificate setting base on configuration inputs.");
if (!string.IsNullOrEmpty(caCert))
{
ArgUtil.File(caCert, nameof(caCert));
Trace.Info($"Self-Signed CA '{caCert}'");
}
if (!string.IsNullOrEmpty(clientCert))
{
ArgUtil.File(clientCert, nameof(clientCert));
ArgUtil.File(clientCertPrivateKey, nameof(clientCertPrivateKey));
ArgUtil.File(clientCertArchive, nameof(clientCertArchive));
Trace.Info($"Client cert '{clientCert}'");
Trace.Info($"Client cert private key '{clientCertPrivateKey}'");
Trace.Info($"Client cert archive '{clientCertArchive}'");
}
// TODO: Setup ServicePointManager.ServerCertificateValidationCallback when adopt netcore 2.0 to support self-signed cert for agent infrastructure.
CACertificateFile = caCert;
ClientCertificateFile = clientCert;
ClientCertificatePrivateKeyFile = clientCertPrivateKey;
ClientCertificateArchiveFile = clientCertArchive;
ClientCertificatePassword = clientCertPassword;
_clientCertificates.Clear();
if (!string.IsNullOrEmpty(ClientCertificateArchiveFile))
{
_clientCertificates.Add(new X509Certificate2(ClientCertificateArchiveFile, ClientCertificatePassword));
}
}
public async Task RunAsync()
{
// Validate args.
Trace.Entering();
ArgUtil.NotNull(Data, nameof(Data));
ArgUtil.NotNull(ExecutionContext, nameof(ExecutionContext));
ArgUtil.NotNull(Inputs, nameof(Inputs));
ArgUtil.Directory(TaskDirectory, nameof(TaskDirectory));
// Update the env dictionary.
AddInputsToEnvironment();
AddEndpointsToEnvironment();
AddSecureFilesToEnvironment();
AddVariablesToEnvironment();
AddTaskVariablesToEnvironment();
AddPrependPathToEnvironment();
// Resolve the target script.
ArgUtil.NotNullOrEmpty(Data.Target, nameof(Data.Target));
string scriptFile = Path.Combine(TaskDirectory, Data.Target);
ArgUtil.File(scriptFile, nameof(scriptFile));
// Resolve the VSTS Task SDK module definition.
string scriptDirectory = Path.GetDirectoryName(scriptFile);
string moduleFile = Path.Combine(scriptDirectory, @"ps_modules", "VstsTaskSdk", "VstsTaskSdk.psd1");
ArgUtil.File(moduleFile, nameof(moduleFile));
// Craft the args to pass to PowerShell.exe.
string powerShellExeArgs = StringUtil.Format(
@"-NoLogo -Sta -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -Command "". ([scriptblock]::Create('if (!$PSHOME) {{ $null = Get-Item -LiteralPath ''variable:PSHOME'' }} else {{ Import-Module -Name ([System.IO.Path]::Combine($PSHOME, ''Modules\Microsoft.PowerShell.Management\Microsoft.PowerShell.Management.psd1'')) ; Import-Module -Name ([System.IO.Path]::Combine($PSHOME, ''Modules\Microsoft.PowerShell.Utility\Microsoft.PowerShell.Utility.psd1'')) }}')) 2>&1 | ForEach-Object {{ Write-Verbose $_.Exception.Message -Verbose }} ; Import-Module -Name '{0}' -ArgumentList @{{ NonInteractive = $true }} -ErrorAction Stop ; $VerbosePreference = '{1}' ; $DebugPreference = '{1}' ; Invoke-VstsTaskScript -ScriptBlock ([scriptblock]::Create('. ''{2}'''))""",
moduleFile.Replace("'", "''"), // nested within a single-quoted string
ExecutionContext.Variables.System_Debug == true ? "Continue" : "SilentlyContinue",
scriptFile.Replace("'", "''''")); // nested within a single-quoted string within a single-quoted string
// Resolve powershell.exe.
string powerShellExe = HostContext.GetService <IPowerShellExeUtil>().GetPath();
ArgUtil.NotNullOrEmpty(powerShellExe, nameof(powerShellExe));
// Invoke the process.
using (var processInvoker = HostContext.CreateService <IProcessInvoker>())
{
processInvoker.OutputDataReceived += OnDataReceived;
processInvoker.ErrorDataReceived += OnDataReceived;
// Execute the process. Exit code 0 should always be returned.
// A non-zero exit code indicates infrastructural failure.
// Task failure should be communicated over STDOUT using ## commands.
await processInvoker.ExecuteAsync(workingDirectory : scriptDirectory,
fileName : powerShellExe,
arguments : powerShellExeArgs,
environment : Environment,
requireExitCodeZero : true,
outputEncoding : null,
killProcessOnCancel : false,
cancellationToken : ExecutionContext.CancellationToken);
}
}
public async Task RunAsync()
{
// Validate args.
Trace.Entering();
ArgUtil.NotNull(Data, nameof(Data));
ArgUtil.NotNull(ExecutionContext, nameof(ExecutionContext));
ArgUtil.NotNull(Inputs, nameof(Inputs));
ArgUtil.Directory(TaskDirectory, nameof(TaskDirectory));
// Update the env dictionary.
AddInputsToEnvironment();
AddEndpointsToEnvironment();
AddVariablesToEnvironment();
// Resolve the target script.
string target = Data.Target;
ArgUtil.NotNullOrEmpty(target, nameof(target));
target = Path.Combine(TaskDirectory, target);
ArgUtil.File(target, nameof(target));
// Resolve the working directory.
string workingDirectory = Data.WorkingDirectory;
if (string.IsNullOrEmpty(workingDirectory))
{
workingDirectory = TaskDirectory;
}
ArgUtil.Directory(workingDirectory, nameof(workingDirectory));
// Setup the process invoker.
using (var processInvoker = HostContext.CreateService <IProcessInvoker>())
{
processInvoker.OutputDataReceived += OnDataReceived;
processInvoker.ErrorDataReceived += OnDataReceived;
string node = Path.Combine(
IOUtil.GetExternalsPath(),
"node",
"bin",
$"node{IOUtil.ExeExtension}");
// Format the arguments passed to node.
// 1) Wrap the script file path in double quotes.
// 2) Escape double quotes within the script file path. Double-quote is a valid
// file name character on Linux.
string arguments = StringUtil.Format(@"""{0}""", target.Replace(@"""", @"\"""));
// Execute the process. Exit code 0 should always be returned.
// A non-zero exit code indicates infrastructural failure.
// Task failure should be communicated over STDOUT using ## commands.
await processInvoker.ExecuteAsync(
workingDirectory : workingDirectory,
fileName : node,
arguments : arguments,
environment : Environment,
requireExitCodeZero : true,
cancellationToken : ExecutionContext.CancellationToken);
}
}
public void LoadCertificateSettings()
{
string certSettingFile = IOUtil.GetAgentCertificateSettingFilePath();
if (File.Exists(certSettingFile))
{
Trace.Info($"Load agent certificate setting from '{certSettingFile}'");
var certSetting = IOUtil.LoadObject <AgentCertificateSetting>(certSettingFile);
ArgUtil.NotNull(certSetting, nameof(AgentCertificateSetting));
if (certSetting.SkipServerCertValidation)
{
Trace.Info("Ignore SSL server certificate validation error");
SkipServerCertificateValidation = true;
VssClientHttpRequestSettings.Default.ServerCertificateValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator;
}
if (!string.IsNullOrEmpty(certSetting.CACert))
{
// make sure all settings file exist
ArgUtil.File(certSetting.CACert, nameof(certSetting.CACert));
Trace.Info($"CA '{certSetting.CACert}'");
CACertificateFile = certSetting.CACert;
}
if (!string.IsNullOrEmpty(certSetting.ClientCert))
{
// make sure all settings file exist
ArgUtil.File(certSetting.ClientCert, nameof(certSetting.ClientCert));
ArgUtil.File(certSetting.ClientCertPrivatekey, nameof(certSetting.ClientCertPrivatekey));
ArgUtil.File(certSetting.ClientCertArchive, nameof(certSetting.ClientCertArchive));
Trace.Info($"Client cert '{certSetting.ClientCert}'");
Trace.Info($"Client cert private key '{certSetting.ClientCertPrivatekey}'");
Trace.Info($"Client cert archive '{certSetting.ClientCertArchive}'");
ClientCertificateFile = certSetting.ClientCert;
ClientCertificatePrivateKeyFile = certSetting.ClientCertPrivatekey;
ClientCertificateArchiveFile = certSetting.ClientCertArchive;
if (!string.IsNullOrEmpty(certSetting.ClientCertPasswordLookupKey))
{
var cerdStore = HostContext.GetService <IAgentCredentialStore>();
ClientCertificatePassword = cerdStore.Read($"VSTS_AGENT_CLIENT_CERT_PASSWORD_{certSetting.ClientCertPasswordLookupKey}").Password;
var secretMasker = HostContext.GetService <ISecretMasker>();
secretMasker.AddValue(ClientCertificatePassword);
}
_clientCertificates.Clear();
_clientCertificates.Add(new X509Certificate2(ClientCertificateArchiveFile, ClientCertificatePassword));
}
}
else
{
Trace.Info("No certificate setting found.");
}
}
public async Task LoadGitExecutionInfo(IExecutionContext context, bool useBuiltInGit)
{
// Resolve the location of git.
if (useBuiltInGit)
{
#if OS_WINDOWS
_gitPath = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Externals), "git", "cmd", $"git{IOUtil.ExeExtension}");
// Prepend the PATH.
context.Output(StringUtil.Loc("Prepending0WithDirectoryContaining1", Constants.PathVariable, Path.GetFileName(_gitPath)));
PathUtil.PrependPath(Path.GetDirectoryName(_gitPath));
context.Debug($"{Constants.PathVariable}: '{Environment.GetEnvironmentVariable(Constants.PathVariable)}'");
#else
// There is no built-in git for OSX/Linux
_gitPath = null;
#endif
}
else
{
_gitPath = WhichUtil.Which("git", require: true, trace: Trace);
}
ArgUtil.File(_gitPath, nameof(_gitPath));
// Get the Git version.
_gitVersion = await GitVersion(context);
ArgUtil.NotNull(_gitVersion, nameof(_gitVersion));
context.Debug($"Detect git version: {_gitVersion.ToString()}.");
// Resolve the location of git-lfs.
// This should be best effort since checkout lfs objects is an option.
// We will check and ensure git-lfs version later
_gitLfsPath = WhichUtil.Which("git-lfs", require: false, trace: Trace);
// Get the Git-LFS version if git-lfs exist in %PATH%.
if (!string.IsNullOrEmpty(_gitLfsPath))
{
_gitLfsVersion = await GitLfsVersion(context);
context.Debug($"Detect git-lfs version: '{_gitLfsVersion?.ToString() ?? string.Empty}'.");
}
// required 2.0, all git operation commandline args need min git version 2.0
Version minRequiredGitVersion = new Version(2, 0);
EnsureGitVersion(minRequiredGitVersion, throwOnNotMatch: true);
// suggest user upgrade to 2.9 for better git experience
Version recommendGitVersion = new Version(2, 9);
if (!EnsureGitVersion(recommendGitVersion, throwOnNotMatch: false))
{
context.Output(StringUtil.Loc("UpgradeToLatestGit", recommendGitVersion, _gitVersion));
}
// Set the user agent.
_gitHttpUserAgentEnv = $"git/{_gitVersion.ToString()} (vsts-agent-git/{BuildConstants.AgentPackage.Version})";
context.Debug($"Set git useragent to: {_gitHttpUserAgentEnv}.");
}
public void SetupClientCertificate(string clientCert, string clientCertKey, string clientCertArchive, string clientCertPassword)
{
ArgUtil.File(clientCert, nameof(clientCert));
X509Certificate2 cert = new X509Certificate2(clientCert);
ExecutionContext.Debug($"Set VstsClientCertificate={cert.Thumbprint} for Tf.exe to support client certificate.");
AdditionalEnvironmentVariables["VstsClientCertificate"] = cert.Thumbprint;
// Script Tf commands in tasks
ExecutionContext.SetVariable("VstsClientCertificate", cert.Thumbprint);
}
public Task GetSourceAsync(
IExecutionContext executionContext,
ServiceEndpoint endpoint,
CancellationToken cancellationToken)
{
Trace.Entering();
ArgUtil.Equal(RunMode.Local, HostContext.RunMode, nameof(HostContext.RunMode));
ArgUtil.Equal(HostTypes.Build, executionContext.Variables.System_HostType, nameof(executionContext.Variables.System_HostType));
ArgUtil.NotNull(executionContext, nameof(executionContext));
ArgUtil.NotNull(endpoint, nameof(endpoint));
bool preferGitFromPath;
#if OS_WINDOWS
bool overrideGitFromPath;
bool.TryParse(Environment.GetEnvironmentVariable(Constants.Variables.System.PreferGitFromPath), out overrideGitFromPath);
preferGitFromPath = overrideGitFromPath || (executionContext.Variables.GetBoolean(Constants.Variables.System.PreferGitFromPath) ?? false);
#else
preferGitFromPath = true;
#endif
if (!preferGitFromPath)
{
// Add git to the PATH.
string gitPath = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Externals), "git", "cmd", $"git{IOUtil.ExeExtension}");
ArgUtil.File(gitPath, nameof(gitPath));
executionContext.Output(StringUtil.Loc("Prepending0WithDirectoryContaining1", Constants.PathVariable, Path.GetFileName(gitPath)));
var varUtil = HostContext.GetService <IVarUtil>();
varUtil.PrependPath(Path.GetDirectoryName(gitPath));
executionContext.Debug($"{Constants.PathVariable}: '{Environment.GetEnvironmentVariable(Constants.PathVariable)}'");
}
else
{
// Validate git is in the PATH.
var whichUtil = HostContext.GetService <IWhichUtil>();
whichUtil.Which("git", require: true);
}
// Override build.sourcesDirectory.
//
// Technically the value will be out of sync with the tracking file. The tracking file
// is created during job initialization (Get Sources is later). That is OK, since the
// local-run-sources-directory should not participate in cleanup anyway.
string localDirectory = endpoint.Data?["localDirectory"];
ArgUtil.Directory(localDirectory, nameof(localDirectory));
ArgUtil.Directory(Path.Combine(localDirectory, ".git"), "localDotGitDirectory");
executionContext.Variables.Set(Constants.Variables.System.DefaultWorkingDirectory, localDirectory);
executionContext.Variables.Set(Constants.Variables.Build.SourcesDirectory, localDirectory);
executionContext.Variables.Set(Constants.Variables.Build.RepoLocalPath, localDirectory);
// todo: consider support for clean
return(Task.CompletedTask);
}
public void LoadCertificateSettings()
{
string certSettingFile = IOUtil.GetAgentCertificateSettingFilePath();
if (File.Exists(certSettingFile))
{
Trace.Info($"Load agent certificate setting from '{certSettingFile}'");
var certSetting = IOUtil.LoadObject <AgentCertificateSetting>(certSettingFile);
ArgUtil.NotNull(certSetting, nameof(AgentCertificateSetting));
// make sure all settings file exist
if (!string.IsNullOrEmpty(certSetting.CACert))
{
ArgUtil.File(certSetting.CACert, nameof(certSetting.CACert));
Trace.Info($"CA '{certSetting.CACert}'");
CACertificateFile = certSetting.CACert;
// TODO: Setup ServicePointManager.ServerCertificateValidationCallback when adopt netcore 2.0 to support self-signed cert for agent infrastructure.
}
if (!string.IsNullOrEmpty(certSetting.ClientCert))
{
ArgUtil.File(certSetting.ClientCert, nameof(certSetting.ClientCert));
ArgUtil.File(certSetting.ClientCertPrivatekey, nameof(certSetting.ClientCertPrivatekey));
ArgUtil.File(certSetting.ClientCertArchive, nameof(certSetting.ClientCertArchive));
Trace.Info($"Client cert '{certSetting.ClientCert}'");
Trace.Info($"Client cert private key '{certSetting.ClientCertPrivatekey}'");
Trace.Info($"Client cert archive '{certSetting.ClientCertArchive}'");
ClientCertificateFile = certSetting.ClientCert;
ClientCertificatePrivateKeyFile = certSetting.ClientCertPrivatekey;
ClientCertificateArchiveFile = certSetting.ClientCertArchive;
if (!string.IsNullOrEmpty(certSetting.ClientCertPasswordLookupKey))
{
var cerdStore = HostContext.GetService <IAgentCredentialStore>();
ClientCertificatePassword = cerdStore.Read($"VSTS_AGENT_CLIENT_CERT_PASSWORD_{certSetting.ClientCertPasswordLookupKey}").Password;
var secretMasker = HostContext.GetService <ISecretMasker>();
secretMasker.AddValue(ClientCertificatePassword);
}
_clientCertificates.Clear();
_clientCertificates.Add(new X509Certificate2(ClientCertificateArchiveFile, ClientCertificatePassword));
}
}
else
{
Trace.Info("No certificate setting found.");
}
}
public async Task LoadGitExecutionInfo(IExecutionContext context, bool useBuiltInGit)
{
// Resolve the location of git.
if (useBuiltInGit)
{
#if OS_WINDOWS
_gitPath = Path.Combine(IOUtil.GetExternalsPath(), "git", "cmd", $"git{IOUtil.ExeExtension}");
// Prepend the PATH.
context.Output(StringUtil.Loc("Prepending0WithDirectoryContaining1", Constants.PathVariable, Path.GetFileName(_gitPath)));
var varUtil = HostContext.GetService <IVarUtil>();
varUtil.PrependPath(Path.GetDirectoryName(_gitPath));
context.Debug($"{Constants.PathVariable}: '{Environment.GetEnvironmentVariable(Constants.PathVariable)}'");
#else
// There is no built-in git for OSX/Linux
_gitPath = null;
#endif
}
else
{
var whichUtil = HostContext.GetService <IWhichUtil>();
_gitPath = whichUtil.Which("git", require: true);
}
ArgUtil.File(_gitPath, nameof(_gitPath));
// Get the Git version.
_version = await GitVersion(context);
ArgUtil.NotNull(_version, nameof(_version));
context.Debug($"Detect git version: {_version.ToString()}.");
// required 2.0, all git operation commandline args need min git version 2.0
Version minRequiredGitVersion = new Version(2, 0);
EnsureGitVersion(minRequiredGitVersion, throwOnNotMatch: true);
// suggest user upgrade to 2.9 for better git experience
Version recommendGitVersion = new Version(2, 9);
if (!EnsureGitVersion(recommendGitVersion, throwOnNotMatch: false))
{
context.Warning(StringUtil.Loc("UpgradeToLatestGit", recommendGitVersion, _version));
}
// Set the user agent.
_gitHttpUserAgentEnv = $"git/{_version.ToString()} (vsts-agent-git/{Constants.Agent.Version})";
context.Debug($"Set git useragent to: {_gitHttpUserAgentEnv}.");
}
public async Task RunPluginTaskAsync(IExecutionContext context, string plugin, Dictionary <string, string> inputs, Dictionary <string, string> environment, Variables runtimeVariables, EventHandler <ProcessDataReceivedEventArgs> outputHandler)
{
ArgUtil.NotNullOrEmpty(plugin, nameof(plugin));
// Only allow plugins we defined
if (!_taskPlugins.Contains(plugin))
{
throw new NotSupportedException(plugin);
}
// Resolve the working directory.
string workingDirectory = HostContext.GetDirectory(WellKnownDirectory.Work);
ArgUtil.Directory(workingDirectory, nameof(workingDirectory));
// Agent.PluginHost
string file = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Bin), $"Agent.PluginHost{Util.IOUtil.ExeExtension}");
ArgUtil.File(file, $"Agent.PluginHost{Util.IOUtil.ExeExtension}");
var pluginContext = GeneratePluginExecutionContext(context, inputs, runtimeVariables);
using (var processInvoker = HostContext.CreateService <IProcessInvoker>())
using (var redirectStandardIn = new InputQueue <string>())
{
redirectStandardIn.Enqueue(JsonUtility.ToString(pluginContext));
processInvoker.OutputDataReceived += outputHandler;
processInvoker.ErrorDataReceived += outputHandler;
// Execute the process. Exit code 0 should always be returned.
// A non-zero exit code indicates infrastructural failure.
// Task failure should be communicated over STDOUT using ## commands.
// Agent.PluginHost's arguments
string arguments = $"task \"{plugin}\"";
await processInvoker.ExecuteAsync(workingDirectory : workingDirectory,
fileName : file,
arguments : arguments,
environment : environment,
requireExitCodeZero : true,
outputEncoding : Encoding.UTF8,
killProcessOnCancel : false,
redirectStandardIn : redirectStandardIn,
cancellationToken : context.CancellationToken);
}
}
public async Task <List <Capability> > GetCapabilitiesAsync(AgentSettings settings, CancellationToken cancellationToken)
{
Trace.Entering();
var capabilities = new List <Capability>();
string powerShellExe = HostContext.GetService <IPowerShellExeUtil>().GetPath();
string scriptFile = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Bin), "powershell", "Add-Capabilities.ps1").Replace("'", "''");
ArgUtil.File(scriptFile, nameof(scriptFile));
string arguments = $@"-NoLogo -Sta -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -Command "". '{scriptFile}'""";
string enablePrereleaseVSVersions = AgentKnobs.EnableVSPreReleaseVersions.GetValue(UtilKnobValueContext.Instance()).AsString();
Environment.SetEnvironmentVariable("IncludePrereleaseVersions", enablePrereleaseVSVersions);
using (var processInvoker = HostContext.CreateService <IProcessInvoker>())
{
processInvoker.OutputDataReceived +=
(object sender, ProcessDataReceivedEventArgs args) =>
{
Trace.Info($"STDOUT: {args.Data}");
Capability capability;
if (TryParseCapability(args.Data, out capability))
{
Trace.Info($"Adding '{capability.Name}': '{capability.Value}'");
capabilities.Add(capability);
}
};
processInvoker.ErrorDataReceived +=
(object sender, ProcessDataReceivedEventArgs args) =>
{
Trace.Info($"STDERR: {args.Data}");
};
await processInvoker.ExecuteAsync(
workingDirectory : Path.GetDirectoryName(scriptFile),
fileName : powerShellExe,
arguments : arguments,
environment : null,
requireExitCodeZero : false,
outputEncoding : null,
killProcessOnCancel : true,
cancellationToken : cancellationToken);
}
return(capabilities);
}
public async Task LoadGitExecutionInfo(RunnerActionPluginExecutionContext context)
{
// Resolve the location of git.
gitPath = WhichUtil.Which("git", require: true, trace: context);
ArgUtil.File(gitPath, nameof(gitPath));
// Get the Git version.
gitVersion = await GitVersion(context);
ArgUtil.NotNull(gitVersion, nameof(gitVersion));
context.Debug($"Detect git version: {gitVersion.ToString()}.");
// Resolve the location of git-lfs.
// This should be best effort since checkout lfs objects is an option.
// We will check and ensure git-lfs version later
gitLfsPath = WhichUtil.Which("git-lfs", require: false, trace: context);
// Get the Git-LFS version if git-lfs exist in %PATH%.
if (!string.IsNullOrEmpty(gitLfsPath))
{
gitLfsVersion = await GitLfsVersion(context);
context.Debug($"Detect git-lfs version: '{gitLfsVersion?.ToString() ?? string.Empty}'.");
}
// required 2.0, all git operation commandline args need min git version 2.0
Version minRequiredGitVersion = new Version(2, 0);
EnsureGitVersion(minRequiredGitVersion, throwOnNotMatch: true);
// suggest user upgrade to 2.9 for better git experience
Version recommendGitVersion = new Version(2, 9);
if (!EnsureGitVersion(recommendGitVersion, throwOnNotMatch: false))
{
context.Output($"To get a better Git experience, upgrade your Git to at least version '{recommendGitVersion}'. Your current Git version is '{gitVersion}'.");
}
// Set the user agent.
string gitHttpUserAgentEnv = $"git/{gitVersion.ToString()} (github-actions-runner-git/{BuildConstants.RunnerPackage.Version})";
context.Debug($"Set git useragent to: {gitHttpUserAgentEnv}.");
gitEnv["GIT_HTTP_USER_AGENT"] = gitHttpUserAgentEnv;
}
/// <summary>
/// Gathers a list of local group memberships for the current user.
/// </summary>
private async Task <string> GetLocalGroupMembership()
{
var builder = new StringBuilder();
string powerShellExe = HostContext.GetService <IPowerShellExeUtil>().GetPath();
string scriptFile = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Bin), "powershell", "Get-LocalGroupMembership.ps1").Replace("'", "''");
ArgUtil.File(scriptFile, nameof(scriptFile));
string arguments = $@"-NoLogo -Sta -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -Command "". '{scriptFile}'""";
try
{
using (var processInvoker = HostContext.CreateService <IProcessInvoker>())
{
processInvoker.OutputDataReceived += (object sender, ProcessDataReceivedEventArgs args) =>
{
builder.AppendLine(args.Data);
};
processInvoker.ErrorDataReceived += (object sender, ProcessDataReceivedEventArgs args) =>
{
builder.AppendLine(args.Data);
};
await processInvoker.ExecuteAsync(
workingDirectory : HostContext.GetDirectory(WellKnownDirectory.Bin),
fileName : powerShellExe,
arguments : arguments,
environment : null,
requireExitCodeZero : false,
outputEncoding : null,
killProcessOnCancel : false,
cancellationToken : default(CancellationToken));
}
}
catch (Exception ex)
{
builder.AppendLine(ex.Message);
}
return(builder.ToString());
}
// This should only be called from config
public void SetupCertificate(bool skipCertValidation, string caCert, string clientCert, string clientCertPrivateKey, string clientCertArchive, string clientCertPassword)
{
Trace.Info("Setup agent certificate setting base on configuration inputs.");
if (skipCertValidation)
{
Trace.Info("Ignore SSL server certificate validation error");
SkipServerCertificateValidation = true;
VssClientHttpRequestSettings.Default.ServerCertificateValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator;
}
if (!string.IsNullOrEmpty(caCert))
{
ArgUtil.File(caCert, nameof(caCert));
Trace.Info($"Self-Signed CA '{caCert}'");
}
if (!string.IsNullOrEmpty(clientCert))
{
ArgUtil.File(clientCert, nameof(clientCert));
ArgUtil.File(clientCertPrivateKey, nameof(clientCertPrivateKey));
ArgUtil.File(clientCertArchive, nameof(clientCertArchive));
Trace.Info($"Client cert '{clientCert}'");
Trace.Info($"Client cert private key '{clientCertPrivateKey}'");
Trace.Info($"Client cert archive '{clientCertArchive}'");
}
CACertificateFile = caCert;
ClientCertificateFile = clientCert;
ClientCertificatePrivateKeyFile = clientCertPrivateKey;
ClientCertificateArchiveFile = clientCertArchive;
ClientCertificatePassword = clientCertPassword;
_clientCertificates.Clear();
if (!string.IsNullOrEmpty(ClientCertificateArchiveFile))
{
_clientCertificates.Add(new X509Certificate2(ClientCertificateArchiveFile, ClientCertificatePassword));
}
}
private static async Task CreateDirectoryReparsePoint(IHostContext context, string link, string target)
{
#if OS_WINDOWS
string fileName = Environment.GetEnvironmentVariable("ComSpec");
string arguments = $@"/c ""mklink /J ""{link}"" {target}""""";
#else
string fileName = "/bin/ln";
string arguments = $@"-s ""{target}"" ""{link}""";
#endif
ArgUtil.File(fileName, nameof(fileName));
using (var processInvoker = new ProcessInvoker())
{
processInvoker.Initialize(context);
await processInvoker.ExecuteAsync(
workingDirectory : IOUtil.GetBinPath(),
fileName : fileName,
arguments : arguments,
environment : null,
requireExitCodeZero : true,
cancellationToken : CancellationToken.None);
}
}
private static async Task CreateDirectoryReparsePoint(IHostContext context, string link, string target)
{
string fileName = (TestUtil.IsWindows())
? Environment.GetEnvironmentVariable("ComSpec")
: "/bin/ln";
string arguments = (TestUtil.IsWindows())
? $@"/c ""mklink /J ""{link}"" {target}"""""
: $@"-s ""{target}"" ""{link}""";
ArgUtil.File(fileName, nameof(fileName));
using (var processInvoker = new ProcessInvokerWrapper())
{
processInvoker.Initialize(context);
await processInvoker.ExecuteAsync(
workingDirectory : context.GetDirectory(WellKnownDirectory.Bin),
fileName : fileName,
arguments : arguments,
environment : null,
requireExitCodeZero : true,
cancellationToken : CancellationToken.None);
}
}
public async Task <List <Capability> > GetCapabilitiesAsync(AgentSettings settings, CancellationToken cancellationToken)
{
Trace.Entering();
var capabilities = new List <Capability>();
string powerShellExe = HostContext.GetService <IPowerShellExeUtil>().GetPath();
string scriptFile = Path.Combine(IOUtil.GetBinPath(), "powershell", "Add-Capabilities.ps1").Replace("'", "''");
ArgUtil.File(scriptFile, nameof(scriptFile));
string arguments = $@"-NoLogo -Sta -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -Command "". '{scriptFile}'""";
using (var processInvoker = HostContext.CreateService <IProcessInvoker>())
{
processInvoker.OutputDataReceived +=
(object sender, ProcessDataReceivedEventArgs args) =>
{
Trace.Info($"STDOUT: {args.Data}");
Capability capability;
if (TryParseCapability(args.Data, out capability))
{
Trace.Info($"Adding '{capability.Name}': '{capability.Value}'");
capabilities.Add(capability);
}
};
processInvoker.ErrorDataReceived +=
(object sender, ProcessDataReceivedEventArgs args) =>
{
Trace.Info($"STDERR: {args.Data}");
};
await processInvoker.ExecuteAsync(
workingDirectory : Path.GetDirectoryName(scriptFile),
fileName : powerShellExe,
arguments : arguments,
environment : null,
cancellationToken : cancellationToken);
}
return(capabilities);
}
public async Task RunAsync()
{
// Validate args.
Trace.Entering();
ArgUtil.NotNull(Data, nameof(Data));
ArgUtil.NotNull(ExecutionContext, nameof(ExecutionContext));
ArgUtil.NotNull(Inputs, nameof(Inputs));
ArgUtil.Directory(TaskDirectory, nameof(TaskDirectory));
#if !OS_WINDOWS
// Ensure compat vso-task-lib exist at the root of _work folder
// This will make vsts-agent works against 2015 RTM/QU1 TFS, since tasks in those version doesn't package with task lib
// Put the 0.5.5 version vso-task-lib into the root of _work/node_modules folder, so tasks are able to find those lib.
if (!File.Exists(Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Work), "node_modules", "vso-task-lib", "package.json")))
{
string vsoTaskLibFromExternal = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Externals), "vso-task-lib");
string compatVsoTaskLibInWork = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Work), "node_modules", "vso-task-lib");
IOUtil.CopyDirectory(vsoTaskLibFromExternal, compatVsoTaskLibInWork, ExecutionContext.CancellationToken);
}
#endif
// Update the env dictionary.
AddInputsToEnvironment();
AddEndpointsToEnvironment();
AddSecureFilesToEnvironment();
AddVariablesToEnvironment();
AddTaskVariablesToEnvironment();
AddPrependPathToEnvironment();
// Resolve the target script.
string target = Data.Target;
ArgUtil.NotNullOrEmpty(target, nameof(target));
target = Path.Combine(TaskDirectory, target);
ArgUtil.File(target, nameof(target));
// Resolve the working directory.
string workingDirectory = Data.WorkingDirectory;
if (string.IsNullOrEmpty(workingDirectory))
{
if (!string.IsNullOrEmpty(ExecutionContext.Variables.System_DefaultWorkingDirectory))
{
workingDirectory = ExecutionContext.Variables.System_DefaultWorkingDirectory;
}
else
{
workingDirectory = ExecutionContext.Variables.Agent_WorkFolder;
}
}
ArgUtil.Directory(workingDirectory, nameof(workingDirectory));
// fix vsts-task-lib for node 6.x
// vsts-task-lib 0.6/0.7/0.8/0.9/2.0-preview implemented String.prototype.startsWith and String.prototype.endsWith since Node 5.x doesn't have them.
// however the implementation is added in node 6.x, the implementation in vsts-task-lib is different.
// node 6.x's implementation takes 2 parameters str.endsWith(searchString[, length]) / str.startsWith(searchString[, length])
// the implementation vsts-task-lib had only takes one parameter str.endsWith(searchString) / str.startsWith(searchString).
// as long as vsts-task-lib be loaded into memory, it will overwrite the implementation node 6.x has,
// so any scirpt that use the second parameter (length) will encounter unexpected result.
// to avoid customer hit this error, we will modify the file (extensions.js) under vsts-task-lib module folder when customer choose to use Node 6.x
Trace.Info("Inspect node_modules folder, make sure vsts-task-lib doesn't overwrite String.startsWith/endsWith.");
FixVstsTaskLibModule();
StepHost.OutputDataReceived += OnDataReceived;
StepHost.ErrorDataReceived += OnDataReceived;
string file = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Externals), "node", "bin", $"node{IOUtil.ExeExtension}");
// Format the arguments passed to node.
// 1) Wrap the script file path in double quotes.
// 2) Escape double quotes within the script file path. Double-quote is a valid
// file name character on Linux.
string arguments = StepHost.ResolvePathForStepHost(StringUtil.Format(@"""{0}""", target.Replace(@"""", @"\""")));
#if OS_WINDOWS
// It appears that node.exe outputs UTF8 when not in TTY mode.
Encoding outputEncoding = Encoding.UTF8;
#else
// Let .NET choose the default.
Encoding outputEncoding = null;
#endif
// Execute the process. Exit code 0 should always be returned.
// A non-zero exit code indicates infrastructural failure.
// Task failure should be communicated over STDOUT using ## commands.
await StepHost.ExecuteAsync(workingDirectory : StepHost.ResolvePathForStepHost(workingDirectory),
fileName : StepHost.ResolvePathForStepHost(file),
arguments : arguments,
environment : Environment,
requireExitCodeZero : true,
outputEncoding : outputEncoding,
killProcessOnCancel : false,
cancellationToken : ExecutionContext.CancellationToken);
}
private async Task <string> GitAsync(string arguments, CancellationToken token)
{
// Resolve the location of git.
if (_gitPath == null)
{
#if OS_WINDOWS
_gitPath = Path.Combine(IOUtil.GetExternalsPath(), "git", "cmd", $"git{IOUtil.ExeExtension}");
ArgUtil.File(_gitPath, nameof(_gitPath));
#else
var whichUtil = HostContext.GetService <IWhichUtil>();
_gitPath = whichUtil.Which("git", require: true);
#endif
}
// Prepare the environment variables to overlay.
var overlayEnvironment = new Dictionary <string, string>(StringComparer.Ordinal);
overlayEnvironment["GIT_TERMINAL_PROMPT"] = "0";
// Skip any GIT_TRACE variable since GIT_TRACE will affect ouput from every git command.
// This will fail the parse logic for detect git version, remote url, etc.
// Ex.
// SET GIT_TRACE=true
// git version
// 11:39:58.295959 git.c:371 trace: built-in: git 'version'
// git version 2.11.1.windows.1
IDictionary currentEnvironment = Environment.GetEnvironmentVariables();
foreach (DictionaryEntry entry in currentEnvironment)
{
string key = entry.Key as string ?? string.Empty;
if (string.Equals(key, "GIT_TRACE", StringComparison.OrdinalIgnoreCase) ||
key.StartsWith("GIT_TRACE_", StringComparison.OrdinalIgnoreCase))
{
overlayEnvironment[key] = string.Empty;
}
}
// Run git and return the output from the streams.
var output = new StringBuilder();
var processInvoker = HostContext.CreateService <IProcessInvoker>();
Console.WriteLine();
Console.WriteLine($"git {arguments}");
processInvoker.OutputDataReceived += delegate(object sender, ProcessDataReceivedEventArgs message)
{
output.AppendLine(message.Data);
Console.WriteLine(message.Data);
};
processInvoker.ErrorDataReceived += delegate(object sender, ProcessDataReceivedEventArgs message)
{
output.AppendLine(message.Data);
Console.WriteLine(message.Data);
};
#if OS_WINDOWS
Encoding encoding = Encoding.UTF8;
#else
Encoding encoding = null;
#endif
await processInvoker.ExecuteAsync(
workingDirectory : Directory.GetCurrentDirectory(),
fileName : _gitPath,
arguments : arguments,
environment : overlayEnvironment,
requireExitCodeZero : true,
outputEncoding : encoding,
cancellationToken : token);
string result = output.ToString().Trim();
ArgUtil.NotNullOrEmpty(result, nameof(result));
return(result);
}
public async Task RunAsync()
{
// Validate args.
Trace.Entering();
ArgUtil.NotNull(Data, nameof(Data));
ArgUtil.NotNull(ExecutionContext, nameof(ExecutionContext));
ArgUtil.NotNull(Inputs, nameof(Inputs));
ArgUtil.Directory(TaskDirectory, nameof(TaskDirectory));
#if !OS_WINDOWS
// Ensure compat vso-task-lib exist at the root of _work folder
// This will make vsts-agent works against 2015 RTM/QU1 TFS, since tasks in those version doesn't package with task lib
// Put the 0.5.5 version vso-task-lib into the root of _work/node_modules folder, so tasks are able to find those lib.
if (!File.Exists(Path.Combine(IOUtil.GetWorkPath(HostContext), "node_modules", "vso-task-lib", "package.json")))
{
string vsoTaskLibFromExternal = Path.Combine(IOUtil.GetExternalsPath(), "vso-task-lib");
string compatVsoTaskLibInWork = Path.Combine(IOUtil.GetWorkPath(HostContext), "node_modules", "vso-task-lib");
IOUtil.CopyDirectory(vsoTaskLibFromExternal, compatVsoTaskLibInWork, ExecutionContext.CancellationToken);
}
#endif
// Update the env dictionary.
AddInputsToEnvironment();
AddEndpointsToEnvironment();
AddSecureFilesToEnvironment();
AddVariablesToEnvironment();
AddIntraTaskStatesToEnvironment();
// Resolve the target script.
string target = Data.Target;
ArgUtil.NotNullOrEmpty(target, nameof(target));
target = Path.Combine(TaskDirectory, target);
ArgUtil.File(target, nameof(target));
// Resolve the working directory.
string workingDirectory = Data.WorkingDirectory;
if (string.IsNullOrEmpty(workingDirectory))
{
if (!string.IsNullOrEmpty(ExecutionContext.Variables.System_DefaultWorkingDirectory))
{
workingDirectory = ExecutionContext.Variables.System_DefaultWorkingDirectory;
}
else
{
workingDirectory = ExecutionContext.Variables.Agent_WorkFolder;
}
}
ArgUtil.Directory(workingDirectory, nameof(workingDirectory));
// Setup the process invoker.
using (var processInvoker = HostContext.CreateService <IProcessInvoker>())
{
processInvoker.OutputDataReceived += OnDataReceived;
processInvoker.ErrorDataReceived += OnDataReceived;
string node = Path.Combine(
IOUtil.GetExternalsPath(),
"node",
"bin",
$"node{IOUtil.ExeExtension}");
// Format the arguments passed to node.
// 1) Wrap the script file path in double quotes.
// 2) Escape double quotes within the script file path. Double-quote is a valid
// file name character on Linux.
string arguments = StringUtil.Format(@"""{0}""", target.Replace(@"""", @"\"""));
#if OS_WINDOWS
// It appears that node.exe outputs UTF8 when not in TTY mode.
Encoding outputEncoding = Encoding.UTF8;
#else
// Let .NET choose the default.
Encoding outputEncoding = null;
#endif
// Execute the process. Exit code 0 should always be returned.
// A non-zero exit code indicates infrastructural failure.
// Task failure should be communicated over STDOUT using ## commands.
await processInvoker.ExecuteAsync(
workingDirectory : workingDirectory,
fileName : node,
arguments : arguments,
environment : Environment,
requireExitCodeZero : true,
outputEncoding : outputEncoding,
cancellationToken : ExecutionContext.CancellationToken);
}
}
public async Task ConfigureAsync(CommandSettings command)
{
ArgUtil.Equal(RunMode.Normal, HostContext.RunMode, nameof(HostContext.RunMode));
Trace.Info(nameof(ConfigureAsync));
if (IsConfigured())
{
throw new InvalidOperationException(StringUtil.Loc("AlreadyConfiguredError"));
}
// Populate proxy setting from commandline args
var vstsProxy = HostContext.GetService <IVstsAgentWebProxy>();
bool saveProxySetting = false;
string proxyUrl = command.GetProxyUrl();
if (!string.IsNullOrEmpty(proxyUrl))
{
if (!Uri.IsWellFormedUriString(proxyUrl, UriKind.Absolute))
{
throw new ArgumentOutOfRangeException(nameof(proxyUrl));
}
Trace.Info("Reset proxy base on commandline args.");
string proxyUserName = command.GetProxyUserName();
string proxyPassword = command.GetProxyPassword();
(vstsProxy as VstsAgentWebProxy).SetupProxy(proxyUrl, proxyUserName, proxyPassword);
saveProxySetting = true;
}
// Populate cert setting from commandline args
var agentCertManager = HostContext.GetService <IAgentCertificateManager>();
bool saveCertSetting = false;
bool skipCertValidation = command.GetSkipCertificateValidation();
string caCert = command.GetCACertificate();
string clientCert = command.GetClientCertificate();
string clientCertKey = command.GetClientCertificatePrivateKey();
string clientCertArchive = command.GetClientCertificateArchrive();
string clientCertPassword = command.GetClientCertificatePassword();
// We require all Certificate files are under agent root.
// So we can set ACL correctly when configure as service
if (!string.IsNullOrEmpty(caCert))
{
caCert = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Root), caCert);
ArgUtil.File(caCert, nameof(caCert));
}
if (!string.IsNullOrEmpty(clientCert) &&
!string.IsNullOrEmpty(clientCertKey) &&
!string.IsNullOrEmpty(clientCertArchive))
{
// Ensure all client cert pieces are there.
clientCert = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Root), clientCert);
clientCertKey = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Root), clientCertKey);
clientCertArchive = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Root), clientCertArchive);
ArgUtil.File(clientCert, nameof(clientCert));
ArgUtil.File(clientCertKey, nameof(clientCertKey));
ArgUtil.File(clientCertArchive, nameof(clientCertArchive));
}
else if (!string.IsNullOrEmpty(clientCert) ||
!string.IsNullOrEmpty(clientCertKey) ||
!string.IsNullOrEmpty(clientCertArchive))
{
// Print out which args are missing.
ArgUtil.NotNullOrEmpty(Constants.Agent.CommandLine.Args.SslClientCert, Constants.Agent.CommandLine.Args.SslClientCert);
ArgUtil.NotNullOrEmpty(Constants.Agent.CommandLine.Args.SslClientCertKey, Constants.Agent.CommandLine.Args.SslClientCertKey);
ArgUtil.NotNullOrEmpty(Constants.Agent.CommandLine.Args.SslClientCertArchive, Constants.Agent.CommandLine.Args.SslClientCertArchive);
}
if (skipCertValidation || !string.IsNullOrEmpty(caCert) || !string.IsNullOrEmpty(clientCert))
{
Trace.Info("Reset agent cert setting base on commandline args.");
(agentCertManager as AgentCertificateManager).SetupCertificate(skipCertValidation, caCert, clientCert, clientCertKey, clientCertArchive, clientCertPassword);
saveCertSetting = true;
}
AgentSettings agentSettings = new AgentSettings();
// TEE EULA
agentSettings.AcceptTeeEula = false;
switch (Constants.Agent.Platform)
{
case Constants.OSPlatform.OSX:
case Constants.OSPlatform.Linux:
// Write the section header.
WriteSection(StringUtil.Loc("EulasSectionHeader"));
// Verify the EULA exists on disk in the expected location.
string eulaFile = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Externals), Constants.Path.TeeDirectory, "license.html");
ArgUtil.File(eulaFile, nameof(eulaFile));
// Write elaborate verbiage about the TEE EULA.
_term.WriteLine(StringUtil.Loc("TeeEula", eulaFile));
_term.WriteLine();
// Prompt to acccept the TEE EULA.
agentSettings.AcceptTeeEula = command.GetAcceptTeeEula();
break;
case Constants.OSPlatform.Windows:
// Warn and continue if .NET 4.6 is not installed.
if (!NetFrameworkUtil.Test(new Version(4, 6), Trace))
{
WriteSection(StringUtil.Loc("PrerequisitesSectionHeader")); // Section header.
_term.WriteLine(StringUtil.Loc("MinimumNetFrameworkTfvc")); // Warning.
}
break;
default:
throw new NotSupportedException();
}
// Create the configuration provider as per agent type.
string agentType;
if (command.DeploymentGroup)
{
agentType = Constants.Agent.AgentConfigurationProvider.DeploymentAgentConfiguration;
}
else if (command.DeploymentPool)
{
agentType = Constants.Agent.AgentConfigurationProvider.SharedDeploymentAgentConfiguration;
}
else
{
agentType = Constants.Agent.AgentConfigurationProvider.BuildReleasesAgentConfiguration;
}
var extensionManager = HostContext.GetService <IExtensionManager>();
IConfigurationProvider agentProvider =
(extensionManager.GetExtensions <IConfigurationProvider>())
.FirstOrDefault(x => x.ConfigurationProviderType == agentType);
ArgUtil.NotNull(agentProvider, agentType);
bool isHostedServer = false;
// Loop getting url and creds until you can connect
ICredentialProvider credProvider = null;
VssCredentials creds = null;
WriteSection(StringUtil.Loc("ConnectSectionHeader"));
while (true)
{
// Get the URL
agentProvider.GetServerUrl(agentSettings, command);
// Get the credentials
credProvider = GetCredentialProvider(command, agentSettings.ServerUrl);
creds = credProvider.GetVssCredentials(HostContext);
Trace.Info("cred retrieved");
try
{
// Determine the service deployment type based on connection data. (Hosted/OnPremises)
isHostedServer = await IsHostedServer(agentSettings.ServerUrl, creds);
// Get the collection name for deployment group
agentProvider.GetCollectionName(agentSettings, command, isHostedServer);
// Validate can connect.
await agentProvider.TestConnectionAsync(agentSettings, creds, isHostedServer);
Trace.Info("Test Connection complete.");
break;
}
catch (Exception e) when(!command.Unattended)
{
_term.WriteError(e);
_term.WriteError(StringUtil.Loc("FailedToConnect"));
}
}
_agentServer = HostContext.GetService <IAgentServer>();
// We want to use the native CSP of the platform for storage, so we use the RSACSP directly
RSAParameters publicKey;
var keyManager = HostContext.GetService <IRSAKeyManager>();
using (var rsa = keyManager.CreateKey())
{
publicKey = rsa.ExportParameters(false);
}
// Loop getting agent name and pool name
WriteSection(StringUtil.Loc("RegisterAgentSectionHeader"));
while (true)
{
try
{
await agentProvider.GetPoolId(agentSettings, command);
break;
}
catch (Exception e) when(!command.Unattended)
{
_term.WriteError(e);
_term.WriteError(agentProvider.GetFailedToFindPoolErrorString());
}
}
TaskAgent agent;
while (true)
{
agentSettings.AgentName = command.GetAgentName();
// Get the system capabilities.
// TODO: Hook up to ctrl+c cancellation token.
_term.WriteLine(StringUtil.Loc("ScanToolCapabilities"));
Dictionary <string, string> systemCapabilities = await HostContext.GetService <ICapabilitiesManager>().GetCapabilitiesAsync(agentSettings, CancellationToken.None);
_term.WriteLine(StringUtil.Loc("ConnectToServer"));
agent = await agentProvider.GetAgentAsync(agentSettings);
if (agent != null)
{
if (command.GetReplace())
{
// Update existing agent with new PublicKey, agent version and SystemCapabilities.
agent = UpdateExistingAgent(agent, publicKey, systemCapabilities);
try
{
agent = await agentProvider.UpdateAgentAsync(agentSettings, agent, command);
_term.WriteLine(StringUtil.Loc("AgentReplaced"));
break;
}
catch (Exception e) when(!command.Unattended)
{
_term.WriteError(e);
_term.WriteError(StringUtil.Loc("FailedToReplaceAgent"));
}
}
else if (command.Unattended)
{
// if not replace and it is unattended config.
agentProvider.ThrowTaskAgentExistException(agentSettings);
}
}
else
{
// Create a new agent.
agent = CreateNewAgent(agentSettings.AgentName, publicKey, systemCapabilities);
try
{
agent = await agentProvider.AddAgentAsync(agentSettings, agent, command);
_term.WriteLine(StringUtil.Loc("AgentAddedSuccessfully"));
break;
}
catch (Exception e) when(!command.Unattended)
{
_term.WriteError(e);
_term.WriteError(StringUtil.Loc("AddAgentFailed"));
}
}
}
// Add Agent Id to settings
agentSettings.AgentId = agent.Id;
// respect the serverUrl resolve by server.
// in case of agent configured using collection url instead of account url.
string agentServerUrl;
if (agent.Properties.TryGetValidatedValue <string>("ServerUrl", out agentServerUrl) &&
!string.IsNullOrEmpty(agentServerUrl))
{
Trace.Info($"Agent server url resolve by server: '{agentServerUrl}'.");
// we need make sure the Schema/Host/Port component of the url remain the same.
UriBuilder inputServerUrl = new UriBuilder(agentSettings.ServerUrl);
UriBuilder serverReturnedServerUrl = new UriBuilder(agentServerUrl);
if (Uri.Compare(inputServerUrl.Uri, serverReturnedServerUrl.Uri, UriComponents.SchemeAndServer, UriFormat.Unescaped, StringComparison.OrdinalIgnoreCase) != 0)
{
inputServerUrl.Path = serverReturnedServerUrl.Path;
Trace.Info($"Replace server returned url's scheme://host:port component with user input server url's scheme://host:port: '{inputServerUrl.Uri.AbsoluteUri}'.");
agentSettings.ServerUrl = inputServerUrl.Uri.AbsoluteUri;
}
else
{
agentSettings.ServerUrl = agentServerUrl;
}
}
// See if the server supports our OAuth key exchange for credentials
if (agent.Authorization != null &&
agent.Authorization.ClientId != Guid.Empty &&
agent.Authorization.AuthorizationUrl != null)
{
// We use authorizationUrl as the oauth endpoint url by default.
// For TFS, we need make sure the Schema/Host/Port component of the oauth endpoint url also match configuration url. (Incase of customer's agent configure URL and TFS server public URL are different)
// Which means, we will keep use the original authorizationUrl in the VssOAuthJwtBearerClientCredential (authorizationUrl is the audience),
// But might have different Url in VssOAuthCredential (connection url)
// We can't do this for VSTS, since its SPS/TFS urls are different.
UriBuilder configServerUrl = new UriBuilder(agentSettings.ServerUrl);
UriBuilder oauthEndpointUrlBuilder = new UriBuilder(agent.Authorization.AuthorizationUrl);
if (!isHostedServer && Uri.Compare(configServerUrl.Uri, oauthEndpointUrlBuilder.Uri, UriComponents.SchemeAndServer, UriFormat.Unescaped, StringComparison.OrdinalIgnoreCase) != 0)
{
oauthEndpointUrlBuilder.Scheme = configServerUrl.Scheme;
oauthEndpointUrlBuilder.Host = configServerUrl.Host;
oauthEndpointUrlBuilder.Port = configServerUrl.Port;
Trace.Info($"Set oauth endpoint url's scheme://host:port component to match agent configure url's scheme://host:port: '{oauthEndpointUrlBuilder.Uri.AbsoluteUri}'.");
}
var credentialData = new CredentialData
{
Scheme = Constants.Configuration.OAuth,
Data =
{
{ "clientId", agent.Authorization.ClientId.ToString("D") },
{ "authorizationUrl", agent.Authorization.AuthorizationUrl.AbsoluteUri },
{ "oauthEndpointUrl", oauthEndpointUrlBuilder.Uri.AbsoluteUri },
},
};
// Save the negotiated OAuth credential data
_store.SaveCredential(credentialData);
}
else
{
switch (Constants.Agent.Platform)
{
case Constants.OSPlatform.OSX:
case Constants.OSPlatform.Linux:
// Save the provided admin cred for compat with previous agent.
_store.SaveCredential(credProvider.CredentialData);
break;
case Constants.OSPlatform.Windows:
// Not supported against TFS 2015.
_term.WriteError(StringUtil.Loc("Tfs2015NotSupported"));
return;
default:
throw new NotSupportedException();
}
}
// Testing agent connection, detect any protential connection issue, like local clock skew that cause OAuth token expired.
_term.WriteLine(StringUtil.Loc("TestAgentConnection"));
var credMgr = HostContext.GetService <ICredentialManager>();
VssCredentials credential = credMgr.LoadCredentials();
var agentSvr = HostContext.GetService <IAgentServer>();
try
{
await agentSvr.ConnectAsync(new Uri(agentSettings.ServerUrl), credential);
}
catch (VssOAuthTokenRequestException ex) when(ex.Message.Contains("Current server time is"))
{
// there are two exception messages server send that indicate clock skew.
// 1. The bearer token expired on {jwt.ValidTo}. Current server time is {DateTime.UtcNow}.
// 2. The bearer token is not valid until {jwt.ValidFrom}. Current server time is {DateTime.UtcNow}.
Trace.Error("Catch exception during test agent connection.");
Trace.Error(ex);
throw new Exception(StringUtil.Loc("LocalClockSkewed"));
}
// We will Combine() what's stored with root. Defaults to string a relative path
agentSettings.WorkFolder = command.GetWork();
// notificationPipeName for Hosted agent provisioner.
agentSettings.NotificationPipeName = command.GetNotificationPipeName();
agentSettings.NotificationSocketAddress = command.GetNotificationSocketAddress();
_store.SaveSettings(agentSettings);
if (saveProxySetting)
{
Trace.Info("Save proxy setting to disk.");
(vstsProxy as VstsAgentWebProxy).SaveProxySetting();
}
if (saveCertSetting)
{
Trace.Info("Save agent cert setting to disk.");
(agentCertManager as AgentCertificateManager).SaveCertificateSetting();
}
_term.WriteLine(StringUtil.Loc("SavedSettings", DateTime.UtcNow));
bool saveRuntimeOptions = false;
var runtimeOptions = new AgentRuntimeOptions();
#if OS_WINDOWS
if (command.GitUseSChannel)
{
saveRuntimeOptions = true;
runtimeOptions.GitUseSecureChannel = true;
}
#endif
if (saveRuntimeOptions)
{
Trace.Info("Save agent runtime options to disk.");
_store.SaveAgentRuntimeOptions(runtimeOptions);
}
#if OS_WINDOWS
// config windows service
bool runAsService = command.GetRunAsService();
if (runAsService)
{
Trace.Info("Configuring to run the agent as service");
var serviceControlManager = HostContext.GetService <IWindowsServiceControlManager>();
serviceControlManager.ConfigureService(agentSettings, command);
}
// config auto logon
else if (command.GetRunAsAutoLogon())
{
Trace.Info("Agent is going to run as process setting up the 'AutoLogon' capability for the agent.");
var autoLogonConfigManager = HostContext.GetService <IAutoLogonManager>();
await autoLogonConfigManager.ConfigureAsync(command);
//Important: The machine may restart if the autologon user is not same as the current user
//if you are adding code after this, keep that in mind
}
#elif OS_LINUX || OS_OSX
// generate service config script for OSX and Linux, GenerateScripts() will no-opt on windows.
var serviceControlManager = HostContext.GetService <ILinuxServiceControlManager>();
serviceControlManager.GenerateScripts(agentSettings);
#endif
}
public async Task GetSourceAsync(
IExecutionContext executionContext,
ServiceEndpoint endpoint,
CancellationToken cancellationToken)
{
Trace.Entering();
// Validate args.
ArgUtil.NotNull(executionContext, nameof(executionContext));
ArgUtil.NotNull(endpoint, nameof(endpoint));
#if OS_WINDOWS
// Validate .NET Framework 4.6 or higher is installed.
var netFrameworkUtil = HostContext.GetService <INetFrameworkUtil>();
if (!netFrameworkUtil.Test(new Version(4, 6)))
{
throw new Exception(StringUtil.Loc("MinimumNetFramework46"));
}
#endif
// Create the tf command manager.
var tf = HostContext.CreateService <ITfsVCCommandManager>();
tf.CancellationToken = cancellationToken;
tf.Endpoint = endpoint;
tf.ExecutionContext = executionContext;
// Setup proxy.
var agentProxy = HostContext.GetService <IVstsAgentWebProxy>();
if (!string.IsNullOrEmpty(executionContext.Variables.Agent_ProxyUrl) && !agentProxy.IsBypassed(endpoint.Url))
{
executionContext.Debug($"Configure '{tf.FilePath}' to work through proxy server '{executionContext.Variables.Agent_ProxyUrl}'.");
tf.SetupProxy(executionContext.Variables.Agent_ProxyUrl, executionContext.Variables.Agent_ProxyUsername, executionContext.Variables.Agent_ProxyPassword);
}
// Add TF to the PATH.
string tfPath = tf.FilePath;
ArgUtil.File(tfPath, nameof(tfPath));
var varUtil = HostContext.GetService <IVarUtil>();
executionContext.Output(StringUtil.Loc("Prepending0WithDirectoryContaining1", Constants.PathVariable, Path.GetFileName(tfPath)));
varUtil.PrependPath(Path.GetDirectoryName(tfPath));
executionContext.Debug($"{Constants.PathVariable}: '{Environment.GetEnvironmentVariable(Constants.PathVariable)}'");
#if OS_WINDOWS
// Set TFVC_BUILDAGENT_POLICYPATH
string policyDllPath = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.ServerOM), "Microsoft.TeamFoundation.VersionControl.Controls.dll");
ArgUtil.File(policyDllPath, nameof(policyDllPath));
const string policyPathEnvKey = "TFVC_BUILDAGENT_POLICYPATH";
executionContext.Output(StringUtil.Loc("SetEnvVar", policyPathEnvKey));
Environment.SetEnvironmentVariable(policyPathEnvKey, policyDllPath);
#endif
// Check if the administrator accepted the license terms of the TEE EULA when configuring the agent.
AgentSettings settings = HostContext.GetService <IConfigurationStore>().GetSettings();
if (tf.Features.HasFlag(TfsVCFeatures.Eula) && settings.AcceptTeeEula)
{
// Check if the "tf eula -accept" command needs to be run for the current user.
bool skipEula = false;
try
{
skipEula = tf.TestEulaAccepted();
}
catch (Exception ex)
{
executionContext.Debug("Unexpected exception while testing whether the TEE EULA has been accepted for the current user.");
executionContext.Debug(ex.ToString());
}
if (!skipEula)
{
// Run the command "tf eula -accept".
try
{
await tf.EulaAsync();
}
catch (Exception ex)
{
executionContext.Debug(ex.ToString());
executionContext.Warning(ex.Message);
}
}
}
// Get the workspaces.
executionContext.Output(StringUtil.Loc("QueryingWorkspaceInfo"));
ITfsVCWorkspace[] tfWorkspaces = await tf.WorkspacesAsync();
// Determine the workspace name.
string buildDirectory = executionContext.Variables.Agent_BuildDirectory;
ArgUtil.NotNullOrEmpty(buildDirectory, nameof(buildDirectory));
string workspaceName = $"ws_{Path.GetFileName(buildDirectory)}_{settings.AgentId}";
executionContext.Variables.Set(Constants.Variables.Build.RepoTfvcWorkspace, workspaceName);
// Get the definition mappings.
DefinitionWorkspaceMapping[] definitionMappings =
JsonConvert.DeserializeObject <DefinitionWorkspaceMappings>(endpoint.Data[WellKnownEndpointData.TfvcWorkspaceMapping])?.Mappings;
// Determine the sources directory.
string sourcesDirectory = GetEndpointData(endpoint, Constants.EndpointData.SourcesDirectory);
ArgUtil.NotNullOrEmpty(sourcesDirectory, nameof(sourcesDirectory));
// Attempt to re-use an existing workspace if the command manager supports scorch
// or if clean is not specified.
ITfsVCWorkspace existingTFWorkspace = null;
bool clean = endpoint.Data.ContainsKey(WellKnownEndpointData.Clean) &&
StringUtil.ConvertToBoolean(endpoint.Data[WellKnownEndpointData.Clean], defaultValue: false);
if (tf.Features.HasFlag(TfsVCFeatures.Scorch) || !clean)
{
existingTFWorkspace = WorkspaceUtil.MatchExactWorkspace(
executionContext: executionContext,
tfWorkspaces: tfWorkspaces,
name: workspaceName,
definitionMappings: definitionMappings,
sourcesDirectory: sourcesDirectory);
if (existingTFWorkspace != null)
{
if (tf.Features.HasFlag(TfsVCFeatures.GetFromUnmappedRoot))
{
// Undo pending changes.
ITfsVCStatus tfStatus = await tf.StatusAsync(localPath : sourcesDirectory);
if (tfStatus?.HasPendingChanges ?? false)
{
await tf.UndoAsync(localPath : sourcesDirectory);
// Cleanup remaining files/directories from pend adds.
tfStatus.AllAdds
.OrderByDescending(x => x.LocalItem) // Sort descending so nested items are deleted before their parent is deleted.
.ToList()
.ForEach(x =>
{
executionContext.Output(StringUtil.Loc("Deleting", x.LocalItem));
IOUtil.Delete(x.LocalItem, cancellationToken);
});
}
}
else
{
// Perform "undo" for each map.
foreach (DefinitionWorkspaceMapping definitionMapping in definitionMappings ?? new DefinitionWorkspaceMapping[0])
{
if (definitionMapping.MappingType == DefinitionMappingType.Map)
{
// Check the status.
string localPath = definitionMapping.GetRootedLocalPath(sourcesDirectory);
ITfsVCStatus tfStatus = await tf.StatusAsync(localPath : localPath);
if (tfStatus?.HasPendingChanges ?? false)
{
// Undo.
await tf.UndoAsync(localPath : localPath);
// Cleanup remaining files/directories from pend adds.
tfStatus.AllAdds
.OrderByDescending(x => x.LocalItem) // Sort descending so nested items are deleted before their parent is deleted.
.ToList()
.ForEach(x =>
{
executionContext.Output(StringUtil.Loc("Deleting", x.LocalItem));
IOUtil.Delete(x.LocalItem, cancellationToken);
});
}
}
}
}
// Scorch.
if (clean)
{
// Try to scorch.
try
{
await tf.ScorchAsync();
}
catch (ProcessExitCodeException ex)
{
// Scorch failed.
// Warn, drop the folder, and re-clone.
executionContext.Warning(ex.Message);
existingTFWorkspace = null;
}
}
}
}
// Create a new workspace.
if (existingTFWorkspace == null)
{
// Remove any conflicting workspaces.
await RemoveConflictingWorkspacesAsync(
tf : tf,
tfWorkspaces : tfWorkspaces,
name : workspaceName,
directory : sourcesDirectory);
// Remove any conflicting workspace from a different computer.
// This is primarily a hosted scenario where a registered hosted
// agent can land on a different computer each time.
tfWorkspaces = await tf.WorkspacesAsync(matchWorkspaceNameOnAnyComputer : true);
foreach (ITfsVCWorkspace tfWorkspace in tfWorkspaces ?? new ITfsVCWorkspace[0])
{
await tf.WorkspaceDeleteAsync(tfWorkspace);
}
// Recreate the sources directory.
executionContext.Debug($"Deleting: '{sourcesDirectory}'.");
IOUtil.DeleteDirectory(sourcesDirectory, cancellationToken);
Directory.CreateDirectory(sourcesDirectory);
// Create the workspace.
await tf.WorkspaceNewAsync();
// Remove the default mapping.
if (tf.Features.HasFlag(TfsVCFeatures.DefaultWorkfoldMap))
{
await tf.WorkfoldUnmapAsync("$/");
}
// Sort the definition mappings.
definitionMappings =
(definitionMappings ?? new DefinitionWorkspaceMapping[0])
.OrderBy(x => x.NormalizedServerPath?.Length ?? 0) // By server path length.
.ToArray() ?? new DefinitionWorkspaceMapping[0];
// Add the definition mappings to the workspace.
foreach (DefinitionWorkspaceMapping definitionMapping in definitionMappings)
{
switch (definitionMapping.MappingType)
{
case DefinitionMappingType.Cloak:
// Add the cloak.
await tf.WorkfoldCloakAsync(serverPath : definitionMapping.ServerPath);
break;
case DefinitionMappingType.Map:
// Add the mapping.
await tf.WorkfoldMapAsync(
serverPath : definitionMapping.ServerPath,
localPath : definitionMapping.GetRootedLocalPath(sourcesDirectory));
break;
default:
throw new NotSupportedException();
}
}
}
if (tf.Features.HasFlag(TfsVCFeatures.GetFromUnmappedRoot))
{
// Get.
await tf.GetAsync(localPath : sourcesDirectory);
}
else
{
// Perform "get" for each map.
foreach (DefinitionWorkspaceMapping definitionMapping in definitionMappings ?? new DefinitionWorkspaceMapping[0])
{
if (definitionMapping.MappingType == DefinitionMappingType.Map)
{
await tf.GetAsync(localPath : definitionMapping.GetRootedLocalPath(sourcesDirectory));
}
}
}
// Steps for shelveset/gated.
string shelvesetName = GetEndpointData(endpoint, Constants.EndpointData.SourceTfvcShelveset);
if (!string.IsNullOrEmpty(shelvesetName))
{
// Steps for gated.
ITfsVCShelveset tfShelveset = null;
string gatedShelvesetName = GetEndpointData(endpoint, Constants.EndpointData.GatedShelvesetName);
if (!string.IsNullOrEmpty(gatedShelvesetName))
{
// Clean the last-saved-checkin-metadata for existing workspaces.
//
// A better long term fix is to add a switch to "tf unshelve" that completely overwrites
// the last-saved-checkin-metadata, instead of merging associated work items.
//
// The targeted workaround for now is to create a trivial change and "tf shelve /move",
// which will delete the last-saved-checkin-metadata.
if (existingTFWorkspace != null)
{
executionContext.Output("Cleaning last saved checkin metadata.");
// Find a local mapped directory.
string firstLocalDirectory =
(definitionMappings ?? new DefinitionWorkspaceMapping[0])
.Where(x => x.MappingType == DefinitionMappingType.Map)
.Select(x => x.GetRootedLocalPath(sourcesDirectory))
.FirstOrDefault(x => Directory.Exists(x));
if (firstLocalDirectory == null)
{
executionContext.Warning("No mapped folder found. Unable to clean last-saved-checkin-metadata.");
}
else
{
// Create a trival change and "tf shelve /move" to clear the
// last-saved-checkin-metadata.
string cleanName = "__tf_clean_wksp_metadata";
string tempCleanFile = Path.Combine(firstLocalDirectory, cleanName);
try
{
File.WriteAllText(path: tempCleanFile, contents: "clean last-saved-checkin-metadata", encoding: Encoding.UTF8);
await tf.AddAsync(tempCleanFile);
await tf.ShelveAsync(shelveset : cleanName, commentFile : tempCleanFile, move : true);
}
catch (Exception ex)
{
executionContext.Warning($"Unable to clean last-saved-checkin-metadata. {ex.Message}");
try
{
await tf.UndoAsync(tempCleanFile);
}
catch (Exception ex2)
{
executionContext.Warning($"Unable to undo '{tempCleanFile}'. {ex2.Message}");
}
}
finally
{
IOUtil.DeleteFile(tempCleanFile);
}
}
}
// Get the shelveset metadata.
tfShelveset = await tf.ShelvesetsAsync(shelveset : shelvesetName);
// The above command throws if the shelveset is not found,
// so the following assertion should never fail.
ArgUtil.NotNull(tfShelveset, nameof(tfShelveset));
}
// Unshelve.
await tf.UnshelveAsync(shelveset : shelvesetName);
// Ensure we undo pending changes for shelveset build at the end.
_undoShelvesetPendingChanges = true;
if (!string.IsNullOrEmpty(gatedShelvesetName))
{
// Create the comment file for reshelve.
StringBuilder comment = new StringBuilder(tfShelveset.Comment ?? string.Empty);
string runCi = GetEndpointData(endpoint, Constants.EndpointData.GatedRunCI);
bool gatedRunCi = StringUtil.ConvertToBoolean(runCi, true);
if (!gatedRunCi)
{
if (comment.Length > 0)
{
comment.AppendLine();
}
comment.Append(Constants.Build.NoCICheckInComment);
}
string commentFile = null;
try
{
commentFile = Path.GetTempFileName();
File.WriteAllText(path: commentFile, contents: comment.ToString(), encoding: Encoding.UTF8);
// Reshelve.
await tf.ShelveAsync(shelveset : gatedShelvesetName, commentFile : commentFile, move : false);
}
finally
{
// Cleanup the comment file.
if (File.Exists(commentFile))
{
File.Delete(commentFile);
}
}
}
}
// Cleanup proxy settings.
if (!string.IsNullOrEmpty(executionContext.Variables.Agent_ProxyUrl) && !agentProxy.IsBypassed(endpoint.Url))
{
executionContext.Debug($"Remove proxy setting for '{tf.FilePath}' to work through proxy server '{executionContext.Variables.Agent_ProxyUrl}'.");
tf.CleanupProxySetting();
}
}
public async Task UploadDiagnosticLogsAsync(IExecutionContext executionContext,
Pipelines.AgentJobRequestMessage message,
DateTime jobStartTimeUtc)
{
executionContext.Debug("Starting diagnostic file upload.");
// Setup folders
// \_layout\_work\_temp\[jobname-support]
executionContext.Debug("Setting up diagnostic log folders.");
string tempDirectory = HostContext.GetDirectory(WellKnownDirectory.Temp);
ArgUtil.Directory(tempDirectory, nameof(tempDirectory));
string supportRootFolder = Path.Combine(tempDirectory, message.JobName + "-support");
Directory.CreateDirectory(supportRootFolder);
// \_layout\_work\_temp\[jobname-support]\files
executionContext.Debug("Creating diagnostic log files folder.");
string supportFilesFolder = Path.Combine(supportRootFolder, "files");
Directory.CreateDirectory(supportFilesFolder);
// Create the environment file
// \_layout\_work\_temp\[jobname-support]\files\environment.txt
var configurationStore = HostContext.GetService <IConfigurationStore>();
AgentSettings settings = configurationStore.GetSettings();
int agentId = settings.AgentId;
string agentName = settings.AgentName;
int poolId = settings.PoolId;
executionContext.Debug("Creating diagnostic log environment file.");
string environmentFile = Path.Combine(supportFilesFolder, "environment.txt");
string content = await GetEnvironmentContent(agentId, agentName, message.Steps);
File.WriteAllText(environmentFile, content);
// Create the capabilities file
var capabilitiesManager = HostContext.GetService <ICapabilitiesManager>();
Dictionary <string, string> capabilities = await capabilitiesManager.GetCapabilitiesAsync(configurationStore.GetSettings(), default(CancellationToken));
executionContext.Debug("Creating capabilities file.");
string capabilitiesFile = Path.Combine(supportFilesFolder, "capabilities.txt");
string capabilitiesContent = GetCapabilitiesContent(capabilities);
File.WriteAllText(capabilitiesFile, capabilitiesContent);
// Copy worker diag log files
List <string> workerDiagLogFiles = GetWorkerDiagLogFiles(HostContext.GetDirectory(WellKnownDirectory.Diag), jobStartTimeUtc);
executionContext.Debug($"Copying {workerDiagLogFiles.Count()} worker diag logs.");
foreach (string workerLogFile in workerDiagLogFiles)
{
ArgUtil.File(workerLogFile, nameof(workerLogFile));
string destination = Path.Combine(supportFilesFolder, Path.GetFileName(workerLogFile));
File.Copy(workerLogFile, destination);
}
// Copy agent diag log files
List <string> agentDiagLogFiles = GetAgentDiagLogFiles(HostContext.GetDirectory(WellKnownDirectory.Diag), jobStartTimeUtc);
executionContext.Debug($"Copying {agentDiagLogFiles.Count()} agent diag logs.");
foreach (string agentLogFile in agentDiagLogFiles)
{
ArgUtil.File(agentLogFile, nameof(agentLogFile));
string destination = Path.Combine(supportFilesFolder, Path.GetFileName(agentLogFile));
File.Copy(agentLogFile, destination);
}
executionContext.Debug("Zipping diagnostic files.");
string buildNumber = executionContext.Variables.Build_Number ?? "UnknownBuildNumber";
string buildName = $"Build {buildNumber}";
string phaseName = executionContext.Variables.System_PhaseDisplayName ?? "UnknownPhaseName";
// zip the files
string diagnosticsZipFileName = $"{buildName}-{phaseName}.zip";
string diagnosticsZipFilePath = Path.Combine(supportRootFolder, diagnosticsZipFileName);
ZipFile.CreateFromDirectory(supportFilesFolder, diagnosticsZipFilePath);
// upload the json metadata file
executionContext.Debug("Uploading diagnostic metadata file.");
string metadataFileName = $"diagnostics-{buildName}-{phaseName}.json";
string metadataFilePath = Path.Combine(supportFilesFolder, metadataFileName);
string phaseResult = GetTaskResultAsString(executionContext.Result);
IOUtil.SaveObject(new DiagnosticLogMetadata(agentName, agentId, poolId, phaseName, diagnosticsZipFileName, phaseResult), metadataFilePath);
executionContext.QueueAttachFile(type: CoreAttachmentType.DiagnosticLog, name: metadataFileName, filePath: metadataFilePath);
executionContext.QueueAttachFile(type: CoreAttachmentType.DiagnosticLog, name: diagnosticsZipFileName, filePath: diagnosticsZipFilePath);
executionContext.Debug("Diagnostic file upload complete.");
}
public async Task ConfigureAsync(CommandSettings command)
{
Trace.Info(nameof(ConfigureAsync));
if (IsConfigured())
{
throw new InvalidOperationException(StringUtil.Loc("AlreadyConfiguredError"));
}
// TEE EULA
bool acceptTeeEula = false;
switch (Constants.Agent.Platform)
{
case Constants.OSPlatform.OSX:
case Constants.OSPlatform.Linux:
// Write the section header.
WriteSection(StringUtil.Loc("EulasSectionHeader"));
// Verify the EULA exists on disk in the expected location.
string eulaFile = Path.Combine(IOUtil.GetExternalsPath(), Constants.Path.TeeDirectory, "license.html");
ArgUtil.File(eulaFile, nameof(eulaFile));
// Write elaborate verbiage about the TEE EULA.
_term.WriteLine(StringUtil.Loc("TeeEula", eulaFile));
_term.WriteLine();
// Prompt to acccept the TEE EULA.
acceptTeeEula = command.GetAcceptTeeEula();
break;
case Constants.OSPlatform.Windows:
break;
default:
throw new NotSupportedException();
}
// TODO: Check if its running with elevated permission and stop early if its not
// Loop getting url and creds until you can connect
string serverUrl = null;
ICredentialProvider credProvider = null;
WriteSection(StringUtil.Loc("ConnectSectionHeader"));
while (true)
{
// Get the URL
serverUrl = command.GetUrl();
// Get the credentials
credProvider = GetCredentialProvider(command, serverUrl);
VssCredentials creds = credProvider.GetVssCredentials(HostContext);
Trace.Info("cred retrieved");
try
{
// Validate can connect.
await TestConnectAsync(serverUrl, creds);
Trace.Info("Connect complete.");
break;
}
catch (Exception e) when(!command.Unattended)
{
_term.WriteError(e);
_term.WriteError(StringUtil.Loc("FailedToConnect"));
// TODO: If the connection fails, shouldn't the URL/creds be cleared from the command line parser? Otherwise retry may be immediately attempted using the same values without prompting the user for new values. The same general problem applies to every retry loop during configure.
}
}
// We want to use the native CSP of the platform for storage, so we use the RSACSP directly
RSAParameters publicKey;
var keyManager = HostContext.GetService <IRSAKeyManager>();
using (var rsa = keyManager.CreateKey())
{
publicKey = rsa.ExportParameters(false);
}
// Loop getting agent name and pool
string poolName = null;
int poolId = 0;
string agentName = null;
WriteSection(StringUtil.Loc("RegisterAgentSectionHeader"));
while (true)
{
poolName = command.GetPool();
try
{
poolId = await GetPoolId(poolName);
}
catch (Exception e) when(!command.Unattended)
{
_term.WriteError(e);
}
if (poolId > 0)
{
break;
}
_term.WriteError(StringUtil.Loc("FailedToFindPool"));
}
TaskAgent agent;
while (true)
{
agentName = command.GetAgentName();
// Get the system capabilities.
// TODO: Hook up to ctrl+c cancellation token.
_term.WriteLine(StringUtil.Loc("ScanToolCapabilities"));
Dictionary <string, string> systemCapabilities = await HostContext.GetService <ICapabilitiesManager>().GetCapabilitiesAsync(
new AgentSettings {
AgentName = agentName
}, CancellationToken.None);
_term.WriteLine(StringUtil.Loc("ConnectToServer"));
agent = await GetAgent(agentName, poolId);
if (agent != null)
{
if (command.GetReplace())
{
agent.Authorization = new TaskAgentAuthorization
{
PublicKey = new TaskAgentPublicKey(publicKey.Exponent, publicKey.Modulus),
};
// update - update instead of delete so we don't lose user capabilities etc...
agent.Version = Constants.Agent.Version;
foreach (KeyValuePair <string, string> capability in systemCapabilities)
{
agent.SystemCapabilities[capability.Key] = capability.Value ?? string.Empty;
}
try
{
agent = await _agentServer.UpdateAgentAsync(poolId, agent);
_term.WriteLine(StringUtil.Loc("AgentReplaced"));
break;
}
catch (Exception e) when(!command.Unattended)
{
_term.WriteError(e);
_term.WriteError(StringUtil.Loc("FailedToReplaceAgent"));
}
}
else
{
// TODO: ?
}
}
else
{
agent = new TaskAgent(agentName)
{
Authorization = new TaskAgentAuthorization
{
PublicKey = new TaskAgentPublicKey(publicKey.Exponent, publicKey.Modulus),
},
MaxParallelism = 1,
Version = Constants.Agent.Version
};
foreach (KeyValuePair <string, string> capability in systemCapabilities)
{
agent.SystemCapabilities[capability.Key] = capability.Value ?? string.Empty;
}
try
{
agent = await _agentServer.AddAgentAsync(poolId, agent);
_term.WriteLine(StringUtil.Loc("AgentAddedSuccessfully"));
break;
}
catch (Exception e) when(!command.Unattended)
{
_term.WriteError(e);
_term.WriteError(StringUtil.Loc("AddAgentFailed"));
}
}
}
// See if the server supports our OAuth key exchange for credentials
if (agent.Authorization != null &&
agent.Authorization.ClientId != Guid.Empty &&
agent.Authorization.AuthorizationUrl != null)
{
var credentialData = new CredentialData
{
Scheme = Constants.Configuration.OAuth,
Data =
{
{ "clientId", agent.Authorization.ClientId.ToString("D") },
{ "authorizationUrl", agent.Authorization.AuthorizationUrl.AbsoluteUri },
},
};
// Save the negotiated OAuth credential data
_store.SaveCredential(credentialData);
}
else
{
// Save the provided admin credential data for compat with existing agent
_store.SaveCredential(credProvider.CredentialData);
}
// Testing agent connection, detect any protential connection issue, like local clock skew that cause OAuth token expired.
_term.WriteLine(StringUtil.Loc("TestAgentConnection"));
var credMgr = HostContext.GetService <ICredentialManager>();
VssCredentials credential = credMgr.LoadCredentials();
VssConnection conn = ApiUtil.CreateConnection(new Uri(serverUrl), credential);
var agentSvr = HostContext.GetService <IAgentServer>();
try
{
await agentSvr.ConnectAsync(conn);
}
catch (VssOAuthTokenRequestException ex) when(ex.Message.Contains("Current server time is"))
{
// there are two exception messages server send that indicate clock skew.
// 1. The bearer token expired on {jwt.ValidTo}. Current server time is {DateTime.UtcNow}.
// 2. The bearer token is not valid until {jwt.ValidFrom}. Current server time is {DateTime.UtcNow}.
Trace.Error("Catch exception during test agent connection.");
Trace.Error(ex);
throw new Exception(StringUtil.Loc("LocalClockSkewed"));
}
// We will Combine() what's stored with root. Defaults to string a relative path
string workFolder = command.GetWork();
string notificationPipeName = command.GetNotificationPipeName();
// Get Agent settings
var settings = new AgentSettings
{
AcceptTeeEula = acceptTeeEula,
AgentId = agent.Id,
AgentName = agentName,
NotificationPipeName = notificationPipeName,
PoolId = poolId,
PoolName = poolName,
ServerUrl = serverUrl,
WorkFolder = workFolder,
};
_store.SaveSettings(settings);
_term.WriteLine(StringUtil.Loc("SavedSettings", DateTime.UtcNow));
bool runAsService = false;
if (Constants.Agent.Platform == Constants.OSPlatform.Windows)
{
runAsService = command.GetRunAsService();
if (runAsService)
{
if (!new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator))
{
Trace.Error("Needs Administrator privileges for configure agent as windows service.");
throw new SecurityException(StringUtil.Loc("NeedAdminForConfigAgentWinService"));
}
}
}
var serviceControlManager = HostContext.GetService <IServiceControlManager>();
serviceControlManager.GenerateScripts(settings);
bool successfullyConfigured = false;
if (runAsService)
{
Trace.Info("Configuring to run the agent as service");
successfullyConfigured = serviceControlManager.ConfigureService(settings, command);
}
if (runAsService && successfullyConfigured)
{
Trace.Info("Configuration was successful, trying to start the service");
serviceControlManager.StartService();
}
}
public async Task GetSourceAsync(
AgentTaskPluginExecutionContext executionContext,
Pipelines.RepositoryResource repository,
CancellationToken cancellationToken)
{
// Validate args.
ArgUtil.NotNull(executionContext, nameof(executionContext));
ArgUtil.NotNull(repository, nameof(repository));
// Validate .NET Framework 4.6 or higher is installed.
if (PlatformUtil.RunningOnWindows && !NetFrameworkUtil.Test(new Version(4, 6), executionContext))
{
throw new Exception(StringUtil.Loc("MinimumNetFramework46"));
}
// determine if we've been asked to suppress some checkout step output
bool reducedOutput = AgentKnobs.QuietCheckout.GetValue(executionContext).AsBoolean();
if (reducedOutput)
{
executionContext.Output(StringUtil.Loc("QuietCheckoutModeRequested"));
executionContext.SetTaskVariable(AgentKnobs.QuietCheckoutRuntimeVarName, Boolean.TrueString);
}
// Create the tf command manager.
ITfsVCCliManager tf;
if (PlatformUtil.RunningOnWindows)
{
tf = new TFCliManager();
}
else
{
tf = new TeeCliManager();
}
tf.CancellationToken = cancellationToken;
tf.Repository = repository;
tf.ExecutionContext = executionContext;
if (repository.Endpoint != null)
{
// the endpoint should either be the SystemVssConnection (id = guild.empty, name = SystemVssConnection)
// or a real service endpoint to external service which has a real id
var endpoint = executionContext.Endpoints.Single(
x => (repository.Endpoint.Id != Guid.Empty && x.Id == repository.Endpoint.Id) ||
(repository.Endpoint.Id == Guid.Empty && string.Equals(x.Name, repository.Endpoint.Name.ToString(), StringComparison.OrdinalIgnoreCase)));
ArgUtil.NotNull(endpoint, nameof(endpoint));
tf.Endpoint = endpoint;
}
// Setup proxy.
var agentProxy = executionContext.GetProxyConfiguration();
if (agentProxy != null && !string.IsNullOrEmpty(agentProxy.ProxyAddress) && !agentProxy.WebProxy.IsBypassed(repository.Url))
{
executionContext.Debug($"Configure '{tf.FilePath}' to work through proxy server '{agentProxy.ProxyAddress}'.");
tf.SetupProxy(agentProxy.ProxyAddress, agentProxy.ProxyUsername, agentProxy.ProxyPassword);
}
// Setup client certificate.
var agentCertManager = executionContext.GetCertConfiguration();
if (agentCertManager != null && agentCertManager.SkipServerCertificateValidation)
{
executionContext.Debug("TF does not support ignoring SSL certificate validation error.");
}
// prepare client cert, if the repository's endpoint url match the TFS/VSTS url
var systemConnection = executionContext.Endpoints.Single(x => string.Equals(x.Name, WellKnownServiceEndpointNames.SystemVssConnection, StringComparison.OrdinalIgnoreCase));
if (!string.IsNullOrEmpty(agentCertManager?.ClientCertificateFile) &&
Uri.Compare(repository.Url, systemConnection.Url, UriComponents.SchemeAndServer, UriFormat.Unescaped, StringComparison.OrdinalIgnoreCase) == 0)
{
executionContext.Debug($"Configure '{tf.FilePath}' to work with client cert '{agentCertManager.ClientCertificateFile}'.");
tf.SetupClientCertificate(agentCertManager.ClientCertificateFile, agentCertManager.ClientCertificatePrivateKeyFile, agentCertManager.ClientCertificateArchiveFile, agentCertManager.ClientCertificatePassword);
}
// Add TF to the PATH.
string tfPath = tf.FilePath;
ArgUtil.File(tfPath, nameof(tfPath));
executionContext.Output(StringUtil.Loc("Prepending0WithDirectoryContaining1", PathUtil.PathVariable, Path.GetFileName(tfPath)));
executionContext.PrependPath(Path.GetDirectoryName(tfPath));
executionContext.Debug($"PATH: '{Environment.GetEnvironmentVariable("PATH")}'");
if (PlatformUtil.RunningOnWindows)
{
// Set TFVC_BUILDAGENT_POLICYPATH
string policyDllPath = Path.Combine(executionContext.Variables.GetValueOrDefault("Agent.HomeDirectory")?.Value, "externals", "tf", "Microsoft.TeamFoundation.VersionControl.Controls.dll");
ArgUtil.File(policyDllPath, nameof(policyDllPath));
const string policyPathEnvKey = "TFVC_BUILDAGENT_POLICYPATH";
executionContext.Output(StringUtil.Loc("SetEnvVar", policyPathEnvKey));
executionContext.SetVariable(policyPathEnvKey, policyDllPath);
}
// Check if the administrator accepted the license terms of the TEE EULA when configuring the agent.
if (tf.Features.HasFlag(TfsVCFeatures.Eula) && StringUtil.ConvertToBoolean(executionContext.Variables.GetValueOrDefault("Agent.AcceptTeeEula")?.Value))
{
// Check if the "tf eula -accept" command needs to be run for the current user.
bool skipEula = false;
try
{
skipEula = tf.TestEulaAccepted();
}
catch (Exception ex)
{
executionContext.Debug("Unexpected exception while testing whether the TEE EULA has been accepted for the current user.");
executionContext.Debug(ex.ToString());
}
if (!skipEula)
{
// Run the command "tf eula -accept".
try
{
await tf.EulaAsync();
}
catch (Exception ex)
{
executionContext.Debug(ex.ToString());
executionContext.Warning(ex.Message);
}
}
}
// Get the workspaces.
executionContext.Output(StringUtil.Loc("QueryingWorkspaceInfo"));
ITfsVCWorkspace[] tfWorkspaces = await tf.WorkspacesAsync();
// Determine the workspace name.
string buildDirectory = executionContext.Variables.GetValueOrDefault("agent.builddirectory")?.Value;
ArgUtil.NotNullOrEmpty(buildDirectory, nameof(buildDirectory));
string workspaceName = $"ws_{Path.GetFileName(buildDirectory)}_{executionContext.Variables.GetValueOrDefault("agent.id")?.Value}";
executionContext.SetVariable("build.repository.tfvc.workspace", workspaceName);
// Get the definition mappings.
var workspaceMappings = repository.Properties.Get <IList <Pipelines.WorkspaceMapping> >(Pipelines.RepositoryPropertyNames.Mappings);
DefinitionWorkspaceMapping[] definitionMappings = workspaceMappings.Select(x => new DefinitionWorkspaceMapping()
{
ServerPath = x.ServerPath, LocalPath = x.LocalPath, MappingType = x.Exclude ? DefinitionMappingType.Cloak : DefinitionMappingType.Map
}).ToArray();
// Determine the sources directory.
string sourcesDirectory = repository.Properties.Get <string>(Pipelines.RepositoryPropertyNames.Path);
ArgUtil.NotNullOrEmpty(sourcesDirectory, nameof(sourcesDirectory));
// Attempt to re-use an existing workspace if the command manager supports scorch
// or if clean is not specified.
ITfsVCWorkspace existingTFWorkspace = null;
bool clean = StringUtil.ConvertToBoolean(executionContext.GetInput(Pipelines.PipelineConstants.CheckoutTaskInputs.Clean));
if (tf.Features.HasFlag(TfsVCFeatures.Scorch) || !clean)
{
existingTFWorkspace = WorkspaceUtil.MatchExactWorkspace(
executionContext: executionContext,
tfWorkspaces: tfWorkspaces,
name: workspaceName,
definitionMappings: definitionMappings,
sourcesDirectory: sourcesDirectory);
if (existingTFWorkspace != null)
{
if (tf.Features.HasFlag(TfsVCFeatures.GetFromUnmappedRoot))
{
// Undo pending changes.
ITfsVCStatus tfStatus = await tf.StatusAsync(localPath : sourcesDirectory);
if (tfStatus?.HasPendingChanges ?? false)
{
await tf.UndoAsync(localPath : sourcesDirectory);
// Cleanup remaining files/directories from pend adds.
tfStatus.AllAdds
.OrderByDescending(x => x.LocalItem) // Sort descending so nested items are deleted before their parent is deleted.
.ToList()
.ForEach(x =>
{
executionContext.Output(StringUtil.Loc("Deleting", x.LocalItem));
IOUtil.Delete(x.LocalItem, cancellationToken);
});
}
}
else
{
// Perform "undo" for each map.
foreach (DefinitionWorkspaceMapping definitionMapping in definitionMappings ?? new DefinitionWorkspaceMapping[0])
{
if (definitionMapping.MappingType == DefinitionMappingType.Map)
{
// Check the status.
string localPath = definitionMapping.GetRootedLocalPath(sourcesDirectory);
ITfsVCStatus tfStatus = await tf.StatusAsync(localPath : localPath);
if (tfStatus?.HasPendingChanges ?? false)
{
// Undo.
await tf.UndoAsync(localPath : localPath);
// Cleanup remaining files/directories from pend adds.
tfStatus.AllAdds
.OrderByDescending(x => x.LocalItem) // Sort descending so nested items are deleted before their parent is deleted.
.ToList()
.ForEach(x =>
{
executionContext.Output(StringUtil.Loc("Deleting", x.LocalItem));
IOUtil.Delete(x.LocalItem, cancellationToken);
});
}
}
}
}
// Scorch.
if (clean)
{
// Try to scorch.
try
{
await tf.ScorchAsync();
}
catch (ProcessExitCodeException ex)
{
// Scorch failed.
// Warn, drop the folder, and re-clone.
executionContext.Warning(ex.Message);
existingTFWorkspace = null;
}
}
}
}
// Create a new workspace.
if (existingTFWorkspace == null)
{
// Remove any conflicting workspaces.
await RemoveConflictingWorkspacesAsync(
tf : tf,
tfWorkspaces : tfWorkspaces,
name : workspaceName,
directory : sourcesDirectory);
// Remove any conflicting workspace from a different computer.
// This is primarily a hosted scenario where a registered hosted
// agent can land on a different computer each time.
tfWorkspaces = await tf.WorkspacesAsync(matchWorkspaceNameOnAnyComputer : true);
foreach (ITfsVCWorkspace tfWorkspace in tfWorkspaces ?? new ITfsVCWorkspace[0])
{
await tf.TryWorkspaceDeleteAsync(tfWorkspace);
}
// Recreate the sources directory.
executionContext.Debug($"Deleting: '{sourcesDirectory}'.");
IOUtil.DeleteDirectory(sourcesDirectory, cancellationToken);
Directory.CreateDirectory(sourcesDirectory);
// Create the workspace.
await tf.WorkspaceNewAsync();
// Remove the default mapping.
if (tf.Features.HasFlag(TfsVCFeatures.DefaultWorkfoldMap))
{
await tf.WorkfoldUnmapAsync("$/");
}
// Sort the definition mappings.
definitionMappings =
(definitionMappings ?? new DefinitionWorkspaceMapping[0])
.OrderBy(x => x.NormalizedServerPath?.Length ?? 0) // By server path length.
.ToArray() ?? new DefinitionWorkspaceMapping[0];
// Add the definition mappings to the workspace.
foreach (DefinitionWorkspaceMapping definitionMapping in definitionMappings)
{
switch (definitionMapping.MappingType)
{
case DefinitionMappingType.Cloak:
// Add the cloak.
await tf.WorkfoldCloakAsync(serverPath : definitionMapping.ServerPath);
break;
case DefinitionMappingType.Map:
// Add the mapping.
await tf.WorkfoldMapAsync(
serverPath : definitionMapping.ServerPath,
localPath : definitionMapping.GetRootedLocalPath(sourcesDirectory));
break;
default:
throw new NotSupportedException();
}
}
}
if (tf.Features.HasFlag(TfsVCFeatures.GetFromUnmappedRoot))
{
// Get.
await tf.GetAsync(localPath : sourcesDirectory, quiet : reducedOutput);
}
else
{
// Perform "get" for each map.
foreach (DefinitionWorkspaceMapping definitionMapping in definitionMappings ?? new DefinitionWorkspaceMapping[0])
{
if (definitionMapping.MappingType == DefinitionMappingType.Map)
{
await tf.GetAsync(localPath : definitionMapping.GetRootedLocalPath(sourcesDirectory), quiet : reducedOutput);
}
}
}
// Steps for shelveset/gated.
string shelvesetName = repository.Properties.Get <string>(Pipelines.RepositoryPropertyNames.Shelveset);
if (!string.IsNullOrEmpty(shelvesetName))
{
// Steps for gated.
ITfsVCShelveset tfShelveset = null;
string gatedShelvesetName = executionContext.Variables.GetValueOrDefault("build.gated.shelvesetname")?.Value;
if (!string.IsNullOrEmpty(gatedShelvesetName))
{
// Clean the last-saved-checkin-metadata for existing workspaces.
//
// A better long term fix is to add a switch to "tf unshelve" that completely overwrites
// the last-saved-checkin-metadata, instead of merging associated work items.
//
// The targeted workaround for now is to create a trivial change and "tf shelve /move",
// which will delete the last-saved-checkin-metadata.
if (existingTFWorkspace != null)
{
executionContext.Output("Cleaning last saved checkin metadata.");
// Find a local mapped directory.
string firstLocalDirectory =
(definitionMappings ?? new DefinitionWorkspaceMapping[0])
.Where(x => x.MappingType == DefinitionMappingType.Map)
.Select(x => x.GetRootedLocalPath(sourcesDirectory))
.FirstOrDefault(x => Directory.Exists(x));
if (firstLocalDirectory == null)
{
executionContext.Warning("No mapped folder found. Unable to clean last-saved-checkin-metadata.");
}
else
{
// Create a trival change and "tf shelve /move" to clear the
// last-saved-checkin-metadata.
string cleanName = "__tf_clean_wksp_metadata";
string tempCleanFile = Path.Combine(firstLocalDirectory, cleanName);
try
{
File.WriteAllText(path: tempCleanFile, contents: "clean last-saved-checkin-metadata", encoding: Encoding.UTF8);
await tf.AddAsync(tempCleanFile);
await tf.ShelveAsync(shelveset : cleanName, commentFile : tempCleanFile, move : true);
}
catch (Exception ex)
{
executionContext.Warning($"Unable to clean last-saved-checkin-metadata. {ex.Message}");
try
{
await tf.UndoAsync(tempCleanFile);
}
catch (Exception ex2)
{
executionContext.Warning($"Unable to undo '{tempCleanFile}'. {ex2.Message}");
}
}
finally
{
IOUtil.DeleteFile(tempCleanFile);
}
}
}
// Get the shelveset metadata.
tfShelveset = await tf.ShelvesetsAsync(shelveset : shelvesetName);
// The above command throws if the shelveset is not found,
// so the following assertion should never fail.
ArgUtil.NotNull(tfShelveset, nameof(tfShelveset));
}
// Unshelve.
bool unshelveErrorsAllowed = AgentKnobs.AllowTfvcUnshelveErrors.GetValue(executionContext).AsBoolean();
await tf.UnshelveAsync(shelveset : shelvesetName, unshelveErrorsAllowed);
// Ensure we undo pending changes for shelveset build at the end.
executionContext.SetTaskVariable("UndoShelvesetPendingChanges", bool.TrueString);
if (!string.IsNullOrEmpty(gatedShelvesetName))
{
// Create the comment file for reshelve.
StringBuilder comment = new StringBuilder(tfShelveset.Comment ?? string.Empty);
string runCi = executionContext.Variables.GetValueOrDefault("build.gated.runci")?.Value;
bool gatedRunCi = StringUtil.ConvertToBoolean(runCi, true);
if (!gatedRunCi)
{
if (comment.Length > 0)
{
comment.AppendLine();
}
comment.Append("***NO_CI***");
}
string commentFile = null;
try
{
commentFile = Path.GetTempFileName();
File.WriteAllText(path: commentFile, contents: comment.ToString(), encoding: Encoding.UTF8);
// Reshelve.
await tf.ShelveAsync(shelveset : gatedShelvesetName, commentFile : commentFile, move : false);
}
finally
{
// Cleanup the comment file.
if (File.Exists(commentFile))
{
File.Delete(commentFile);
}
}
}
}
// Cleanup proxy settings.
if (agentProxy != null && !string.IsNullOrEmpty(agentProxy.ProxyAddress) && !agentProxy.WebProxy.IsBypassed(repository.Url))
{
executionContext.Debug($"Remove proxy setting for '{tf.FilePath}' to work through proxy server '{agentProxy.ProxyAddress}'.");
tf.CleanupProxySetting();
}
// Set intra-task variable for post job cleanup
executionContext.SetTaskVariable("repository", repository.Alias);
}
public async Task RunAsync(ActionRunStage stage)
{
// Validate args.
Trace.Entering();
ArgUtil.NotNull(Data, nameof(Data));
ArgUtil.NotNull(ExecutionContext, nameof(ExecutionContext));
ArgUtil.NotNull(Inputs, nameof(Inputs));
ArgUtil.Directory(ActionDirectory, nameof(ActionDirectory));
// Update the env dictionary.
AddInputsToEnvironment();
AddPrependPathToEnvironment();
// expose context to environment
foreach (var context in ExecutionContext.ExpressionValues)
{
if (context.Value is IEnvironmentContextData runtimeContext && runtimeContext != null)
{
foreach (var env in runtimeContext.GetRuntimeEnvironmentVariables())
{
Environment[env.Key] = env.Value;
}
}
}
// Add Actions Runtime server info
var systemConnection = ExecutionContext.Global.Endpoints.Single(x => string.Equals(x.Name, WellKnownServiceEndpointNames.SystemVssConnection, StringComparison.OrdinalIgnoreCase));
Environment["ACTIONS_RUNTIME_URL"] = systemConnection.Url.AbsoluteUri;
Environment["ACTIONS_RUNTIME_TOKEN"] = systemConnection.Authorization.Parameters[EndpointAuthorizationParameters.AccessToken];
if (systemConnection.Data.TryGetValue("CacheServerUrl", out var cacheUrl) && !string.IsNullOrEmpty(cacheUrl))
{
Environment["ACTIONS_CACHE_URL"] = cacheUrl;
}
// Resolve the target script.
string target = null;
if (stage == ActionRunStage.Main)
{
target = Data.Script;
}
else if (stage == ActionRunStage.Pre)
{
target = Data.Pre;
}
else if (stage == ActionRunStage.Post)
{
target = Data.Post;
}
ArgUtil.NotNullOrEmpty(target, nameof(target));
target = Path.Combine(ActionDirectory, target);
ArgUtil.File(target, nameof(target));
// Resolve the working directory.
string workingDirectory = ExecutionContext.GetGitHubContext("workspace");
if (string.IsNullOrEmpty(workingDirectory))
{
workingDirectory = HostContext.GetDirectory(WellKnownDirectory.Work);
}
var nodeRuntimeVersion = await StepHost.DetermineNodeRuntimeVersion(ExecutionContext);
string file = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Externals), nodeRuntimeVersion, "bin", $"node{IOUtil.ExeExtension}");
if (System.Environment.GetEnvironmentVariable("K8S_POD_NAME") != null)
{
file = Path.Combine(Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Work), "__externals_copy"), nodeRuntimeVersion, "bin", $"node{IOUtil.ExeExtension}");
}
// Format the arguments passed to node.
// 1) Wrap the script file path in double quotes.
// 2) Escape double quotes within the script file path. Double-quote is a valid
// file name character on Linux.
string arguments = StepHost.ResolvePathForStepHost(StringUtil.Format(@"""{0}""", target.Replace(@"""", @"\""")));
#if OS_WINDOWS
// It appears that node.exe outputs UTF8 when not in TTY mode.
Encoding outputEncoding = Encoding.UTF8;
#else
// Let .NET choose the default.
Encoding outputEncoding = null;
#endif
using (var stdoutManager = new OutputManager(ExecutionContext, ActionCommandManager))
using (var stderrManager = new OutputManager(ExecutionContext, ActionCommandManager))
{
StepHost.OutputDataReceived += stdoutManager.OnDataReceived;
StepHost.ErrorDataReceived += stderrManager.OnDataReceived;
// Execute the process. Exit code 0 should always be returned.
// A non-zero exit code indicates infrastructural failure.
// Task failure should be communicated over STDOUT using ## commands.
Task <int> step = StepHost.ExecuteAsync(workingDirectory: StepHost.ResolvePathForStepHost(workingDirectory),
fileName: StepHost.ResolvePathForStepHost(file),
arguments: arguments,
environment: Environment,
requireExitCodeZero: false,
outputEncoding: outputEncoding,
killProcessOnCancel: false,
inheritConsoleHandler: !ExecutionContext.Global.Variables.Retain_Default_Encoding,
cancellationToken: ExecutionContext.CancellationToken);
// Wait for either the node exit or force finish through ##vso command
await System.Threading.Tasks.Task.WhenAny(step, ExecutionContext.ForceCompleted);
if (ExecutionContext.ForceCompleted.IsCompleted)
{
ExecutionContext.Debug("The task was marked as \"done\", but the process has not closed after 5 seconds. Treating the task as complete.");
}
else
{
var exitCode = await step;
ExecutionContext.Debug($"Node Action run completed with exit code {exitCode}");
if (exitCode != 0)
{
ExecutionContext.Result = TaskResult.Failed;
}
}
}
}
