public void ApplySettings(IActivityMonitor m)
{
if (!_f.EnsureDirectory(m))
{
return;
}
var s = _driver.GetSolution(m, allowInvalidSolution: true);
if (s == null)
{
return;
}
if (_driver.BuildRequiredSecrets.Count == 0)
{
m.Warn("No build secrets collected for this solution. Skipping KeyVault configuration.");
return;
}
var passPhrase = _secretStore.GetSecretKey(m, SolutionDriver.CODECAKEBUILDER_SECRET_KEY, true);
// Opens the actual current vault: if more secrets are defined we keep them.
Dictionary <string, string> current = KeyVault.DecryptValues(TextContent, passPhrase);
current.Clear();
// The central CICDKeyVault is protected with the same CODECAKEBUILDER_SECRET_KEY secret.
Dictionary <string, string> centralized = KeyVault.DecryptValues(_sharedState.CICDKeyVault, passPhrase);
bool complete = true;
foreach (var name in _driver.BuildRequiredSecrets.Select(x => x.SecretKeyName))
{
if (!centralized.TryGetValue(name, out var secret))
{
m.Error($"Missing required build secret '{name}' in central CICDKeyVault. It must be added.");
complete = false;
}
else
{
current[name] = secret;
}
}
if (complete)
{
Updating?.Invoke(this, new CodeCakeBuilderKeyVaultUpdatingArgs(m, _solutionSpec, s, current));
string result = KeyVault.EncryptValuesToString(current, passPhrase);
CreateOrUpdate(m, result);
}
}
public string ResolveSecret(IActivityMonitor m, bool throwOnEmpty = false)
{
return(_keyStore.GetSecretKey(m, SecretKeyName, throwOnEmpty));
}
public void ApplySettings(IActivityMonitor m)
{
if (!this.CheckCurrentBranch(m))
{
return;
}
YamlMapping firstMapping = GetFirstMapping(m, true);
if (firstMapping == null)
{
return;
}
var solution = _driver.GetSolution(m, allowInvalidSolution: true);
if (solution == null)
{
return;
}
// We don't use AppVeyor for private repositories.
if (!GitFolder.IsPublic)
{
if (TextContent != null)
{
m.Log(LogLevel.Info, "The project is private, so we don't use Appveyor and the Appveyor.yml is not needed.");
Delete(m);
}
return;
}
// We currently always use AppVeyor when the repository is public.
YamlMapping env = FindOrCreateYamlElement(m, firstMapping, "environment");
if (env == null)
{
return;
}
var passphrase = _keyStore.GetSecretKey(m, SolutionDriver.CODECAKEBUILDER_SECRET_KEY, false);
if (passphrase != null)
{
var central = KeyVault.DecryptValues(_sharedState.CICDKeyVault, passphrase);
if (central.TryGetValue(APPVEYOR_ENCRYPTED_CODECAKEBUILDER_SECRET_KEY, out var appveyorSecure))
{
env[SolutionDriver.CODECAKEBUILDER_SECRET_KEY] = CreateKeyValue("secure", appveyorSecure);
}
else
{
m.Warn($"Update of {SolutionDriver.CODECAKEBUILDER_SECRET_KEY} encrypted secure key has been skipped: {APPVEYOR_ENCRYPTED_CODECAKEBUILDER_SECRET_KEY} key should be defined in CICDKeyVault.");
}
}
else
{
m.Info($"Update of {SolutionDriver.CODECAKEBUILDER_SECRET_KEY} encrypted secure skipped.");
}
// Remove obsolete environment variables definitions.
env.Remove("NUGET_API_KEY");
env.Remove("MYGET_RELEASE_API_KEY");
env.Remove("MYGET_PREVIEW_API_KEY");
env.Remove("MYGET_CI_API_KEY");
env.Remove("CK_DB_TEST_MASTER_CONNECTION_STRING");
env.Remove("AZURE_FEED_SIGNATURE_OPENSOURCE_PAT");
env.Remove("AZURE_FEED_PAT");
env.Remove("VSS_NUGET_EXTERNAL_FEED_ENDPOINTS");
if (_solutionSpec.SqlServer != null)
{
env["SqlServer/MasterConnectionString"] = new YamlValue($"Server=(local)\\SQL{_solutionSpec.SqlServer.ToUpperInvariant()};Database=master;User ID=sa;Password=Password12!");
}
//
firstMapping.Remove(new YamlValue("init"));
if (_solutionSpec.SqlServer != null)
{
firstMapping["services"] = new YamlValue("mssql" + _solutionSpec.SqlServer.ToLowerInvariant());
}
var install = new YamlSequence();
// Temporary: installs the 6.9.0 of npm.
if (solution.GeneratedArtifacts.Any(g => g.Artifact.Type.Name == "NPM"))
{
install.Add(CreateKeyValue("cmd", "npm install -g [email protected]"));
install.Add(CreateKeyValue("ps", "Install-Product node 12"));
}
firstMapping["install"] = install;
firstMapping["version"] = new YamlValue("build{build}");
firstMapping["image"] = new YamlValue("Visual Studio 2019");
firstMapping["clone_folder"] = new YamlValue("C:\\CKli-World\\" + GitFolder.SubPath.Path.Replace('/', '\\'));
EnsureDefaultBranches(firstMapping);
SetSequence(firstMapping, "build_script", new YamlValue("dotnet run --project CodeCakeBuilder -nointeraction"));
firstMapping["test"] = new YamlValue("off");
firstMapping["artifacts"] = new YamlSequence()
{
new YamlMapping()
{
["path"] = new YamlValue(@"'**\*.log'"),
["name"] = new YamlValue("Log file")
},
new YamlMapping()
{
["path"] = new YamlValue(@"'**\*.trx'"),
["name"] = new YamlValue("Visual studio test results file")
},
new YamlMapping()
{
["path"] = new YamlValue(@"'**\Tests\**\TestResult*.xml'"),
["name"] = new YamlValue("NUnit tests result files")
},
new YamlMapping()
{
["path"] = new YamlValue(@"'**Tests\**\Logs\**\*'"),
["name"] = new YamlValue("Log files")
}
};
CreateOrUpdate(m, YamlMappingToString(m));
}
public void ApplySettings(IActivityMonitor m)
{
if (!this.CheckCurrentBranch(m))
{
return;
}
var solution = _solutionDriver.GetSolution(m, allowInvalidSolution: true);
if (solution == null)
{
return;
}
EnsureDocument();
PackageSources.EnsureFirstElement("clear");
foreach (var s in solution.ArtifactSources.OfType <INuGetFeed>())
{
EnsureFeed(m, s.Name, s.Url);
if (s.Credentials != null)
{
string password = s.Credentials.IsSecretKeyName
? _secretStore.GetSecretKey(m, s.Credentials.PasswordOrSecretKeyName, throwOnUnavailable: false)
: s.Credentials.PasswordOrSecretKeyName;
if (password != null)
{
EnsureFeedCredentials(m, s.Name, s.Credentials.UserName, password);
}
else
{
if (s.Credentials.IsSecretKeyName)
{
m.Warn($"Secret '{s.Credentials.PasswordOrSecretKeyName}' is not known. Configuration for feed '{s.Name}' skipped.");
}
else
{
m.Warn($"Empty feed password. Configuration for feed '{s.Name}' skipped.");
}
}
}
else
{
DeleteFeedCredentials(m, s.Name);
}
}
var packages = EnsureDocument().Root.Element("packageSourceCredentials");
if (!packages?.Nodes().Any() ?? false)
{
packages.Remove();
}
foreach (var name in _solutionSpec.RemoveNuGetSourceNames)
{
RemoveFeed(m, name, withCredentials: true);
}
// Cleanup if ever needed.
RemoveFeed(m, "ZeroBuild-Feed");
if (IsOnLocalBranch)
{
EnsureLocalFeeds(m);
}
else
{
RemoveLocalFeeds(m);
}
Save(m);
}
void DoApplySettings(IActivityMonitor m, NormalizedPath f)
{
var s = _solutionDriver.GetSolution(m, allowInvalidSolution: true);
if (s == null)
{
return;
}
string text = GitFolder.FileSystem.GetFileInfo(f).AsTextFileInfo(ignoreExtension: true)?.TextContent ?? String.Empty;
List <Line> lines = _rLine.Matches(text)
.Cast <Match>()
.Select(l => l.Groups[2].Length > 0
? new Line(l.Groups[1].Value, l.Groups[2].Value)
: new Line(l.Value))
.ToList();
lines.RemoveAll(p => p.FullKey == "scope"); //remove all keyvalues scopes.
foreach (var p in s.ArtifactSources.OfType <INPMFeed>())
{
if (p.Url.StartsWith("file:"))
{
m.Info("Npm does not support file repository. Skipping.");
continue;
}
EnsureLine(lines, p.Scope, "registry", p.Url);
// Scope doesn't carry auth info:
lines.RemoveAll(line => line.FullKey == p.Scope + ":username");
lines.RemoveAll(line => line.FullKey == p.Scope + ":always-auth");
lines.RemoveAll(line => line.FullKey == p.Scope + ":_password");
Uri uri = new Uri(p.Url);
if (uri.Scheme != Uri.UriSchemeHttp && uri.Scheme != Uri.UriSchemeHttps)
{
throw new Exception($"NPM registry url must start with 'https://': {p.Url}");
}
// Auth is carried by registry url (from which 'http(s):' prefix is removed).
var scopeUrl = p.Url.Substring("https:".Length);
if (p.Credentials != null)
{
EnsureLine(lines, scopeUrl, "username", p.Credentials.UserName);
EnsureLine(lines, scopeUrl, "always-auth", "true");
string password = p.Credentials.IsSecretKeyName
? _secretStore.GetSecretKey(m, p.Credentials.PasswordOrSecretKeyName, false)
: p.Credentials.PasswordOrSecretKeyName;
if (password == null)
{
if (p.Credentials.IsSecretKeyName)
{
m.Warn($"Secret '{p.Credentials.PasswordOrSecretKeyName}' is not known. Configuration for feed '{s.Name}' skipped.");
}
else
{
m.Warn($"Empty feed password. Configuration for feed '{s.Name}' skipped.");
}
continue;
}
if (p.Url.IndexOf("dev.azure.com", StringComparison.OrdinalIgnoreCase) >= 0)
{
password = Convert.ToBase64String(Encoding.UTF8.GetBytes(password));
}
EnsureLine(lines, scopeUrl, "_password", password);
}
else
{
// Cleanup any auth info.
lines.RemoveAll(line => line.FullKey == scopeUrl + ":username");
lines.RemoveAll(line => line.FullKey == scopeUrl + ":always-auth");
lines.RemoveAll(line => line.FullKey == scopeUrl + ":_password");
}
}
;
EnsureLine(lines, "git-tag-version", "false");
lines.RemoveAll(line => line.Scope != null && _solutionSpec.RemoveNPMScopeNames.Contains(line.Scope));
GitFolder.FileSystem.CopyTo(m, lines.Select(l => l.ToString()).Concatenate("\r\n"), f);
}