public async Task BasicRepoBuild() { var envVars = Environment.GetEnvironmentVariables(); using (var builder = new TestRepoBuilder(nameof(BasicRepoBuild), _commonRepoResourcesFixture.CommonResources)) { await builder.AddDefaultRepoSetupAsync(); builder.AddProject(ProjectCreator .Create() .PropertyGroup() .Property("AllowEmptySignList", "true"), "eng/Signing.props"); // Create a simple project builder.AddProject(ProjectCreator .Templates .SdkCsproj( targetFramework: "net6.0", outputType: "Exe") .PropertyGroup() .Property("IsPackable", "true"), "./src/FooPackage/FooPackage.csproj"); await builder.AddSimpleCSFile("src/FooPackage/Program.cs"); builder.Build( TestRepoUtils.BuildArg("configuration"), "Release", TestRepoUtils.BuildArg("restore"), TestRepoUtils.BuildArg("sign"), TestRepoUtils.BuildArg("projects"), Path.Combine(builder.TestRepoRoot, "src/FooPackage/FooPackage.csproj")) .Should().NotThrow(); } }
public async Task BuildShouldUseDotNetCertifcateIfSet(bool?useDotNetCert) { var envVars = Environment.GetEnvironmentVariables(); using (var builder = new TestRepoBuilder(nameof(BuildShouldUseDotNetCertifcateIfSet), _commonRepoResourcesFixture.CommonResources)) { await builder.AddDefaultRepoSetupAsync(); // Always put in the AllowEmptySignList var signingProps = ProjectCreator.Create().PropertyGroup(); signingProps.Property("AllowEmptySignList", "true"); if (useDotNetCert.HasValue) { signingProps.Property("UseDotNetCertificate", useDotNetCert.Value.ToString()); } // Clear out ItemsToSignPostBuild signingProps.ItemGroup() .ItemRemove("ItemsToSignPostBuild", "@(ItemsToSignPostBuild)"); builder.AddProject(signingProps, "eng/Signing.props"); // Create a simple project builder.AddProject(ProjectCreator .Templates .SdkCsproj( targetFramework: "net6.0", outputType: "Exe") .PropertyGroup() .Property("IsPackable", "true") .Property("EnableSourceLink", "false"), "./src/FooPackage/FooPackage.csproj"); await builder.AddSimpleCSFile("src/FooPackage/Program.cs"); builder.Build( TestRepoUtils.BuildArg("configuration"), "Release", TestRepoUtils.BuildArg("restore"), TestRepoUtils.BuildArg("pack"), TestRepoUtils.BuildArg("publish"), TestRepoUtils.BuildArg("sign"), TestRepoUtils.BuildArg("projects"), Path.Combine(builder.TestRepoRoot, "src/FooPackage/FooPackage.csproj"), "/p:AutoGenerateSymbolPackages=false") .Should().NotThrow(); // Now, go find the Round0 signing project and ensure that the certificate names were set properly. // The arcade default for an exe is Microsoft400 string round0FilePath = Path.Combine(builder.TestRepoRoot, "artifacts", "tmp", "Release", "Signing", "Round0.proj"); string round0ProjectText = File.ReadAllText(round0FilePath); string expectedCert = useDotNetCert.GetValueOrDefault() ? DotNetCertificate : MicrosoftCertificate; Regex authenticodeRegex = new Regex("<Authenticode>(.*)</Authenticode>"); var matches = authenticodeRegex.Matches(round0ProjectText); matches.Count.Should().Be(1); matches[0].Groups[1].Value.Should().Be(expectedCert); } }
public async Task BuildShouldNotChangeNonMicrosoft400CertsWhenPostBuildSigning() { var envVars = Environment.GetEnvironmentVariables(); using (var builder = new TestRepoBuilder(nameof(BuildShouldNotChangeNonMicrosoft400CertsWhenSigning), _commonRepoResourcesFixture.CommonResources)) { await builder.AddDefaultRepoSetupAsync(); // Always put in the AllowEmptySignList var signingProps = ProjectCreator.Create().PropertyGroup(); signingProps.Property("AllowEmptySignList", "true"); signingProps.Property("UseDotNetCertificate", "true"); // Update the .exe extension with a new cert. const string certOverride = "Microsoft401"; signingProps.ItemGroup() .ItemUpdate("StrongNameSignInfo", update: "MsSharedLib72", metadata: new Dictionary <string, string> { { "PublicKeyToken", "31bf3856ad364e35" }, { "CertificateName", certOverride } }); builder.AddProject(signingProps, "eng/Signing.props"); // Create a simple project builder.AddProject(ProjectCreator .Templates .SdkCsproj( targetFramework: "net6.0", outputType: "Exe") .PropertyGroup() .Property("IsPackable", "true") .Property("EnableSourceLink", "false"), "./src/FooPackage/FooPackage.csproj"); await builder.AddSimpleCSFile("src/FooPackage/Program.cs"); builder.Build( TestRepoUtils.BuildArg("configuration"), "Release", TestRepoUtils.BuildArg("restore"), TestRepoUtils.BuildArg("pack"), TestRepoUtils.BuildArg("publish"), TestRepoUtils.BuildArg("sign"), TestRepoUtils.BuildArg("projects"), Path.Combine(builder.TestRepoRoot, "src/FooPackage/FooPackage.csproj"), "/p:AutoGenerateSymbolPackages=false", "/p:PostBuildSign=true", "/p:DotNetPublishUsingPipelines=true") .Should().NotThrow(); string assetManifestText = GetAssetManifest(builder); // Should find Microsoft401, MicrosoftDotNet500, but not Microsoft400 assetManifestText.IndexOf(DotNetCertificate).Should().NotBe(-1); assetManifestText.IndexOf(certOverride).Should().NotBe(-1); assetManifestText.IndexOf(MicrosoftCertificate).Should().Be(-1); } }
public async Task BuildShouldUseDotNetCertifcateIfSetWithPostBuildSigning(bool?useDotNetCert) { var envVars = Environment.GetEnvironmentVariables(); using (var builder = new TestRepoBuilder(nameof(BuildShouldUseDotNetCertifcateIfSet), _commonRepoResourcesFixture.CommonResources)) { await builder.AddDefaultRepoSetupAsync(); // Always put in the AllowEmptySignList var signingProps = ProjectCreator.Create().PropertyGroup(); signingProps.Property("AllowEmptySignList", "true"); if (useDotNetCert.HasValue) { signingProps.Property("UseDotNetCertificate", useDotNetCert.Value.ToString()); } builder.AddProject(signingProps, "eng/Signing.props"); // Create a simple project builder.AddProject(ProjectCreator .Templates .SdkCsproj( targetFramework: "net6.0", outputType: "Exe") .PropertyGroup() .Property("IsPackable", "true") .Property("EnableSourceLink", "false"), "./src/FooPackage/FooPackage.csproj"); await builder.AddSimpleCSFile("src/FooPackage/Program.cs"); builder.Build( TestRepoUtils.BuildArg("configuration"), "Release", TestRepoUtils.BuildArg("restore"), TestRepoUtils.BuildArg("pack"), TestRepoUtils.BuildArg("publish"), TestRepoUtils.BuildArg("sign"), TestRepoUtils.BuildArg("projects"), Path.Combine(builder.TestRepoRoot, "src/FooPackage/FooPackage.csproj"), "/p:AutoGenerateSymbolPackages=false", "/p:PostBuildSign=true", "/p:DotNetPublishUsingPipelines=true") .Should().NotThrow(); string assetManifestText = GetAssetManifest(builder); string expectedCert = useDotNetCert.GetValueOrDefault() ? DotNetCertificate : MicrosoftCertificate; string unexpectedCert = useDotNetCert.GetValueOrDefault() ? MicrosoftCertificate : DotNetCertificate; // Ensure that we see the expected cert. assetManifestText.IndexOf(unexpectedCert).Should().Be(-1); assetManifestText.IndexOf(expectedCert).Should().NotBe(-1); } }
public async Task BuildShouldErrorIfNoItemsToSignAndNonEmptySignPostBuildList(bool propertyIsSet) { var envVars = Environment.GetEnvironmentVariables(); using (var builder = new TestRepoBuilder(nameof(BuildShouldErrorIfNoItemsToSignAndNonEmptySignPostBuildList), _commonRepoResourcesFixture.CommonResources)) { await builder.AddDefaultRepoSetupAsync(); // Always put in the AllowEmptySignList var signingProps = ProjectCreator.Create().PropertyGroup(); signingProps.Property("AllowEmptySignList", "true"); if (propertyIsSet) { signingProps.Property("AllowEmptySignPostBuildList", "false"); } // Clear out ItemsToSignPostBuild signingProps.ItemGroup() .ItemRemove("ItemsToSignPostBuild", "@(ItemsToSignPostBuild)"); builder.AddProject(signingProps, "eng/Signing.props"); // Create a simple project builder.AddProject(ProjectCreator .Templates .SdkCsproj( targetFramework: "net6.0", outputType: "Exe") .PropertyGroup() .Property("IsPackable", "true") .Property("EnableSourceLink", "false"), "./src/FooPackage/FooPackage.csproj"); await builder.AddSimpleCSFile("src/FooPackage/Program.cs"); builder.Build( TestRepoUtils.BuildArg("configuration"), "Release", TestRepoUtils.BuildArg("restore"), TestRepoUtils.BuildArg("pack"), TestRepoUtils.BuildArg("publish"), TestRepoUtils.BuildArg("sign"), TestRepoUtils.BuildArg("projects"), Path.Combine(builder.TestRepoRoot, "src/FooPackage/FooPackage.csproj"), "/p:AutoGenerateSymbolPackages=false", "/p:PostBuildSign=true") .Should().Throw <Exception>($"build of repo {builder.TestRepoRoot} is post build signed") .WithMessage("*error : List of files to sign post-build is empty. Make sure that ItemsToSignPostBuild is configured correctly.*"); } }
public async Task BuildShouldErrorIfNoItemsToSignAndNonEmptySignList(bool propertyIsSet) { var envVars = Environment.GetEnvironmentVariables(); using (var builder = new TestRepoBuilder(nameof(BuildShouldErrorIfNoItemsToSignAndNonEmptySignList), _commonRepoResourcesFixture.CommonResources)) { await builder.AddDefaultRepoSetupAsync(); if (propertyIsSet) { builder.AddProject(ProjectCreator .Create() .PropertyGroup() .Property("AllowEmptySignList", "false"), "eng/Signing.props"); } // Create a simple project builder.AddProject(ProjectCreator .Templates .SdkCsproj( targetFramework: "net6.0", outputType: "Exe") .PropertyGroup() .Property("IsPackable", "true"), "./src/FooPackage/FooPackage.csproj"); await builder.AddSimpleCSFile("src/FooPackage/Program.cs"); builder.Build( TestRepoUtils.BuildArg("configuration"), "Release", TestRepoUtils.BuildArg("restore"), TestRepoUtils.BuildArg("sign"), TestRepoUtils.BuildArg("projects"), Path.Combine(builder.TestRepoRoot, "src/FooPackage/FooPackage.csproj")) .Should().Throw <Exception>().WithMessage("*error : List of files to sign is empty. Make sure that ItemsToSign is configured correctly*"); } }
public async Task BuildShouldNotChangeNonMicrosoft400CertsWhenSigning() { var envVars = Environment.GetEnvironmentVariables(); using (var builder = new TestRepoBuilder(nameof(BuildShouldNotChangeNonMicrosoft400CertsWhenSigning), _commonRepoResourcesFixture.CommonResources)) { await builder.AddDefaultRepoSetupAsync(); // Always put in the AllowEmptySignList var signingProps = ProjectCreator.Create().PropertyGroup(); signingProps.Property("AllowEmptySignList", "true"); // Clear out ItemsToSignPostBuild signingProps.ItemGroup() .ItemRemove("ItemsToSignPostBuild", "@(ItemsToSignPostBuild)"); // Update the .exe extension with a new cert. // <StrongNameSignInfo Include="MsSharedLib72" PublicKeyToken="31bf3856ad364e35" CertificateName="Microsoft400" /> const string certOverride = "Microsoft401"; signingProps.ItemGroup() .ItemUpdate("StrongNameSignInfo", update: "MsSharedLib72", metadata: new Dictionary <string, string> { { "PublicKeyToken", "31bf3856ad364e35" }, { "CertificateName", certOverride } }); builder.AddProject(signingProps, "eng/Signing.props"); // Create a simple project builder.AddProject(ProjectCreator .Templates .SdkCsproj( targetFramework: "net6.0", outputType: "Exe") .PropertyGroup() .Property("IsPackable", "true") .Property("EnableSourceLink", "false"), "./src/FooPackage/FooPackage.csproj"); await builder.AddSimpleCSFile("src/FooPackage/Program.cs"); builder.Build( TestRepoUtils.BuildArg("configuration"), "Release", TestRepoUtils.BuildArg("restore"), TestRepoUtils.BuildArg("pack"), TestRepoUtils.BuildArg("publish"), TestRepoUtils.BuildArg("sign"), TestRepoUtils.BuildArg("projects"), Path.Combine(builder.TestRepoRoot, "src/FooPackage/FooPackage.csproj"), "/p:AutoGenerateSymbolPackages=false") .Should().NotThrow(); // Now, go find the Round0 signing project and ensure that the certificate names were set properly. // The arcade default for an exe is Microsoft400 string round0FilePath = Path.Combine(builder.TestRepoRoot, "artifacts", "tmp", "Release", "Signing", "Round0.proj"); string round0ProjectText = File.ReadAllText(round0FilePath); Regex authenticodeRegex = new Regex("<Authenticode>(.*)</Authenticode>"); var matches = authenticodeRegex.Matches(round0ProjectText); matches.Count.Should().Be(1); matches[0].Groups[1].Value.Should().Be(certOverride); } }