public IHandler Create(
IExecutionContext executionContext,
Pipelines.ActionStepDefinitionReference action,
IStepHost stepHost,
ActionExecutionData data,
Dictionary <string, string> inputs,
Dictionary <string, string> environment,
Variables runtimeVariables,
string actionDirectory)
{
// Validate args.
Trace.Entering();
ArgUtil.NotNull(executionContext, nameof(executionContext));
ArgUtil.NotNull(stepHost, nameof(stepHost));
ArgUtil.NotNull(data, nameof(data));
ArgUtil.NotNull(inputs, nameof(inputs));
ArgUtil.NotNull(environment, nameof(environment));
ArgUtil.NotNull(runtimeVariables, nameof(runtimeVariables));
// Create the handler.
IHandler handler;
if (data.ExecutionType == ActionExecutionType.Container)
{
handler = HostContext.CreateService <IContainerActionHandler>();
(handler as IContainerActionHandler).Data = data as ContainerActionExecutionData;
}
else if (data.ExecutionType == ActionExecutionType.NodeJS)
{
handler = HostContext.CreateService <INodeScriptActionHandler>();
(handler as INodeScriptActionHandler).Data = data as NodeJSActionExecutionData;
}
else if (data.ExecutionType == ActionExecutionType.Script)
{
handler = HostContext.CreateService <IScriptHandler>();
(handler as IScriptHandler).Data = data as ScriptActionExecutionData;
}
else if (data.ExecutionType == ActionExecutionType.Plugin)
{
// Runner plugin
handler = HostContext.CreateService <IRunnerPluginHandler>();
(handler as IRunnerPluginHandler).Data = data as PluginActionExecutionData;
}
else
{
// This should never happen.
throw new NotSupportedException(data.ExecutionType.ToString());
}
handler.Action = action;
handler.Environment = environment;
handler.RuntimeVariables = runtimeVariables;
handler.ExecutionContext = executionContext;
handler.StepHost = stepHost;
handler.Inputs = inputs;
handler.ActionDirectory = actionDirectory;
return(handler);
}
public async Task RunAsync()
{
// Validate args.
Trace.Entering();
ArgUtil.NotNull(ExecutionContext, nameof(ExecutionContext));
ArgUtil.NotNull(ExecutionContext.Variables, nameof(ExecutionContext.Variables));
ArgUtil.NotNull(Task, nameof(Task));
var taskManager = HostContext.GetService <ITaskManager>();
var handlerFactory = HostContext.GetService <IHandlerFactory>();
// Set the task id and display name variable.
ExecutionContext.Variables.Set(Constants.Variables.Task.DisplayName, DisplayName);
ExecutionContext.Variables.Set(WellKnownDistributedTaskVariables.TaskInstanceId, Task.Id.ToString("D"));
ExecutionContext.Variables.Set(WellKnownDistributedTaskVariables.TaskDisplayName, DisplayName);
ExecutionContext.Variables.Set(WellKnownDistributedTaskVariables.TaskInstanceName, Task.Name);
// Load the task definition and choose the handler.
// TODO: Add a try catch here to give a better error message.
Definition definition = taskManager.Load(Task);
ArgUtil.NotNull(definition, nameof(definition));
// Print out task metadata
PrintTaskMetaData(definition);
ExecutionData currentExecution = null;
switch (Stage)
{
case JobRunStage.PreJob:
currentExecution = definition.Data?.PreJobExecution;
break;
case JobRunStage.Main:
currentExecution = definition.Data?.Execution;
break;
case JobRunStage.PostJob:
currentExecution = definition.Data?.PostJobExecution;
break;
}
;
if ((currentExecution?.All.Any(x => x is PowerShell3HandlerData)).Value &&
(currentExecution?.All.Any(x => x is PowerShellHandlerData && x.Platforms != null && x.Platforms.Contains("windows", StringComparer.OrdinalIgnoreCase))).Value)
{
// When task contains both PS and PS3 implementations, we will always prefer PS3 over PS regardless of the platform pinning.
Trace.Info("Ignore platform pinning for legacy PowerShell execution handler.");
var legacyPShandler = currentExecution?.All.Where(x => x is PowerShellHandlerData).FirstOrDefault();
legacyPShandler.Platforms = null;
}
HandlerData handlerData =
currentExecution?.All
.OrderBy(x => !x.PreferredOnCurrentPlatform()) // Sort true to false.
.ThenBy(x => x.Priority)
.FirstOrDefault();
if (handlerData == null)
{
#if OS_WINDOWS
throw new Exception(StringUtil.Loc("SupportedTaskHandlerNotFoundWindows", $"{Constants.Agent.Platform}({Constants.Agent.PlatformArchitecture})"));
#else
throw new Exception(StringUtil.Loc("SupportedTaskHandlerNotFoundLinux"));
#endif
}
Variables runtimeVariables = ExecutionContext.Variables;
IStepHost stepHost = HostContext.CreateService <IDefaultStepHost>();
// Setup container stephost and the right runtime variables for running job inside container.
if (ExecutionContext.Container != null)
{
if (handlerData is AgentPluginHandlerData)
{
// plugin handler always runs on the Host, the rumtime variables needs to the variable works on the Host, ex: file path variable System.DefaultWorkingDirectory
Dictionary <string, VariableValue> variableCopy = new Dictionary <string, VariableValue>(StringComparer.OrdinalIgnoreCase);
foreach (var publicVar in ExecutionContext.Variables.Public)
{
variableCopy[publicVar.Key] = new VariableValue(ExecutionContext.Container.TranslateToHostPath(publicVar.Value));
}
foreach (var secretVar in ExecutionContext.Variables.Private)
{
variableCopy[secretVar.Key] = new VariableValue(ExecutionContext.Container.TranslateToHostPath(secretVar.Value), true);
}
List <string> expansionWarnings;
runtimeVariables = new Variables(HostContext, variableCopy, out expansionWarnings);
expansionWarnings?.ForEach(x => ExecutionContext.Warning(x));
}
else if (handlerData is NodeHandlerData || handlerData is Node10HandlerData || handlerData is PowerShell3HandlerData)
{
// Only the node, node10, and powershell3 handlers support running inside container.
// Make sure required container is already created.
ArgUtil.NotNullOrEmpty(ExecutionContext.Container.ContainerId, nameof(ExecutionContext.Container.ContainerId));
var containerStepHost = HostContext.CreateService <IContainerStepHost>();
containerStepHost.Container = ExecutionContext.Container;
stepHost = containerStepHost;
}
else
{
throw new NotSupportedException(String.Format("Task '{0}' is using legacy execution handler '{1}' which is not supported in container execution flow.", definition.Data.FriendlyName, handlerData.GetType().ToString()));
}
}
// Load the default input values from the definition.
Trace.Verbose("Loading default inputs.");
var inputs = new Dictionary <string, string>(StringComparer.OrdinalIgnoreCase);
foreach (var input in (definition.Data?.Inputs ?? new TaskInputDefinition[0]))
{
string key = input?.Name?.Trim() ?? string.Empty;
if (!string.IsNullOrEmpty(key))
{
inputs[key] = input.DefaultValue?.Trim() ?? string.Empty;
}
}
// Merge the instance inputs.
Trace.Verbose("Loading instance inputs.");
foreach (var input in (Task.Inputs as IEnumerable <KeyValuePair <string, string> > ?? new KeyValuePair <string, string> [0]))
{
string key = input.Key?.Trim() ?? string.Empty;
if (!string.IsNullOrEmpty(key))
{
inputs[key] = input.Value?.Trim() ?? string.Empty;
}
}
// Expand the inputs.
Trace.Verbose("Expanding inputs.");
runtimeVariables.ExpandValues(target: inputs);
VarUtil.ExpandEnvironmentVariables(HostContext, target: inputs);
// Translate the server file path inputs to local paths.
foreach (var input in definition.Data?.Inputs ?? new TaskInputDefinition[0])
{
if (string.Equals(input.InputType, TaskInputType.FilePath, StringComparison.OrdinalIgnoreCase))
{
Trace.Verbose($"Translating file path input '{input.Name}': '{inputs[input.Name]}'");
inputs[input.Name] = stepHost.ResolvePathForStepHost(TranslateFilePathInput(inputs[input.Name] ?? string.Empty));
Trace.Verbose($"Translated file path input '{input.Name}': '{inputs[input.Name]}'");
}
}
// Load the task environment.
Trace.Verbose("Loading task environment.");
var environment = new Dictionary <string, string>(VarUtil.EnvironmentVariableKeyComparer);
foreach (var env in (Task.Environment ?? new Dictionary <string, string>(0)))
{
string key = env.Key?.Trim() ?? string.Empty;
if (!string.IsNullOrEmpty(key))
{
environment[key] = env.Value?.Trim() ?? string.Empty;
}
}
// Expand the inputs.
Trace.Verbose("Expanding task environment.");
runtimeVariables.ExpandValues(target: environment);
VarUtil.ExpandEnvironmentVariables(HostContext, target: environment);
// Expand the handler inputs.
Trace.Verbose("Expanding handler inputs.");
VarUtil.ExpandValues(HostContext, source: inputs, target: handlerData.Inputs);
runtimeVariables.ExpandValues(target: handlerData.Inputs);
// Get each endpoint ID referenced by the task.
var endpointIds = new List <Guid>();
foreach (var input in definition.Data?.Inputs ?? new TaskInputDefinition[0])
{
if ((input.InputType ?? string.Empty).StartsWith("connectedService:", StringComparison.OrdinalIgnoreCase))
{
string inputKey = input?.Name?.Trim() ?? string.Empty;
string inputValue;
if (!string.IsNullOrEmpty(inputKey) &&
inputs.TryGetValue(inputKey, out inputValue) &&
!string.IsNullOrEmpty(inputValue))
{
foreach (string rawId in inputValue.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries))
{
Guid parsedId;
if (Guid.TryParse(rawId.Trim(), out parsedId) && parsedId != Guid.Empty)
{
endpointIds.Add(parsedId);
}
}
}
}
}
if (endpointIds.Count > 0 &&
(runtimeVariables.GetBoolean(WellKnownDistributedTaskVariables.RestrictSecrets) ?? false) &&
(runtimeVariables.GetBoolean(Microsoft.TeamFoundation.Build.WebApi.BuildVariables.IsFork) ?? false))
{
ExecutionContext.Result = TaskResult.Skipped;
ExecutionContext.ResultCode = $"References service endpoint. PRs from repository forks are not allowed to access secrets in the pipeline. For more information see https://go.microsoft.com/fwlink/?linkid=862029 ";
return;
}
// Get the endpoints referenced by the task.
var endpoints = (ExecutionContext.Endpoints ?? new List <ServiceEndpoint>(0))
.Join(inner: endpointIds,
outerKeySelector: (ServiceEndpoint endpoint) => endpoint.Id,
innerKeySelector: (Guid endpointId) => endpointId,
resultSelector: (ServiceEndpoint endpoint, Guid endpointId) => endpoint)
.ToList();
// Add the system endpoint.
foreach (ServiceEndpoint endpoint in (ExecutionContext.Endpoints ?? new List <ServiceEndpoint>(0)))
{
if (string.Equals(endpoint.Name, WellKnownServiceEndpointNames.SystemVssConnection, StringComparison.OrdinalIgnoreCase))
{
endpoints.Add(endpoint);
break;
}
}
// Get each secure file ID referenced by the task.
var secureFileIds = new List <Guid>();
foreach (var input in definition.Data?.Inputs ?? new TaskInputDefinition[0])
{
if (string.Equals(input.InputType ?? string.Empty, "secureFile", StringComparison.OrdinalIgnoreCase))
{
string inputKey = input?.Name?.Trim() ?? string.Empty;
string inputValue;
if (!string.IsNullOrEmpty(inputKey) &&
inputs.TryGetValue(inputKey, out inputValue) &&
!string.IsNullOrEmpty(inputValue))
{
foreach (string rawId in inputValue.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries))
{
Guid parsedId;
if (Guid.TryParse(rawId.Trim(), out parsedId) && parsedId != Guid.Empty)
{
secureFileIds.Add(parsedId);
}
}
}
}
}
if (secureFileIds.Count > 0 &&
(runtimeVariables.GetBoolean(WellKnownDistributedTaskVariables.RestrictSecrets) ?? false) &&
(runtimeVariables.GetBoolean(Microsoft.TeamFoundation.Build.WebApi.BuildVariables.IsFork) ?? false))
{
ExecutionContext.Result = TaskResult.Skipped;
ExecutionContext.ResultCode = $"References secure file. PRs from repository forks are not allowed to access secrets in the pipeline. For more information see https://go.microsoft.com/fwlink/?linkid=862029";
return;
}
// Get the endpoints referenced by the task.
var secureFiles = (ExecutionContext.SecureFiles ?? new List <SecureFile>(0))
.Join(inner: secureFileIds,
outerKeySelector: (SecureFile secureFile) => secureFile.Id,
innerKeySelector: (Guid secureFileId) => secureFileId,
resultSelector: (SecureFile secureFile, Guid secureFileId) => secureFile)
.ToList();
// Set output variables.
foreach (var outputVar in definition.Data?.OutputVariables ?? new OutputVariable[0])
{
if (outputVar != null && !string.IsNullOrEmpty(outputVar.Name))
{
ExecutionContext.OutputVariables.Add(outputVar.Name);
}
}
// Create the handler.
IHandler handler = handlerFactory.Create(
ExecutionContext,
Task.Reference,
stepHost,
endpoints,
secureFiles,
handlerData,
inputs,
environment,
runtimeVariables,
taskDirectory: definition.Directory);
// Run the task.
await handler.RunAsync();
}
public async Task RunAsync()
{
// Validate args.
Trace.Entering();
ArgUtil.NotNull(ExecutionContext, nameof(ExecutionContext));
ArgUtil.NotNull(Action, nameof(Action));
var taskManager = HostContext.GetService <IActionManager>();
var handlerFactory = HostContext.GetService <IHandlerFactory>();
// Load the task definition and choose the handler.
Definition definition = taskManager.LoadAction(ExecutionContext, Action);
ArgUtil.NotNull(definition, nameof(definition));
ActionExecutionData handlerData = definition.Data?.Execution;
ArgUtil.NotNull(handlerData, nameof(handlerData));
// The action has post cleanup defined.
// we need to create timeline record for them and add them to the step list that StepRunner is using
if (handlerData.HasCleanup && Stage == ActionRunStage.Main)
{
string postDisplayName = null;
if (this.DisplayName.StartsWith(PipelineTemplateConstants.RunDisplayPrefix))
{
postDisplayName = $"Post {this.DisplayName.Substring(PipelineTemplateConstants.RunDisplayPrefix.Length)}";
}
else
{
postDisplayName = $"Post {this.DisplayName}";
}
var repositoryReference = Action.Reference as RepositoryPathReference;
var pathString = string.IsNullOrEmpty(repositoryReference.Path) ? string.Empty : $"/{repositoryReference.Path}";
var repoString = string.IsNullOrEmpty(repositoryReference.Ref) ? $"{repositoryReference.Name}{pathString}" :
$"{repositoryReference.Name}{pathString}@{repositoryReference.Ref}";
ExecutionContext.Debug($"Register post job cleanup for action: {repoString}");
var actionRunner = HostContext.CreateService <IActionRunner>();
actionRunner.Action = Action;
actionRunner.Stage = ActionRunStage.Post;
actionRunner.Condition = handlerData.CleanupCondition;
actionRunner.DisplayName = postDisplayName;
ExecutionContext.RegisterPostJobStep($"{actionRunner.Action.Name}_post", actionRunner);
}
IStepHost stepHost = HostContext.CreateService <IDefaultStepHost>();
// Makes directory for event_path data
var tempDirectory = HostContext.GetDirectory(WellKnownDirectory.Temp);
var workflowDirectory = Path.Combine(tempDirectory, "_github_workflow");
Directory.CreateDirectory(workflowDirectory);
var gitHubEvent = ExecutionContext.GetGitHubContext("event");
// adds the GitHub event path/file if the event exists
if (gitHubEvent != null)
{
var workflowFile = Path.Combine(workflowDirectory, "event.json");
Trace.Info($"Write event payload to {workflowFile}");
File.WriteAllText(workflowFile, gitHubEvent, new UTF8Encoding(false));
ExecutionContext.SetGitHubContext("event_path", workflowFile);
}
// Setup container stephost for running inside the container.
if (ExecutionContext.Container != null)
{
// Make sure required container is already created.
ArgUtil.NotNullOrEmpty(ExecutionContext.Container.ContainerId, nameof(ExecutionContext.Container.ContainerId));
var containerStepHost = HostContext.CreateService <IContainerStepHost>();
containerStepHost.Container = ExecutionContext.Container;
stepHost = containerStepHost;
}
// Load the inputs.
ExecutionContext.Debug("Loading inputs");
var templateEvaluator = ExecutionContext.ToPipelineTemplateEvaluator();
var inputs = templateEvaluator.EvaluateStepInputs(Action.Inputs, ExecutionContext.ExpressionValues);
foreach (KeyValuePair <string, string> input in inputs)
{
string message = "";
if (definition.Data?.Deprecated?.TryGetValue(input.Key, out message) == true)
{
ExecutionContext.Warning(String.Format("Input '{0}' has been deprecated with message: {1}", input.Key, message));
}
}
// Merge the default inputs from the definition
if (definition.Data?.Inputs != null)
{
var manifestManager = HostContext.GetService <IActionManifestManager>();
foreach (var input in (definition.Data?.Inputs))
{
string key = input.Key.AssertString("action input name").Value;
if (!inputs.ContainsKey(key))
{
var evaluateContext = new Dictionary <string, PipelineContextData>(StringComparer.OrdinalIgnoreCase);
foreach (var data in ExecutionContext.ExpressionValues)
{
evaluateContext[data.Key] = data.Value;
}
inputs[key] = manifestManager.EvaluateDefaultInput(ExecutionContext, key, input.Value, evaluateContext);
}
}
}
// Load the action environment.
ExecutionContext.Debug("Loading env");
var environment = new Dictionary <String, String>(VarUtil.EnvironmentVariableKeyComparer);
#if OS_WINDOWS
var envContext = ExecutionContext.ExpressionValues["env"] as DictionaryContextData;
#else
var envContext = ExecutionContext.ExpressionValues["env"] as CaseSensitiveDictionaryContextData;
#endif
// Apply environment from env context, env context contains job level env and action's evn block
foreach (var env in envContext)
{
environment[env.Key] = env.Value.ToString();
}
// Apply action's intra-action state at last
foreach (var state in ExecutionContext.IntraActionState)
{
environment[$"STATE_{state.Key}"] = state.Value ?? string.Empty;
}
// Create the handler.
IHandler handler = handlerFactory.Create(
ExecutionContext,
Action.Reference,
stepHost,
handlerData,
inputs,
environment,
ExecutionContext.Variables,
actionDirectory: definition.Directory);
// Print out action details
handler.PrintActionDetails(Stage);
// Run the task.
await handler.RunAsync(Stage);
}
public async Task RunAsync()
{
// Validate args.
Trace.Entering();
ArgUtil.NotNull(ExecutionContext, nameof(ExecutionContext));
ArgUtil.NotNull(Action, nameof(Action));
var taskManager = HostContext.GetService <IActionManager>();
var handlerFactory = HostContext.GetService <IHandlerFactory>();
// Load the task definition and choose the handler.
Definition definition = taskManager.LoadAction(ExecutionContext, Action);
ArgUtil.NotNull(definition, nameof(definition));
ActionExecutionData handlerData = definition.Data?.Execution;
ArgUtil.NotNull(handlerData, nameof(handlerData));
if (handlerData.HasPre &&
Action.Reference is Pipelines.RepositoryPathReference repoAction &&
string.Equals(repoAction.RepositoryType, Pipelines.PipelineConstants.SelfAlias, StringComparison.OrdinalIgnoreCase))
{
ExecutionContext.Warning($"`pre` execution is not supported for local action from '{repoAction.Path}'");
}
// The action has post cleanup defined.
// we need to create timeline record for them and add them to the step list that StepRunner is using
if (handlerData.HasPost && (Stage == ActionRunStage.Pre || Stage == ActionRunStage.Main))
{
string postDisplayName = $"Post {this.DisplayName}";
if (Stage == ActionRunStage.Pre &&
this.DisplayName.StartsWith("Pre ", StringComparison.OrdinalIgnoreCase))
{
// Trim the leading `Pre ` from the display name.
// Otherwise, we will get `Post Pre xxx` as DisplayName for the Post step.
postDisplayName = $"Post {this.DisplayName.Substring("Pre ".Length)}";
}
var repositoryReference = Action.Reference as RepositoryPathReference;
var pathString = string.IsNullOrEmpty(repositoryReference.Path) ? string.Empty : $"/{repositoryReference.Path}";
var repoString = string.IsNullOrEmpty(repositoryReference.Ref) ? $"{repositoryReference.Name}{pathString}" :
$"{repositoryReference.Name}{pathString}@{repositoryReference.Ref}";
ExecutionContext.Debug($"Register post job cleanup for action: {repoString}");
var actionRunner = HostContext.CreateService <IActionRunner>();
actionRunner.Action = Action;
actionRunner.Stage = ActionRunStage.Post;
actionRunner.Condition = handlerData.CleanupCondition;
actionRunner.DisplayName = postDisplayName;
ExecutionContext.RegisterPostJobStep(actionRunner);
}
IStepHost stepHost = HostContext.CreateService <IDefaultStepHost>();
// Makes directory for event_path data
var tempDirectory = HostContext.GetDirectory(WellKnownDirectory.Temp);
var workflowDirectory = Path.Combine(tempDirectory, "_github_workflow");
Directory.CreateDirectory(workflowDirectory);
var gitHubEvent = ExecutionContext.GetGitHubContext("event");
// adds the GitHub event path/file if the event exists
if (gitHubEvent != null)
{
var workflowFile = Path.Combine(workflowDirectory, "event.json");
Trace.Info($"Write event payload to {workflowFile}");
File.WriteAllText(workflowFile, gitHubEvent, new UTF8Encoding(false));
ExecutionContext.SetGitHubContext("event_path", workflowFile);
}
// Setup container stephost for running inside the container.
if (ExecutionContext.Global.Container != null)
{
// Make sure required container is already created.
ArgUtil.NotNullOrEmpty(ExecutionContext.Global.Container.ContainerId, nameof(ExecutionContext.Global.Container.ContainerId));
var containerStepHost = HostContext.CreateService <IContainerStepHost>();
containerStepHost.Container = ExecutionContext.Global.Container;
stepHost = containerStepHost;
}
// Load the inputs.
ExecutionContext.Debug("Loading inputs");
var templateEvaluator = ExecutionContext.ToPipelineTemplateEvaluator();
var inputs = templateEvaluator.EvaluateStepInputs(Action.Inputs, ExecutionContext.ExpressionValues, ExecutionContext.ExpressionFunctions);
var userInputs = new HashSet <string>(StringComparer.OrdinalIgnoreCase);
foreach (KeyValuePair <string, string> input in inputs)
{
userInputs.Add(input.Key);
string message = "";
if (definition.Data?.Deprecated?.TryGetValue(input.Key, out message) == true)
{
ExecutionContext.Warning(String.Format("Input '{0}' has been deprecated with message: {1}", input.Key, message));
}
}
var validInputs = new HashSet <string>(StringComparer.OrdinalIgnoreCase);
if (handlerData.ExecutionType == ActionExecutionType.Container)
{
// container action always accept 'entryPoint' and 'args' as inputs
// https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepswithargs
validInputs.Add("entryPoint");
validInputs.Add("args");
}
// Merge the default inputs from the definition
if (definition.Data?.Inputs != null)
{
var manifestManager = HostContext.GetService <IActionManifestManager>();
foreach (var input in definition.Data.Inputs)
{
string key = input.Key.AssertString("action input name").Value;
validInputs.Add(key);
if (!inputs.ContainsKey(key))
{
inputs[key] = manifestManager.EvaluateDefaultInput(ExecutionContext, key, input.Value);
}
}
}
// Validate inputs only for actions with action.yml
if (Action.Reference.Type == Pipelines.ActionSourceType.Repository)
{
var unexpectedInputs = new List <string>();
foreach (var input in userInputs)
{
if (!validInputs.Contains(input))
{
unexpectedInputs.Add(input);
}
}
if (unexpectedInputs.Count > 0)
{
ExecutionContext.Warning($"Unexpected input(s) '{string.Join("', '", unexpectedInputs)}', valid inputs are ['{string.Join("', '", validInputs)}']");
}
}
// Load the action environment.
ExecutionContext.Debug("Loading env");
var environment = new Dictionary <String, String>(VarUtil.EnvironmentVariableKeyComparer);
#if OS_WINDOWS
var envContext = ExecutionContext.ExpressionValues["env"] as DictionaryContextData;
#else
var envContext = ExecutionContext.ExpressionValues["env"] as CaseSensitiveDictionaryContextData;
#endif
// Apply environment from env context, env context contains job level env and action's evn block
foreach (var env in envContext)
{
environment[env.Key] = env.Value.ToString();
}
// Apply action's intra-action state at last
foreach (var state in ExecutionContext.IntraActionState)
{
environment[$"STATE_{state.Key}"] = state.Value ?? string.Empty;
}
// Create the handler.
IHandler handler = handlerFactory.Create(
ExecutionContext,
Action.Reference,
stepHost,
handlerData,
inputs,
environment,
ExecutionContext.Global.Variables,
actionDirectory: definition.Directory);
// Print out action details
handler.PrintActionDetails(Stage);
// Run the task.
await handler.RunAsync(Stage);
}
public IHandler Create(
IExecutionContext executionContext,
Pipelines.TaskStepDefinitionReference task,
IStepHost stepHost,
List <ServiceEndpoint> endpoints,
List <SecureFile> secureFiles,
HandlerData data,
Dictionary <string, string> inputs,
Dictionary <string, string> environment,
Variables runtimeVariables,
string taskDirectory)
{
// Validate args.
Trace.Entering();
ArgUtil.NotNull(executionContext, nameof(executionContext));
ArgUtil.NotNull(stepHost, nameof(stepHost));
ArgUtil.NotNull(endpoints, nameof(endpoints));
ArgUtil.NotNull(secureFiles, nameof(secureFiles));
ArgUtil.NotNull(data, nameof(data));
ArgUtil.NotNull(inputs, nameof(inputs));
ArgUtil.NotNull(environment, nameof(environment));
ArgUtil.NotNull(runtimeVariables, nameof(runtimeVariables));
ArgUtil.NotNull(taskDirectory, nameof(taskDirectory));
// Create the handler.
IHandler handler;
if (data is BaseNodeHandlerData)
{
// Node 6 and 10.
handler = HostContext.CreateService <INodeHandler>();
(handler as INodeHandler).Data = data as BaseNodeHandlerData;
}
else if (data is PowerShell3HandlerData)
{
// PowerShell3.
handler = HostContext.CreateService <IPowerShell3Handler>();
(handler as IPowerShell3Handler).Data = data as PowerShell3HandlerData;
}
else if (data is PowerShellExeHandlerData)
{
// PowerShellExe.
handler = HostContext.CreateService <IPowerShellExeHandler>();
(handler as IPowerShellExeHandler).Data = data as PowerShellExeHandlerData;
}
else if (data is ProcessHandlerData)
{
// Process.
handler = HostContext.CreateService <IProcessHandler>();
(handler as IProcessHandler).Data = data as ProcessHandlerData;
}
else if (data is PowerShellHandlerData)
{
// PowerShell.
handler = HostContext.CreateService <IPowerShellHandler>();
(handler as IPowerShellHandler).Data = data as PowerShellHandlerData;
}
else if (data is AzurePowerShellHandlerData)
{
// AzurePowerShell.
handler = HostContext.CreateService <IAzurePowerShellHandler>();
(handler as IAzurePowerShellHandler).Data = data as AzurePowerShellHandlerData;
}
else if (data is AgentPluginHandlerData)
{
// Agent plugin
handler = HostContext.CreateService <IAgentPluginHandler>();
(handler as IAgentPluginHandler).Data = data as AgentPluginHandlerData;
}
else
{
// This should never happen.
throw new NotSupportedException();
}
handler.Endpoints = endpoints;
handler.Task = task;
handler.Environment = environment;
handler.RuntimeVariables = runtimeVariables;
handler.ExecutionContext = executionContext;
handler.StepHost = stepHost;
handler.Inputs = inputs;
handler.SecureFiles = secureFiles;
handler.TaskDirectory = taskDirectory;
return(handler);
}
public async Task RunAsync()
{
// Validate args.
Trace.Entering();
ArgUtil.NotNull(ExecutionContext, nameof(ExecutionContext));
ArgUtil.NotNull(ExecutionContext.Variables, nameof(ExecutionContext.Variables));
ArgUtil.NotNull(Task, nameof(Task));
var taskManager = HostContext.GetService <ITaskManager>();
var handlerFactory = HostContext.GetService <IHandlerFactory>();
// Set the task id and display name variable.
using (var scope = ExecutionContext.Variables.CreateScope())
{
scope.Set(Constants.Variables.Task.DisplayName, DisplayName);
scope.Set(WellKnownDistributedTaskVariables.TaskInstanceId, Task.Id.ToString("D"));
scope.Set(WellKnownDistributedTaskVariables.TaskDisplayName, DisplayName);
scope.Set(WellKnownDistributedTaskVariables.TaskInstanceName, Task.Name);
// Load the task definition and choose the handler.
// TODO: Add a try catch here to give a better error message.
Definition definition = taskManager.Load(Task);
ArgUtil.NotNull(definition, nameof(definition));
// Verify task signatures if a fingerprint is configured for the Agent.
var configurationStore = HostContext.GetService <IConfigurationStore>();
AgentSettings settings = configurationStore.GetSettings();
SignatureVerificationMode verificationMode = SignatureVerificationMode.None;
if (settings.SignatureVerification != null)
{
verificationMode = settings.SignatureVerification.Mode;
}
if (verificationMode != SignatureVerificationMode.None)
{
ISignatureService signatureService = HostContext.CreateService <ISignatureService>();
Boolean verificationSuccessful = await signatureService.VerifyAsync(definition, ExecutionContext.CancellationToken);
if (verificationSuccessful)
{
ExecutionContext.Output(StringUtil.Loc("TaskSignatureVerificationSucceeeded"));
// Only extract if it's not the checkout task.
if (!String.IsNullOrEmpty(definition.ZipPath))
{
taskManager.Extract(ExecutionContext, Task);
}
}
else
{
String message = StringUtil.Loc("TaskSignatureVerificationFailed");
if (verificationMode == SignatureVerificationMode.Error)
{
throw new InvalidOperationException(message);
}
else
{
ExecutionContext.Warning(message);
}
}
}
// Print out task metadata
PrintTaskMetaData(definition);
ExecutionData currentExecution = null;
switch (Stage)
{
case JobRunStage.PreJob:
currentExecution = definition.Data?.PreJobExecution;
break;
case JobRunStage.Main:
currentExecution = definition.Data?.Execution;
break;
case JobRunStage.PostJob:
currentExecution = definition.Data?.PostJobExecution;
break;
}
;
HandlerData handlerData = GetHandlerData(ExecutionContext, currentExecution, PlatformUtil.HostOS);
if (handlerData == null)
{
if (PlatformUtil.RunningOnWindows)
{
throw new InvalidOperationException(StringUtil.Loc("SupportedTaskHandlerNotFoundWindows", $"{PlatformUtil.HostOS}({PlatformUtil.HostArchitecture})"));
}
throw new InvalidOperationException(StringUtil.Loc("SupportedTaskHandlerNotFoundLinux"));
}
Trace.Info($"Handler data is of type {handlerData}");
Variables runtimeVariables = ExecutionContext.Variables;
IStepHost stepHost = HostContext.CreateService <IDefaultStepHost>();
var stepTarget = ExecutionContext.StepTarget();
// Setup container stephost and the right runtime variables for running job inside container.
if (stepTarget is ContainerInfo containerTarget)
{
if (handlerData is AgentPluginHandlerData)
{
// plugin handler always runs on the Host, the runtime variables needs to the variable works on the Host, ex: file path variable System.DefaultWorkingDirectory
Dictionary <string, VariableValue> variableCopy = new Dictionary <string, VariableValue>(StringComparer.OrdinalIgnoreCase);
foreach (var publicVar in ExecutionContext.Variables.Public)
{
variableCopy[publicVar.Key] = new VariableValue(stepTarget.TranslateToHostPath(publicVar.Value));
}
foreach (var secretVar in ExecutionContext.Variables.Private)
{
variableCopy[secretVar.Key] = new VariableValue(stepTarget.TranslateToHostPath(secretVar.Value), true);
}
List <string> expansionWarnings;
runtimeVariables = new Variables(HostContext, variableCopy, out expansionWarnings);
expansionWarnings?.ForEach(x => ExecutionContext.Warning(x));
}
else if (handlerData is NodeHandlerData || handlerData is Node10HandlerData || handlerData is PowerShell3HandlerData)
{
// Only the node, node10, and powershell3 handlers support running inside container.
// Make sure required container is already created.
ArgUtil.NotNullOrEmpty(containerTarget.ContainerId, nameof(containerTarget.ContainerId));
var containerStepHost = HostContext.CreateService <IContainerStepHost>();
containerStepHost.Container = containerTarget;
stepHost = containerStepHost;
}
else
{
throw new NotSupportedException(String.Format("Task '{0}' is using legacy execution handler '{1}' which is not supported in container execution flow.", definition.Data.FriendlyName, handlerData.GetType().ToString()));
}
}
// Load the default input values from the definition.
Trace.Verbose("Loading default inputs.");
var inputs = new Dictionary <string, string>(StringComparer.OrdinalIgnoreCase);
foreach (var input in (definition.Data?.Inputs ?? new TaskInputDefinition[0]))
{
string key = input?.Name?.Trim() ?? string.Empty;
if (!string.IsNullOrEmpty(key))
{
inputs[key] = input.DefaultValue?.Trim() ?? string.Empty;
}
}
// Merge the instance inputs.
Trace.Verbose("Loading instance inputs.");
foreach (var input in (Task.Inputs as IEnumerable <KeyValuePair <string, string> > ?? new KeyValuePair <string, string> [0]))
{
string key = input.Key?.Trim() ?? string.Empty;
if (!string.IsNullOrEmpty(key))
{
inputs[key] = input.Value?.Trim() ?? string.Empty;
}
}
// Expand the inputs.
Trace.Verbose("Expanding inputs.");
runtimeVariables.ExpandValues(target: inputs);
VarUtil.ExpandEnvironmentVariables(HostContext, target: inputs);
// Translate the server file path inputs to local paths.
foreach (var input in definition.Data?.Inputs ?? new TaskInputDefinition[0])
{
if (string.Equals(input.InputType, TaskInputType.FilePath, StringComparison.OrdinalIgnoreCase))
{
Trace.Verbose($"Translating file path input '{input.Name}': '{inputs[input.Name]}'");
inputs[input.Name] = stepHost.ResolvePathForStepHost(TranslateFilePathInput(inputs[input.Name] ?? string.Empty));
Trace.Verbose($"Translated file path input '{input.Name}': '{inputs[input.Name]}'");
}
}
// Load the task environment.
Trace.Verbose("Loading task environment.");
var environment = new Dictionary <string, string>(VarUtil.EnvironmentVariableKeyComparer);
foreach (var env in (Task.Environment ?? new Dictionary <string, string>(0)))
{
string key = env.Key?.Trim() ?? string.Empty;
if (!string.IsNullOrEmpty(key))
{
environment[key] = env.Value?.Trim() ?? string.Empty;
}
}
// Expand the inputs.
Trace.Verbose("Expanding task environment.");
runtimeVariables.ExpandValues(target: environment);
VarUtil.ExpandEnvironmentVariables(HostContext, target: environment);
// Expand the handler inputs.
Trace.Verbose("Expanding handler inputs.");
VarUtil.ExpandValues(HostContext, source: inputs, target: handlerData.Inputs);
runtimeVariables.ExpandValues(target: handlerData.Inputs);
// Get each endpoint ID referenced by the task.
var endpointIds = new List <Guid>();
foreach (var input in definition.Data?.Inputs ?? new TaskInputDefinition[0])
{
if ((input.InputType ?? string.Empty).StartsWith("connectedService:", StringComparison.OrdinalIgnoreCase))
{
string inputKey = input?.Name?.Trim() ?? string.Empty;
string inputValue;
if (!string.IsNullOrEmpty(inputKey) &&
inputs.TryGetValue(inputKey, out inputValue) &&
!string.IsNullOrEmpty(inputValue))
{
foreach (string rawId in inputValue.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries))
{
Guid parsedId;
if (Guid.TryParse(rawId.Trim(), out parsedId) && parsedId != Guid.Empty)
{
endpointIds.Add(parsedId);
}
}
}
}
}
if (endpointIds.Count > 0 &&
(runtimeVariables.GetBoolean(WellKnownDistributedTaskVariables.RestrictSecrets) ?? false) &&
(runtimeVariables.GetBoolean(Microsoft.TeamFoundation.Build.WebApi.BuildVariables.IsFork) ?? false))
{
ExecutionContext.Result = TaskResult.Skipped;
ExecutionContext.ResultCode = $"References service endpoint. PRs from repository forks are not allowed to access secrets in the pipeline. For more information see https://go.microsoft.com/fwlink/?linkid=862029 ";
return;
}
// Get the endpoints referenced by the task.
var endpoints = (ExecutionContext.Endpoints ?? new List <ServiceEndpoint>(0))
.Join(inner: endpointIds,
outerKeySelector: (ServiceEndpoint endpoint) => endpoint.Id,
innerKeySelector: (Guid endpointId) => endpointId,
resultSelector: (ServiceEndpoint endpoint, Guid endpointId) => endpoint)
.ToList();
// Add the system endpoint.
foreach (ServiceEndpoint endpoint in (ExecutionContext.Endpoints ?? new List <ServiceEndpoint>(0)))
{
if (string.Equals(endpoint.Name, WellKnownServiceEndpointNames.SystemVssConnection, StringComparison.OrdinalIgnoreCase))
{
endpoints.Add(endpoint);
break;
}
}
// Get each secure file ID referenced by the task.
var secureFileIds = new List <Guid>();
foreach (var input in definition.Data?.Inputs ?? new TaskInputDefinition[0])
{
if (string.Equals(input.InputType ?? string.Empty, "secureFile", StringComparison.OrdinalIgnoreCase))
{
string inputKey = input?.Name?.Trim() ?? string.Empty;
string inputValue;
if (!string.IsNullOrEmpty(inputKey) &&
inputs.TryGetValue(inputKey, out inputValue) &&
!string.IsNullOrEmpty(inputValue))
{
foreach (string rawId in inputValue.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries))
{
Guid parsedId;
if (Guid.TryParse(rawId.Trim(), out parsedId) && parsedId != Guid.Empty)
{
secureFileIds.Add(parsedId);
}
}
}
}
}
if (secureFileIds.Count > 0 &&
(runtimeVariables.GetBoolean(WellKnownDistributedTaskVariables.RestrictSecrets) ?? false) &&
(runtimeVariables.GetBoolean(Microsoft.TeamFoundation.Build.WebApi.BuildVariables.IsFork) ?? false))
{
ExecutionContext.Result = TaskResult.Skipped;
ExecutionContext.ResultCode = $"References secure file. PRs from repository forks are not allowed to access secrets in the pipeline. For more information see https://go.microsoft.com/fwlink/?linkid=862029";
return;
}
// Get the endpoints referenced by the task.
var secureFiles = (ExecutionContext.SecureFiles ?? new List <SecureFile>(0))
.Join(inner: secureFileIds,
outerKeySelector: (SecureFile secureFile) => secureFile.Id,
innerKeySelector: (Guid secureFileId) => secureFileId,
resultSelector: (SecureFile secureFile, Guid secureFileId) => secureFile)
.ToList();
// Set output variables.
foreach (var outputVar in definition.Data?.OutputVariables ?? new OutputVariable[0])
{
if (outputVar != null && !string.IsNullOrEmpty(outputVar.Name))
{
ExecutionContext.OutputVariables.Add(outputVar.Name);
}
}
// translate inputs
inputs = inputs.ToDictionary(kvp => kvp.Key, kvp => ExecutionContext.TranslatePathForStepTarget(kvp.Value));
// Create the handler.
IHandler handler = handlerFactory.Create(
ExecutionContext,
Task.Reference,
stepHost,
endpoints,
secureFiles,
handlerData,
inputs,
environment,
runtimeVariables,
taskDirectory: definition.Directory);
// Run the task.
await handler.RunAsync();
}
}
public async Task RunAsync()
{
// Validate args.
Trace.Entering();
ArgUtil.NotNull(ExecutionContext, nameof(ExecutionContext));
ArgUtil.NotNull(ExecutionContext.Variables, nameof(ExecutionContext.Variables));
ArgUtil.NotNull(Task, nameof(Task));
var taskManager = HostContext.GetService <ITaskManager>();
var handlerFactory = HostContext.GetService <IHandlerFactory>();
// Set the task id and display name variable.
using (var scope = ExecutionContext.Variables.CreateScope())
{
scope.Set(Constants.Variables.Task.DisplayName, DisplayName);
scope.Set(WellKnownDistributedTaskVariables.TaskInstanceId, Task.Id.ToString("D"));
scope.Set(WellKnownDistributedTaskVariables.TaskDisplayName, DisplayName);
scope.Set(WellKnownDistributedTaskVariables.TaskInstanceName, Task.Name);
// Load the task definition and choose the handler.
// TODO: Add a try catch here to give a better error message.
Definition definition = taskManager.Load(Task);
ArgUtil.NotNull(definition, nameof(definition));
// Verify Signatures and Re-Extract Tasks if neccessary
await VerifyTask(taskManager, definition);
// Print out task metadata
PrintTaskMetaData(definition);
ExecutionData currentExecution = null;
switch (Stage)
{
case JobRunStage.PreJob:
currentExecution = definition.Data?.PreJobExecution;
break;
case JobRunStage.Main:
currentExecution = definition.Data?.Execution;
break;
case JobRunStage.PostJob:
currentExecution = definition.Data?.PostJobExecution;
break;
}
;
HandlerData handlerData = GetHandlerData(ExecutionContext, currentExecution, PlatformUtil.HostOS);
if (handlerData == null)
{
if (PlatformUtil.RunningOnWindows)
{
throw new InvalidOperationException(StringUtil.Loc("SupportedTaskHandlerNotFoundWindows", $"{PlatformUtil.HostOS}({PlatformUtil.HostArchitecture})"));
}
throw new InvalidOperationException(StringUtil.Loc("SupportedTaskHandlerNotFoundLinux"));
}
Trace.Info($"Handler data is of type {handlerData}");
Variables runtimeVariables = ExecutionContext.Variables;
IStepHost stepHost = HostContext.CreateService <IDefaultStepHost>();
var stepTarget = ExecutionContext.StepTarget();
// Setup container stephost and the right runtime variables for running job inside container.
if (stepTarget is ContainerInfo containerTarget)
{
if (Stage == JobRunStage.PostJob &&
AgentKnobs.SkipPostExeceutionIfTargetContainerStopped.GetValue(ExecutionContext).AsBoolean())
{
try
{
// Check that the target container is still running, if not Skip task execution
IDockerCommandManager dockerManager = HostContext.GetService <IDockerCommandManager>();
bool isContainerRunning = await dockerManager.IsContainerRunning(ExecutionContext, containerTarget.ContainerId);
if (!isContainerRunning)
{
ExecutionContext.Result = TaskResult.Skipped;
ExecutionContext.ResultCode = $"Target container - {containerTarget.ContainerName} has been stopped, task post-execution will be skipped";
return;
}
}
catch (Exception ex)
{
ExecutionContext.Write(WellKnownTags.Warning, $"Failed to check container state for task post-execution. Exception: {ex}");
}
}
if (handlerData is AgentPluginHandlerData)
{
// plugin handler always runs on the Host, the runtime variables needs to the variable works on the Host, ex: file path variable System.DefaultWorkingDirectory
Dictionary <string, VariableValue> variableCopy = new Dictionary <string, VariableValue>(StringComparer.OrdinalIgnoreCase);
foreach (var publicVar in ExecutionContext.Variables.Public)
{
variableCopy[publicVar.Key] = new VariableValue(stepTarget.TranslateToHostPath(publicVar.Value));
}
foreach (var secretVar in ExecutionContext.Variables.Private)
{
variableCopy[secretVar.Key] = new VariableValue(stepTarget.TranslateToHostPath(secretVar.Value), true);
}
List <string> expansionWarnings;
runtimeVariables = new Variables(HostContext, variableCopy, out expansionWarnings);
expansionWarnings?.ForEach(x => ExecutionContext.Warning(x));
}
else if (handlerData is BaseNodeHandlerData || handlerData is PowerShell3HandlerData)
{
// Only the node, node10, and powershell3 handlers support running inside container.
// Make sure required container is already created.
ArgUtil.NotNullOrEmpty(containerTarget.ContainerId, nameof(containerTarget.ContainerId));
var containerStepHost = HostContext.CreateService <IContainerStepHost>();
containerStepHost.Container = containerTarget;
stepHost = containerStepHost;
}
else
{
throw new NotSupportedException(String.Format("Task '{0}' is using legacy execution handler '{1}' which is not supported in container execution flow.", definition.Data.FriendlyName, handlerData.GetType().ToString()));
}
}
// Load the default input values from the definition.
Trace.Verbose("Loading default inputs.");
var inputs = new Dictionary <string, string>(StringComparer.OrdinalIgnoreCase);
foreach (var input in (definition.Data?.Inputs ?? new TaskInputDefinition[0]))
{
string key = input?.Name?.Trim() ?? string.Empty;
if (!string.IsNullOrEmpty(key))
{
if (AgentKnobs.DisableInputTrimming.GetValue(ExecutionContext).AsBoolean())
{
inputs[key] = input.DefaultValue ?? string.Empty;
}
else
{
inputs[key] = input.DefaultValue?.Trim() ?? string.Empty;
}
}
}
// Merge the instance inputs.
Trace.Verbose("Loading instance inputs.");
foreach (var input in (Task.Inputs as IEnumerable <KeyValuePair <string, string> > ?? new KeyValuePair <string, string> [0]))
{
string key = input.Key?.Trim() ?? string.Empty;
if (!string.IsNullOrEmpty(key))
{
if (AgentKnobs.DisableInputTrimming.GetValue(ExecutionContext).AsBoolean())
{
inputs[key] = input.Value ?? string.Empty;
}
else
{
inputs[key] = input.Value?.Trim() ?? string.Empty;
}
}
}
// Expand the inputs.
Trace.Verbose("Expanding inputs.");
runtimeVariables.ExpandValues(target: inputs);
// We need to verify inputs of the tasks that were injected by decorators, to check if they contain secrets,
// for security reasons execution of tasks in this case should be skipped.
// Target task inputs could be injected into the decorator's tasks if the decorator has post-task-tasks or pre-task-tasks targets,
// such tasks will have names that start with __system_pretargettask_ or __system_posttargettask_.
var taskDecoratorManager = HostContext.GetService <ITaskDecoratorManager>();
if (taskDecoratorManager.IsInjectedTaskForTarget(Task.Name) &&
taskDecoratorManager.IsInjectedInputsContainsSecrets(inputs, out var inputsWithSecrets))
{
var inputsForReport = taskDecoratorManager.GenerateTaskResultMessage(inputsWithSecrets);
ExecutionContext.Result = TaskResult.Skipped;
ExecutionContext.ResultCode = StringUtil.Loc("SecretsAreNotAllowedInInjectedTaskInputs", inputsForReport);
return;
}
VarUtil.ExpandEnvironmentVariables(HostContext, target: inputs);
// Translate the server file path inputs to local paths.
foreach (var input in definition.Data?.Inputs ?? new TaskInputDefinition[0])
{
if (string.Equals(input.InputType, TaskInputType.FilePath, StringComparison.OrdinalIgnoreCase))
{
Trace.Verbose($"Translating file path input '{input.Name}': '{inputs[input.Name]}'");
inputs[input.Name] = stepHost.ResolvePathForStepHost(TranslateFilePathInput(inputs[input.Name] ?? string.Empty));
Trace.Verbose($"Translated file path input '{input.Name}': '{inputs[input.Name]}'");
}
}
// Load the task environment.
Trace.Verbose("Loading task environment.");
var environment = new Dictionary <string, string>(VarUtil.EnvironmentVariableKeyComparer);
foreach (var env in (Task.Environment ?? new Dictionary <string, string>(0)))
{
string key = env.Key?.Trim() ?? string.Empty;
if (!string.IsNullOrEmpty(key))
{
environment[key] = env.Value?.Trim() ?? string.Empty;
}
}
// Expand the inputs.
Trace.Verbose("Expanding task environment.");
runtimeVariables.ExpandValues(target: environment);
VarUtil.ExpandEnvironmentVariables(HostContext, target: environment);
// Expand the handler inputs.
Trace.Verbose("Expanding handler inputs.");
VarUtil.ExpandValues(HostContext, source: inputs, target: handlerData.Inputs);
runtimeVariables.ExpandValues(target: handlerData.Inputs);
// Get each endpoint ID referenced by the task.
var endpointIds = new List <Guid>();
foreach (var input in definition.Data?.Inputs ?? new TaskInputDefinition[0])
{
if ((input.InputType ?? string.Empty).StartsWith("connectedService:", StringComparison.OrdinalIgnoreCase))
{
string inputKey = input?.Name?.Trim() ?? string.Empty;
string inputValue;
if (!string.IsNullOrEmpty(inputKey) &&
inputs.TryGetValue(inputKey, out inputValue) &&
!string.IsNullOrEmpty(inputValue))
{
foreach (string rawId in inputValue.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries))
{
Guid parsedId;
if (Guid.TryParse(rawId.Trim(), out parsedId) && parsedId != Guid.Empty)
{
endpointIds.Add(parsedId);
}
}
}
}
}
if (endpointIds.Count > 0 &&
(runtimeVariables.GetBoolean(WellKnownDistributedTaskVariables.RestrictSecrets) ?? false) &&
(runtimeVariables.GetBoolean(Microsoft.TeamFoundation.Build.WebApi.BuildVariables.IsFork) ?? false))
{
ExecutionContext.Result = TaskResult.Skipped;
ExecutionContext.ResultCode = $"References service endpoint. PRs from repository forks are not allowed to access secrets in the pipeline. For more information see https://go.microsoft.com/fwlink/?linkid=862029 ";
return;
}
// Get the endpoints referenced by the task.
var endpoints = (ExecutionContext.Endpoints ?? new List <ServiceEndpoint>(0))
.Join(inner: endpointIds,
outerKeySelector: (ServiceEndpoint endpoint) => endpoint.Id,
innerKeySelector: (Guid endpointId) => endpointId,
resultSelector: (ServiceEndpoint endpoint, Guid endpointId) => endpoint)
.ToList();
// Add the system endpoint.
foreach (ServiceEndpoint endpoint in (ExecutionContext.Endpoints ?? new List <ServiceEndpoint>(0)))
{
if (string.Equals(endpoint.Name, WellKnownServiceEndpointNames.SystemVssConnection, StringComparison.OrdinalIgnoreCase))
{
endpoints.Add(endpoint);
break;
}
}
// Get each secure file ID referenced by the task.
var secureFileIds = new List <Guid>();
foreach (var input in definition.Data?.Inputs ?? new TaskInputDefinition[0])
{
if (string.Equals(input.InputType ?? string.Empty, "secureFile", StringComparison.OrdinalIgnoreCase))
{
string inputKey = input?.Name?.Trim() ?? string.Empty;
string inputValue;
if (!string.IsNullOrEmpty(inputKey) &&
inputs.TryGetValue(inputKey, out inputValue) &&
!string.IsNullOrEmpty(inputValue))
{
foreach (string rawId in inputValue.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries))
{
Guid parsedId;
if (Guid.TryParse(rawId.Trim(), out parsedId) && parsedId != Guid.Empty)
{
secureFileIds.Add(parsedId);
}
}
}
}
}
if (secureFileIds.Count > 0 &&
(runtimeVariables.GetBoolean(WellKnownDistributedTaskVariables.RestrictSecrets) ?? false) &&
(runtimeVariables.GetBoolean(Microsoft.TeamFoundation.Build.WebApi.BuildVariables.IsFork) ?? false))
{
ExecutionContext.Result = TaskResult.Skipped;
ExecutionContext.ResultCode = $"References secure file. PRs from repository forks are not allowed to access secrets in the pipeline. For more information see https://go.microsoft.com/fwlink/?linkid=862029";
return;
}
// Get the endpoints referenced by the task.
var secureFiles = (ExecutionContext.SecureFiles ?? new List <SecureFile>(0))
.Join(inner: secureFileIds,
outerKeySelector: (SecureFile secureFile) => secureFile.Id,
innerKeySelector: (Guid secureFileId) => secureFileId,
resultSelector: (SecureFile secureFile, Guid secureFileId) => secureFile)
.ToList();
// Set output variables.
foreach (var outputVar in definition.Data?.OutputVariables ?? new OutputVariable[0])
{
if (outputVar != null && !string.IsNullOrEmpty(outputVar.Name))
{
ExecutionContext.OutputVariables.Add(outputVar.Name);
}
}
// translate inputs
inputs = inputs.ToDictionary(kvp => kvp.Key, kvp => ExecutionContext.TranslatePathForStepTarget(kvp.Value));
// Create the handler.
IHandler handler = handlerFactory.Create(
ExecutionContext,
Task.Reference,
stepHost,
endpoints,
secureFiles,
handlerData,
inputs,
environment,
runtimeVariables,
taskDirectory: definition.Directory);
// Run the task.
int retryCount = this.Task.RetryCountOnTaskFailure;
if (retryCount > 0)
{
if (retryCount > RetryCountOnTaskFailureLimit)
{
ExecutionContext.Warning(StringUtil.Loc("RetryCountLimitExceeded", RetryCountOnTaskFailureLimit, retryCount));
retryCount = RetryCountOnTaskFailureLimit;
}
RetryHelper rh = new RetryHelper(ExecutionContext, retryCount);
await rh.RetryStep(async() => await handler.RunAsync(), RetryHelper.ExponentialDelay);
}
else
{
await handler.RunAsync();
}
}
}
public async Task RunAsync()
{
// Validate args.
Trace.Entering();
ArgUtil.NotNull(ExecutionContext, nameof(ExecutionContext));
ArgUtil.NotNull(Action, nameof(Action));
var taskManager = HostContext.GetService <IActionManager>();
var handlerFactory = HostContext.GetService <IHandlerFactory>();
// Load the task definition and choose the handler.
Definition definition = taskManager.LoadAction(ExecutionContext, Action);
ArgUtil.NotNull(definition, nameof(definition));
ActionExecutionData handlerData = definition.Data?.Execution;
ArgUtil.NotNull(handlerData, nameof(handlerData));
if (handlerData.HasPre &&
Action.Reference is Pipelines.RepositoryPathReference repoAction &&
string.Equals(repoAction.RepositoryType, Pipelines.PipelineConstants.SelfAlias, StringComparison.OrdinalIgnoreCase))
{
ExecutionContext.Warning($"`pre` execution is not supported for local action from '{repoAction.Path}'");
}
// The action has post cleanup defined.
// we need to create timeline record for them and add them to the step list that StepRunner is using
if (handlerData.HasPost && (Stage == ActionRunStage.Pre || Stage == ActionRunStage.Main))
{
string postDisplayName = $"Post {this.DisplayName}";
if (Stage == ActionRunStage.Pre &&
this.DisplayName.StartsWith("Pre ", StringComparison.OrdinalIgnoreCase))
{
// Trim the leading `Pre ` from the display name.
// Otherwise, we will get `Post Pre xxx` as DisplayName for the Post step.
postDisplayName = $"Post {this.DisplayName.Substring("Pre ".Length)}";
}
var repositoryReference = Action.Reference as RepositoryPathReference;
var pathString = string.IsNullOrEmpty(repositoryReference.Path) ? string.Empty : $"/{repositoryReference.Path}";
var repoString = string.IsNullOrEmpty(repositoryReference.Ref) ? $"{repositoryReference.Name}{pathString}" :
$"{repositoryReference.Name}{pathString}@{repositoryReference.Ref}";
ExecutionContext.Debug($"Register post job cleanup for action: {repoString}");
var actionRunner = HostContext.CreateService <IActionRunner>();
actionRunner.Action = Action;
actionRunner.Stage = ActionRunStage.Post;
actionRunner.Condition = handlerData.CleanupCondition;
actionRunner.DisplayName = postDisplayName;
ExecutionContext.RegisterPostJobStep(actionRunner);
}
IStepHost stepHost = HostContext.CreateService <IDefaultStepHost>();
// Makes directory for event_path data
var tempDirectory = HostContext.GetDirectory(WellKnownDirectory.Temp);
var workflowDirectory = Path.Combine(tempDirectory, "_github_workflow");
Directory.CreateDirectory(workflowDirectory);
var gitHubEvent = ExecutionContext.GetGitHubContext("event");
// adds the GitHub event path/file if the event exists
if (gitHubEvent != null)
{
var workflowFile = Path.Combine(workflowDirectory, "event.json");
Trace.Info($"Write event payload to {workflowFile}");
File.WriteAllText(workflowFile, gitHubEvent, new UTF8Encoding(false));
ExecutionContext.SetGitHubContext("event_path", workflowFile);
}
// Set GITHUB_ACTION_REPOSITORY if this Action is from a repository
if (Action.Reference is Pipelines.RepositoryPathReference repoPathReferenceAction &&
!string.Equals(repoPathReferenceAction.RepositoryType, Pipelines.PipelineConstants.SelfAlias, StringComparison.OrdinalIgnoreCase))
{
ExecutionContext.SetGitHubContext("action_repository", repoPathReferenceAction.Name);
ExecutionContext.SetGitHubContext("action_ref", repoPathReferenceAction.Ref);
}
public IHandler Create(
IExecutionContext executionContext,
IStepHost stepHost,
List <ServiceEndpoint> endpoints,
List <SecureFile> secureFiles,
HandlerData data,
Dictionary <string, string> inputs,
Dictionary <string, string> environment,
string taskDirectory,
string filePathInputRootDirectory)
{
// Validate args.
Trace.Entering();
ArgUtil.NotNull(executionContext, nameof(executionContext));
ArgUtil.NotNull(stepHost, nameof(stepHost));
ArgUtil.NotNull(endpoints, nameof(endpoints));
ArgUtil.NotNull(secureFiles, nameof(secureFiles));
ArgUtil.NotNull(data, nameof(data));
ArgUtil.NotNull(inputs, nameof(inputs));
ArgUtil.NotNull(environment, nameof(environment));
ArgUtil.NotNull(taskDirectory, nameof(taskDirectory));
// Create the handler.
IHandler handler;
if (data is NodeHandlerData)
{
// Node.
handler = HostContext.CreateService <INodeHandler>();
(handler as INodeHandler).Data = data as NodeHandlerData;
}
else if (data is PowerShell3HandlerData)
{
// PowerShell3.
handler = HostContext.CreateService <IPowerShell3Handler>();
(handler as IPowerShell3Handler).Data = data as PowerShell3HandlerData;
}
else if (data is PowerShellExeHandlerData)
{
// PowerShellExe.
handler = HostContext.CreateService <IPowerShellExeHandler>();
(handler as IPowerShellExeHandler).Data = data as PowerShellExeHandlerData;
}
else if (data is ProcessHandlerData)
{
// Process.
handler = HostContext.CreateService <IProcessHandler>();
(handler as IProcessHandler).Data = data as ProcessHandlerData;
}
else if (data is PowerShellHandlerData)
{
// PowerShell.
handler = HostContext.CreateService <IPowerShellHandler>();
(handler as IPowerShellHandler).Data = data as PowerShellHandlerData;
}
else if (data is AzurePowerShellHandlerData)
{
// AzurePowerShell.
handler = HostContext.CreateService <IAzurePowerShellHandler>();
(handler as IAzurePowerShellHandler).Data = data as AzurePowerShellHandlerData;
}
else
{
// This should never happen.
throw new NotSupportedException();
}
handler.Endpoints = endpoints;
handler.Environment = environment;
handler.ExecutionContext = executionContext;
handler.StepHost = stepHost;
handler.FilePathInputRootDirectory = filePathInputRootDirectory;
handler.Inputs = inputs;
handler.SecureFiles = secureFiles;
handler.TaskDirectory = taskDirectory;
return(handler);
}
