Acasă Explorează Ajutor
Autentificare
dotnet
/
aspnetcore
oglindă de https://github.com/dotnet/aspnetcore.git
2
0
Bifurcare 0
Fisiere Probleme 0 Wiki
Răsfoiți Sursa

Add a script for signing packages which can only be produced on non-Windows platforms (#6823)

Nate McMaster 7 ani în urmă
părinte
49a2de9e59
comite
3dbf5d28fe
2 a modificat fișierele cu 53 adăugiri și 0 ștergeri
Vizualizare divizată Arată Statisticile Diff
  1. 38 0
      eng/tools/XplatPackageSigner/XplatPackageSigner.proj
  2. 15 0
      eng/tools/XplatPackageSigner/sign-packages.cmd

+ 38 - 0
eng/tools/XplatPackageSigner/XplatPackageSigner.proj
Vizualizați fișierul 

@@ -0,0 +1,38 @@
 
+<!--
 
+  Code signing of .nupkg's built on Linux/macOS cannot be code-signed on the same machine which built the package.
 
+  This project takes as inputs a folder of *.nupkg packages and code signs them using MicroBuild.
 
+
 
+  Note: because Authenticode signing of .dll's is not something Linux and macOS can verify anyways, this signing
 
+  process only code-signs the .nupkg itself, not the contents.
 
+-->
 
+<Project DefaultTargets="AfterBuild" InitialTargets="CheckForRequiredProperties">
 
+  <PropertyGroup>
 
+    <SignType>$([MSBuild]::ValueOrDefault($(SignType),'real'))</SignType>
 
+  </PropertyGroup>
 
+
 
+  <Import Project="..\..\..\Directory.Build.props" />
 
+  <Import Project="..\..\targets\MicroBuild.Plugin.props" Condition="'$(MicroBuildSentinelFile)' == ''" />
 
+  <Import Project="$(MicroBuildPluginDirectory)\MicroBuild.Plugins.*\**\build\MicroBuild.Plugins.*.props" Condition=" '$(MicroBuildPluginDirectory)' != ''" />
 
+
 
+  <PropertyGroup>
 
+    <OutDir>$(RepositoryRoot)bin\$(MSBuildProjectName)\</OutDir>
 
+    <IntermediateOutputPath>$(RepositoryRoot)obj\$(MSBuildProjectName)\</IntermediateOutputPath>
 
+  </PropertyGroup>
 
+
 
+  <ItemGroup Condition="'$(DirectoryToSign)' != ''">
 
+    <SymbolsPackages Include="$([MSBuild]::NormalizeDirectory($(DirectoryToSign)))**\*.symbols.nupkg" />
 
+    <FilesToSign Include="$([MSBuild]::NormalizeDirectory($(DirectoryToSign)))**\*.nupkg">
 
+      <Authenticode>$(PackageSigningCertName)</Authenticode>
 
+    </FilesToSign>
 
+  </ItemGroup>
 
+
 
+  <Target Name="CheckForRequiredProperties">
 
+    <Error Text="Missing required property: DirectoryToSign" Condition="'$(DirectoryToSign)' == ''"/>
 
+    <Error Text="Missing required property: PackageSigningCertName" Condition="'$(PackageSigningCertName)' == ''"/>
 
+    <Error Text="Could not find any packages to sign in $(DirectoryToSign)" Condition="@(FilesToSign->Count()) == 0"/>
 
+  </Target>
 
+
 
+  <!-- MicroBuild code-signing chains onto this target. -->
 
+  <Target Name="AfterBuild" />
 
+  <Import Project="$(MicroBuildPluginDirectory)\MicroBuild.Plugins.*\**\build\MicroBuild.Plugins.*.targets" Condition=" '$(MicroBuildPluginDirectory)' != ''" />
 
+</Project>

+ 15 - 0
eng/tools/XplatPackageSigner/sign-packages.cmd
Vizualizați fișierul 

@@ -0,0 +1,15 @@
 
+@ECHO OFF
 
+
 
+SET DirToSign=%1
 
+
 
+IF "%DirToSign%"=="" (
 
+    echo Error^: Expected argument ^<DirToSign^>
 
+    echo Usage^: sign-packages.cmd ^<DirToSign^>
 
+
 
+    exit /b 1
 
+)
 
+
 
+SET RepoRoot=%~dp0..\..\..
 
+SET Project=%~dp0\XplatPackageSigner.proj
 
+
 
+%RepoRoot%\build.cmd "-restore:$false" -projects %project% /p:DirectoryToSign=%DirToSign% /bl:%RepoRoot%\artifacts\logs\XplatSign.binlog