diff --git a/scripts/azure-pipelines/linux/azure-pipelines.yml b/scripts/azure-pipelines/linux/azure-pipelines.yml index 0541975043..36b28f029a 100644 --- a/scripts/azure-pipelines/linux/azure-pipelines.yml +++ b/scripts/azure-pipelines/linux/azure-pipelines.yml @@ -41,7 +41,7 @@ jobs: inputs: failOnStderr: true filePath: 'scripts/azure-pipelines/test-modified-ports.ps1' - arguments: '-Triplet x64-linux -BuildReason $(Build.Reason) -ArchivesRoot /archives -WorkingRoot ${{ variables.WORKING_ROOT }} -ArtifactsDirectory $(System.ArtifactsDirectory)' + arguments: '-Triplet x64-linux -BuildReason $(Build.Reason) -ArchivesRoot /archives -WorkingRoot ${{ variables.WORKING_ROOT }} -ArtifactStagingDirectory $(Build.ArtifactStagingDirectory)' - bash: | df -h displayName: 'Report on Disk Space After Build' @@ -49,7 +49,7 @@ jobs: - task: PublishBuildArtifacts@1 displayName: 'Publish Artifact: failure logs for x64-linux' inputs: - PathtoPublish: '$(System.ArtifactsDirectory)/failure-logs' + PathtoPublish: '$(Build.ArtifactStagingDirectory)/failure-logs' ArtifactName: 'failure logs for x64-linux' condition: failed() - bash: | diff --git a/scripts/azure-pipelines/osx/azure-pipelines.yml b/scripts/azure-pipelines/osx/azure-pipelines.yml index 0856aada79..1b601fa7de 100644 --- a/scripts/azure-pipelines/osx/azure-pipelines.yml +++ b/scripts/azure-pipelines/osx/azure-pipelines.yml @@ -51,7 +51,7 @@ jobs: inputs: failOnStderr: true filePath: 'scripts/azure-pipelines/test-modified-ports.ps1' - arguments: '-Triplet x64-osx -BuildReason $(Build.Reason) -ArchivesRoot ${{ variables.WORKING_ROOT }}/archives -WorkingRoot ${{ variables.WORKING_ROOT }} -ArtifactsDirectory $(System.ArtifactsDirectory)' + arguments: '-Triplet x64-osx -BuildReason $(Build.Reason) -ArchivesRoot ${{ variables.WORKING_ROOT }}/archives -WorkingRoot ${{ variables.WORKING_ROOT }} -ArtifactStagingDirectory $(Build.ArtifactStagingDirectory)' - bash: | df -h displayName: 'Report on Disk Space After Build' @@ -59,7 +59,7 @@ jobs: - task: PublishBuildArtifacts@1 displayName: 'Publish Artifact: failure logs for x64-osx' inputs: - PathtoPublish: '$(System.ArtifactsDirectory)/failure-logs' + PathtoPublish: '$(Build.ArtifactStagingDirectory)/failure-logs' ArtifactName: 'failure logs for x64-osx' condition: failed() - bash: | diff --git a/scripts/azure-pipelines/signing.yml b/scripts/azure-pipelines/signing.yml new file mode 100644 index 0000000000..2d8e0065d2 --- /dev/null +++ b/scripts/azure-pipelines/signing.yml @@ -0,0 +1,109 @@ +# This script is used internally to produce signed vcpkg builds. +# It uses machines / tasks that are not exposed here on GitHub, as +# the hardware on which we allow signing is restricted. + +trigger: none + +variables: + TeamName: vcpkg +jobs: + - job: windows + displayName: "Windows" + dependsOn: + pool: + name: 'VSEng-MicroBuildVS2019' + demands: + - CMAKE + steps: + - task: PoliCheck@1 + inputs: + inputType: 'Basic' + targetType: 'F' + targetArgument: '$(Build.SourcesDirectory)' + result: 'PoliCheck.xml' + - task: CmdLine@2 + displayName: "Build vcpkg with CMake" + inputs: + failOnStderr: true + script: | + call "C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\Common7\Tools\VsDevCmd.bat" -arch=x86 -host_arch=x86 + cmake.exe -G Ninja -DCMAKE_BUILD_TYPE=Release -DBUILD_TESTING=OFF -DVCPKG_DEVELOPMENT_WARNINGS=ON -DVCPKG_WARNINGS_AS_ERRORS=ON -DVCPKG_BUILD_FUZZING=OFF -B "$(Build.StagingDirectory)" -S toolsrc + ninja.exe -C "$(Build.StagingDirectory)" + - task: MicroBuildSigningPlugin@2 + inputs: + signType: 'real' + feedSource: 'https://devdiv.pkgs.visualstudio.com/DefaultCollection/_packaging/MicroBuildToolset/nuget/v3/index.json' + - task: NuGetToolInstaller@1 + inputs: + versionSpec: 5.7 + - task: NuGetCommand@2 + displayName: 'NuGet Restore MicroBuild Signing Extension' + inputs: + command: 'restore' + restoreSolution: 'scripts/azure-pipelines/windows/signing.signproj' + feedsToUse: 'config' + restoreDirectory: '$(Build.SourcesDirectory)\scripts\azure-pipelines\packages' + - task: MSBuild@1 + displayName: 'Sign vcpkg.exe' + inputs: + solution: 'scripts\azure-pipelines\windows\signing.signproj' + msbuildArguments: '/p:OutDir=$(Build.ArtifactStagingDirectory)\ /p:IntermediateOutputPath=$(Build.StagingDirectory)\' + - task: BinSkim@3 + inputs: + InputType: 'CommandLine' + arguments: 'analyze "$(Build.StagingDirectory)\vcpkg.exe"' + - task: PublishBuildArtifacts@1 + displayName: 'Publish vcpkg.exe' + inputs: + PathtoPublish: '$(Build.ArtifactStagingDirectory)\vcpkg.exe' + ArtifactName: 'Windows' + publishLocation: 'Container' + - task: PublishBuildArtifacts@1 + displayName: 'Publish vcpkg.pdb' + inputs: + PathtoPublish: '$(Build.ArtifactStagingDirectory)\vcpkg.pdb' + ArtifactName: 'Windows' + publishLocation: 'Container' + - task: MicroBuildCleanup@1 + condition: succeededOrFailed() + displayName: MicroBuild Cleanup + - job: macos_build + displayName: 'MacOS Build' + pool: + vmImage: macOS-10.15 + steps: + - task: CmdLine@2 + displayName: "Build vcpkg with CMake" + inputs: + failOnStderr: true + script: | + cmake -DCMAKE_CXX_COMPILER=clang++ -DCMAKE_BUILD_TYPE=Release -DBUILD_TESTING=OFF -DVCPKG_DEVELOPMENT_WARNINGS=ON -DVCPKG_WARNINGS_AS_ERRORS=ON -DVCPKG_BUILD_FUZZING=OFF -B "$(Build.StagingDirectory)" -S toolsrc + make -j 8 -C "$(Build.StagingDirectory)" + zip "$(Build.StagingDirectory)/vcpkg.zip" "$(Build.StagingDirectory)/vcpkg" + - task: PublishBuildArtifacts@1 + displayName: "Publish Unsigned MacOS Binary" + inputs: + PathtoPublish: '$(Build.StagingDirectory)/vcpkg.zip' + ArtifactName: 'staging' + publishLocation: 'Container' + - job: macos_sign + displayName: 'MacOS Sign' + dependsOn: macos_build + pool: + name: VSEng-MicroBuildVS2019 + steps: + - checkout: none + - task: DownloadBuildArtifacts@0 + displayName: 'Download Unsigned Binary' + inputs: + artifactName: staging + - task: ms-vseng.MicroBuildTasks.7973a23b-33e3-4b00-a7d9-c06d90f8297f.MicroBuildSignMacFiles@1 + displayName: 'Sign Mac Files' + inputs: + SigningTarget: '$(Build.ArtifactStagingDirectory)\staging\vcpkg.zip' + SigningCert: 8003 + - task: PublishBuildArtifacts@1 + displayName: 'Publish Signed Binary' + inputs: + PathtoPublish: '$(Build.ArtifactStagingDirectory)\staging\vcpkg.zip' + ArtifactName: 'MacOS' diff --git a/scripts/azure-pipelines/test-modified-ports.ps1 b/scripts/azure-pipelines/test-modified-ports.ps1 index 27ff3290ca..773c55d138 100755 --- a/scripts/azure-pipelines/test-modified-ports.ps1 +++ b/scripts/azure-pipelines/test-modified-ports.ps1 @@ -15,7 +15,7 @@ The location where the binary caching archives are stored. Shared across runs of .PARAMETER WorkingRoot The location used as scratch space for 'installed', 'packages', and 'buildtrees' vcpkg directories. -.PARAMETER ArtifactsDirectory +.PARAMETER ArtifactStagingDirectory The Azure Pipelines artifacts directory. If not supplied, defaults to the current directory. .PARAMETER BuildReason @@ -35,7 +35,7 @@ Param( [ValidateNotNullOrEmpty()] $WorkingRoot, [ValidateNotNullOrEmpty()] - $ArtifactsDirectory = '.', + $ArtifactStagingDirectory = '.', $BuildReason = $null ) @@ -83,11 +83,11 @@ else { $executableExtension = '.exe' } -$xmlResults = Join-Path $ArtifactsDirectory 'xml-results' +$xmlResults = Join-Path $ArtifactStagingDirectory 'xml-results' mkdir $xmlResults $xmlFile = Join-Path $xmlResults "$Triplet.xml" -$failureLogs = Join-Path $ArtifactsDirectory 'failure-logs' +$failureLogs = Join-Path $ArtifactStagingDirectory 'failure-logs' & "./vcpkg$executableExtension" x-ci-clean @commonArgs $skipList = . "$PSScriptRoot/generate-skip-list.ps1" ` diff --git a/scripts/azure-pipelines/windows/azure-pipelines.yml b/scripts/azure-pipelines/windows/azure-pipelines.yml index bb8c7435c3..435c5fc697 100644 --- a/scripts/azure-pipelines/windows/azure-pipelines.yml +++ b/scripts/azure-pipelines/windows/azure-pipelines.yml @@ -57,7 +57,7 @@ jobs: inputs: failOnStderr: true filePath: 'scripts/azure-pipelines/test-modified-ports.ps1' - arguments: '-Triplet ${{ parameters.triplet }} -BuildReason $(Build.Reason) -ArchivesRoot W:\ -WorkingRoot ${{ variables.WORKING_ROOT }} -ArtifactsDirectory $(System.ArtifactsDirectory)' + arguments: '-Triplet ${{ parameters.triplet }} -BuildReason $(Build.Reason) -ArchivesRoot W:\ -WorkingRoot ${{ variables.WORKING_ROOT }} -ArtifactStagingDirectory $(Build.ArtifactStagingDirectory)' pwsh: true - task: PowerShell@2 displayName: 'Report on Disk Space After Build' @@ -68,7 +68,7 @@ jobs: - task: PublishBuildArtifacts@1 displayName: 'Publish Artifact: failure logs for ${{ parameters.triplet }}' inputs: - PathtoPublish: '$(System.ArtifactsDirectory)\failure-logs' + PathtoPublish: '$(Build.ArtifactStagingDirectory)\failure-logs' ArtifactName: 'failure logs for ${{ parameters.triplet }}' condition: failed() - task: PowerShell@2 diff --git a/scripts/azure-pipelines/windows/packages.config b/scripts/azure-pipelines/windows/packages.config new file mode 100644 index 0000000000..d48977f796 --- /dev/null +++ b/scripts/azure-pipelines/windows/packages.config @@ -0,0 +1,4 @@ + + + + \ No newline at end of file diff --git a/scripts/azure-pipelines/windows/signing.signproj b/scripts/azure-pipelines/windows/signing.signproj new file mode 100644 index 0000000000..2ded02c83f --- /dev/null +++ b/scripts/azure-pipelines/windows/signing.signproj @@ -0,0 +1,36 @@ + + + + + + + + all + runtime; build; native; contentfiles; analyzers; buildtransitive + + + + + + Microsoft400 + + + + + + + + + This project references NuGet package(s) that are missing on this computer. Use NuGet Package Restore to download them. For more information, see http://go.microsoft.com/fwlink/?LinkID=322105. The missing file is {0}. + + + + + + + + + + + + diff --git a/toolsrc/CMakeLists.txt b/toolsrc/CMakeLists.txt index 35f30b0573..89c3b3b60a 100644 --- a/toolsrc/CMakeLists.txt +++ b/toolsrc/CMakeLists.txt @@ -56,6 +56,17 @@ set(CMAKE_CXX_STANDARD_REQUIRED ON) set(CMAKE_CXX_STANDARD 17) if(MSVC) string(REGEX REPLACE "[-/]W[0-4]" "" CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS}") + if (CMAKE_BUILD_TYPE STREQUAL "Release") + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /Zi /guard:cf") + set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} /DEBUG /debugtype:cv,fixup /guard:cf") + endif() +endif() + +if(APPLE) + SET(CMAKE_C_ARCHIVE_CREATE " Scr ") + SET(CMAKE_CXX_ARCHIVE_CREATE " Scr ") + SET(CMAKE_C_ARCHIVE_FINISH " -no_warning_for_no_symbols -c ") + SET(CMAKE_CXX_ARCHIVE_FINISH " -no_warning_for_no_symbols -c ") endif() # ===============