huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add a script for signing packages which can only be produced on non-Windows platforms (#6823)

This commit is contained in:
Nate McMaster 2019-01-17 15:16:24 -08:00 committed by GitHub
parent 49a2de9e59
commit 3dbf5d28fe
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 53 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
eng/tools/XplatPackageSigner/XplatPackageSigner.proj Normal file
View File

@ -0,0 +1,38 @@
<!--
Code signing of .nupkg's built on Linux/macOS cannot be code-signed on the same machine which built the package.
This project takes as inputs a folder of *.nupkg packages and code signs them using MicroBuild.
Note: because Authenticode signing of .dll's is not something Linux and macOS can verify anyways, this signing
process only code-signs the .nupkg itself, not the contents.
-->
<Project DefaultTargets="AfterBuild" InitialTargets="CheckForRequiredProperties">
<PropertyGroup>
<SignType>$([MSBuild]::ValueOrDefault($(SignType),'real'))</SignType>
</PropertyGroup>
<Import Project="..\..\..\Directory.Build.props" />
<Import Project="..\..\targets\MicroBuild.Plugin.props" Condition="'$(MicroBuildSentinelFile)' == ''" />
<Import Project="$(MicroBuildPluginDirectory)\MicroBuild.Plugins.*\**\build\MicroBuild.Plugins.*.props" Condition=" '$(MicroBuildPluginDirectory)' != ''" />
<PropertyGroup>
<OutDir>$(RepositoryRoot)bin\$(MSBuildProjectName)\</OutDir>
<IntermediateOutputPath>$(RepositoryRoot)obj\$(MSBuildProjectName)\</IntermediateOutputPath>
</PropertyGroup>
<ItemGroup Condition="'$(DirectoryToSign)' != ''">
<SymbolsPackages Include="$([MSBuild]::NormalizeDirectory($(DirectoryToSign)))**\*.symbols.nupkg" />
<FilesToSign Include="$([MSBuild]::NormalizeDirectory($(DirectoryToSign)))**\*.nupkg">
<Authenticode>$(PackageSigningCertName)</Authenticode>
</FilesToSign>
</ItemGroup>
<Target Name="CheckForRequiredProperties">
<Error Text="Missing required property: DirectoryToSign" Condition="'$(DirectoryToSign)' == ''"/>
<Error Text="Missing required property: PackageSigningCertName" Condition="'$(PackageSigningCertName)' == ''"/>
<Error Text="Could not find any packages to sign in $(DirectoryToSign)" Condition="@(FilesToSign->Count()) == 0"/>
</Target>
<!-- MicroBuild code-signing chains onto this target. -->
<Target Name="AfterBuild" />
<Import Project="$(MicroBuildPluginDirectory)\MicroBuild.Plugins.*\**\build\MicroBuild.Plugins.*.targets" Condition=" '$(MicroBuildPluginDirectory)' != ''" />
</Project>

15
eng/tools/XplatPackageSigner/sign-packages.cmd Normal file
View File

@ -0,0 +1,15 @@
@ECHO OFF
SET DirToSign=%1
IF "%DirToSign%"=="" (
echo Error^: Expected argument ^<DirToSign^>
echo Usage^: sign-packages.cmd ^<DirToSign^>
exit /b 1
)
SET RepoRoot=%~dp0..\..\..
SET Project=%~dp0\XplatPackageSigner.proj
%RepoRoot%\build.cmd "-restore:$false" -projects %project% /p:DirectoryToSign=%DirToSign% /bl:%RepoRoot%\artifacts\logs\XplatSign.binlog