diff --git a/.github/workflows/build-pack-release.yml b/.github/workflows/build-pack-release.yml index 8709bd2..4315af1 100644 --- a/.github/workflows/build-pack-release.yml +++ b/.github/workflows/build-pack-release.yml @@ -31,32 +31,32 @@ jobs: role-to-assume: ${{ secrets.AWS_ASSUME_ROLE_ARN_RELEASE }} aws-region: us-west-2 - - name: Get Strong-Naming Key - run: > - aws s3api get-object - --bucket ${{ secrets.SNK_BUCKET }} - --key awsxrayrecorder.dll.snk - awsxrayrecorder.dll.snk + # - name: Get Strong-Naming Key + # run: > + # aws s3api get-object + # --bucket ${{ secrets.SNK_BUCKET }} + # --key awsxrayrecorder.dll.snk + # awsxrayrecorder.dll.snk - - name: Install dependencies - run: dotnet restore .\sdk\AWSXRayRecorder.sln - - - name: Build solution - run: > - dotnet build - .\sdk\AWSXRayRecorder.sln - /p:Configuration=Release - --no-restore - /p:AssemblyOriginatorKeyFile=${{ github.workspace }}\awsxrayrecorder.dll.snk - - - name: Clean up the snk file - run: rm .\awsxrayrecorder.dll.snk - - - name: Assume signer role - uses: aws-actions/configure-aws-credentials@v1 - with: - role-to-assume: ${{ secrets.AWS_ARTIFACT_ACCESS_ROLE_ARN }} - aws-region: us-west-2 + # - name: Install dependencies + # run: dotnet restore .\sdk\AWSXRayRecorder.sln + + # - name: Build solution + # run: > + # dotnet build + # .\sdk\AWSXRayRecorder.sln + # /p:Configuration=Release + # --no-restore + # /p:AssemblyOriginatorKeyFile=${{ github.workspace }}\awsxrayrecorder.dll.snk + + # - name: Clean up the snk file + # run: rm .\awsxrayrecorder.dll.snk + + # - name: Assume signer role + # uses: aws-actions/configure-aws-credentials@v1 + # with: + # role-to-assume: ${{ secrets.AWS_ARTIFACT_ACCESS_ROLE_ARN }} + # aws-region: us-west-2 - name: Invoke Signing script env: @@ -72,52 +72,52 @@ jobs: .\buildtools\sign_files.ps1 -Filters AWSXRayRecorder.*.dll -Recurse -Path .\sdk\src\Handlers\SqlServer\bin\Release .\buildtools\sign_files.ps1 -Filters AWSXRayRecorder.*.dll -Recurse -Path .\sdk\src\Handlers\System.Net\bin\Release - - name: Pack nugets - run: > - dotnet pack - .\sdk\AWSXRayRecorder.sln - --no-build - -c Release - -o .\Deployment\nuget-packages - - nuget pack - .\sdk\AWSXRayRecorder.nuspec - -OutputDirectory .\Deployment\nuget-packages - -Exclude ** - - - name: Upload nugets to this GitHub Action run as an artifact - uses: actions/upload-artifact@v2 - with: - name: nuget-packages - path: Deployment/nuget-packages/ - - - name: Assume nuget role - uses: aws-actions/configure-aws-credentials@v1 - with: - role-to-assume: ${{ secrets.NUGET_ACCESS_ROLE_ARN }} - aws-region: us-west-2 - - - name: Push packages to Nuget.org - run: > - $nugetKey = aws secretsmanager get-secret-value - --secret-id ${{ secrets.NUGET_SECRETS_ID }} - --region us-west-2 - --output text - --query SecretString | ConvertFrom-Json - - nuget push - .\Deployment\nuget-packages\*.nupkg - -Source https://api.nuget.org/v3/index.json - -ApiKey $nugetKey.Key + # - name: Pack nugets + # run: > + # dotnet pack + # .\sdk\AWSXRayRecorder.sln + # --no-build + # -c Release + # -o .\Deployment\nuget-packages + + # nuget pack + # .\sdk\AWSXRayRecorder.nuspec + # -OutputDirectory .\Deployment\nuget-packages + # -Exclude ** + + # - name: Upload nugets to this GitHub Action run as an artifact + # uses: actions/upload-artifact@v2 + # with: + # name: nuget-packages + # path: Deployment/nuget-packages/ + + # - name: Assume nuget role + # uses: aws-actions/configure-aws-credentials@v1 + # with: + # role-to-assume: ${{ secrets.NUGET_ACCESS_ROLE_ARN }} + # aws-region: us-west-2 + + # - name: Push packages to Nuget.org + # run: > + # $nugetKey = aws secretsmanager get-secret-value + # --secret-id ${{ secrets.NUGET_SECRETS_ID }} + # --region us-west-2 + # --output text + # --query SecretString | ConvertFrom-Json + + # nuget push + # .\Deployment\nuget-packages\*.nupkg + # -Source https://api.nuget.org/v3/index.json + # -ApiKey $nugetKey.Key - - name: Create draft release - id: create_release - uses: actions/create-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: 'V${{ github.event.inputs.version }}' - release_name: 'Release ${{ github.event.inputs.version }}' - body: 'Please refer [change-log](https://github.com/aws/aws-xray-sdk-dotnet/blob/master/CHANGELOG.md) for more details' - draft: true - prerelease: false + # - name: Create draft release + # id: create_release + # uses: actions/create-release@v1 + # env: + # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # with: + # tag_name: 'V${{ github.event.inputs.version }}' + # release_name: 'Release ${{ github.event.inputs.version }}' + # body: 'Please refer [change-log](https://github.com/aws/aws-xray-sdk-dotnet/blob/master/CHANGELOG.md) for more details' + # draft: true + # prerelease: false diff --git a/buildtools/sign_files.ps1 b/buildtools/sign_files.ps1 index d7fd988..3e90001 100644 --- a/buildtools/sign_files.ps1 +++ b/buildtools/sign_files.ps1 @@ -26,31 +26,31 @@ Param Begin { $ErrorActionPreference = "Stop" - $unsignedS3bucket = $Env:UNSIGNED_BUCKET + # $unsignedS3bucket = $Env:UNSIGNED_BUCKET $signedS3bucket = $Env:SIGNED_BUCKET $FilesToSign = @() - if ($PSCmdlet.ParameterSetName -eq "Files") - { - $FilesToSign = $Files - } - else - { - if ($Recurse) - { - $FilesToSign = Get-ChildItem -Path $Path -Include $Filters -File -Recurse | Select-Object -ExpandProperty FullName - } - else - { - $FilesToSign = Get-ChildItem -Path $Path\* -Include $Filters -File | Select-Object -ExpandProperty FullName - } - } - - if ($FilesToSign.Count -eq 0) - { - return "Nothing to sign" - } + # if ($PSCmdlet.ParameterSetName -eq "Files") + # { + # $FilesToSign = $Files + # } + # else + # { + # if ($Recurse) + # { + # $FilesToSign = Get-ChildItem -Path $Path -Include $Filters -File -Recurse | Select-Object -ExpandProperty FullName + # } + # else + # { + # $FilesToSign = Get-ChildItem -Path $Path\* -Include $Filters -File | Select-Object -ExpandProperty FullName + # } + # } + + # if ($FilesToSign.Count -eq 0) + # { + # return "Nothing to sign" + # } filter ValidateJob() { @@ -68,35 +68,37 @@ Begin param($file) $key = Split-Path $file -leaf - $key = "XRayDotNetSignerProfile/AuthenticodeSigner-SHA256-RSA/$key" + $key = "index.js" $retryCount = 0 $maxRetryCount = 10 Write-Host "Signing File: ", $file - do { - $versionId = aws s3api put-object --bucket $unsignedS3bucket --key $key --body $file --query VersionId --acl bucket-owner-full-control - $retryCount++ - } while ($LASTEXITCODE -ne 0 -and $retryCount -le $maxRetryCount) - - if ($LASTEXITCODE -ne 0) - { - throw "Upload failed for: $file Reason: " + $Error[0].Exception.Message - } - - $retryCount = 0 - do { - $jobId = aws s3api get-object-tagging --bucket $unsignedS3bucket --key $key --version-id $versionId --query 'TagSet[?Key==`signer-job-id`].Value | [0]' - $retryCount++ - } while ($jobId -eq "null" -and $retryCount -le $maxRetryCount) - - if ($jobId -eq "null") - { - throw "Exceeded retries to check if the object has finished signing for: $file" - } + # do { + # $versionId = aws s3api put-object --bucket $unsignedS3bucket --key $key --body $file --query VersionId --acl bucket-owner-full-control + # $retryCount++ + # } while ($LASTEXITCODE -ne 0 -and $retryCount -le $maxRetryCount) + + # if ($LASTEXITCODE -ne 0) + # { + # throw "Upload failed for: $file Reason: " + $Error[0].Exception.Message + # } + + # $retryCount = 0 + # do { + # $jobId = aws s3api get-object-tagging --bucket $unsignedS3bucket --key $key --version-id $versionId --query 'TagSet[?Key==`signer-job-id`].Value | [0]' + # $retryCount++ + # } while ($jobId -eq "null" -and $retryCount -le $maxRetryCount) + + # if ($jobId -eq "null") + # { + # throw "Exceeded retries to check if the object has finished signing for: $file" + # } $retryCount = 0 do { - aws s3api get-object --bucket $signedS3bucket --key $key-$jobId $file + Write-Host "aws s3api get-object --bucket $signedS3bucket --key $file $file" + Write-Host "retryCount: $retryCount" + aws s3api get-object --bucket $signedS3bucket --key $file $file $retryCount++ } while ($LASTEXITCODE -ne 0 -and $retryCount -le $maxRetryCount) @@ -110,10 +112,12 @@ Begin Write-Host "Signing", $FilesToSign.Count, "file(s)..." - foreach ($file in $FilesToSign) - { - $null = Invoke-Command -ScriptBlock $signFile -ArgumentList $file - } + # foreach ($file in $FilesToSign) + # { + $null = Invoke-Command -ScriptBlock $signFile -ArgumentList "index.js" + $null = Invoke-Command -ScriptBlock $signFile -ArgumentList "package.json" + $null = Invoke-Command -ScriptBlock $signFile -ArgumentList "package-lock.json" + # } Get-Job | Wait-Job | ValidateJob