VS Code merge to df8fe74bd55313de0dd2303bc47a4aab0ca56b0e (#17979)

* Merge from vscode 504f934659740e9d41501cad9f162b54d7745ad9 * delete unused folders * distro * Bump build node version * update chokidar * FIx hygiene errors * distro * Fix extension lint issues * Remove strict-vscode * Add copyright header exemptions * Bump vscode-extension-telemetry to fix webpacking issue with zone.js * distro * Fix failing tests (revert marked.js back to current one until we decide to update) * Skip searchmodel test * Fix mac build * temp debug script loading * Try disabling coverage * log error too * Revert "log error too" This reverts commit af0183e5d4ab458fdf44b88fbfab9908d090526f. * Revert "temp debug script loading" This reverts commit 3d687d541c76db2c5b55626c78ae448d3c25089c. * Add comments explaining coverage disabling * Fix ansi_up loading issue * Merge latest from ads * Use newer option * Fix compile * add debug logging warn * Always log stack * log more * undo debug * Update to use correct base path (+cleanup) * distro * fix compile errors * Remove strict-vscode * Fix sql editors not showing * Show db dropdown input & fix styling * Fix more info in gallery * Fix gallery asset requests * Delete unused workflow * Fix tapable resolutions for smoke test compile error * Fix smoke compile * Disable crash reporting * Disable interactive Co-authored-by: ADS Merger <karlb@microsoft.com>
2026-02-17 02:51:36 -05:00 · 2022-01-06 09:06:56 -08:00
parent fd2736b6a6
commit 2bc6a0cd01
2099 changed files with 79520 additions and 43813 deletions
--- a/build/azure-pipelines/common/sign.ts
+++ b/build/azure-pipelines/common/sign.ts
@@ -0,0 +1,84 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the Source EULA. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+
+import * as cp from 'child_process';
+import * as fs from 'fs';
+import * as tmp from 'tmp';
+import * as crypto from 'crypto';
+
+function getParams(type: string): string {
+	switch (type) {
+		case 'windows':
+			return '[{"keyCode":"CP-230012","operationSetCode":"SigntoolSign","parameters":[{"parameterName":"OpusName","parameterValue":"VS Code"},{"parameterName":"OpusInfo","parameterValue":"https://code.visualstudio.com/"},{"parameterName":"Append","parameterValue":"/as"},{"parameterName":"FileDigest","parameterValue":"/fd \\"SHA256\\""},{"parameterName":"PageHash","parameterValue":"/NPH"},{"parameterName":"TimeStamp","parameterValue":"/tr \\"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\\" /td sha256"}],"toolName":"sign","toolVersion":"1.0"},{"keyCode":"CP-230012","operationSetCode":"SigntoolVerify","parameters":[{"parameterName":"VerifyAll","parameterValue":"/all"}],"toolName":"sign","toolVersion":"1.0"}]';
+		case 'rpm':
+			return '[{ "keyCode": "CP-450779-Pgp", "operationSetCode": "LinuxSign", "parameters": [], "toolName": "sign", "toolVersion": "1.0" }]';
+		case 'darwin-sign':
+			return '[{"keyCode":"CP-401337-Apple","operationSetCode":"MacAppDeveloperSign","parameters":[{"parameterName":"Hardening","parameterValue":"--options=runtime"}],"toolName":"sign","toolVersion":"1.0"}]';
+		case 'darwin-notarize':
+			return '[{"keyCode":"CP-401337-Apple","operationSetCode":"MacAppNotarize","parameters":[{"parameterName":"BundleId","parameterValue":"$(BundleIdentifier)"}],"toolName":"sign","toolVersion":"1.0"}]';
+		default:
+			throw new Error(`Sign type ${type} not found`);
+	}
+}
+
+export function main([esrpCliPath, type, cert, username, password, folderPath, pattern]: string[]) {
+	tmp.setGracefulCleanup();
+
+	const patternPath = tmp.tmpNameSync();
+	fs.writeFileSync(patternPath, pattern);
+
+	const paramsPath = tmp.tmpNameSync();
+	fs.writeFileSync(paramsPath, getParams(type));
+
+	const keyFile = tmp.tmpNameSync();
+	const key = crypto.randomBytes(32);
+	const iv = crypto.randomBytes(16);
+	fs.writeFileSync(keyFile, JSON.stringify({ key: key.toString('hex'), iv: iv.toString('hex') }));
+
+	const clientkeyPath = tmp.tmpNameSync();
+	const clientkeyCypher = crypto.createCipheriv('aes-256-cbc', key, iv);
+	let clientkey = clientkeyCypher.update(password, 'utf8', 'hex');
+	clientkey += clientkeyCypher.final('hex');
+	fs.writeFileSync(clientkeyPath, clientkey);
+
+	const clientcertPath = tmp.tmpNameSync();
+	const clientcertCypher = crypto.createCipheriv('aes-256-cbc', key, iv);
+	let clientcert = clientcertCypher.update(cert, 'utf8', 'hex');
+	clientcert += clientcertCypher.final('hex');
+	fs.writeFileSync(clientcertPath, clientcert);
+
+	const args = [
+		esrpCliPath,
+		'vsts.sign',
+		'-a', username,
+		'-k', clientkeyPath,
+		'-z', clientcertPath,
+		'-f', folderPath,
+		'-p', patternPath,
+		'-u', 'false',
+		'-x', 'regularSigning',
+		'-b', 'input.json',
+		'-l', 'AzSecPack_PublisherPolicyProd.xml',
+		'-y', 'inlineSignParams',
+		'-j', paramsPath,
+		'-c', '9997',
+		'-t', '120',
+		'-g', '10',
+		'-v', 'Tls12',
+		'-s', 'https://api.esrp.microsoft.com/api/v1',
+		'-m', '0',
+		'-o', 'Microsoft',
+		'-i', 'https://www.microsoft.com',
+		'-n', '5',
+		'-r', 'true',
+		'-e', keyFile,
+	];
+
+	cp.spawnSync('dotnet', args, { stdio: 'inherit' });
+}
+
+if (require.main === module) {
+	main(process.argv.slice(2));
+}