Skip signing node_modules (#21311)

2026-02-16 10:58:30 -05:00 · 2022-11-28 16:20:58 -08:00
parent 815310f52a
commit be036ee215
5 changed files with 144 additions and 87 deletions
--- a/build/azure-pipelines/win32/sql-product-build-win32.yml
+++ b/build/azure-pipelines/win32/sql-product-build-win32.yml
@@ -160,7 +160,26 @@ steps:
    inputs:
      ConnectedServiceName: 'Code Signing'
      FolderPath: '$(agent.builddirectory)/azuredatastudio-win32-$(VSCODE_ARCH)'
-      Pattern: '*.exe,*.node,resources/app/node_modules.asar.unpacked/*.dll,d3dcompiler_47.dll,vulkan-1.dll,libGLESv2.dll,ffmpeg.dll,libEGL.dll,Microsoft.SqlTools.Hosting.dll,Microsoft.SqlTools.ResourceProvider.Core.dll,Microsoft.SqlTools.ResourceProvider.DefaultImpl.dll,MicrosoftSqlToolsCredentials.dll,MicrosoftSqlToolsServiceLayer.dll,Newtonsoft.Json.dll,SqlSerializationService.dll,SqlToolsResourceProviderService.dll,Microsoft.SqlServer.*.dll,Microsoft.Data.Tools.Sql.BatchParser.dll'
+      Pattern: |
+        *.exe
+        *.node
+        !**/node_modules/**/*
+        resources/app/node_modules.asar.unpacked/*.dll
+        d3dcompiler_47.dll
+        vulkan-1.dll
+        libGLESv2.dll
+        ffmpeg.dll
+        libEGL.dll
+        Microsoft.SqlTools.Hosting.dll
+        Microsoft.SqlTools.ResourceProvider.Core.dll
+        Microsoft.SqlTools.ResourceProvider.DefaultImpl.dll
+        MicrosoftSqlToolsCredentials.dll
+        MicrosoftSqlToolsServiceLayer.dll
+        Newtonsoft.Json.dll,SqlSerializationService.dll
+        SqlToolsResourceProviderService.dll
+        Microsoft.SqlServer.*.dll
+        Microsoft.Data.Tools.Sql.BatchParser.dll
+      useMinimatch: true
      signConfigType: inlineSignParams
      inlineOperation: |
        [
--- a/build/darwin/create-universal-app.js
+++ b/build/darwin/create-universal-app.js
@@ -78,7 +78,11 @@ async function main() {
    });
    await fs.writeJson(productJsonPath, productJson);
    // Verify if native module architecture is correct
-    const findOutput = await (0, cross_spawn_promise_1.spawn)('find', [outAppPath, '-name', 'keytar.node']);
+    // {{SQL CARBON EDIT}} Some of our extensions have their own keytar so lookup
+    //   only in core modules since this code doesn't work with multiple found modules.
+    //   We're assuming here the intent is just to check a single file for validation and not
+    //   needing to check any others since this currently is ignoring all other native modules.
+    const findOutput = await (0, cross_spawn_promise_1.spawn)('find', [outAppPath, '-name', 'keytar.node', '-regex', '.*node_modules.asar.unpacked.*',]);
    const lipoOutput = await (0, cross_spawn_promise_1.spawn)('lipo', ['-archs', findOutput.replace(/\n$/, '')]);
    if (lipoOutput.replace(/\n$/, '') !== 'x86_64 arm64') {
        throw new Error(`Invalid arch, got : ${lipoOutput}`);
--- a/build/darwin/create-universal-app.ts
+++ b/build/darwin/create-universal-app.ts
@@ -88,7 +88,11 @@ async function main() {
 	await fs.writeJson(productJsonPath, productJson);

 	// Verify if native module architecture is correct
-	const findOutput = await spawn('find', [outAppPath, '-name', 'keytar.node']);
+	// {{SQL CARBON EDIT}} Some of our extensions have their own keytar so lookup
+	//   only in core modules since this code doesn't work with multiple found modules.
+	//   We're assuming here the intent is just to check a single file for validation and not
+	//   needing to check any others since this currently is ignoring all other native modules.
+	const findOutput = await spawn('find', [outAppPath, '-name', 'keytar.node', '-regex', '.*node_modules.asar.unpacked.*',]);
 	const lipoOutput = await spawn('lipo', ['-archs', findOutput.replace(/\n$/, '')]);
 	if (lipoOutput.replace(/\n$/, '') !== 'x86_64 arm64') {
 		throw new Error(`Invalid arch, got : ${lipoOutput}`);