From d98470e34e7e859932666dfd1031db9facc90c5c Mon Sep 17 00:00:00 2001 From: Aasim Khan Date: Mon, 3 Jul 2023 10:44:09 -0700 Subject: [PATCH] Adding libssl to build-image to sign extension. (#23606) --- build/azure-pipelines/linux/Dockerfile | 6 +- .../linux/sql-product-build-linux.yml | 63 +++++++++---------- build/azure-pipelines/sql-product-build.yml | 2 +- 3 files changed, 37 insertions(+), 34 deletions(-) diff --git a/build/azure-pipelines/linux/Dockerfile b/build/azure-pipelines/linux/Dockerfile index d02318286c..6661c362d0 100644 --- a/build/azure-pipelines/linux/Dockerfile +++ b/build/azure-pipelines/linux/Dockerfile @@ -14,7 +14,11 @@ RUN apt-get update && apt-get upgrade -y RUN apt-get install -y libxkbfile-dev pkg-config libsecret-1-dev libxss1 dbus xvfb libgtk-3-0 \ libkrb5-dev git apt-transport-https ca-certificates curl gnupg-agent software-properties-common \ - libnss3 libasound2 make gcc libx11-dev fakeroot rpm libgconf-2-4 libunwind8 g++ libgbm-dev + libnss3 libasound2 make gcc libx11-dev fakeroot rpm libgconf-2-4 libunwind8 g++ libgbm-dev wget + +# Adding Libssl for dotnet 5.0 and ESRP signing to work +RUN wget -c http://security.ubuntu.com/ubuntu/pool/main/o/openssl1.0/libssl1.0.0_1.0.2n-1ubuntu5_amd64.deb +RUN dpkg -i libssl1.0.0_1.0.2n-1ubuntu5_amd64.deb #docker RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - diff --git a/build/azure-pipelines/linux/sql-product-build-linux.yml b/build/azure-pipelines/linux/sql-product-build-linux.yml index 8ebe632f8b..5f29358cc5 100644 --- a/build/azure-pipelines/linux/sql-product-build-linux.yml +++ b/build/azure-pipelines/linux/sql-product-build-linux.yml @@ -198,38 +198,37 @@ steps: version: 5.0.x installationPath: $(Agent.ToolsDirectory)/dotnet - # {{SQL CARBON TODO}} - disable extension signing while investigating build break - # - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1 - # inputs: - # ConnectedServiceName: 'Code Signing' - # FolderPath: '$(Build.SourcesDirectory)/.build' - # Pattern: 'extensions/*.vsix,langpacks/*.vsix' - # signConfigType: inlineSignParams - # inlineOperation: | - # [ - # { - # "keyCode": "CP-233016", - # "operationSetCode": "OpcSign", - # "parameters": [ - # { - # "parameterName": "FileDigest", - # "parameterValue": "/fd \"SHA256\"" - # } - # ], - # "toolName": "sign", - # "toolVersion": "1.0" - # }, - # { - # "keyCode": "CP-233016", - # "operationSetCode": "OpcVerify", - # "parameters": [], - # "toolName": "sign", - # "toolVersion": "1.0" - # } - # ] - # SessionTimeout: 120 - # displayName: 'Signing Extensions and Langpacks' - # condition: and(succeeded(), eq(variables['signed'], true)) + - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1 + inputs: + ConnectedServiceName: 'Code Signing' + FolderPath: '$(Build.SourcesDirectory)/.build' + Pattern: 'extensions/*.vsix,langpacks/*.vsix' + signConfigType: inlineSignParams + inlineOperation: | + [ + { + "keyCode": "CP-233016", + "operationSetCode": "OpcSign", + "parameters": [ + { + "parameterName": "FileDigest", + "parameterValue": "/fd \"SHA256\"" + } + ], + "toolName": "sign", + "toolVersion": "1.0" + }, + { + "keyCode": "CP-233016", + "operationSetCode": "OpcVerify", + "parameters": [], + "toolName": "sign", + "toolVersion": "1.0" + } + ] + SessionTimeout: 120 + displayName: 'Signing Extensions and Langpacks' + condition: and(succeeded(), eq(variables['signed'], true)) - script: | set -e diff --git a/build/azure-pipelines/sql-product-build.yml b/build/azure-pipelines/sql-product-build.yml index b1dfaaa41a..05c2874d02 100644 --- a/build/azure-pipelines/sql-product-build.yml +++ b/build/azure-pipelines/sql-product-build.yml @@ -1,7 +1,7 @@ resources: containers: - container: linux-x64 - image: sqltoolscontainers.azurecr.io/linux-build-agent:7 + image: sqltoolscontainers.azurecr.io/linux-build-agent:8 endpoint: SqlToolsContainers stages: