Adding libssl to build-image to sign extension. (#23606)

2026-02-17 02:51:36 -05:00 · 2023-07-03 10:44:09 -07:00
parent e8c8e54263
commit d98470e34e
3 changed files with 37 additions and 34 deletions
--- a/build/azure-pipelines/linux/Dockerfile
+++ b/build/azure-pipelines/linux/Dockerfile
@@ -14,7 +14,11 @@ RUN apt-get update && apt-get upgrade -y
 RUN apt-get install -y libxkbfile-dev pkg-config libsecret-1-dev libxss1 dbus xvfb libgtk-3-0 \
 	libkrb5-dev git apt-transport-https ca-certificates curl gnupg-agent software-properties-common \
-	libnss3 libasound2 make gcc libx11-dev fakeroot rpm libgconf-2-4 libunwind8 g++ libgbm-dev
+	libnss3 libasound2 make gcc libx11-dev fakeroot rpm libgconf-2-4 libunwind8 g++ libgbm-dev wget
 # Adding Libssl for dotnet 5.0 and ESRP signing to work
 RUN wget -c http://security.ubuntu.com/ubuntu/pool/main/o/openssl1.0/libssl1.0.0_1.0.2n-1ubuntu5_amd64.deb
 RUN dpkg -i libssl1.0.0_1.0.2n-1ubuntu5_amd64.deb
 #docker
 RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
--- a/build/azure-pipelines/linux/sql-product-build-linux.yml
+++ b/build/azure-pipelines/linux/sql-product-build-linux.yml
@@ -198,38 +198,37 @@ steps:
      version: 5.0.x
      installationPath: $(Agent.ToolsDirectory)/dotnet
-  # {{SQL CARBON TODO}} - disable extension signing while investigating build break
+  - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
-  # - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
+    inputs:
-  #   inputs:
+      ConnectedServiceName: 'Code Signing'
-  #     ConnectedServiceName: 'Code Signing'
+      FolderPath: '$(Build.SourcesDirectory)/.build'
-  #     FolderPath: '$(Build.SourcesDirectory)/.build'
+      Pattern: 'extensions/*.vsix,langpacks/*.vsix'
-  #     Pattern: 'extensions/*.vsix,langpacks/*.vsix'
+      signConfigType: inlineSignParams
-  #     signConfigType: inlineSignParams
+      inlineOperation: |
-  #     inlineOperation: |
+        [
-  #       [
+          {
-  #         {
+            "keyCode": "CP-233016",
-  #           "keyCode": "CP-233016",
+            "operationSetCode": "OpcSign",
-  #           "operationSetCode": "OpcSign",
+            "parameters": [
-  #           "parameters": [
+              {
-  #             {
+                "parameterName": "FileDigest",
-  #               "parameterName": "FileDigest",
+                "parameterValue": "/fd \"SHA256\""
-  #               "parameterValue": "/fd \"SHA256\""
+              }
-  #             }
+            ],
-  #           ],
+            "toolName": "sign",
-  #           "toolName": "sign",
+            "toolVersion": "1.0"
-  #           "toolVersion": "1.0"
+          },
-  #         },
+          {
-  #         {
+            "keyCode": "CP-233016",
-  #           "keyCode": "CP-233016",
+            "operationSetCode": "OpcVerify",
-  #           "operationSetCode": "OpcVerify",
+            "parameters": [],
-  #           "parameters": [],
+            "toolName": "sign",
-  #           "toolName": "sign",
+            "toolVersion": "1.0"
-  #           "toolVersion": "1.0"
+          }
-  #         }
+        ]
-  #       ]
+      SessionTimeout: 120
-  #     SessionTimeout: 120
+    displayName: 'Signing Extensions and Langpacks'
-  #   displayName: 'Signing Extensions and Langpacks'
+    condition: and(succeeded(), eq(variables['signed'], true))
  #   condition: and(succeeded(), eq(variables['signed'], true))
  - script: |
      set -e
--- a/build/azure-pipelines/sql-product-build.yml
+++ b/build/azure-pipelines/sql-product-build.yml
@@ -1,7 +1,7 @@
 resources:
  containers:
  - container: linux-x64
-    image: sqltoolscontainers.azurecr.io/linux-build-agent:7
+    image: sqltoolscontainers.azurecr.io/linux-build-agent:8
    endpoint: SqlToolsContainers
 stages: