-
Notifications
You must be signed in to change notification settings - Fork 3.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge commit 'd20ce761422e7178512bb89bfa3fdce797924616'
- Loading branch information
Showing
16 changed files
with
288 additions
and
30 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
28 changes: 28 additions & 0 deletions
28
eng/common/templates-official/steps/enable-internal-runtimes.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
# Obtains internal runtime download credentials and populates the 'dotnetbuilds-internal-container-read-token-base64' | ||
# variable with the base64-encoded SAS token, by default | ||
|
||
parameters: | ||
- name: federatedServiceConnection | ||
type: string | ||
default: 'dotnetbuilds-internal-read' | ||
- name: outputVariableName | ||
type: string | ||
default: 'dotnetbuilds-internal-container-read-token-base64' | ||
- name: expiryInHours | ||
type: number | ||
default: 1 | ||
- name: base64Encode | ||
type: boolean | ||
default: true | ||
|
||
steps: | ||
- ${{ if ne(variables['System.TeamProject'], 'public') }}: | ||
- template: /eng/common/templates-official/steps/get-delegation-sas.yml | ||
parameters: | ||
federatedServiceConnection: ${{ parameters.federatedServiceConnection }} | ||
outputVariableName: ${{ parameters.outputVariableName }} | ||
expiryInHours: ${{ parameters.expiryInHours }} | ||
base64Encode: ${{ parameters.base64Encode }} | ||
storageAccount: dotnetbuilds | ||
container: internal | ||
permissions: rl |
43 changes: 43 additions & 0 deletions
43
eng/common/templates-official/steps/get-delegation-sas.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
parameters: | ||
- name: federatedServiceConnection | ||
type: string | ||
- name: outputVariableName | ||
type: string | ||
- name: expiryInHours | ||
type: number | ||
default: 1 | ||
- name: base64Encode | ||
type: boolean | ||
default: false | ||
- name: storageAccount | ||
type: string | ||
- name: container | ||
type: string | ||
- name: permissions | ||
type: string | ||
default: 'rl' | ||
|
||
steps: | ||
- task: AzureCLI@2 | ||
displayName: 'Generate delegation SAS Token for ${{ parameters.storageAccount }}/${{ parameters.container }}' | ||
inputs: | ||
azureSubscription: ${{ parameters.federatedServiceConnection }} | ||
scriptType: 'pscore' | ||
scriptLocation: 'inlineScript' | ||
inlineScript: | | ||
# Calculate the expiration of the SAS token and convert to UTC | ||
$expiry = (Get-Date).AddHours(${{ parameters.expiryInHours }}).ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ") | ||
$sas = az storage container generate-sas --account-name ${{ parameters.storageAccount }} --name ${{ parameters.container }} --permissions ${{ parameters.permissions }} --expiry $expiry --auth-mode login --as-user -o tsv | ||
if ($LASTEXITCODE -ne 0) { | ||
Write-Error "Failed to generate SAS token." | ||
exit 1 | ||
} | ||
if ('${{ parameters.base64Encode }}' -eq 'true') { | ||
$sas = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($sas)) | ||
} | ||
Write-Host "Setting '${{ parameters.outputVariableName }}' with the access token value" | ||
Write-Host "##vso[task.setvariable variable=${{ parameters.outputVariableName }};issecret=true]$sas" |
28 changes: 28 additions & 0 deletions
28
eng/common/templates-official/steps/get-federated-access-token.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
parameters: | ||
- name: federatedServiceConnection | ||
type: string | ||
- name: outputVariableName | ||
type: string | ||
# Resource to get a token for. Common values include: | ||
# - '499b84ac-1321-427f-aa17-267ca6975798' for Azure DevOps | ||
# - 'https://storage.azure.com/' for storage | ||
# Defaults to Azure DevOps | ||
- name: resource | ||
type: string | ||
default: '499b84ac-1321-427f-aa17-267ca6975798' | ||
|
||
steps: | ||
- task: AzureCLI@2 | ||
displayName: 'Getting federated access token for feeds' | ||
inputs: | ||
azureSubscription: ${{ parameters.federatedServiceConnection }} | ||
scriptType: 'pscore' | ||
scriptLocation: 'inlineScript' | ||
inlineScript: | | ||
$accessToken = az account get-access-token --query accessToken --resource ${{ parameters.resource }} --output tsv | ||
if ($LASTEXITCODE -ne 0) { | ||
Write-Error "Failed to get access token for resource '${{ parameters.resource }}'" | ||
exit 1 | ||
} | ||
Write-Host "Setting '${{ parameters.outputVariableName }}' with the access token value" | ||
Write-Host "##vso[task.setvariable variable=${{ parameters.outputVariableName }};issecret=true]$accessToken" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
# Obtains internal runtime download credentials and populates the 'dotnetbuilds-internal-container-read-token-base64' | ||
# variable with the base64-encoded SAS token, by default | ||
|
||
parameters: | ||
- name: federatedServiceConnection | ||
type: string | ||
default: 'dotnetbuilds-internal-read' | ||
- name: outputVariableName | ||
type: string | ||
default: 'dotnetbuilds-internal-container-read-token-base64' | ||
- name: expiryInHours | ||
type: number | ||
default: 1 | ||
- name: base64Encode | ||
type: boolean | ||
default: true | ||
|
||
steps: | ||
- ${{ if ne(variables['System.TeamProject'], 'public') }}: | ||
- template: /eng/common/templates/steps/get-delegation-sas.yml | ||
parameters: | ||
federatedServiceConnection: ${{ parameters.federatedServiceConnection }} | ||
outputVariableName: ${{ parameters.outputVariableName }} | ||
expiryInHours: ${{ parameters.expiryInHours }} | ||
base64Encode: ${{ parameters.base64Encode }} | ||
storageAccount: dotnetbuilds | ||
container: internal | ||
permissions: rl |
Oops, something went wrong.