Merge pull request #298 from NuGet/dev

[ReleasePrep][2018.01.08] RI of dev into master

Author: loic-sharma

NuGet.Jobs.sln

@@ -103,6 +103,14 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Validation.PackageSigning.E
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Validation.PackageSigning.ExtractAndValidateSignature.Tests", "tests\Validation.PackageSigning.ExtractAndValidateSignature.Tests\Validation.PackageSigning.ExtractAndValidateSignature.Tests.csproj", "{26435822-8938-48C9-96FD-0DCCF8F7CE00}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Validation.PackageSigning.ValidateCertificate", "src\Validation.PackageSigning.ValidateCertificate\Validation.PackageSigning.ValidateCertificate.csproj", "{A245E448-8AE0-452B-9338-8C0E0B637D72}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Validation.PackageSigning.ValidateCertificate.Tests", "tests\Validation.PackageSigning.ValidateCertificate.Tests\Validation.PackageSigning.ValidateCertificate.Tests.csproj", "{5ACE7756-F8D0-4D90-9957-872DE4A1381E}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Validation.PackageSigning.Helpers", "tests\Validation.PackageSigning.Helpers\Validation.PackageSigning.Helpers.csproj", "{2C5BE067-ADFD-49E3-BA9F-13A74436E5DB}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Validation.PackageSigning.Core.Tests", "tests\Validation.PackageSigning.Core.Tests\Validation.PackageSigning.Core.Tests.csproj", "{B4B7564A-965B-447B-927F-6749E2C08880}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -259,6 +267,22 @@ Global
 		{26435822-8938-48C9-96FD-0DCCF8F7CE00}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{26435822-8938-48C9-96FD-0DCCF8F7CE00}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{26435822-8938-48C9-96FD-0DCCF8F7CE00}.Release|Any CPU.Build.0 = Release|Any CPU
+		{A245E448-8AE0-452B-9338-8C0E0B637D72}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{A245E448-8AE0-452B-9338-8C0E0B637D72}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{A245E448-8AE0-452B-9338-8C0E0B637D72}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{A245E448-8AE0-452B-9338-8C0E0B637D72}.Release|Any CPU.Build.0 = Release|Any CPU
+		{5ACE7756-F8D0-4D90-9957-872DE4A1381E}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{5ACE7756-F8D0-4D90-9957-872DE4A1381E}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{5ACE7756-F8D0-4D90-9957-872DE4A1381E}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{5ACE7756-F8D0-4D90-9957-872DE4A1381E}.Release|Any CPU.Build.0 = Release|Any CPU
+		{2C5BE067-ADFD-49E3-BA9F-13A74436E5DB}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{2C5BE067-ADFD-49E3-BA9F-13A74436E5DB}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{2C5BE067-ADFD-49E3-BA9F-13A74436E5DB}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{2C5BE067-ADFD-49E3-BA9F-13A74436E5DB}.Release|Any CPU.Build.0 = Release|Any CPU
+		{B4B7564A-965B-447B-927F-6749E2C08880}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{B4B7564A-965B-447B-927F-6749E2C08880}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{B4B7564A-965B-447B-927F-6749E2C08880}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{B4B7564A-965B-447B-927F-6749E2C08880}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -300,6 +324,10 @@ Global
 		{91C060DA-736F-4DA9-A57F-CB3AC0E6CB10} = {678D7B14-F8BC-4193-99AF-2EE8AA390A02}
 		{DD043977-6BCD-475A-BEE2-8C34309EC622} = {678D7B14-F8BC-4193-99AF-2EE8AA390A02}
 		{26435822-8938-48C9-96FD-0DCCF8F7CE00} = {6A776396-02B1-475D-A104-26940ADB04AB}
+		{A245E448-8AE0-452B-9338-8C0E0B637D72} = {678D7B14-F8BC-4193-99AF-2EE8AA390A02}
+		{5ACE7756-F8D0-4D90-9957-872DE4A1381E} = {6A776396-02B1-475D-A104-26940ADB04AB}
+		{2C5BE067-ADFD-49E3-BA9F-13A74436E5DB} = {6A776396-02B1-475D-A104-26940ADB04AB}
+		{B4B7564A-965B-447B-927F-6749E2C08880} = {6A776396-02B1-475D-A104-26940ADB04AB}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {284A7AC3-FB43-4F1F-9C9C-2AF0E1F46C2B}

build.ps1

@@ -103,8 +103,8 @@ Invoke-BuildStep 'Set version metadata in AssemblyInfo.cs' { `
             "$PSScriptRoot\src\NuGetCDNRedirect\Properties\AssemblyInfo.g.cs",
             "$PSScriptRoot\src\NuGet.Services.Validation.Orchestrator\Properties\AssemblyInfo.g.cs",
             "$PSScriptRoot\src\Stats.CollectAzureChinaCDNLogs\Properties\AssemblyInfo.g.cs",
-            "$PSScriptRoot\src\Validation.PackageSigning.ExtractAndValidateSignature\Properties\AssemblyInfo.g.cs"
-
+            "$PSScriptRoot\src\Validation.PackageSigning.ExtractAndValidateSignature\Properties\AssemblyInfo.g.cs",
+            "$PSScriptRoot\src\Validation.PackageSigning.ValidateCertificate\Properties\AssemblyInfo.g.cs"
 
         $versionMetadata | ForEach-Object {
             Set-VersionInfo -Path $_ -Version $SimpleVersion -Branch $Branch -Commit $CommitSHA
@@ -152,7 +152,8 @@ Invoke-BuildStep 'Creating artifacts' {
             "src/NuGetCDNRedirect/NuGetCDNRedirect.csproj", `
             "src/NuGet.Services.Validation.Orchestrator/NuGet.Services.Validation.Orchestrator.csproj", `
             "src/Stats.CollectAzureChinaCDNLogs/Stats.CollectAzureChinaCDNLogs.csproj", `
-            "src/Validation.PackageSigning.ExtractAndValidateSignature/Validation.PackageSigning.ExtractAndValidateSignature.csproj"
+            "src/Validation.PackageSigning.ExtractAndValidateSignature/Validation.PackageSigning.ExtractAndValidateSignature.csproj", `
+            "src/Validation.PackageSigning.ValidateCertificate/Validation.PackageSigning.ValidateCertificate.csproj"
 
         Foreach ($Project in $Projects) {
             New-Package (Join-Path $PSScriptRoot "$Project") -Configuration $Configuration -BuildNumber $BuildNumber -Version $SemanticVersion -Branch $Branch -MSBuildVersion "$msBuildVersion"
@@ -174,4 +175,4 @@ if ($BuildErrors) {
     Error-Log "Builds completed with $($BuildErrors.Count) error(s):`r`n$($ErrorLines -join "`r`n")" -Fatal
 }
 
-Write-Host ("`r`n" * 3)
+Write-Host ("`r`n" * 3)

src/NuGet.Services.Validation.Orchestrator/EmailConfiguration.cs

@@ -34,5 +34,15 @@ public class EmailConfiguration
         /// Url for email settings, so user can opt out of receiving email notifications.
         /// </summary>
         public string EmailSettingsUrl { get; set; }
+
+        /// <summary>
+        /// Url for the announcements github page
+        /// </summary>
+        public string AnnouncementsUrl { get; set; }
+
+        /// <summary>
+        /// NuGet Twitter url
+        /// </summary>
+        public string TwitterUrl { get; set; }
     }
 }

src/NuGet.Services.Validation.Orchestrator/IMessageService.cs

@@ -9,5 +9,6 @@ public interface IMessageService
     {
         void SendPackagePublishedMessage(Package package);
         void SendPackageValidationFailedMessage(Package package);
+        void SendPackageSignedValidationFailedMessage(Package package);
     }
 }

src/NuGet.Services.Validation.Orchestrator/IValidationStorageService.cs

@@ -26,28 +26,29 @@ public interface IValidationStorageService
         Task<PackageValidationSet> GetValidationSetAsync(Guid validationTrackingId);
 
         /// <summary>
-        /// Updates the passed <see cref="PackageValidation"/> with specified validation status,
-        /// updates the <see cref="PackageValidation.ValidationStatusTimestamp"/>
-        /// and <see cref="PackageValidation.Started"/> properties to current timestamp, persists changes in the storage.
+        /// Updates the passed <see cref="PackageValidation"/> with the validation result's status,
+        /// updates the <see cref="PackageValidation.ValidationStatusTimestamp"/> to current timestamp,
+        /// and persists changes in the storage. The result's status cannot be <see cref="ValidationStatus.NotStarted"/>
         /// </summary>
         /// <param name="packageValidation">Validation object to update, must be an object from the <see cref="PackageValidationSet.PackageValidations"/> collection
         /// from an <see cref="PackageValidationSet"/> previously returned by either <see cref="CreateValidationSetAsync(PackageValidationSet)"/> 
         /// or <see cref="GetValidationSetAsync(Guid)"/> calls.</param>
-        /// <param name="startedStatus">Validation status to set. Cannot be <see cref="ValidationStatus.NotStarted"/></param>
+        /// <param name="validationResult">Validation result. Its status cannot be <see cref="ValidationStatus.NotStarted"/></param>
         /// <returns>Task object tracking the async operation status.</returns>
-        /// <exception cref="ArgumentOutOfRangeException">If <paramref name="startedStatus"/> is <see cref="ValidationStatus.NotStarted"/></exception>
-        Task MarkValidationStartedAsync(PackageValidation packageValidation, ValidationStatus startedStatus);
+        /// <exception cref="ArgumentOutOfRangeException">If <paramref name="validationResult"/> has status <see cref="ValidationStatus.NotStarted"/></exception>
+        Task MarkValidationStartedAsync(PackageValidation packageValidation, IValidationResult validationResult);
 
         /// <summary>
-        /// Updates the passed <see cref="PackageValidation"/> object with specified validation status,
-        /// updates the <see cref="PackageValidation.ValidationStatusTimestamp"/>
-        /// property to current timestamp, persists changes in the storage.
+        /// Updates the passed <see cref="PackageValidation"/> object with the result's validation status,
+        /// updates the <see cref="PackageValidation.ValidationStatusTimestamp"/> property to the current
+        /// timestamp, adds the result's <see cref="PackageValidationIssue"/>s to the validation, and then persists
+        /// changes in the storage.
         /// </summary>
         /// <param name="packageValidation">Validation object to update, must be an object from the <see cref="PackageValidationSet.PackageValidations"/> collection
         /// from an <see cref="PackageValidationSet"/> previously returned by either <see cref="CreateValidationSetAsync(PackageValidationSet)"/> 
         /// or <see cref="GetValidationSetAsync(Guid)"/> calls.</param>
-        /// <param name="validationStatus">Validation status to set.</param>
+        /// <param name="validationResult">The result of the validation.</param>
         /// <returns>Task object tracking the async operation status.</returns>
-        Task UpdateValidationStatusAsync(PackageValidation packageValidation, ValidationStatus validationStatus);
+        Task UpdateValidationStatusAsync(PackageValidation packageValidation, IValidationResult validationResult);
     }
 }

src/NuGet.Services.Validation.Orchestrator/MessageService.cs

@@ -60,7 +60,15 @@ public void SendPackageValidationFailedMessage(Package package)
 
             var galleryPackageUrl = string.Format(_emailConfiguration.PackageUrlTemplate, package.PackageRegistration.Id, package.NormalizedVersion);
             var packageSupportUrl = string.Format(_emailConfiguration.PackageSupportTemplate, package.PackageRegistration.Id, package.NormalizedVersion);
-            _coreMessageService.SendPackageValidationFailedNotice(package, galleryPackageUrl, packageSupportUrl, _emailConfiguration.EmailSettingsUrl);
+            _coreMessageService.SendPackageValidationFailedNotice(package, galleryPackageUrl, packageSupportUrl);
+        }
+
+        public void SendPackageSignedValidationFailedMessage(Package package)
+        {
+            package = package ?? throw new ArgumentNullException(nameof(package));
+
+            var galleryPackageUrl = string.Format(_emailConfiguration.PackageUrlTemplate, package.PackageRegistration.Id, package.NormalizedVersion);
+            _coreMessageService.SendSignedPackageNotAllowedNotice(package, galleryPackageUrl, _emailConfiguration.AnnouncementsUrl, _emailConfiguration.TwitterUrl);
         }
     }
 }

src/NuGet.Services.Validation.Orchestrator/NuGet.Services.Validation.Orchestrator.csproj

@@ -134,28 +134,31 @@
       <Version>1.1.2</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.Configuration">
-      <Version>2.5.0</Version>
+      <Version>2.7.1</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.Contracts">
-      <Version>2.5.0</Version>
+      <Version>2.7.1</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.KeyVault">
-      <Version>2.5.0</Version>
+      <Version>2.7.1</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.Logging">
-      <Version>2.5.0</Version>
+      <Version>2.7.1</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.ServiceBus">
-      <Version>2.5.0</Version>
+      <Version>2.7.1</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.Validation">
-      <Version>2.5.0</Version>
+      <Version>2.7.1</Version>
+    </PackageReference>
+    <PackageReference Include="NuGet.Services.Validation.Issues">
+      <Version>2.7.1</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Versioning">
       <Version>4.3.0</Version>
     </PackageReference>
     <PackageReference Include="NuGetGallery.Core">
-      <Version>4.4.4-dev-18852</Version>
+      <Version>4.4.4-dev-19677</Version>
     </PackageReference>
     <PackageReference Include="Serilog">
       <Version>2.5.0</Version>

src/NuGet.Services.Validation.Orchestrator/PackageCertificates/PackageCertificatesValidator.cs

@@ -50,7 +50,14 @@ public PackageCertificatesValidator(
             }
         }
 
-        public async Task<ValidationStatus> GetStatusAsync(IValidationRequest request)
+        public async Task<IValidationResult> GetResultAsync(IValidationRequest request)
+        {
+            var status = await GetStatusAsync(request);
+
+            return new ValidationResult(status);
+        }
+
+        private async Task<ValidationStatus> GetStatusAsync(IValidationRequest request)
         {
             // Look up this validator's state in the database.
             var status = await _validatorStateService.GetStatusAsync(request);
@@ -107,7 +114,12 @@ public async Task<ValidationStatus> GetStatusAsync(IValidationRequest request)
             return await _validatorStateService.TryUpdateValidationStatusAsync(request, status, ValidationStatus.Succeeded);
         }
 
-        public async Task<ValidationStatus> StartValidationAsync(IValidationRequest request)
+        public async Task<IValidationResult> StartValidationAsync(IValidationRequest request)
+        {
+            return new ValidationResult(await StartValidationInternalAsync(request));
+        }
+
+        private async Task<ValidationStatus> StartValidationInternalAsync(IValidationRequest request)
         {
             var status = await _validatorStateService.GetStatusAsync(request);
 

src/NuGet.Services.Validation.Orchestrator/PackageSigning/PackageSigningValidator.cs

@@ -5,6 +5,7 @@
 using System.Threading.Tasks;
 using Microsoft.Extensions.Logging;
 using NuGet.Jobs.Validation.PackageSigning.Storage;
+using NuGet.Services.Validation.Issues;
 
 namespace NuGet.Services.Validation.PackageSigning
 {
@@ -24,14 +25,29 @@ public PackageSigningValidator(
             _logger = logger ?? throw new ArgumentNullException(nameof(logger));
         }
 
-        public async Task<ValidationStatus> GetStatusAsync(IValidationRequest request)
+        public async Task<IValidationResult> GetResultAsync(IValidationRequest request)
         {
             var validatorStatus = await _validatorStateService.GetStatusAsync(request);
 
-            return validatorStatus.State;
+            if (validatorStatus.State == ValidationStatus.Failed)
+            {
+                // If the validation has failed, assume it is because signed packages are blocked.
+                return ValidationResult.FailedWithIssues(new PackageIsSigned());
+            }
+            else
+            {
+                return new ValidationResult(validatorStatus.State);
+            }
+        }
+
+        public async Task<IValidationResult> StartValidationAsync(IValidationRequest request)
+        {
+            var status = await StartValidationInternalAsync(request);
+
+            return new ValidationResult(status);
         }
 
-        public async Task<ValidationStatus> StartValidationAsync(IValidationRequest request)
+        public async Task<ValidationStatus> StartValidationInternalAsync(IValidationRequest request)
         {
             // Check that this is the first validation for this specific request.
             var validatorStatus = await _validatorStateService.GetStatusAsync(request);

src/NuGet.Services.Validation.Orchestrator/ValidationOutcomeProcessor.cs

@@ -56,7 +56,22 @@ public async Task ProcessValidationOutcomeAsync(PackageValidationSet validationS
                 if (package.PackageStatusKey != PackageStatus.Available)
                 {
                     await _galleryPackageService.UpdatePackageStatusAsync(package, PackageStatus.FailedValidation);
-                    _messageService.SendPackageValidationFailedMessage(package);
+
+                    var issuesExistAndAllPackageSigned = validationSet
+                        .PackageValidations
+                        .SelectMany(pv => pv.PackageValidationIssues)
+                        .Select(pvi => pvi.IssueCode == ValidationIssueCode.PackageIsSigned)
+                        .DefaultIfEmpty(false)
+                        .All(v => v);
+
+                    if (issuesExistAndAllPackageSigned)
+                    {
+                        _messageService.SendPackageSignedValidationFailedMessage(package);
+                    }
+                    else
+                    {
+                        _messageService.SendPackageValidationFailedMessage(package);
+                    }
                 }
                 else
                 {