Make common build tools compatible with .NET 6 (#400)

joelverhagen · web-flow · commit 900bef1848c7 · 2022-07-15T15:12:42.000-07:00
Progress on NuGet/NuGetGallery#9149
diff --git a/build/common.ps1 b/build/common.ps1
@@ -1,5 +1,5 @@
 ### Constants ###
-$DefaultMSBuildVersion = '16'
+$DefaultMSBuildVersion = '17'
 $DefaultConfiguration = 'debug'
 $NuGetClientRoot = Split-Path -Path $PSScriptRoot -Parent
 $CLIRoot = Join-Path $NuGetClientRoot 'cli'
@@ -95,7 +95,7 @@ Function Get-LatestVisualStudioRoot {
 
 Function Get-MSBuildExe {
     param(
-        [ValidateSet("15", "16", $null)]
+        [ValidateSet("15", "16", "17", $null)]
         [string]$MSBuildVersion
     )
 
@@ -406,8 +406,6 @@ Function Install-NuGet {
 
     $NuGetFolderPath = Split-Path -Path $NuGetExe -Parent
     $NuGetInstalledMarker = Join-Path $NuGetFolderPath ".marker.v1"
-    $CredentialProviderDir = Join-Path $NuGetFolderPath "credprovider"
-    $CredentialProviderPath = Join-Path $CredentialProviderDir "plugins\netfx\CredentialProvider.Microsoft\CredentialProvider.Microsoft.exe"
 
     if (Test-Path $NuGetInstalledMarker) {
         Trace-Log "nuget.exe is already installed"
@@ -418,30 +416,10 @@ Function Install-NuGet {
             if (-not (Test-Path $NuGetFolderPath)) {
                 New-Item $NuGetFolderPath -Type Directory | Out-Null
             }
-    
-            $CredentialProviderBundle = (Join-Path $NuGetClientRoot '.nuget\Microsoft.NuGet.CredentialProvider.zip')
-    
-            Trace-Log 'Downloading Azure Artifacts Credential Provider'
-            Invoke-WebRequest `
-                https://github.com/microsoft/artifacts-credprovider/releases/download/0.1.18/Microsoft.NuGet.CredentialProvider.zip `
-                -UseBasicParsing `
-                -OutFile $CredentialProviderBundle
-    
-            if (Test-Path $CredentialProviderDir) {
-                Remove-Item $CredentialProviderDir -Recurse -Force
-            }
-        
-            Trace-Log 'Extracting Azure Artifacts Credential Provider'
-            & $7zipExe x $CredentialProviderBundle "-o$CredentialProviderDir" "-y"
-            if ($LASTEXITCODE -ne 0) {
-                throw "7-zip failed to extract $CredentialProviderBundle"
-            }
-    
-            Remove-Item $CredentialProviderBundle
 
             Trace-Log 'Downloading nuget.exe'
             Invoke-WebRequest `
-                https://dist.nuget.org/win-x86-commandline/v6.0.0-preview4/nuget.exe `
+                https://dist.nuget.org/win-x86-commandline/v6.2.1/nuget.exe `
                 -UseBasicParsing `
                 -OutFile $NuGetExe
             
@@ -451,36 +429,14 @@ Function Install-NuGet {
             if (Test-Path $NuGetExe) {
                 Remove-Item $NuGetExe -Recurse -Force
             }
-            if (Test-Path $CredentialProviderDir) {
-                Remove-Item $CredentialProviderDir -Recurse -Force
-            }
-            if (Test-Path $NuGetInstalledMarker) {
-                Remove-Item $NuGetInstalledMarker -Recurse -Force
-            }
             throw;
         } finally {
             $progressPreference = 'Continue'
         }
     }
-
-    if (-not (Test-Path $CredentialProviderPath)) {
-        throw "No file exists at the expected credential provider path: $CredentialProviderPath"
-    }
-
     if (-not (Test-Path $NuGetExe)) {
         throw "No file exists at the expected nuget.exe path: $NuGetExe"
     }
-
-    Trace-Log "Setting NuGet .NET Framework credential path"
-    $env:NUGET_NETFX_PLUGIN_PATHS = $CredentialProviderPath
-    $env:NUGET_PLUGIN_PATHS = $CredentialProviderPath
-    
-    # This is a mitigation for rampant timeouts from the credential provider.
-    # See https://github.com/NuGet/Home/issues/7842#issuecomment-531059076
-    $timeoutInSeconds = 30
-    Trace-Log "Increasing NuGet plug-in timeout values to $timeoutInSeconds seconds."
-    $env:NUGET_PLUGIN_HANDSHAKE_TIMEOUT_IN_SECONDS = $timeoutInSeconds
-    $env:NUGET_PLUGIN_REQUEST_TIMEOUT_IN_SECONDS = $timeoutInSeconds
 }
 
 Function Configure-NuGetCredentials {
diff --git a/build/sign.microbuild.targets b/build/sign.microbuild.targets
@@ -58,17 +58,18 @@
       <!--
       Add fully qualified paths for the output and intermediate assemblies.
       -->
-      <_OutputToSign Include="$(ProjectDir)%(IntermediateAssembly.Identity)" KeepDuplicates="false" />
-      <_OutputToSign Include="$(TargetPath)" KeepDuplicates="false" />
+      <_ManagedOutputToSign Include="$(ProjectDir)%(IntermediateAssembly.Identity)" KeepDuplicates="false" />
+      <_ManagedOutputToSign Include="$(TargetPath)" KeepDuplicates="false" />
       <!--
       If we are batch signing, find all copies of the target file name in the repository. This handles the cases when
       there is a project reference pointing to the current project and there is a copy of this output assembly in the
       bin directory of another project. That assembly also needs to be signed.
       -->
-      <_OutputToSign Include="$(RepositoryRootDirectory)**\$(TargetFileName)" Condition="'$(BatchSign)' == 'true'" />
+      <_ManagedOutputToSign Include="$(RepositoryRootDirectory)**\$(TargetFileName)" Condition="'$(BatchSign)' == 'true' AND '$(TargetFileName)' != ''" />
+      <_ManagedOutputToSign Remove="$(RunCommand)" Condition="'$(RunCommand)' != ''" />
       <UnfilteredFilesToSign
-        Include="$([System.IO.Path]::GetFullPath('%(_OutputToSign.Identity)'))"
-        Condition="Exists('%(_OutputToSign.Identity)')"
+        Include="$([System.IO.Path]::GetFullPath('%(_ManagedOutputToSign.Identity)'))"
+        Condition="Exists('%(_ManagedOutputToSign.Identity)')"
         KeepDuplicates="false">
         <Authenticode>Microsoft400</Authenticode>
         <StrongName>MsSharedLib72</StrongName>
@@ -87,6 +88,19 @@
         <Authenticode>Microsoft400</Authenticode>
       </UnfilteredFilesToSign>
 
+      <!--
+      .NET Core entry points (like web projects) can have an native .exe produced along with the managed .dll. Sign that
+      by default as well.
+      -->
+      <_UnmanagedOutputToSign Include="$(RunCommand)" KeepDuplicates="false" Condition="'$(BatchSign)' == 'true' AND '$(RunCommand)' != ''" />
+      <_UnmanagedOutputToSign Include="$(RepositoryRootDirectory)**\apphost.exe" Condition="'$(BatchSign)' == 'true'" />
+      <UnfilteredFilesToSign
+        Include="$([System.IO.Path]::GetFullPath('%(_UnmanagedOutputToSign.Identity)'))"
+        Condition="Exists('%(_UnmanagedOutputToSign.Identity)')"
+        KeepDuplicates="false">
+        <Authenticode>Microsoft400</Authenticode>
+      </UnfilteredFilesToSign>
+
       <!--
       Add fully qualified paths for checked in binaries. By convention, add common binaries that we use for jobs.
       -->
