Add batch signing for the output assemblies (#312)

Use the newer credential provider to mitigate timeout issue
Progress on NuGet/Engineering#1821

Author: joelverhagen

.gitignore

@@ -24,10 +24,8 @@ bld/
 
 # Files created and used by our build scripts
 AssemblyInfo.*.cs
-.nuget/CredentialProviderBundle.zip
-.nuget/CredentialProvider.VSS.exe
-.nuget/EULA_Microsoft Visual Studio Team Services Credential Provider.docx
-.nuget/ThirdPartyNotices.txt
+.nuget/credprovider
+.nuget/.marker.v*
 nuget.exe
 build/packages/
 

NuGet.Server.Common.sln

@@ -90,6 +90,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "NuGet.Services.Licenses", "
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "NuGet.Services.Licenses.Tests", "tests\NuGet.Services.Licenses.Tests\NuGet.Services.Licenses.Tests.csproj", "{D0A110BD-156D-432B-9525-171430C9F51D}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "NuGet.Services.Build.Tests", "tests\NuGet.Services.Build.Tests\NuGet.Services.Build.Tests.csproj", "{AB3C7814-3AD6-41BD-8968-A3CC10A52EC5}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -248,6 +250,10 @@ Global
 		{D0A110BD-156D-432B-9525-171430C9F51D}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{D0A110BD-156D-432B-9525-171430C9F51D}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{D0A110BD-156D-432B-9525-171430C9F51D}.Release|Any CPU.Build.0 = Release|Any CPU
+		{AB3C7814-3AD6-41BD-8968-A3CC10A52EC5}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{AB3C7814-3AD6-41BD-8968-A3CC10A52EC5}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{AB3C7814-3AD6-41BD-8968-A3CC10A52EC5}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{AB3C7814-3AD6-41BD-8968-A3CC10A52EC5}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -291,6 +297,7 @@ Global
 		{20D89F39-6E71-4F14-B845-64F5C395954B} = {7783A106-0F4C-4055-9AB4-413FB2C7B8F0}
 		{20EE3196-4D8B-42B6-8E5E-B8ADC2D3BF9D} = {8415FED7-1BED-4227-8B4F-BB7C24E041CD}
 		{D0A110BD-156D-432B-9525-171430C9F51D} = {7783A106-0F4C-4055-9AB4-413FB2C7B8F0}
+		{AB3C7814-3AD6-41BD-8968-A3CC10A52EC5} = {7783A106-0F4C-4055-9AB4-413FB2C7B8F0}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {AA413DB0-5475-4B5D-A3AF-6323DA8D538B}

build.ps1

@@ -20,6 +20,9 @@ trap {
     exit 1
 }
 
+# Enable TLS 1.2 since GitHub requires it.
+[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12
+
 . "$PSScriptRoot\build\common.ps1"
 
 Function Clean-Tests {
@@ -97,6 +100,11 @@ Invoke-BuildStep 'Building solution' { `
         Build-Solution $Configuration $BuildNumber -MSBuildVersion "15" $SolutionPath -SkipRestore:$SkipRestore
     } `
     -ev +BuildErrors
+
+Invoke-BuildStep 'Signing the binaries' {
+        Sign-Binaries -Configuration $Configuration -BuildNumber $BuildNumber -MSBuildVersion "15" `
+    } `
+    -ev +BuildErrors
 
 Invoke-BuildStep 'Creating artifacts' { `
         $projects = `

build/FindDuplicateFiles.cs

@@ -0,0 +1,311 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Security.Cryptography;
+using Microsoft.Build.Framework;
+
+namespace NuGet.Services.Build
+{
+    public class FindDuplicateFiles : Microsoft.Build.Utilities.Task
+    {
+        [Required]
+        public ITaskItem[] Files { get; set; }
+
+        [Output]
+        public ITaskItem[] UniqueFiles { get; set; }
+
+        [Output]
+        public ITaskItem[] DuplicateFiles { get; set; }
+
+        public override bool Execute()
+        {
+            var infos = GetUniqueTaskItemInfo();
+            Log.LogMessage(
+                MessageImportance.High,
+                "Of the {0} items provided, {1} are unique file paths that exist. {2} items will be ignored.",
+                Files.Length,
+                infos.Count,
+                Files.Length - infos.Count);
+
+            if (infos.Count == 0)
+            {
+                UniqueFiles = Array.Empty<ITaskItem>();
+                DuplicateFiles = Array.Empty<ITaskItem>();
+                return true;
+            }
+
+            var filePathToDuplicates = FindDuplicates(infos);
+
+            var fileCount = filePathToDuplicates.Sum(x => x.Value.Count);
+            var uniqueCount = filePathToDuplicates.Count;
+            var duplicateCount = fileCount - uniqueCount;
+            Log.LogMessage(
+                MessageImportance.High,
+                "Of the {0} unique file paths provided, {1} ({2:P}) are unique and {3} ({4:P}) are duplicate.",
+                fileCount,
+                uniqueCount,
+                (float)uniqueCount / fileCount,
+                duplicateCount,
+                (float)duplicateCount / fileCount);
+
+            var uniqueFiles = new List<ITaskItem>();
+            var duplicateFiles = new List<ITaskItem>();
+            foreach (var pair in filePathToDuplicates)
+            {
+                foreach (var duplicate in pair.Value)
+                {
+                    if (pair.Key == duplicate.FullPath)
+                    {
+                        uniqueFiles.Add(duplicate.Item);
+                    }
+                    else
+                    {
+                        duplicate.Item.SetMetadata("DuplicateOf", pair.Key);
+                        duplicateFiles.Add(duplicate.Item);
+                    }
+                }
+            }
+
+            UniqueFiles = uniqueFiles.ToArray();
+            DuplicateFiles = duplicateFiles.ToArray();
+
+            return true;
+        }
+
+        private List<TaskItemInfo> GetUniqueTaskItemInfo()
+        {
+            // Compare paths in a case insensitive manner.
+            var uniqueFullPaths = new HashSet<string>(StringComparer.OrdinalIgnoreCase);
+
+            var infos = new List<TaskItemInfo>();
+            foreach (var item in Files)
+            {
+                var fullPath = item.GetMetadata("FullPath");
+                if (fullPath == null || !File.Exists(fullPath))
+                {
+                    Log.LogWarning("File '{0}' does not exist.", item.ItemSpec);
+                    continue;
+                }
+
+                if (!uniqueFullPaths.Add(fullPath))
+                {
+                    Log.LogWarning("File path '{0}' is associated with multiple items. Only the first will be used.", item.ItemSpec);
+                    continue;
+                }
+
+                var info = new TaskItemInfo(item, fullPath);
+
+                infos.Add(info);
+            }
+
+            return infos;
+        }
+
+        private Dictionary<string, List<TaskItemInfo>> FindDuplicates(List<TaskItemInfo> infos)
+        {
+            var fileSizeToInfos = GetFileSizeToInfos(infos);
+
+            var filePathToDuplicates = new Dictionary<string, List<TaskItemInfo>>();
+
+            // Inspired by https://stackoverflow.com/a/36113168.
+            var buffer = new byte[1024];
+            foreach (var fileSizePair in fileSizeToInfos)
+            {
+                // The file size is unique, the file is unique.
+                if (TryAddUnique("file size", filePathToDuplicates, fileSizePair))
+                {
+                    continue;
+                }
+
+                BreakTiesWithLeadingHash(filePathToDuplicates, buffer, fileSizePair);
+            }
+
+            return filePathToDuplicates;
+        }
+
+        private Dictionary<long, List<TaskItemInfo>> GetFileSizeToInfos(
+            IEnumerable<TaskItemInfo> infos)
+        {
+            var fileSizeToInfos = new Dictionary<long, List<TaskItemInfo>>();
+            foreach (var info in infos)
+            {
+                info.FileSize = new FileInfo(info.FullPath).Length;
+
+                List<TaskItemInfo> infosWithSameFileSize;
+                if (!fileSizeToInfos.TryGetValue(info.FileSize, out infosWithSameFileSize))
+                {
+                    infosWithSameFileSize = new List<TaskItemInfo> { info };
+                    fileSizeToInfos.Add(info.FileSize, infosWithSameFileSize);
+                }
+                else
+                {
+                    infosWithSameFileSize.Add(info);
+                }
+            }
+
+            return fileSizeToInfos;
+        }
+
+        private void BreakTiesWithLeadingHash(
+            Dictionary<string, List<TaskItemInfo>> filePathToDuplicates,
+            byte[] buffer,
+            KeyValuePair<long, List<TaskItemInfo>> fileSizePair)
+        {
+            var leadingHashToInfos = GetLeadingHashToInfos(fileSizePair.Value, buffer);
+
+            foreach (var leadingHashPair in leadingHashToInfos)
+            {
+                // If the leading hash is unique, the file is unique.
+                if (TryAddUnique("leading hash", filePathToDuplicates, leadingHashPair))
+                {
+                    continue;
+                }
+
+                BreakTiesWithHash(filePathToDuplicates, leadingHashPair);
+            }
+        }
+
+        private static Dictionary<string, List<TaskItemInfo>> GetLeadingHashToInfos(
+            IEnumerable<TaskItemInfo> infos,
+            byte[] buffer)
+        {
+            var leadingHashToInfos = new Dictionary<string, List<TaskItemInfo>>();
+            foreach (var info in infos)
+            {
+                using (var fileStream = new FileStream(info.FullPath, FileMode.Open))
+                {
+                    var totalRead = 0;
+                    while (totalRead < buffer.Length)
+                    {
+                        var read = fileStream.Read(buffer, totalRead, buffer.Length - totalRead);
+                        totalRead += read;
+                        if (read == 0)
+                        {
+                            break;
+                        }
+                    }
+
+                    using (var hashAlgorithm = SHA256.Create())
+                    {
+                        var hashBytes = hashAlgorithm.ComputeHash(buffer, 0, totalRead);
+                        var hash = GetHashString(hashBytes);
+                        info.HeaderHash = hash;
+
+                        List<TaskItemInfo> infosWithSameLeadingHash;
+                        if (!leadingHashToInfos.TryGetValue(hash, out infosWithSameLeadingHash))
+                        {
+                            infosWithSameLeadingHash = new List<TaskItemInfo> { info };
+                            leadingHashToInfos.Add(hash, infosWithSameLeadingHash);
+                        }
+                        else
+                        {
+                            infosWithSameLeadingHash.Add(info);
+                        }
+                    }
+                }
+            }
+
+            return leadingHashToInfos;
+        }
+
+        private void BreakTiesWithHash(
+            Dictionary<string, List<TaskItemInfo>> filePathToDuplicates,
+            KeyValuePair<string, List<TaskItemInfo>> leadingHashPair)
+        {
+            var hashToInfos = GetHashToInfos(leadingHashPair.Value);
+
+            foreach (var hashPair in hashToInfos)
+            {
+                // If the hash is unique, the file is unique.
+                if (TryAddUnique("hash", filePathToDuplicates, hashPair))
+                {
+                    continue;
+                }
+
+                // If multiple files has the same hash, they are duplicates.
+                filePathToDuplicates.Add(hashPair.Value[0].FullPath, hashPair.Value);
+
+                Log.LogMessage(
+                    "File with {0} duplicates: {1}{2}{3}",
+                    hashPair.Value.Count - 1,
+                    hashPair.Value[0].FullPath,
+                    string.Concat(hashPair.Value.Skip(1).Select(x => Environment.NewLine + " - " + x.FullPath)),
+                    Environment.NewLine);
+            }
+        }
+
+        private bool TryAddUnique<T>(
+            string keyName,
+            Dictionary<string, List<TaskItemInfo>> filePathToDuplicates,
+            KeyValuePair<T, List<TaskItemInfo>> pair)
+        {
+            if (pair.Value.Count == 1)
+            {
+                Log.LogMessage(
+                    "Unique file by {0} {1}: {2}{3}",
+                    keyName,
+                    pair.Key,
+                    pair.Value[0].FullPath,
+                    Environment.NewLine);
+
+                filePathToDuplicates.Add(pair.Value[0].FullPath, new List<TaskItemInfo> { pair.Value[0] });
+                return true;
+            }
+
+            return false;
+        }
+
+        private static Dictionary<string, List<TaskItemInfo>> GetHashToInfos(
+            IEnumerable<TaskItemInfo> infos)
+        {
+            var hashToInfos = new Dictionary<string, List<TaskItemInfo>>();
+            foreach (var info in infos)
+            {
+                using (var fileStream = new FileStream(info.FullPath, FileMode.Open))
+                using (var hashAlgorithm = SHA256.Create())
+                {
+                    var hashBytes = hashAlgorithm.ComputeHash(fileStream);
+                    var hash = GetHashString(hashBytes);
+                    info.Hash = hash;
+
+                    List<TaskItemInfo> infosWithSameHash;
+                    if (!hashToInfos.TryGetValue(hash, out infosWithSameHash))
+                    {
+                        infosWithSameHash = new List<TaskItemInfo> { info };
+                        hashToInfos.Add(hash, infosWithSameHash);
+                    }
+                    else
+                    {
+                        infosWithSameHash.Add(info);
+                    }
+                }
+            }
+
+            return hashToInfos;
+        }
+
+        private static string GetHashString(byte[] hashBytes)
+        {
+            return BitConverter.ToString(hashBytes).Replace("-", string.Empty).ToLowerInvariant();
+        }
+
+        private class TaskItemInfo
+        {
+            public TaskItemInfo(ITaskItem item, string fullPath)
+            {
+                Item = item;
+                FullPath = fullPath;
+            }
+
+            public ITaskItem Item { get; private set; }
+            public string FullPath { get; private set; }
+            public long FileSize { get; set; }
+            public string HeaderHash { get; set; }
+            public string Hash { get; set; }
+        }
+    }
+}

build/FindDuplicateFiles.targets

@@ -0,0 +1,15 @@
+<Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <UsingTask
+    TaskName="FindDuplicateFiles"
+    TaskFactory="CodeTaskFactory"
+    AssemblyFile="$(MSBuildToolsPath)\Microsoft.Build.Tasks.Core.dll" >
+    <ParameterGroup>
+      <Files ParameterType="Microsoft.Build.Framework.ITaskItem[]" Required="true" />
+      <UniqueFiles ParameterType="Microsoft.Build.Framework.ITaskItem[]" Output="true" />
+      <DuplicateFiles ParameterType="Microsoft.Build.Framework.ITaskItem[]" Output="true" />
+    </ParameterGroup>
+    <Task>
+      <Code Type="Class" Language="cs" Source="FindDuplicateFiles.cs" />
+    </Task>
+  </UsingTask>
+</Project>