forked from dotnet/roslyn
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request dotnet#75591 from dotnet/merges/release/dev17.10-t…
…o-release/dev17.11 Merge release/dev17.10 to release/dev17.11
- Loading branch information
Showing
2 changed files
with
100 additions
and
10 deletions.
There are no files selected for viewing
55 changes: 50 additions & 5 deletions
55
eng/common/templates-official/steps/get-delegation-sas.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,7 +1,52 @@ | ||
| parameters: | ||
| - name: federatedServiceConnection | ||
| type: string | ||
| - name: outputVariableName | ||
| type: string | ||
| - name: expiryInHours | ||
| type: number | ||
| default: 1 | ||
| - name: base64Encode | ||
| type: boolean | ||
| default: false | ||
| - name: storageAccount | ||
| type: string | ||
| - name: container | ||
| type: string | ||
| - name: permissions | ||
| type: string | ||
| default: 'rl' | ||
|
|
||
| steps: | ||
| - template: /eng/common/core-templates/steps/get-delegation-sas.yml | ||
| parameters: | ||
| is1ESPipeline: true | ||
| - task: AzureCLI@2 | ||
| displayName: 'Generate delegation SAS Token for ${{ parameters.storageAccount }}/${{ parameters.container }}' | ||
| inputs: | ||
| azureSubscription: ${{ parameters.federatedServiceConnection }} | ||
| scriptType: 'pscore' | ||
| scriptLocation: 'inlineScript' | ||
| inlineScript: | | ||
| # Calculate the expiration of the SAS token and convert to UTC | ||
| $expiry = (Get-Date).AddHours(${{ parameters.expiryInHours }}).ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ") | ||
| # Temporarily work around a helix issue where SAS tokens with / in them will cause incorrect downloads | ||
| # of correlation payloads. https://github.com/dotnet/dnceng/issues/3484 | ||
| $sas = "" | ||
| do { | ||
| $sas = az storage container generate-sas --account-name ${{ parameters.storageAccount }} --name ${{ parameters.container }} --permissions ${{ parameters.permissions }} --expiry $expiry --auth-mode login --as-user -o tsv | ||
| if ($LASTEXITCODE -ne 0) { | ||
| Write-Error "Failed to generate SAS token." | ||
| exit 1 | ||
| } | ||
| } while($sas.IndexOf('/') -ne -1) | ||
| if ($LASTEXITCODE -ne 0) { | ||
| Write-Error "Failed to generate SAS token." | ||
| exit 1 | ||
| } | ||
| if ('${{ parameters.base64Encode }}' -eq 'true') { | ||
| $sas = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($sas)) | ||
| } | ||
| ${{ each parameter in parameters }}: | ||
| ${{ parameter.key }}: ${{ parameter.value }} | ||
| Write-Host "Setting '${{ parameters.outputVariableName }}' with the access token value" | ||
| Write-Host "##vso[task.setvariable variable=${{ parameters.outputVariableName }};issecret=true]$sas" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,7 +1,52 @@ | ||
| parameters: | ||
| - name: federatedServiceConnection | ||
| type: string | ||
| - name: outputVariableName | ||
| type: string | ||
| - name: expiryInHours | ||
| type: number | ||
| default: 1 | ||
| - name: base64Encode | ||
| type: boolean | ||
| default: false | ||
| - name: storageAccount | ||
| type: string | ||
| - name: container | ||
| type: string | ||
| - name: permissions | ||
| type: string | ||
| default: 'rl' | ||
|
|
||
| steps: | ||
| - template: /eng/common/core-templates/steps/get-delegation-sas.yml | ||
| parameters: | ||
| is1ESPipeline: false | ||
| - task: AzureCLI@2 | ||
| displayName: 'Generate delegation SAS Token for ${{ parameters.storageAccount }}/${{ parameters.container }}' | ||
| inputs: | ||
| azureSubscription: ${{ parameters.federatedServiceConnection }} | ||
| scriptType: 'pscore' | ||
| scriptLocation: 'inlineScript' | ||
| inlineScript: | | ||
| # Calculate the expiration of the SAS token and convert to UTC | ||
| $expiry = (Get-Date).AddHours(${{ parameters.expiryInHours }}).ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ") | ||
| # Temporarily work around a helix issue where SAS tokens with / in them will cause incorrect downloads | ||
| # of correlation payloads. https://github.com/dotnet/dnceng/issues/3484 | ||
| $sas = "" | ||
| do { | ||
| $sas = az storage container generate-sas --account-name ${{ parameters.storageAccount }} --name ${{ parameters.container }} --permissions ${{ parameters.permissions }} --expiry $expiry --auth-mode login --as-user -o tsv | ||
| if ($LASTEXITCODE -ne 0) { | ||
| Write-Error "Failed to generate SAS token." | ||
| exit 1 | ||
| } | ||
| } while($sas.IndexOf('/') -ne -1) | ||
| if ($LASTEXITCODE -ne 0) { | ||
| Write-Error "Failed to generate SAS token." | ||
| exit 1 | ||
| } | ||
| if ('${{ parameters.base64Encode }}' -eq 'true') { | ||
| $sas = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($sas)) | ||
| } | ||
| ${{ each parameter in parameters }}: | ||
| ${{ parameter.key }}: ${{ parameter.value }} | ||
| Write-Host "Setting '${{ parameters.outputVariableName }}' with the access token value" | ||
| Write-Host "##vso[task.setvariable variable=${{ parameters.outputVariableName }};issecret=true]$sas" |