[Task] Create and publish Sub Resource Integrity (SRI) hashes for the generated scripts #1621 #1622
Conversation
MSNev
requested review from
ramthi,
lzchen,
xiao-lix,
hectorhdzg,
kryalama and
Karlie-777
… generated scripts #1621
MSNev
force-pushed
the
MSNev/IntegrityCheck
branch
from
c67c897
to
f66d1da
Compare
| @@ -178,6 +178,8 @@ dist-esm/ | |||
| browser/ | |||
| types/ | |||
| dist/ | |||
| # Don't commit the sub resource integrity generated files | |||
| **/*.integrity.json | |||
There was a problem hiding this comment.
Does each extension generate a integrity.json file? Is it stored under each extension's folder?
There was a problem hiding this comment.
Yes, every extension and Sku gets it's own integrity.json file.
Generally, these are included in the browser folder (which is automatically excluded from git).
This one is included as it is also generating a integrity.json file for the snippet, which we don't need to checkin
| @@ -373,19 +379,28 @@ Function ValidateAccess | |||
| Function GetVersion( | |||
| [string] $name | |||
| ) { | |||
| $regMatch = '^(.*\/)*([^\/\d]*\.)(\d+(\.\d+)*(-[^\.]+)?)(\.(?:gbl\.js|gbl\.min\.js|cjs\.js|cjs\.min\.js|js|min\.js)(?:\.map)?)$' | |||
| $regMatch = '^(.*\/)*([^\/\d]*\.)(\d+(\.\d+)*(-[^\.]+)?)(\.(?:gbl\.js|gbl\.min\.js|cjs\.js|cjs\.min\.js|js|min\.js|integrity\.json)(?:\.map)?)$' | |||
There was a problem hiding this comment.
ah so this is to get version from integrity.json file?
There was a problem hiding this comment.
Yes, this is the list script that we run from the internal DevOps task, this is used to extract and order the output. Examples are in the scripts readme here https://github.com/microsoft/ApplicationInsights-JS/tree/master/AISKU/scripts#listcdnversionsps1
|
|
||
| $ext = $match.groups[6].value | ||
| $tokens = $ext.split(".") | ||
| if ($tokens.length -gt 0) { |
There was a problem hiding this comment.
-gt is powershells version of greater then >
| @@ -570,9 +598,6 @@ if ([string]::IsNullOrWhiteSpace($jsSdkDir) -eq $true) { | |||
| $fileTimeStamp = ((get-date).ToUniversalTime()).ToString("yyyyMMddThhmmss") | |||
| $logFile = "$logDir\publishReleaseCdnLog_$fileTimeStamp.txt" | |||
|
|
|||
| $cacheControl1Year = "public, max-age=31536000, immutable"; | |||
There was a problem hiding this comment.
is cache time not needed anymore?
There was a problem hiding this comment.
I moved it to the top of the file - it's on line 16 now 😃
No description provided.