From 586f058fafdf97fd3bca17d869c5031b6c62021e Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Wed, 17 Feb 2021 18:08:44 -0500 Subject: [PATCH 01/19] [CI][VSTS] Move to python3. --- tools/devops/automation/templates/build/build.yml | 2 +- tools/devops/automation/templates/build/stage.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index 3a9ee42f5d8d..ce3ed96aba1b 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -421,7 +421,7 @@ steps: PACKAGES="$IOS_PKG $MAC_PKG $IOS_DOTNET_PKG $TVOS_DOTNET_PKG $WATCHOS_DOTNET_PKG $MACOS_DOTNET_PKG" echo "Packages found at $PACKAGES" - echo "$PACKAGES" | xargs python $(Build.SourcesDirectory)/release-scripts/sign_and_notarize.py --no_notarization -a "$APP_ID" -i "$INSTALL_ID" -u "$APPLE_ACCOUNT" -p "$APPLE_PASS" -t "$TEAM_ID" -d $(Build.SourcesDirectory)/package/notarized -e "$MAC_ENTITLEMENTS" -k "$KEYCHAIN" + echo "$PACKAGES" | xargs python3 $(Build.SourcesDirectory)/release-scripts/sign_and_notarize3.py --no_notarization -a "$APP_ID" -i "$INSTALL_ID" -u "$APPLE_ACCOUNT" -p "$APPLE_PASS" -t "$TEAM_ID" -d $(Build.SourcesDirectory)/package/notarized -e "$MAC_ENTITLEMENTS" -k "$KEYCHAIN" ls -R $(Build.SourcesDirectory)/package env: PRODUCTSIGN_KEYCHAIN_PASSWORD: $(OSX_KEYCHAIN_PASS) diff --git a/tools/devops/automation/templates/build/stage.yml b/tools/devops/automation/templates/build/stage.yml index 1788c5c95a84..29639cb8142b 100644 --- a/tools/devops/automation/templates/build/stage.yml +++ b/tools/devops/automation/templates/build/stage.yml @@ -70,7 +70,7 @@ jobs: demands: - Agent.OS -equals Darwin - Agent.OSVersion -equals 10.15 - - macios_image -equals v1 + - macios_image -equals v1.1 workspace: clean: all From bd0cf0eae34439d218e6773c96e6a3a3346c13d3 Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Wed, 17 Feb 2021 18:23:02 -0500 Subject: [PATCH 02/19] We now have pip3 --- tools/devops/automation/templates/build/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index ce3ed96aba1b..fc7a56a8ba6c 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -69,7 +69,7 @@ steps: which python3 Write-Host "Pip version" - pip -V + pip3 -V displayName: 'Show Python information' - bash: $(System.DefaultWorkingDirectory)/xamarin-macios/tools/devops/automation/scripts/bash/clean-bot.sh From 2e177b7fe230e8fe8518de2cded9e2f98e39d542 Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Thu, 18 Feb 2021 16:08:14 -0500 Subject: [PATCH 03/19] pip3 --- tools/devops/automation/templates/build/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index fc7a56a8ba6c..ce3ed96aba1b 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -69,7 +69,7 @@ steps: which python3 Write-Host "Pip version" - pip3 -V + pip -V displayName: 'Show Python information' - bash: $(System.DefaultWorkingDirectory)/xamarin-macios/tools/devops/automation/scripts/bash/clean-bot.sh From 11d25677028f599e62df130ea503e2ef712a3465 Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Wed, 17 Feb 2021 18:08:44 -0500 Subject: [PATCH 04/19] [CI][VSTS] Move to python3. --- tools/devops/automation/templates/build/build.yml | 2 +- tools/devops/automation/templates/build/stage.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index 3a9ee42f5d8d..ce3ed96aba1b 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -421,7 +421,7 @@ steps: PACKAGES="$IOS_PKG $MAC_PKG $IOS_DOTNET_PKG $TVOS_DOTNET_PKG $WATCHOS_DOTNET_PKG $MACOS_DOTNET_PKG" echo "Packages found at $PACKAGES" - echo "$PACKAGES" | xargs python $(Build.SourcesDirectory)/release-scripts/sign_and_notarize.py --no_notarization -a "$APP_ID" -i "$INSTALL_ID" -u "$APPLE_ACCOUNT" -p "$APPLE_PASS" -t "$TEAM_ID" -d $(Build.SourcesDirectory)/package/notarized -e "$MAC_ENTITLEMENTS" -k "$KEYCHAIN" + echo "$PACKAGES" | xargs python3 $(Build.SourcesDirectory)/release-scripts/sign_and_notarize3.py --no_notarization -a "$APP_ID" -i "$INSTALL_ID" -u "$APPLE_ACCOUNT" -p "$APPLE_PASS" -t "$TEAM_ID" -d $(Build.SourcesDirectory)/package/notarized -e "$MAC_ENTITLEMENTS" -k "$KEYCHAIN" ls -R $(Build.SourcesDirectory)/package env: PRODUCTSIGN_KEYCHAIN_PASSWORD: $(OSX_KEYCHAIN_PASS) diff --git a/tools/devops/automation/templates/build/stage.yml b/tools/devops/automation/templates/build/stage.yml index 1788c5c95a84..29639cb8142b 100644 --- a/tools/devops/automation/templates/build/stage.yml +++ b/tools/devops/automation/templates/build/stage.yml @@ -70,7 +70,7 @@ jobs: demands: - Agent.OS -equals Darwin - Agent.OSVersion -equals 10.15 - - macios_image -equals v1 + - macios_image -equals v1.1 workspace: clean: all From 584777a72a797f0466f834a8d48e55cb228bcba4 Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Wed, 17 Feb 2021 18:23:02 -0500 Subject: [PATCH 05/19] We now have pip3 --- tools/devops/automation/templates/build/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index ce3ed96aba1b..fc7a56a8ba6c 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -69,7 +69,7 @@ steps: which python3 Write-Host "Pip version" - pip -V + pip3 -V displayName: 'Show Python information' - bash: $(System.DefaultWorkingDirectory)/xamarin-macios/tools/devops/automation/scripts/bash/clean-bot.sh From 6c0943f53b34c20703bb59610274e26b935985be Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Fri, 19 Feb 2021 18:52:25 -0500 Subject: [PATCH 06/19] Update the call for the script to take into account the new script. --- tools/devops/automation/templates/build/build.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index fc7a56a8ba6c..e155fb9b2ef8 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -421,16 +421,13 @@ steps: PACKAGES="$IOS_PKG $MAC_PKG $IOS_DOTNET_PKG $TVOS_DOTNET_PKG $WATCHOS_DOTNET_PKG $MACOS_DOTNET_PKG" echo "Packages found at $PACKAGES" - echo "$PACKAGES" | xargs python3 $(Build.SourcesDirectory)/release-scripts/sign_and_notarize3.py --no_notarization -a "$APP_ID" -i "$INSTALL_ID" -u "$APPLE_ACCOUNT" -p "$APPLE_PASS" -t "$TEAM_ID" -d $(Build.SourcesDirectory)/package/notarized -e "$MAC_ENTITLEMENTS" -k "$KEYCHAIN" + echo "$PACKAGES" | xargs python3 $(Build.SourcesDirectory)/release-scripts/sign_and_notarize3.py --no_notarization -a "$APP_ID" -i "$INSTALL_ID" -d $(Build.SourcesDirectory)/package/notarized -e "$MAC_ENTITLEMENTS" -k "$KEYCHAIN" ls -R $(Build.SourcesDirectory)/package env: PRODUCTSIGN_KEYCHAIN_PASSWORD: $(OSX_KEYCHAIN_PASS) MAC_ENTITLEMENTS: $(Build.SourcesDirectory)/xamarin-macios/mac-entitlements.plist APP_ID: $(XamarinAppId) INSTALL_ID: $(XamarinAppId) - APPLE_ACCOUNT: $(XamarinUserId) - APPLE_PASS: $(XamarinPassword) - TEAM_ID: $(TeamID) KEYCHAIN: $(SigningKeychain) name: notarize displayName: 'Signing Release Build' From a67307e396842388b9bb07d150445265119ce8b6 Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Mon, 22 Feb 2021 12:24:07 -0500 Subject: [PATCH 07/19] Point to a test branch with the correct python code. --- tools/devops/automation/build-pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/devops/automation/build-pipeline.yml b/tools/devops/automation/build-pipeline.yml index f2c67a7fdd62..9395651da522 100644 --- a/tools/devops/automation/build-pipeline.yml +++ b/tools/devops/automation/build-pipeline.yml @@ -35,7 +35,7 @@ resources: - repository: release-scripts type: github name: xamarin/release-scripts - ref: refs/heads/sign-and-notarized + ref: refs/heads/fix-python3 endpoint: xamarin variables: From ed418837975fc8720720c520e1871687d2fecea8 Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Mon, 22 Feb 2021 15:37:38 -0500 Subject: [PATCH 08/19] Not notarization is the new default. --- tools/devops/automation/templates/build/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index ce3ed96aba1b..8ea0ef66a063 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -421,7 +421,7 @@ steps: PACKAGES="$IOS_PKG $MAC_PKG $IOS_DOTNET_PKG $TVOS_DOTNET_PKG $WATCHOS_DOTNET_PKG $MACOS_DOTNET_PKG" echo "Packages found at $PACKAGES" - echo "$PACKAGES" | xargs python3 $(Build.SourcesDirectory)/release-scripts/sign_and_notarize3.py --no_notarization -a "$APP_ID" -i "$INSTALL_ID" -u "$APPLE_ACCOUNT" -p "$APPLE_PASS" -t "$TEAM_ID" -d $(Build.SourcesDirectory)/package/notarized -e "$MAC_ENTITLEMENTS" -k "$KEYCHAIN" + echo "$PACKAGES" | xargs python3 $(Build.SourcesDirectory)/release-scripts/sign_and_notarize3.py -a "$APP_ID" -i "$INSTALL_ID" -u "$APPLE_ACCOUNT" -p "$APPLE_PASS" -t "$TEAM_ID" -d $(Build.SourcesDirectory)/package/notarized -e "$MAC_ENTITLEMENTS" -k "$KEYCHAIN" ls -R $(Build.SourcesDirectory)/package env: PRODUCTSIGN_KEYCHAIN_PASSWORD: $(OSX_KEYCHAIN_PASS) From bfa69d27cd22653476092e4d8d473e2a7ddba315 Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Tue, 23 Feb 2021 14:31:16 -0500 Subject: [PATCH 09/19] xargs give me stodut. --- tools/devops/automation/templates/build/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index e155fb9b2ef8..e76ed9527da4 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -421,7 +421,7 @@ steps: PACKAGES="$IOS_PKG $MAC_PKG $IOS_DOTNET_PKG $TVOS_DOTNET_PKG $WATCHOS_DOTNET_PKG $MACOS_DOTNET_PKG" echo "Packages found at $PACKAGES" - echo "$PACKAGES" | xargs python3 $(Build.SourcesDirectory)/release-scripts/sign_and_notarize3.py --no_notarization -a "$APP_ID" -i "$INSTALL_ID" -d $(Build.SourcesDirectory)/package/notarized -e "$MAC_ENTITLEMENTS" -k "$KEYCHAIN" + echo "$PACKAGES" | xargs -t python3 $(Build.SourcesDirectory)/release-scripts/sign_and_notarize3.py --no_notarization -a "$APP_ID" -i "$INSTALL_ID" -d $(Build.SourcesDirectory)/package/notarized -e "$MAC_ENTITLEMENTS" -k "$KEYCHAIN" ls -R $(Build.SourcesDirectory)/package env: PRODUCTSIGN_KEYCHAIN_PASSWORD: $(OSX_KEYCHAIN_PASS) From 655a16a299f1bb72d3d1421defcbb00ab3e807ae Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Tue, 23 Feb 2021 14:36:04 -0500 Subject: [PATCH 10/19] spaces. --- tools/devops/automation/templates/build/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index 6d525e6be8e1..4e4e7837a0a5 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -421,7 +421,7 @@ steps: PACKAGES="$IOS_PKG $MAC_PKG $IOS_DOTNET_PKG $TVOS_DOTNET_PKG $WATCHOS_DOTNET_PKG $MACOS_DOTNET_PKG" echo "Packages found at $PACKAGES" - echo "$PACKAGES" | xargs -t python3 $(Build.SourcesDirectory)/release-scripts/sign_and_notarize3.py -a "$APP_ID" -i "$INSTALL_ID" -d $(Build.SourcesDirectory)/package/notarized -e "$MAC_ENTITLEMENTS" -k "$KEYCHAIN" + echo "$PACKAGES" | xargs -t python3 $(Build.SourcesDirectory)/release-scripts/sign_and_notarize3.py -a "$APP_ID" -i "$INSTALL_ID" -d $(Build.SourcesDirectory)/package/notarized -e "$MAC_ENTITLEMENTS" -k "$KEYCHAIN" ls -R $(Build.SourcesDirectory)/package env: PRODUCTSIGN_KEYCHAIN_PASSWORD: $(OSX_KEYCHAIN_PASS) From 008fcc2871dc4efb4dbba0a4fa952005f7f3fdbe Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Mon, 1 Mar 2021 12:56:20 -0500 Subject: [PATCH 11/19] Do it one by one or we have a timeout. --- tools/devops/automation/templates/build/build.yml | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index 4e4e7837a0a5..8f5f91ce57c4 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -443,7 +443,19 @@ steps: env: SYSTEM_ACCESSTOKEN: $(System.AccessToken) -- pwsh: $(Build.SourcesDirectory)/release-scripts/notarize.ps1 -FolderForApps $(Build.SourcesDirectory)/package/notarized +- pwsh: | + # so... we have to many pkgs, that results in timeouts, so we need to split things and call it several times + $pkgDir = $(Build.SourcesDirectory)/package/notarized + $files = @(Get-ChildItem -Path "$pkgDir/*" -Filter "*.pkg") + # we are going to be one by one... why? because if we send all, we timeout!!!! + if ($files.count -gt 0) + { + foreach($pkg in $files) + { + Write-Host "Zipping $($pkg.FullName) into $zipFileName..." + & dotnet $Env:MBSIGN_APPFOLDER/DDSignFiles.dll /file:"$($pkg.FullName)" /certs:"8020" + } + } displayName: 'ESRP notarizing packages' condition: and(succeeded(), contains(variables['configuration.SignPkgs'], 'True'), contains(variables['configuration.IsPr'], 'False')) # if we are a PR, do not use ESRP since is not supported From 4bd173c392c2876c7f27c8153576b77b07efafd8 Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Mon, 1 Mar 2021 13:10:16 -0500 Subject: [PATCH 12/19] Fix logging. --- tools/devops/automation/templates/build/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index 8f5f91ce57c4..13235808a194 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -452,7 +452,7 @@ steps: { foreach($pkg in $files) { - Write-Host "Zipping $($pkg.FullName) into $zipFileName..." + Write-Host "Notarizing $($pkg.FullName) into" & dotnet $Env:MBSIGN_APPFOLDER/DDSignFiles.dll /file:"$($pkg.FullName)" /certs:"8020" } } From 54e4cdd8c95897499f852b6089893e060c7ba9a9 Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Mon, 1 Mar 2021 15:39:20 -0500 Subject: [PATCH 13/19] Fix path with quotes. --- tools/devops/automation/templates/build/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index 13235808a194..3d3702a47ba8 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -445,7 +445,7 @@ steps: - pwsh: | # so... we have to many pkgs, that results in timeouts, so we need to split things and call it several times - $pkgDir = $(Build.SourcesDirectory)/package/notarized + $pkgDir = "$(Build.SourcesDirectory)/package/notarized" $files = @(Get-ChildItem -Path "$pkgDir/*" -Filter "*.pkg") # we are going to be one by one... why? because if we send all, we timeout!!!! if ($files.count -gt 0) From 751f2bf8694e78d8ce0437c43387dd9e339ef8b9 Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Mon, 1 Mar 2021 21:49:33 -0500 Subject: [PATCH 14/19] Dont be greedy. --- tools/devops/automation/templates/build/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index 3d3702a47ba8..224ae42f188f 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -453,7 +453,7 @@ steps: foreach($pkg in $files) { Write-Host "Notarizing $($pkg.FullName) into" - & dotnet $Env:MBSIGN_APPFOLDER/DDSignFiles.dll /file:"$($pkg.FullName)" /certs:"8020" + dotnet $Env:MBSIGN_APPFOLDER/DDSignFiles.dll /file:"$($pkg.FullName)" /certs:"8020" } } displayName: 'ESRP notarizing packages' From 33ec7c78a438889084f8c3fc4d525aeba8c02bc1 Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Tue, 2 Mar 2021 11:37:58 -0500 Subject: [PATCH 15/19] Upload before notarizing to be able to test. --- tools/devops/automation/templates/build/build.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index 224ae42f188f..8a428de6415f 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -434,6 +434,14 @@ steps: condition: and(succeeded(), contains(variables['configuration.SignPkgs'], 'True'), contains(variables['configuration.IsPr'], 'False')) timeoutInMinutes: 90 +# upload each of the pkgs into the pipeline artifacts +- task: PublishPipelineArtifact@1 + displayName: 'Publish Not Notarized Build Artifacts' + inputs: + targetPath: $(Build.SourcesDirectory)/package/notarized + artifactName: not-notarized-pkg + continueOnError: true + - task: ms-vseng.MicroBuildTasks.30666190-6959-11e5-9f96-f56098202fef.MicroBuildSigningPlugin@3 displayName: 'Install Notarizing Plugin' inputs: From 32729aab5d83fcaec440d7506b277d1d2dc3be4b Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Tue, 2 Mar 2021 18:02:07 -0500 Subject: [PATCH 16/19] Add the nicer version of the script. --- tools/devops/automation/build-pipeline.yml | 2 +- tools/devops/automation/templates/build/build.yml | 5 +---- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/tools/devops/automation/build-pipeline.yml b/tools/devops/automation/build-pipeline.yml index 9395651da522..76b9ee06b669 100644 --- a/tools/devops/automation/build-pipeline.yml +++ b/tools/devops/automation/build-pipeline.yml @@ -35,7 +35,7 @@ resources: - repository: release-scripts type: github name: xamarin/release-scripts - ref: refs/heads/fix-python3 + ref: refs/heads/esrp-signing endpoint: xamarin variables: diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index 8a428de6415f..26b9b291d61c 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -421,14 +421,11 @@ steps: PACKAGES="$IOS_PKG $MAC_PKG $IOS_DOTNET_PKG $TVOS_DOTNET_PKG $WATCHOS_DOTNET_PKG $MACOS_DOTNET_PKG" echo "Packages found at $PACKAGES" - echo "$PACKAGES" | xargs -t python3 $(Build.SourcesDirectory)/release-scripts/sign_and_notarize3.py -a "$APP_ID" -i "$INSTALL_ID" -d $(Build.SourcesDirectory)/package/notarized -e "$MAC_ENTITLEMENTS" -k "$KEYCHAIN" + echo "$PACKAGES" | xargs -t python3 $(Build.SourcesDirectory)/release-scripts/esrp_sign.py -c "8023" -d $(Build.SourcesDirectory)/package/notarized -e "$MAC_ENTITLEMENTS" ls -R $(Build.SourcesDirectory)/package env: PRODUCTSIGN_KEYCHAIN_PASSWORD: $(OSX_KEYCHAIN_PASS) MAC_ENTITLEMENTS: $(Build.SourcesDirectory)/xamarin-macios/mac-entitlements.plist - APP_ID: $(XamarinAppId) - INSTALL_ID: $(XamarinAppId) - KEYCHAIN: $(SigningKeychain) name: notarize displayName: 'Signing Release Build' condition: and(succeeded(), contains(variables['configuration.SignPkgs'], 'True'), contains(variables['configuration.IsPr'], 'False')) From 374aa5d572f3b70fccc5dd600c96d982938dd410 Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Sun, 7 Mar 2021 17:20:06 -0500 Subject: [PATCH 17/19] Make python script very verbose. --- tools/devops/automation/templates/build/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index 26b9b291d61c..c4f159f7bb3e 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -421,7 +421,7 @@ steps: PACKAGES="$IOS_PKG $MAC_PKG $IOS_DOTNET_PKG $TVOS_DOTNET_PKG $WATCHOS_DOTNET_PKG $MACOS_DOTNET_PKG" echo "Packages found at $PACKAGES" - echo "$PACKAGES" | xargs -t python3 $(Build.SourcesDirectory)/release-scripts/esrp_sign.py -c "8023" -d $(Build.SourcesDirectory)/package/notarized -e "$MAC_ENTITLEMENTS" + echo "$PACKAGES" | xargs -t python3 $(Build.SourcesDirectory)/release-scripts/esrp_sign.py -vv -c "8023" -d $(Build.SourcesDirectory)/package/notarized -e "$MAC_ENTITLEMENTS" ls -R $(Build.SourcesDirectory)/package env: PRODUCTSIGN_KEYCHAIN_PASSWORD: $(OSX_KEYCHAIN_PASS) From 57ca836d7de1206a3746ae720a730bec0ba53225 Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Thu, 18 Mar 2021 15:31:36 -0400 Subject: [PATCH 18/19] Bump timeout. --- tools/devops/automation/templates/build/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index ec6b49b5a477..09e384852b2c 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -432,7 +432,7 @@ steps: name: notarize displayName: 'Signing Release Build' condition: and(succeeded(), contains(variables['configuration.SignPkgs'], 'True'), contains(variables['configuration.IsPr'], 'False')) - timeoutInMinutes: 90 + timeoutInMinutes: 180 - task: ms-vseng.MicroBuildTasks.30666190-6959-11e5-9f96-f56098202fef.MicroBuildSigningPlugin@3 displayName: 'Install Notarizing Plugin' From 87fc022c800a502ecccc3b0abced4684047270af Mon Sep 17 00:00:00 2001 From: Manuel de la Pena Date: Thu, 18 Mar 2021 15:35:56 -0400 Subject: [PATCH 19/19] Faster installation. --- tools/devops/automation/templates/build/build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/devops/automation/templates/build/build.yml b/tools/devops/automation/templates/build/build.yml index bcb5624cf736..7f7d2ad689fe 100644 --- a/tools/devops/automation/templates/build/build.yml +++ b/tools/devops/automation/templates/build/build.yml @@ -381,6 +381,7 @@ steps: inputs: signType: 'Real' azureSubscription: 'MicroBuild Signing Task (DevDiv)' + zipSources: false env: SYSTEM_ACCESSTOKEN: $(System.AccessToken)