diff --git a/eng/Version.Details.xml b/eng/Version.Details.xml
index 8f328e8da4..979d04de7a 100644
--- a/eng/Version.Details.xml
+++ b/eng/Version.Details.xml
@@ -1,9 +1,9 @@
-
+
https://github.com/dotnet/arcade
- 93e08e378eb00a4267ffeca24b6bebb4f6c011ef
+ 40eacd2afc9cfd2ba892b5eadb3e728c1008fa38
@@ -14,9 +14,9 @@
https://github.com/dotnet/roslyn
592501cbb9c9394072a245c15b3458ff88155d85
-
+
https://github.com/dotnet/arcade
- 93e08e378eb00a4267ffeca24b6bebb4f6c011ef
+ 40eacd2afc9cfd2ba892b5eadb3e728c1008fa38
diff --git a/eng/Versions.props b/eng/Versions.props
index 6170d206ee..1e28bd4632 100644
--- a/eng/Versions.props
+++ b/eng/Versions.props
@@ -32,7 +32,7 @@
$([System.Text.RegularExpressions.Regex]::Match($([System.IO.File]::ReadAllText('$(MSBuildThisFileDirectory)..\global.json')), '"dotnet": "([^"]*)"').Groups.get_Item(1))
- 6.0.0-beta.22102.3
+ 6.0.0-beta.22116.15
6.0.0-preview.2.21154.6
4.1.0-3.22075.3
6.1.0-rc.103
diff --git a/eng/common/generate-sbom-prep.ps1 b/eng/common/generate-sbom-prep.ps1
new file mode 100644
index 0000000000..a733a88858
--- /dev/null
+++ b/eng/common/generate-sbom-prep.ps1
@@ -0,0 +1,19 @@
+Param(
+ [Parameter(Mandatory=$true)][string] $ManifestDirPath # Manifest directory where sbom will be placed
+)
+
+Write-Host "Creating dir $ManifestDirPath"
+# create directory for sbom manifest to be placed
+if (!(Test-Path -path $ManifestDirPath))
+{
+ New-Item -ItemType Directory -path $ManifestDirPath
+ Write-Host "Successfully created directory $ManifestDirPath"
+}
+else{
+ Write-PipelineTelemetryError -category 'Build' "Unable to create sbom folder."
+}
+
+Write-Host "Updating artifact name"
+$artifact_name = "${env:SYSTEM_STAGENAME}_${env:AGENT_JOBNAME}_SBOM" -replace '["/:<>\\|?@*"() ]', '_'
+Write-Host "Artifact name $artifact_name"
+Write-Host "##vso[task.setvariable variable=ARTIFACT_NAME]$artifact_name"
diff --git a/eng/common/generate-sbom-prep.sh b/eng/common/generate-sbom-prep.sh
new file mode 100644
index 0000000000..f6c7745314
--- /dev/null
+++ b/eng/common/generate-sbom-prep.sh
@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+
+source="${BASH_SOURCE[0]}"
+
+manifest_dir=$1
+
+if [ ! -d "$manifest_dir" ] ; then
+ mkdir -p "$manifest_dir"
+ echo "Sbom directory created." $manifest_dir
+else
+ Write-PipelineTelemetryError -category 'Build' "Unable to create sbom folder."
+fi
+
+artifact_name=$SYSTEM_STAGENAME"_"$AGENT_JOBNAME"_SBOM"
+echo "Artifact name before : "$artifact_name
+# replace all special characters with _, some builds use special characters like : in Agent.Jobname, that is not a permissible name while uploading artifacts.
+safe_artifact_name="${artifact_name//["/:<>\\|?@*$" ]/_}"
+echo "Artifact name after : "$safe_artifact_name
+export ARTIFACT_NAME=$safe_artifact_name
+echo "##vso[task.setvariable variable=ARTIFACT_NAME]$safe_artifact_name"
+
+exit 0
diff --git a/eng/common/templates/job/job.yml b/eng/common/templates/job/job.yml
index 30d1de5835..547d878da0 100644
--- a/eng/common/templates/job/job.yml
+++ b/eng/common/templates/job/job.yml
@@ -31,6 +31,10 @@ parameters:
name: ''
preSteps: []
runAsPublic: false
+# Sbom related params
+ enableSbom: true
+ PackageVersion: 6.0.0
+ BuildDropPath: '$(Build.SourcesDirectory)/artifacts'
jobs:
- job: ${{ parameters.name }}
@@ -247,3 +251,9 @@ jobs:
ArtifactName: AssetManifests
continueOnError: ${{ parameters.continueOnError }}
condition: and(succeeded(), eq(variables['_DotNetPublishToBlobFeed'], 'true'))
+
+ - ${{ if and(eq(parameters.runAsPublic, 'false'), ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest'), eq(parameters.enableSbom, 'true')) }}:
+ - template: /eng/common/templates/steps/generate-sbom.yml
+ parameters:
+ PackageVersion: ${{ parameters.packageVersion}}
+ BuildDropPath: ${{ parameters.buildDropPath }}
diff --git a/eng/common/templates/job/source-build.yml b/eng/common/templates/job/source-build.yml
index 5023d36dcb..5cd5325d7b 100644
--- a/eng/common/templates/job/source-build.yml
+++ b/eng/common/templates/job/source-build.yml
@@ -31,11 +31,6 @@ parameters:
# container and pool.
platform: {}
- # The default VM host AzDO pool. This should be capable of running Docker containers: almost all
- # source-build builds run in Docker, including the default managed platform.
- defaultContainerHostPool:
- vmImage: ubuntu-20.04
-
jobs:
- job: ${{ parameters.jobNamePrefix }}_${{ parameters.platform.name }}
displayName: Source-Build (${{ parameters.platform.name }})
@@ -47,7 +42,15 @@ jobs:
container: ${{ parameters.platform.container }}
${{ if eq(parameters.platform.pool, '') }}:
- pool: ${{ parameters.defaultContainerHostPool }}
+ # The default VM host AzDO pool. This should be capable of running Docker containers: almost all
+ # source-build builds run in Docker, including the default managed platform.
+ pool:
+ ${{ if eq(variables['System.TeamProject'], 'public') }}:
+ name: NetCore1ESPool-Public
+ demands: ImageOverride -equals Build.Ubuntu.1804.Amd64.Open
+ ${{ if eq(variables['System.TeamProject'], 'internal') }}:
+ name: NetCore1ESPool-Internal
+ demands: ImageOverride -equals Build.Ubuntu.1804.Amd64
${{ if ne(parameters.platform.pool, '') }}:
pool: ${{ parameters.platform.pool }}
diff --git a/eng/common/templates/steps/generate-sbom.yml b/eng/common/templates/steps/generate-sbom.yml
new file mode 100644
index 0000000000..f4d7937f37
--- /dev/null
+++ b/eng/common/templates/steps/generate-sbom.yml
@@ -0,0 +1,44 @@
+# BuildDropPath - The root folder of the drop directory for which the manifest file will be generated.
+# PackageName - The name of the package this SBOM represents.
+# PackageVersion - The version of the package this SBOM represents.
+# ManifestDirPath - The path of the directory where the generated manifest files will be placed
+
+parameters:
+ PackageVersion: 6.0.0
+ BuildDropPath: '$(Build.SourcesDirectory)/artifacts'
+ PackageName: '.NET'
+ ManifestDirPath: $(Build.ArtifactStagingDirectory)/sbom
+ sbomContinueOnError: true
+
+steps:
+- task: PowerShell@2
+ displayName: Prep for SBOM generation in (Non-linux)
+ condition: or(eq(variables['Agent.Os'], 'Windows_NT'), eq(variables['Agent.Os'], 'Darwin'))
+ inputs:
+ filePath: ./eng/common/generate-sbom-prep.ps1
+ arguments: ${{parameters.manifestDirPath}}
+
+# Chmodding is a workaround for https://github.com/dotnet/arcade/issues/8461
+- script: |
+ chmod +x ./eng/common/generate-sbom-prep.sh
+ ./eng/common/generate-sbom-prep.sh ${{parameters.manifestDirPath}}
+ displayName: Prep for SBOM generation in (Linux)
+ condition: eq(variables['Agent.Os'], 'Linux')
+ continueOnError: ${{ parameters.sbomContinueOnError }}
+
+- task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
+ displayName: 'Generate SBOM manifest'
+ continueOnError: ${{ parameters.sbomContinueOnError }}
+ inputs:
+ PackageName: ${{ parameters.packageName }}
+ BuildDropPath: ${{ parameters.buildDropPath }}
+ PackageVersion: ${{ parameters.packageVersion }}
+ ManifestDirPath: ${{ parameters.manifestDirPath }}
+
+- task: PublishPipelineArtifact@1
+ displayName: Publish SBOM manifest
+ continueOnError: ${{parameters.sbomContinueOnError}}
+ inputs:
+ targetPath: '${{parameters.manifestDirPath}}'
+ artifactName: $(ARTIFACT_NAME)
+
diff --git a/global.json b/global.json
index 51ac7e2742..67c77c202c 100644
--- a/global.json
+++ b/global.json
@@ -10,6 +10,6 @@
},
"msbuild-sdks": {
"Microsoft.Build.CentralPackageVersions": "2.0.1",
- "Microsoft.DotNet.Arcade.Sdk": "6.0.0-beta.22102.3"
+ "Microsoft.DotNet.Arcade.Sdk": "6.0.0-beta.22116.15"
}
}