Cut new release #409
Merged
Cut new release #409
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fix winget tag specification
Avoid an extra `dotnet restore` during the `dotnet publish` commands in `layout.sh` when building the macOS installer. For some reason, the CI machines (and sometimes locally) hang during this step with: ``` Building Installer.Mac Copying uninstall script... Microsoft (R) Build Engine version 16.10.0-preview-21181-07+073022eb4 for .NET Copyright (C) Microsoft Corporation. All rights reserved. Determining projects to restore... ``` Avoiding the restore during publish should be OK since the hosting Installer.Mac.csproj project will have already built (and restored) packages for the dependent projects.
Avoid extra restore in macOS installer creation (fix CI hangs)
Copied and refreshed the Bitbucket development doc from the Git Credential Manager for Windows project.
Issue-267 Add fingerprint header, to autodetect Bitbucket DC instances.
a small "how to use" tweak
This change replaces Python scripts we were calling from the `release-apt-get` pipeline with inline scripts. It also adds support for releasing to Ubuntu repositories hosted at http://packages.microsoft.com/ (hosting location for Microsoft's official apt/yum repos). This allows users to install via apt-get on Hirsute/Bionic. Details to configure appropriate repos can be found here: https://docs.microsoft.com/en-us/windows-server/administration/Linux-Package-Repository-for-Microsoft-Software).
Update apt-get workflow to publish to official bionic/hirsute repos
Updating README.md with instructions for apt-get setup and install for Ubuntu Bionic and Hirsute.
We are currently using 'Release tag' to describe the required input to our `workflow_dispatch` trigger. This is inaccurate - this field actually requires a 'Release id', which I discovered when testing GCM Core `apt-get` deployments yesterday. Updating so that the description doesn't confuse folks running the workflow for a release that is not 'latest'.
Add instructions for `apt-get` install to `README`
Add a stable anchor for linking to Linux instructions
When creating the plaintext credential store root directory, create it with permissions such that only the owner/user can read/write/execute, and not the group or other users. This only impacts newly created store directories; existing directories do not have their permissions modified. Only applies to POSIX platforms.
Clarify that is necessary to run `git-credential-manager-core configure`.
Introduce the concept of another layer of settings (lowest precedence; default values only) below the existing environment variable and Git configuration file mechanisms. Implement on Windows using the Registry, under key: HKLM\SOFTWARE\GitCredentialManager\Configuration
Add documentation about the new enterprise/registry settings.
Clarify that is necessary to run git-credential-manager-core configure.
Updated ISSUE_TEMPLATE from version to --version
Clarify that the new registry settings are aimed at enterprises and system administrators, _and_ that the settings are at the lowest precedence; they can always be overridden by the user.
Dynamically skip the macOS Keychain read/write/delete test if the Keychain is in a "strange" state. There is an unknown issue that the keychain can sometimes get itself in where all API calls result in an errSecAuthFailed error. The only solution seems to be a machine restart; not possible in CI! The problem has plagued others who are calling the same Keychain APIs from C# such as the MSAL.NET team - they don't know either. It might have something to do with the code signing signature of the binary (our collective best theory). It's probably only diagnosable at this point by Apple, but we don't have a reliable way to reproduce the problem.
Add ability to specify default settings values from the registry on Windows
Create plaintext credential store directory with safer permissions
If GCM_GPG_PATH is specified, it is assumed to be the path to the GPG executable used by `pass` and will throw an exception if it is not found. If GCM_GPG_PATH is _not_ specified, GCM Core will attempt to find the correct GPG executable by mimicking the behavior (currently) used by `pass` (that is, first searching for `gpg2`, then falling back on `gpg` if `gpg2` is not found).
Add option for `GCM_GPG_PATH` environment variable (Linux-only)
derrickstolee
approved these changes
Aug 11, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes:
gpgcredential store on Linux (Add option forGCM_GPG_PATHenvironment variable (Linux-only) #406)Thanks to our contributors ❤️: