Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

initial changes to build macOS #1279

Closed
wants to merge 5 commits into from
Closed

initial changes to build macOS #1279

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
658f1a8
initial changes to build macOS
gdams Jul 23, 2024
f3b8433
add pool mapping
gdams Jul 23, 2024
cefa93d
fix pool
gdams Jul 25, 2024
fede3d5
add macOS signing steps
gdams Jul 25, 2024
475b1bf
Merge branch 'microsoft/main' into dev/gadams/macos
gdams Oct 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions eng/pipeline/stages/go-builder-matrix-stages.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,8 @@ stages:
- { os: windows, arch: amd64, config: buildandpack }
- { os: linux, arch: arm, hostArch: amd64, config: buildandpack }
- { os: linux, arch: arm64, hostArch: amd64, config: buildandpack }
- { os: darwin, arch: amd64, config: buildandpack }
- { os: darwin, arch: arm64, hostArch: amd64, config: buildandpack }
- ${{ if parameters.includeArm64Host }}:
- { os: linux, arch: arm64, config: buildandpack }
- ${{ if parameters.innerloop }}:
Expand All @@ -94,6 +96,8 @@ stages:
- { experiment: cngcrypto, os: windows, arch: amd64, config: test, fips: true }
# Test that buildandpack works on Windows x86-32, but don't release it.
- { os: windows, hostArch: amd64, arch: 386, config: buildandpack }
- { os: darwin, arch: amd64, config: devscript }
- { os: darwin, arch: amd64, config: test }
- ${{ if parameters.outerloop }}:
# Upstream builders.
# - { os: linux, arch: amd64, config: clang } https://github.com/microsoft/go/issues/342
Expand Down
4 changes: 3 additions & 1 deletion eng/pipeline/stages/pool-1.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,9 @@ stages:
parameters:
${{ insert }}: ${{ parameters }}

${{ if eq(parameters.hostArch, 'arm64') }}:
${{ if eq(parameters.os, 'darwin') }}:
name: Azure Pipelines # use the default AzDo hosted pool
${{ elseif and(eq(parameters.hostArch, 'arm64'), eq(parameters.os, 'linux')) }}:
name: Docker-Linux-Arm-Internal
${{ else }}:
${{ if parameters.public }}:
Expand Down
5 changes: 5 additions & 0 deletions eng/pipeline/stages/pool-2.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,3 +50,8 @@ stages:
${{ else }}:
demands: ImageOverride -equals 1es-ubuntu-2004
os: linux

${{ elseif eq(parameters.os, 'darwin') }}:
# https://learn.microsoft.com/en-us/azure/devops/pipelines/agents/hosted?view=azure-devops&tabs=yaml#software
vmImage: 'macos-14'
os: macOs
34 changes: 34 additions & 0 deletions eng/signing/Sign.proj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,9 @@
<GoZipFile Include="$([MSBuild]::NormalizeDirectory('$(SignFilesDir)'))**/go*.zip" />
<GoZipFile ExtractedDir="$([MSBuild]::NormalizeDirectory('%(Identity).extracted'))" />

<GoMacOSTarFile Include="$([MSBuild]::NormalizeDirectory('$(SignFilesDir)'))**/go*darwin*.tar.gz" />
<GoMacOSTarFile ExtractedDir="$([MSBuild]::NormalizeDirectory('%(Identity).extracted'))" />

<FileExtensionSignInfo Include=".sig" CertificateName="LinuxSignManagedLanguageCompiler" />
</ItemGroup>

Expand Down Expand Up @@ -68,6 +71,22 @@
-->
<FilesToSign Remove="%(GoZipFile.ExtractedDir)**\testdata\**" />
</ItemGroup>
<!-- macOS codesign -->
<Exec Command="if not exist %(GoMacOSTarFile.ExtractedDir) mkdir %(GoMacOSTarFile.ExtractedDir)" />
<Exec Command="tar -xzf %(GoMacOSTarFile.Identity) -C %(GoMacOSTarFile.ExtractedDir)" />
<ItemGroup>
<FilesToSign Include="%(GoMacOSTarFile.ExtractedDir)go">
<Authenticode>MacDeveloperHarden</Authenticode>
<!-- macOS signing requires the binaries to be zipped up -->
<Zip>true</Zip>
</FilesToSign>
<!--
gdams marked this conversation as resolved.
Show resolved Hide resolved
Remove test data: some files (especially zip files) are set up in very particular ways that
SignTool doesn't reconstruct properly after recursing into the container. This causes "go
tool dist test" to fail when run on a signed build.
-->
<FilesToSign Remove="%(GoMacOSTarFile.ExtractedDir)**\testdata\**" />
</ItemGroup>
</Target>

<Target Name="AfterSign" AfterTargets="SignFiles">
Expand All @@ -84,6 +103,21 @@

<!-- Remove the large extracted dir so the build job doesn't upload it. -->
<RemoveDir Directories="@(GoZipFile -> '%(ExtractedDir)')" />

<!-- Repack macOS tar.gz -->
<Exec Command="tar -czf %(GoMacOSTarFile.Identity) -C %(GoMacOSTarFile.ExtractedDir) ." />

<!-- Notarize macOS -->
<ItemGroup>
<FilesToSign Include="%(GoMacOSTarFile.Identity)">
<Authenticode>MacNotarize</Authenticode>
</FilesToSign>
</ItemGroup>

<Exec Command="pwsh ..\run.ps1 write-checksum @(GoMacOSTarFile, ' ')" />

<!-- Remove the large extracted dir so the build job doesn't upload it. -->
<RemoveDir Directories="@(GoMacOSTarFile -> '%(ExtractedDir)')" />
</Target>

<Target Name="SignFiles" BeforeTargets="PrepSign">
Expand Down
Loading