From 20faae4529b1597f533c7e00ea5ca8171ffb04e2 Mon Sep 17 00:00:00 2001 From: Wes Haggard Date: Thu, 29 Aug 2024 15:09:13 -0700 Subject: [PATCH] Switch to User Delegate SAS for vcpkg caching --- eng/scripts/Set-VcpkgWriteModeCache.ps1 | 20 ++++++++++++-------- tools/apiview/parsers/cpp-api-parser/ci.yml | 14 +++++++++----- 2 files changed, 21 insertions(+), 13 deletions(-) diff --git a/eng/scripts/Set-VcpkgWriteModeCache.ps1 b/eng/scripts/Set-VcpkgWriteModeCache.ps1 index 2ee5740e003..54526958d2c 100644 --- a/eng/scripts/Set-VcpkgWriteModeCache.ps1 +++ b/eng/scripts/Set-VcpkgWriteModeCache.ps1 @@ -1,7 +1,8 @@ param( - [string] $StorageAccountKey + [string] $StorageAccountName = 'cppvcpkgcache' ) + ."$PSScriptRoot/../common/scripts/Helpers/PSModule-Helpers.ps1" Write-Host "`$env:PSModulePath = $($env:PSModulePath)" @@ -26,15 +27,18 @@ $env:PSModulePath = $modulePaths -join $moduleSeperator Install-ModuleIfNotInstalled "Az.Storage" "4.3.0" | Import-Module $ctx = New-AzStorageContext ` - -StorageAccountName 'cppvcpkgcache' ` - -StorageAccountKey $StorageAccountKey -$token = New-AzStorageAccountSASToken ` - -Service Blob ` - -ResourceType Object ` + -StorageAccountName $StorageAccountName ` + -UseConnectedAccount + +$vcpkgBinarySourceSas = New-AzStorageContainerSASToken ` + -Name $StorageAccountName ` -Permission "rwc" ` -Context $ctx ` - -ExpiryTime (Get-Date).AddDays(1) -$vcpkgBinarySourceSas = $token.Substring(1) + -ExpiryTime (Get-Date).AddHours(1) + +Write-Host "Ensure redaction of SAS tokens in logs" +Write-Host "##vso[task.setvariable variable=VCPKG_BINARY_SAS_TOKEN;issecret=true;]$vcpkgBinarySourceSas" Write-Host "Setting vcpkg binary cache to read and write" Write-Host "##vso[task.setvariable variable=VCPKG_BINARY_SOURCES_SECRET;issecret=true;]clear;x-azblob,https://cppvcpkgcache.blob.core.windows.net/public-vcpkg-container,$vcpkgBinarySourceSas,readwrite" +Write-Host "##vso[task.setvariable variable=X_VCPKG_ASSET_SOURCES_SECRET;issecret=true;]clear;x-azurl,https://cppvcpkgcache.blob.core.windows.net/public-vcpkg-asset-container/,?$vcpkgBinarySourceSas,readwrite" diff --git a/tools/apiview/parsers/cpp-api-parser/ci.yml b/tools/apiview/parsers/cpp-api-parser/ci.yml index e9bb3fa8e8b..14d9728d008 100644 --- a/tools/apiview/parsers/cpp-api-parser/ci.yml +++ b/tools/apiview/parsers/cpp-api-parser/ci.yml @@ -64,13 +64,17 @@ stages: displayName: Create cmake build directory. workingDirectory: '$(Build.SourcesDirectory)/tools/apiview/parsers/cpp-api-parser' condition: succeeded() - - task: PowerShell@2 + - task: AzurePowerShell@5 + displayName: Set Vcpkg Write-mode Cache inputs: + azureSubscription: 'Azure SDK Artifacts' + ScriptType: FilePath + ScriptPath: eng/scripts/Set-VcpkgWriteModeCache.ps1 + azurePowerShellVersion: LatestVersion pwsh: true - targetType: filePath - filePath: eng/scripts/Set-VcpkgWriteModeCache.ps1 - arguments: -StorageAccountKey '$(cpp-vcpkg-cache-storage-key)' - displayName: Set Vcpkg Write-mode Cache + # This step is idempotent and can be run multiple times in cases of + # failure and partial execution. + retryCountOnTaskFailure: 3 - pwsh: | cmake.exe -G "Visual Studio 17 2022" -DCMAKE_CXX_STANDARD:STRING="20" -DCMAKE_TOOLCHAIN_FILE:STRING=${env:VCPKG_ROOT}/scripts/buildsystems/vcpkg.cmake -DVCPKG_BUILD_TYPE:STRING="release" -DVCPKG_OVERLAY_TRIPLETS:STRING="../vcpkg-triplets" -DMSVC_RUNTIME_LIBRARY:STRING="MultiThreadedDebug" -DVCPKG_TARGET_TRIPLET:STRING="x64-windows-static-release" .. displayName: Cmake Generate.