- Improvements to Batch scripts for new and existing Windows VMs (dep…

…endency installation via Google Drive)

- Add nuget.config file to standardize/control our NuGet settings across machines
- Add VM_SETUP_HELP.md for documenting/troubleshooting

.github/workflows/ci.yml

@@ -17,9 +17,7 @@ jobs:
     steps:
       - uses: actions/checkout@v3
       - name: Set up dotnet tools
-        run: make setup-tools
-      - name: Install security-code-scan
-        run: make install-scanner
+        run: make install-tools
       - name: Run security analysis
         run: make scan
         # TODO: In the future, we can collect the output logs by enabling Code Scanning and using the pre-built GitHub Action: https://github.com/marketplace/actions/securitycodescan

Makefile

@@ -36,12 +36,13 @@ format:
 install-cert:
 	scripts\install_cert.bat ${cert} ${pass}
 
-## install-scanner - Install SecurityCodeScan to your system
-install-scanner:
-	dotnet tool install --local security-scan --version 5.6.3
+## install-tools - Install tools to your system
+install-tools:
+	dotnet new tool-manifest || true
+	dotnet tool install --local security-scan --version 5.6.3 || true
 
 ## install - Install requirements
-install:
+install: | install-tools
 	git submodule init
 	git submodule update
 
@@ -93,10 +94,6 @@ scan:
 setup:
 	scripts\setup.bat
 
-## setup-tools - Set up the manifest files for dotnet tools
-setup-tools:
-	dotnet new tool-manifest
-
 ## sign - Sign all generated DLLs and NuGet packages with the provided certificate (Windows only)
 # @parameters:
 # cert= - The certificate to use for signing the built assets.
@@ -120,4 +117,4 @@ test-fw:
 uninstall-scanner:
 	dotnet tool uninstall security-scan
 
-.PHONY: help build build-test-fw build-prod clean format install-cert install-scanner install lint lint-scripts pre-release publish-all publish release restore scan setup setup-tools sign test test-fw uninstall-scanner
+.PHONY: help build build-test-fw build-prod clean format install-cert install-tools install lint lint-scripts pre-release publish-all publish release restore scan setup sign test test-fw uninstall-scanner

VM_SETUP_HELP.md

@@ -0,0 +1,40 @@
+This file is a catch-all for (non-proprietary) notes about setting up a Windows system/VM to build the .NET client library.
+
+### General Notes
+
+- If you are starting a VM from scratch, it's recommended you "de-bloat" Windows 10/11. [Chris Titus's utility](https://christitus.com/windows-tool/) is quite effective and well-tested.
+- If you are starting a VM from scratch, follow this process:
+  - Start up the VM
+  - Debloat Windows (optional)
+  - Open PowerShell as Administrator and [install Chocolatey](https://docs.chocolatey.org/en-us/choco/setup#install-with-powershell.exe)
+  - Install `git` and `make` via Chocolatey: `choco install git make`
+  - Open Command Prompt and clone the .NET client library repo: `git clone https://github.com/EasyPost/easypost-csharp.git`
+    - Command Prompt should open to your user directory by default, so you do not need to navigate to a different directory first
+  - Enter the repo directory: `cd easypost-csharp`
+  - Set up your system: `make setup`
+- All Batch scripts in the `scripts` folder can be run via the Makefile (e.g. `make setup`, `make prep-release`). You should never need to run any Batch script directly; some are designed with the expectation that you are running them from the root of the repository.
+- If you can, don't shut down your VM. Instead, suspend it via "Save Machine State". This will improve startup time and preserve any open applications.
+- You can [pass through folders](https://pureinfotech.com/create-shared-folder-virtual-machine-virtualbox/) into your VM to transfer files between your host and guest OS.
+
+### Troubleshooting
+
+#### Windows VM can't find my network drive
+- Make sure the folder exists on your host OS *prior* to starting the VM. If you need to create the folder, shut down the VM first and then start it again after creating the folder.
+  - If you are passing through folders to files stored in 1Password cache, those files are temporary and may need to be re-cached on your host machine. Navigate to the file in 1Password, click the dropdown arrow next to "Quick Look" and select "Show in Finder" (MacOS). This will re-cache the file and make the folder available to the VM.
+
+#### Text won't paste into the VM
+
+- Try opening Notepad on the Windows VM and pasting into that first. If it works, try pasting into the application you want to use.
+- In Command Prompt, you "paste" with a right-click on the mouse. Do not
+
+#### Restoring NuGet packages fails
+
+- **"No packages exist with this id in source(s): Microsoft Visual Studio Offline Packages"**
+  - You need to add nuget.org as a package source.
+    - Via Visual Studio:
+      - Open Visual Studio -> Debug -> Options -> NuGet Package Manager -> General. Click "Clear All NuGet Cache(s)".
+      - Click "Package Sources" and add `https://api.nuget.org/v3/index.json` as a package source.
+    - Via the command line:
+      - Open a command prompt and run `nuget sources add -Name nuget.org -Source https://api.nuget.org/v3/index.json`
+  - The scripts in this repository are configured to use the `nuget.config` file in the root of the repository, which should avoid this issue.
+    - If you would like to use this config file, include `-configFile nuget.config` in your `nuget` command.

nuget.config

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+  <activePackageSource>
+    <add key="NuGet official package source" value="https://api.nuget.org/v3/index.json" />
+  </activePackageSource>
+</configuration>

scripts/dependencies.txt

@@ -0,0 +1,5 @@
+7z.exe,1CNp7hK2e6sOg1rdB8f0iEr6CWAPAj1JD
+nuget.exe,1GdqLDyLiavrJ7A8IYSbGDJmRQQA-ld6n
+signtool.exe,1R2Ozruv6b67wVzHd6pzuS7snkJuUqB3N
+sn.exe,1kN-pj2D_PnbRqWuXgBbC6fy7k39Zpo94
+SnInstallPfx.exe,1QznnBIj4cKDLDSdYTQEAuC6SDzaqoXnP

scripts/setup.bat

@@ -13,9 +13,8 @@
 SET NetVersions=Current 6.0 5.0 3.1
 SET InstallPath=C:\dotnet
 
-:: Dependencies for these scripts
-SET DepFiles=SnInstallPfx.exe nuget.exe 7z.exe
-SET FileHost=https://files.nateharr.is/netdeps/
+:: Dependency file
+SET DependencyFile=scripts\dependencies.txt
 
 :: Install each .NET version
 @ECHO Installing .NET SDKs ...
@@ -29,9 +28,9 @@ ENDLOCAL
 :: Download dependencies to the same directory as 'dotnet'
 @ECHO Downloading third-party tools ...
 SETLOCAL
-    for %%x IN (%DepFiles%) DO (
+    for /f "tokens=1-2 delims=," %%x in (%DependencyFile%) DO (
         @ECHO Downloading %%x ...
-        powershell -NoProfile -ExecutionPolicy unrestricted -Command "Invoke-WebRequest -Uri '%FileHost%%%x' -OutFile '%InstallPath%\%%x'"
+        powershell -NoProfile -ExecutionPolicy unrestricted -Command "Invoke-WebRequest -Uri 'https://drive.google.com/uc?export=download&id=%%y' -OutFile '%InstallPath%\%%x'"
     )
 ENDLOCAL
 

scripts/sign_dlls.bat

@@ -15,7 +15,8 @@ SET containerName=%3
 @ECHO Signing DLLs with certificate...
 FOR /R "lib" %%F IN (*.dll) DO (
     REM We need to run the DLLs through both sn.exe and signtool to get complete the signing process
-    sn -Rca "%%F" %containerName% || GOTO :commandFailed
+    REM sn erroneously triggers command failed if we put a fallback on this
+    sn -Rca "%%F" %containerName%
     signtool sign /f %certFile% /p %certPass% /v /tr http://timestamp.digicert.com?alg=sha256 /td SHA256 /fd SHA256 "%%F" || GOTO :commandFailed
 )