diff --git a/.github/workflows/github-actions.yml b/.github/workflows/github-actions.yml
index e5af3e7..06109c6 100644
--- a/.github/workflows/github-actions.yml
+++ b/.github/workflows/github-actions.yml
@@ -24,6 +24,10 @@ env:
SCL_NUGET_ORG_FEED_API_KEY: ${{ secrets.NUGET_ORG_FEED_API_KEY }}
SCL_GITHUB_NUGET_FEED_USERNAME: ${{ secrets.SCL_GITHUB_NUGET_FEED_USERNAME }}
+ SCL_DEPENDENCY_TRACKER_API_KEY: ${{ secrets.SCL_DEPENDENCY_TRACKER_API_KEY }}
+ SCL_DEPENDENCY_TRACKER_SERVER_URL: ${{ secrets.SCL_DEPENDENCY_TRACKER_SERVER_URL }}
+ SCL_DEPENDENCY_TRACKER_SIGNING_PRIVATE_KEY: ${{ secrets.SCL_DEPENDENCY_TRACKER_SIGNING_PRIVATE_KEY }}
+
DOTNET_TARGET_WORKLOAD_VERSION: "8.0.402" # dont upgrade this lightheartedly the workload snapshot implicitly defines which versions of Android/iOS/MacCatalyst SDKs are supported
@@ -70,16 +74,26 @@ jobs:
- name: '🏗 📦 Build, Pack & Announce New Release (if appropriate)'
shell: 'bash'
run: |
- cd "${{env.BUILD_REPOSITORY_FOLDERPATH}}/Laerdal.Scripts" \
- && \
- dotnet \
- msbuild \
- "Laerdal.Builder.targets" \
- \
- -p:PackageOutputPath="${{ env.BUILD_REPOSITORY_FOLDERPATH }}/Artifacts" \
- -p:Laerdal_Source_Branch="${{ env.LAERDAL_SOURCE_BRANCH }}" \
- -p:Laerdal_Repository_Path="${{ env.LAERDAL_REPOSITORY_PATH }}" \
- -p:Laerdal_Github_Access_Token="${{ env.SCL_GITHUB_ACCESS_TOKEN }}"
+ cd "${{env.BUILD_REPOSITORY_FOLDERPATH}}/Laerdal.Scripts" \
+ && \
+ echo "${{env.SCL_DEPENDENCY_TRACKER_API_KEY}}" > "./dependency_tracker_api_key.ppk" \
+ && \
+ echo "${{env.SCL_DEPENDENCY_TRACKER_SIGNING_PRIVATE_KEY}}" > "./dependency_tracker_private_signing_key.ppk" \
+ && \
+ dotnet \
+ msbuild \
+ "Laerdal.Builder.targets" \
+ -m:1 \
+ -p:PackageOutputPath="${{ env.BUILD_REPOSITORY_FOLDERPATH }}/Artifacts" \
+ -p:Laerdal_Source_Branch="${{ env.LAERDAL_SOURCE_BRANCH }}" \
+ -p:Laerdal_Repository_Path="${{ env.LAERDAL_REPOSITORY_PATH }}" \
+ -p:Laerdal_Github_Access_Token="${{ env.SCL_GITHUB_ACCESS_TOKEN }}" \
+ \
+ -p:Laerdal_Dependency_Tracker_Server_Url="${{ env.SCL_DEPENDENCY_TRACKER_SERVER_URL }}" \
+ -p:Laerdal_Dependency_Tracker_Api_Key_File_Path="${{ env.BUILD_REPOSITORY_FOLDERPATH }}/Laerdal.Scripts/dependency_tracker_api_key.ppk" \
+ -p:Laerdal_Dependency_Tracker_Private_Signing_Key_File_Path="${{ env.BUILD_REPOSITORY_FOLDERPATH }}/Laerdal.Scripts/dependency_tracker_private_signing_key.ppk" \
+ && \
+ rm "./dependency_tracker_private_signing_key.ppk" "./dependency_tracker_api_key.ppk"
- name: '⬆️ Upload Artifacts' # to share with other workflows https://stackoverflow.com/a/77663335/863651
uses: 'actions/upload-artifact@v4'
@@ -90,7 +104,7 @@ jobs:
- name: '🚀 Publish to the Laerdal Nuget Server on Github' # https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry
shell: 'bash'
- if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/ksidirop/MAN-335-ios-runtime-error-fix-about-you-should-not-call-this-method'
+ if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/develop'
run: |
cd "${{env.BUILD_REPOSITORY_FOLDERPATH}}/Artifacts/" \
&& \
diff --git a/Laerdal.Dfu.Bindings.iOS.sln b/Laerdal.Dfu.Bindings.iOS.sln
index 74fab34..d9391af 100644
--- a/Laerdal.Dfu.Bindings.iOS.sln
+++ b/Laerdal.Dfu.Bindings.iOS.sln
@@ -12,9 +12,9 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "_Misc", "_Misc", "{DB8D9BFF
.github\workflows\github-actions.yml = .github\workflows\github-actions.yml
Laerdal.Scripts\Laerdal.SetupBuildEnvironment.sh = Laerdal.Scripts\Laerdal.SetupBuildEnvironment.sh
Laerdal.Scripts\Laerdal.CreateNewReleaseInGithub.sh = Laerdal.Scripts\Laerdal.CreateNewReleaseInGithub.sh
- Laerdal.Scripts\Laerdal.Changelog.sh = Laerdal.Scripts\Laerdal.Changelog.sh
Laerdal.Scripts\Laerdal.Builder.targets = Laerdal.Scripts\Laerdal.Builder.targets
.gitignore = .gitignore
+ Laerdal.Scripts\Laerdal.GenerateSignAndUploadSbom.sh = Laerdal.Scripts\Laerdal.GenerateSignAndUploadSbom.sh
EndProjectSection
EndProject
Global
diff --git a/Laerdal.Dfu.Bindings.iOS/Laerdal.Dfu.Bindings.iOS.csproj b/Laerdal.Dfu.Bindings.iOS/Laerdal.Dfu.Bindings.iOS.csproj
index acaf01a..08c7971 100644
--- a/Laerdal.Dfu.Bindings.iOS/Laerdal.Dfu.Bindings.iOS.csproj
+++ b/Laerdal.Dfu.Bindings.iOS/Laerdal.Dfu.Bindings.iOS.csproj
@@ -9,10 +9,15 @@
- net8.0-ios
true
+
+ $(TargetFrameworks)net8.0-ios;
+ $(TargetFrameworks)net8.0-maccatalyst
true
+
+ true
+ true
@@ -41,10 +46,16 @@
-
- 17.0
- 14.2
- 14.2
+
+
+
+
+
+ 17.0
+ 11.0
+
+ 17.0
+ 13.1
diff --git a/Laerdal.Scripts/Laerdal.Builder.targets b/Laerdal.Scripts/Laerdal.Builder.targets
index e3c2859..fce5e7a 100644
--- a/Laerdal.Scripts/Laerdal.Builder.targets
+++ b/Laerdal.Scripts/Laerdal.Builder.targets
@@ -15,6 +15,7 @@
+
@@ -31,6 +32,17 @@
$(MSBuildThisFileDirectory)
+ $(BUILD_SOURCEBRANCH)
+ $(BUILD_REPOSITORY_NAME)
+ https://dep-tracker.laerdal.com/api/api/v1/bom
+
+
+
+
+ true
+ true
+ true
+
4.15.3
$(BUILD_BUILDID)
@@ -38,6 +50,9 @@
$([MSBuild]::Add(43857, $(CI_PIPELINE_IID)))
0
+ True
+ True
+
$(Nordic_Package_Version).$(Laerdal_Revision)
@@ -90,4 +105,45 @@
WorkingDirectory="$(MSBuildThisFileDirectory)/.."/>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <_Laerdal_Project_Name>$([System.IO.Path]::GetFileName('$(Laerdal_Project)').Replace('.csproj', ''))
+
+ <_Laerdal_Sbom_Script_Parameters>$(_Laerdal_Sbom_Script_Parameters) --project-version "$(Laerdal_Version_Assembly)"
+ <_Laerdal_Sbom_Script_Parameters>$(_Laerdal_Sbom_Script_Parameters) --output-directory-path "$(PackageOutputPath)"
+ <_Laerdal_Sbom_Script_Parameters>$(_Laerdal_Sbom_Script_Parameters) --sbom-signing-key-file-path "$(Laerdal_Dependency_Tracker_Private_Signing_Key_File_Path)"
+
+ <_Laerdal_Sbom_Script_Parameters>$(_Laerdal_Sbom_Script_Parameters) --dependency-tracker-url "$(Laerdal_Dependency_Tracker_Server_Url)"
+ <_Laerdal_Sbom_Script_Parameters>$(_Laerdal_Sbom_Script_Parameters) --dependency-tracker-api-key-file-path "$(Laerdal_Dependency_Tracker_Api_Key_File_Path)"
+
+ <_Laerdal_Sbom_Script_Parameters>$(_Laerdal_Sbom_Script_Parameters) --csproj-classifier "Library"
+ <_Laerdal_Sbom_Script_Parameters>$(_Laerdal_Sbom_Script_Parameters) --csproj-file-path "$(Laerdal_Project)"
+
+ <_Laerdal_Sbom_Script_Parameters>$(_Laerdal_Sbom_Script_Parameters) --project-name "$(_Laerdal_Project_Name)"
+ <_Laerdal_Sbom_Script_Parameters>$(_Laerdal_Sbom_Script_Parameters) --output-sbom-file-name "sbom.laerdal.dfu.xml"
+
+ <_Laerdal_Sbom_Script_Parameters>$(_Laerdal_Sbom_Script_Parameters) --parent-project-name "[Group(Legacy)::Laerdal.Dfu]"
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/Laerdal.Scripts/Laerdal.Changelog.sh b/Laerdal.Scripts/Laerdal.Changelog.sh
deleted file mode 100644
index 49e40ae..0000000
--- a/Laerdal.Scripts/Laerdal.Changelog.sh
+++ /dev/null
@@ -1,102 +0,0 @@
-#!/bin/bash
-
-usage(){
- echo "usage: ./Laerdal.Changelog.sh [-nv | --new-version X.Y.Z] [-o | --output version.txt] [-h | --help]"
- echo "parameters:"
- echo " -nv | --new-version [version] New major.minor.patch version (default is 0.0.0)"
- echo " -o | --output [filename] Name of the output file"
- echo " -h | --help Prints this message"
- echo " -v | --verbose Verbose mode"
-}
-
-function log () {
- if [[ $verbose -eq 1 ]]; then
- echo "$@"
- fi
-}
-
-filename="CHANGELOG.md"
-
-while [ "$1" != "" ]; do
- case $1 in
- -nv | --new-version ) shift
- newversion="$1"
- ;;
- -o | --output ) shift
- filename="$1"
- ;;
- -h | --help ) usage
- exit
- ;;
- -v | --verbose ) verbose=1
- ;;
- * ) echo
- echo "### Wrong parameter: $1 ###"
- echo
- usage
- exit 1
- esac
- shift
-done
-
-
-if [ ! -z "$newversion" ]; then
- if [[ "$newversion" =~ .*"-".* ]]; then
- log "New version contains a dash, skipping changelog generation"
- else
- currenthash=$(git show --format=%h --no-patch)
- echo "$currenthash $newversion" > tags.txt
- log "New version: $newversion"
- fi
-else
- echo "" > tags.txt
-fi
-
-# Get all tags on develop and Filter out tags that are not in the format "HASH 1.2.3"
-git tag --format='%(objectname:short) %(refname:short)' --sort=-version:refname --merged | grep -o '[a-z0-9]* [a-z0-9]*[.][a-z0-9]*[.][a-z0-9]*$' >> tags.txt
-
-# Create changelog file
-echo "# CHANGELOG" > "$filename"
-echo "" >> "$filename"
-log "Created changelog file: $filename"
-
-
-# Loop through all tags and create changelog
-lastline=''
-while read line; do
- if [ -z "$lastline" ]; then
- lastline=$line
- else
- # Split the line into hash and version
- lasthash=`echo $lastline | cut -d' ' -f1`
- lastversion=`echo $lastline | cut -d' ' -f2`
- hash=`echo $line | cut -d' ' -f1`
-
- echo "## **$lastversion**" >> "$filename"
- log "Added version: $lastversion"
- # Get the commit message and author of the tag
- git log -n 1 --pretty=tformat:"%b" $lasthash >> "$filename"
-
- echo "" >> "$filename"
-
- # Get all commits between the current tag and the previous tag
- git log $hash..$lasthash --pretty=format:"- %s [%cn]" --no-merges >> "$filename"
-
- echo "" >> "$filename"
- echo "" >> "$filename"
-
- # Get the commit message and author of the tag
- git log -n 1 --pretty=tformat:"> by _%cn_ on _%cd_" --date=format:'%Y-%m-%d %H:%M:%S' $lasthash >> "$filename"
-
- echo "" >> "$filename"
- echo "---" >> "$filename"
- echo "" >> "$filename"
- lastline=$line
- fi
-done < tags.txt
-
-rm -r -f tags.txt
-
-log "Done"
-
-exit 0
\ No newline at end of file
diff --git a/Laerdal.Scripts/Laerdal.CreateNewReleaseInGithub.sh b/Laerdal.Scripts/Laerdal.CreateNewReleaseInGithub.sh
index cf1ce63..ffd8950 100644
--- a/Laerdal.Scripts/Laerdal.CreateNewReleaseInGithub.sh
+++ b/Laerdal.Scripts/Laerdal.CreateNewReleaseInGithub.sh
@@ -9,42 +9,41 @@ declare GITHUB_REPOSITORY_PATH=""
function parse_arguments() {
while [[ $# -gt 0 ]]; do
- case $1 in
-
- -v | --log)
- VERBOSE=1
- shift
- ;;
-
- -r | --repository-path)
- GITHUB_REPOSITORY_PATH="$2"
- shift
- ;;
-
- -t | --tag-version)
- TAG_VERSION="$2"
- shift
- ;;
-
- -b | --git-branch)
- GIT_BRANCH="$2"
+ case $1 in
+ -v | --log)
+ VERBOSE=1
+ # shift dont shift no need for this one
+ ;;
+
+ -r | --repository-path)
+ GITHUB_REPOSITORY_PATH="$2"
+ shift
+ ;;
+
+ -t | --tag-version)
+ TAG_VERSION="$2"
+ shift
+ ;;
+
+ -b | --git-branch)
+ GIT_BRANCH="$2"
+ shift
+ ;;
+
+ -a | --access-token)
+ GITHUB_ACCESS_TOKEN="$2"
+ shift
+ ;;
+
+ *)
+ echo "Unknown option: $1"
+ usage
+ exit 1
+ ;;
+ esac
+
shift
- ;;
-
- -a | --access-token)
- GITHUB_ACCESS_TOKEN="$2"
- shift
- ;;
-
- *)
- echo "Unknown option: $1"
- usage
- exit 1
- ;;
-
- esac
- shift
- done
+ done
if [[ -z $GIT_BRANCH ]]; then
echo "Missing git-branch."
@@ -100,57 +99,26 @@ function create_release_on_github() {
eventual_singleline_summary="Alpha $eventual_tag_name"
fi
- local -r payload=$(
- cat < --project-version [--parent-project-name --parent-project-version ] --csproj-file-path --csproj-file-path --output-directory-path --output-sbom-file-name --sbom-signing-key-file-path --dependency-tracker-url --dependency-tracker-api-key-file-path "
+}
+
+function install_tools() {
+
+ echo
+ echo "** Installing CycloneDX as a dotnet tool:"
+ dotnet tool \
+ install \
+ --global CycloneDX
+ declare exitCode=$?
+ if [ $exitCode != 0 ]; then
+ echo "##vso[task.logissue type=error]Something went wrong with the CycloneDX tool for dotnet."
+ exit 10
+ fi
+
+ echo
+ echo "** CycloneDX:"
+ which dotnet-CycloneDX && dotnet-CycloneDX --version
+ declare exitCode=$?
+ if [ $exitCode != 0 ]; then
+ echo "##vso[task.logissue type=error]Something's wrong with 'dotnet-CycloneDX'."
+ exit 12
+ fi
+
+ # we need to install the CycloneDX tool too in order to sign the artifacts
+ curl --output cyclonedx --url https://github.com/CycloneDX/cyclonedx-cli/releases/download/v0.26.0/cyclonedx-win-x64.exe \
+ && chmod +x cyclonedx
+ declare exitCode=$?
+ if [ $exitCode != 0 ]; then
+ echo "##vso[task.logissue type=error]Failed to install 'cyclonedx'."
+ exit 13
+ fi
+
+}
+
+function generate_sign_and_upload_sbom() {
+ # set -x
+
+ # GENERATE SBOM we intentionally disable package restore because the packages are already restored at this point
+ dotnet-CycloneDX "${csproj_file_path}" \
+ --exclude-dev \
+ --disable-package-restore \
+ --include-project-references \
+ \
+ --output "${output_directory_path}" \
+ --set-type "${csproj_classifier}" \
+ --set-version "${project_version}" \
+ \
+ --filename "${output_sbom_file_name}"
+ declare exitCode=$?
+ if [ ${exitCode} != 0 ]; then
+ echo "##vso[task.logissue type=error]Failed to generate the SBOM!"
+ exit 20
+ fi
+
+
+
+ # SIGN SBOM todo figure out why this doesnt actually sign anything on windows even though on macos it works as intended
+ declare -r bom_file_path="${output_directory_path}/${output_sbom_file_name}"
+ ./cyclonedx sign bom \
+ "${bom_file_path}" \
+ --key-file "${sbom_signing_key_file_path}"
+ declare exitCode=$?
+ if [ ${exitCode} != 0 ]; then
+ echo "##vso[task.logissue type=error]Singing the SBOM failed!"
+ exit 30
+ fi
+ # echo -e "\n\n"
+ # tail "${bom_file_path}"
+ # echo -e "\n\n"
+
+
+
+ # UPLOAD SBOM
+ declare optional_parent_project_name_parameter=""
+ if [[ -n ${parent_project_name} ]]; then
+ optional_parent_project_name_parameter="--form parentName=${parent_project_name}"
+ fi
+
+ declare optional_parent_project_version_parameter=""
+ if [[ -n ${parent_project_version} ]]; then
+ optional_parent_project_version_parameter="--form parentVersion=${parent_project_version}"
+ fi
+
+ declare -r http_response_code=$( \
+ curl "${dependency_tracker_url}" \
+ --location \
+ --request "POST" \
+ \
+ --header "Content-Type: multipart/form-data" \
+ --header "X-API-Key: $(cat "${dependency_tracker_api_key_file_path}")" \
+ \
+ --form "bom=@${bom_file_path}" \
+ --form "autoCreate=true" \
+ \
+ --form "projectName=${project_name}" \
+ --form "projectVersion=${project_version}" \
+ \
+ ${optional_parent_project_name_parameter} \
+ ${optional_parent_project_version_parameter} \
+ \
+ -w "%{http_code}" \
+ )
+ declare exitCode=$?
+ set +x
+
+ echo "** Curl sbom-uploading HTTP Response Code: ${http_response_code}"
+
+ if [ ${exitCode} != 0 ]; then
+ echo "##vso[task.logissue type=error]SBOM Uploading failed!"
+ exit 40
+ fi
+}
+
+function main() {
+ parse_arguments "$@"
+ install_tools
+ generate_sign_and_upload_sbom
+}
+
+main "$@"
diff --git a/Laerdal.Scripts/Laerdal.SetupBuildEnvironment.sh b/Laerdal.Scripts/Laerdal.SetupBuildEnvironment.sh
index b0bf2a4..360e903 100755
--- a/Laerdal.Scripts/Laerdal.SetupBuildEnvironment.sh
+++ b/Laerdal.Scripts/Laerdal.SetupBuildEnvironment.sh
@@ -81,7 +81,11 @@ dotnet \
install \
maui \
ios \
- maui-ios --version "${DOTNET_TARGET_WORKLOAD_VERSION}"
+ android \
+ maccatalyst \
+ maui-ios \
+ maui-android \
+ maui-maccatalyst --version "${DOTNET_TARGET_WORKLOAD_VERSION}"
declare exitCode=$?
if [ $exitCode != 0 ]; then
echo "##vso[task.logissue type=error]Failed to restore dotnet workloads."