From be6bb007e5c74430ce7e70bb618825070d163ca1 Mon Sep 17 00:00:00 2001 From: Omair Majid Date: Wed, 22 Mar 2023 16:24:39 -0400 Subject: [PATCH] Disable Full Signing in source-build Full Signing requires RSA+SHA1 which is disabled in some environments (eg, RHEL 9, CentOS Stream 9). Default to turning it off. Expose a top-level property to allow Full Signing to be re-enabled by users. The actual implementation of that flag was in #12749 (commit 3840d434323ccbfc085809e730a3093356450832). Once a version of arcade including this fix is used to build the individual repos (in source-build mode) or the VMR, everything should default to public signing. For more context around RSA+SHA1 and the alternative (using public signing), see: - https://github.com/dotnet/runtime/issues/65874 - https://github.com/dotnet/source-build/issues/3202 - https://github.com/dotnet/arcade/issues/12515 - https://github.com/dotnet/installer/pull/15873 --- .../tools/SourceBuild/SourceBuildArcadeBuild.targets | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/Microsoft.DotNet.Arcade.Sdk/tools/SourceBuild/SourceBuildArcadeBuild.targets b/src/Microsoft.DotNet.Arcade.Sdk/tools/SourceBuild/SourceBuildArcadeBuild.targets index 3933e436b87..6159ac4d26c 100644 --- a/src/Microsoft.DotNet.Arcade.Sdk/tools/SourceBuild/SourceBuildArcadeBuild.targets +++ b/src/Microsoft.DotNet.Arcade.Sdk/tools/SourceBuild/SourceBuildArcadeBuild.targets @@ -13,6 +13,8 @@ $(CurrentRepoSourceBuildSourceDir) true + + false $(InnerBuildArgs) /p:DotNetBuildOffline=true $(InnerBuildArgs) /p:DotNetPackageVersionPropsPath=$(DotNetPackageVersionPropsPath) + + $(InnerBuildArgs) /p:FullAssemblySigningSupported=$(FullAssemblySigningSupported)