Commit Graph

14 Commits

Author SHA1 Message Date
Billy O'Neal
01f6021959
Patch Tuesday for May 2024 (Again) (#38891)
* Update AzCopy, PowerShell Core, and VS.
2024-05-24 22:22:47 -07:00
Billy O'Neal
77daaf0982
Revert "Patch Tuesday for May 2024" (#38890)
Reverts microsoft/vcpkg#38802
2024-05-23 00:03:14 -07:00
Billy O'Neal
6bc37f3520
Patch Tuesday for May 2024 (#38802) 2024-05-22 23:43:51 -07:00
Billy O'Neal
90a5b03c9f
Patch Tuesday for April 2024 (#38166)
Changes this month:

* Adopt
[delegated-sas](https://learn.microsoft.com/en-us/rest/api/storageservices/create-user-delegation-sas)
tokens to allow us to shut off the storage account keys, thanks to
@ryanerdmann for the help
* Visual Studio 2022 17.8.9, hopefully resolves CVE-2024-26190,
CVE-2024-21392 . (These don't matter to us but they cause the
Microsoft-internal tool 'Service 360' to yell at us)
* https://github.com/microsoft/vcpkg/pull/37902
* https://github.com/microsoft/vcpkg/pull/37903

---------

Co-authored-by: Kai Pastor <dg0yt@darc.de>
2024-04-25 18:25:03 -07:00
Billy O'Neal
9cbab417e4
Patch Tuesday March 2024 (#37466)
This contains high priority active security things to adopt trusted
launch, and managed identity rather than SAS tokens when minting the
images, and 1ES Hosted Pools.

Some instructions are rough around the edges because I'm not sure
everything is repeatable yet while this is all in flux...
2024-03-18 13:26:24 -07:00
Billy O'Neal
90542a476c
Change Android docker hosts to CBL-Mariner (#37130)
CBL-Mariner ( https://github.com/micro…soft/azurelinux )

This resolves a Service360 alert caused by Ubuntu refusing to make a
security patch publicly available for Ubuntu 22.04 LTS, see
https://ubuntu.com/security/notices/USN-6472-1 .

It seems likely that we will need to reconsider Ubuntu being our
'default' test environment following this type of behavior, since it's
likely vcpkg customers will be similarly affected.
2024-03-05 12:35:00 -08:00
Billy O'Neal
ba1465e584
Patch Tuesday for February 2024 (#36757)
* Cherry-pick infrastructure changes from
https://github.com/microsoft/vcpkg/pull/36081 as authored by @dg0yt
* Suppress warnings for the monthly docker mint as suggested by Toddy
Mladenov ( MS internal conversation
https://teams.microsoft.com/l/message/19:f498f444e97f40b2a2027d015a9047ab@thread.tacv2/1707520630587?tenantId=72f988bf-86f1-41af-91ab-2d7cd011db47&groupId=2080ccbe-0cfb-49e6-a9c1-ea6a6bf82722&parentMessageId=1707520630587&teamName=Containers%20Secure%20Supply%20Chain&channelName=3P%20Registry%20and%20Images%20Guidance&createdTime=1707520630587
)
* Move Azure Container Registry for Android to WestUS3; with this we are
officially entirely within one Azure region again :D
* Explicitly grant Azure DevOps permissions to touch the scale set
rather than relying on subscription-level assignments.
2024-02-21 16:30:42 -08:00
Billy O'Neal
7ba0ba7334
Change Azure SKU to Standard_D32ads_v5 and move to West US 3 (#36666) 2024-02-12 15:07:57 -08:00
Billy O'Neal
91b17dd72a
Patch Tuesday for January 2023 (#36143) 2024-01-16 19:51:14 -08:00
Billy O'Neal
24d884e1b8
Update Android base image to 2023-12-05. (#35526)
Also tells Docker to invalidate caches so that our apt-get update attempt actually does something.
2023-12-06 12:17:01 -08:00
Billy O'Neal
b5d4a46b9a
Patch Tuesday September 2023 + arm-uwp=>arm64-uwp (#33759)
Co-authored-by: Leander Schulten <Leander.Schulten@rwth-aachen.de>
2023-09-15 15:01:12 -07:00
Billy O'Neal
5fa92f467e
Patch Tuesday August 2023. (#33088)
* Update PowerShell to 7.3.6

* Add asan install as requested by @Neumann-A

* Use 1ES for Android docker hosts.

* Update pools.

* Update patch tuesday checklist to reflect 1ES.

* [openslide] Fix missing header.

* [libxt] Add missing header.
2023-08-14 13:58:43 -07:00
Billy O'Neal
7f52deab66
Update VMs for Patch Tuesday May 2023 (#31358)
* Update PowerShell Core to not vulnerable versions.

* Fix Android create-image relative paths.

* Update pools and add docs.

* Get android create-vmss to setup managed identity.
2023-05-14 01:54:42 -07:00
dan-shaw
5787cfa699
[vcpkg] Android CI support (#29406)
* initial

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix
2023-04-24 21:22:59 -07:00