SonarSource · zsolt-kolbay-sonarsource · Jun 21, 2024 · Jun 10, 2024 · Jun 13, 2024 · Jun 13, 2024
diff --git a/Tests/SonarScanner.MSBuild.PreProcessor.Test/TargetsInstallerTests.cs b/Tests/SonarScanner.MSBuild.PreProcessor.Test/TargetsInstallerTests.cs
@@ -88,7 +88,11 @@ public void InstallTargetsFile_Overwrite()
         var msBuildPathSettings = new MsBuildPathSettings();
 
         InstallTargetsFileAndAssert(sourceTargetsContent1, expectCopy: true);
-        msBuildPathSettings.GetImportBeforePaths().Should().HaveCount(7, "Expecting six destination directories");
+        // If the current user account is LocalSystem, then the local application data folder is inside %windir%\system32.
+        // When a 32-bit process tries to use this folder on a 64-bit machine, it is redirected to %windir%\SysWOW64.
+        // In that case the scanner needs to deploy ImportBefore.targets to both locations, doubling the number of destination directories (14 instead of 7).
+        var hasCorrectCount = msBuildPathSettings.GetImportBeforePaths().Count() is 7 or 14;
+        hasCorrectCount.Should().BeTrue("Expecting 7 destination directories (or 14 if the local application data folder is located in %windir%)");
 
         var path = Path.Combine(msBuildPathSettings.GetImportBeforePaths().First(), FileConstants.ImportBeforeTargetsName);
         File.Delete(path);

diff --git a/azure-pipelines.yml b/azure-pipelines.yml
@@ -15,8 +15,7 @@ trigger:
   - master
   - branch-*
 
-pool:
-  vmImage: 'windows-latest'
+pool: .net-bubble-aws-re-team-prod
 
 variables:
   - group: sonarsource-build-variables
@@ -45,6 +44,8 @@ variables:
     value: "Any CPU"
   - name: SOLUTION
     value: "SonarScanner.MSBuild.sln"
+  - name: NUGET_VERSION
+    value: "6.10.0"
 
 resources:
   repositories:
@@ -67,8 +68,12 @@ stages:
           commonMavenArguments: -B -Pdeploy-sonarsource -Dmaven.test.skip=true
         steps:
           - checkout: self
+
           - task: NuGetToolInstaller@1
             displayName: "Install NuGet"
+            inputs:
+              versionSpec: $(NUGET_VERSION)
+
           - task: Cache@2
             displayName: Cache Maven local repo
             inputs:
@@ -152,14 +157,23 @@ stages:
               includeNuGetOrg: true
               arguments: 'install --global CycloneDX'
 
-          - task: DotNetCoreCLI@2
+          - powershell: |
+              # It's not possible to use the tool using only its name (dotnet CycloneDX [args]), because of this message in the pipeline:
+              # "Since you just installed the .NET Core SDK, you will need to reopen the Command Prompt window before running the tool you installed."
+              # Instead, we need to find the installed tool and execute it directly using its absolute path.
+
+              # Find the latest tool version with the latest .NET runtime version
+              $toolVersionRegex = "^\d+(\.\d+)+$"
+              $netVersionRegex = "^net\d+(\.\d+)*$"
+
+              $latestToolVersionPath = Get-ChildItem -Path "$env:userprofile\.dotnet\tools\.store\cyclonedx" -Directory | Where-Object { $_.Name -match $toolVersionRegex } | Sort-Object Name -Descending | Select-Object -First 1
+              $netVersionsDirectory = [IO.Path]::Combine($latestToolVersionPath.FullName, "cyclonedx", $latestToolVersionPath.Name, "tools")
+              $latestNetVersionPath = Get-ChildItem -Path $netVersionsDirectory -Directory | Where-Object { $_.Name -match $netVersionRegex } | Sort-Object Name -Descending | Select-Object -First 1
+              $toolFullPath = Join-Path $latestNetVersionPath.FullName "any\CycloneDX.dll"
+
+              # Execute CycloneDX tool to generate the SBOM
+              dotnet $toolFullPath "$(SOLUTION)" -t -j -o build
             displayName: Dotnet generate SBOM
-            # https://sonarsource.atlassian.net/browse/BUILD-1303
-            inputs:
-              command: custom
-              custom: CycloneDX
-              projects: '$(SOLUTION)'
-              arguments: '-t -j -o build'
 
           - task: DotNetCoreCLI@2
             env:
@@ -199,15 +213,11 @@ stages:
                 $signAssemblies = [System.Convert]::ToBoolean("$(IS_RELEASE_BRANCH)") # the variable is a string, we need a boolean
                 Package-NetFrameworkScanner -SignAssemblies $signAssemblies
                 Package-NetScanner -SignAssemblies $signAssemblies
-              pwsh: true
 
-          - task: NuGetCommand@2
+          - powershell: |
+                nuget help | Select-String "NuGet Version"
+                nuget pack 'nuspec\netcoreglobaltool\dotnet-sonarscanner.nuspec' -NonInteractive -OutputDirectory build -Verbosity Detailed
             displayName: 'Package dotnet global tool'
-            inputs:
-              command: 'pack'
-              packagesToPack: 'nuspec\netcoreglobaltool\dotnet-sonarscanner.nuspec'
-              packDestination: 'build'
-              versioningScheme: 'off'
 
           - powershell: |
               nuget sign "$env:PACKAGES_PATH" -Overwrite -HashAlgorithm SHA256 -CertificateFingerprint $(SM_CERT_FP) -Timestamper http://timestamp.digicert.com -TimestampHashAlgorithm SHA256
@@ -427,7 +437,6 @@ stages:
           WINDOWSSDKTARGET: '10.0.17763.0'
           MAVEN_CACHE_FOLDER: $(Pipeline.Workspace)/.m2/repository
           MAVEN_OPTS: '-Xmx3072m -Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
-        pool: .net-bubble-aws-re-team-prod
         steps:
           - checkout: self
             fetchDepth: 1
@@ -452,7 +461,7 @@ stages:
 
           - task: NuGetToolInstaller@1
             inputs:
-              versionSpec: '5.8.0'
+              versionSpec: $(NUGET_VERSION)
 
           - powershell: |
               $projectVersion = Get-Content "$(Build.SourcesDirectory)\build\version.txt"