394 строки
12 KiB
YAML
394 строки
12 KiB
YAML
trigger: none
|
|
|
|
parameters:
|
|
- name: buildAgentPoolVar
|
|
displayName: 'Build agent pool'
|
|
type: string
|
|
default: 'BuildAgentPool'
|
|
- name: windowsBuildAgentVmImageVar
|
|
displayName: 'Windows build agent image'
|
|
type: string
|
|
default: 'WindowsBuildAgentImage'
|
|
- name: linuxBuildAgentVmImageVar
|
|
displayName: 'Linux build agent image'
|
|
type: string
|
|
default: 'LinuxBuildAgentImage'
|
|
- name: linuxTestImage
|
|
displayName: 'Linux test agent image'
|
|
type: string
|
|
default: 'ubuntu-latest'
|
|
values:
|
|
- 'ubuntu-18.04'
|
|
- 'ubuntu-20.04'
|
|
- 'ubuntu-latest'
|
|
- name: windowsTestImage
|
|
displayName: 'Windows test agent image'
|
|
type: string
|
|
default: 'windows-latest'
|
|
values:
|
|
- 'windows-2019'
|
|
- 'windows-2022'
|
|
- 'windows-latest'
|
|
- name: macBuildImage
|
|
displayName: 'MacOS test agent image'
|
|
type: string
|
|
default: 'macOS-latest'
|
|
values:
|
|
- 'macOS-10.15'
|
|
- 'macOS-11'
|
|
- 'macOS-latest'
|
|
- name: build_win
|
|
displayName: 'Build a Windows release'
|
|
type: boolean
|
|
default: true
|
|
- name: build_mac
|
|
displayName: 'Build a MacOS Release'
|
|
type: boolean
|
|
default: false # Currently not building for Mac, so default is false
|
|
- name: build_linux
|
|
displayName: 'Build a Linux Release'
|
|
type: boolean
|
|
default: true
|
|
- name: release
|
|
displayName: 'Publish Release'
|
|
type: boolean
|
|
default: false
|
|
|
|
variables:
|
|
- name: winVmImage
|
|
value: $[variables.${{ parameters.windowsBuildAgentVmImageVar }}]
|
|
- name: linuxVmImage
|
|
value: $[variables.${{ parameters.linuxBuildAgentVmImageVar }}]
|
|
|
|
stages:
|
|
- stage: 'SDL'
|
|
displayName: 'SDL Stage'
|
|
jobs:
|
|
- job: SDL_checks
|
|
displayName: 'SDL checks'
|
|
pool:
|
|
vmImage: ${{ parameters.windowsTestImage }}
|
|
steps:
|
|
- template: 'common/sdl-checks.yml'
|
|
- stage: 'Test'
|
|
displayName: 'Build and Test'
|
|
dependsOn: [SDL]
|
|
pool:
|
|
vmImage: ${{ parameters.linuxTestImage }}
|
|
jobs:
|
|
- job: build_and_test
|
|
displayName: 'Build and Test Source'
|
|
steps:
|
|
- template: .\build-and-test-template.yml
|
|
- stage: 'Package'
|
|
displayName: 'Package for all platforms'
|
|
dependsOn: [SDL, Test]
|
|
jobs:
|
|
- job: packageWindows
|
|
displayName: "Package for Windows"
|
|
condition: ${{ parameters.build_win }}
|
|
pool:
|
|
name: $[variables.${{ parameters.buildAgentPoolVar }}]
|
|
vmImage: $(winVmImage)
|
|
demands:
|
|
- ImageOverride -equals $(winVmImage)
|
|
|
|
steps:
|
|
- template: '.\common\install-node.yml'
|
|
|
|
- template: '.\build-windows.yml'
|
|
|
|
- task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
|
|
displayName: 'Generate Software Manifest'
|
|
inputs:
|
|
BuildDropPath: '$(Build.SourcesDirectory)/dist/'
|
|
|
|
- task: CopyFiles@2
|
|
displayName: 'ArtifactIgnore'
|
|
inputs:
|
|
SourceFolder: '$(Build.SourcesDirectory)/'
|
|
Contents: '.artifactignore'
|
|
TargetFolder: '$(Build.SourcesDirectory)/dist/'
|
|
|
|
- publish: $(Build.SourcesDirectory)/dist/
|
|
displayName: 'Staging artifact for signing'
|
|
artifact: Windows
|
|
|
|
- job: packageMac
|
|
displayName: "Package for MacOS"
|
|
condition: ${{ parameters.build_mac }}
|
|
|
|
pool:
|
|
vmImage: ${{ parameters.macBuildImage }}
|
|
|
|
steps:
|
|
- template: '.\common\install-node.yml'
|
|
|
|
- template: '.\build-mac.yml'
|
|
|
|
- task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
|
|
displayName: 'Generate Software Manifest'
|
|
inputs:
|
|
BuildDropPath: '$(Build.SourcesDirectory)/dist/'
|
|
|
|
- task: CopyFiles@2
|
|
displayName: 'ArtifactIgnore'
|
|
inputs:
|
|
SourceFolder: '$(Build.SourcesDirectory)/'
|
|
Contents: '.artifactignore'
|
|
TargetFolder: '$(Build.SourcesDirectory)/dist/'
|
|
|
|
- publish: $(Build.SourcesDirectory)/dist/
|
|
displayName: 'Staging artifact for signing'
|
|
artifact: Mac
|
|
|
|
- job: packageLinux
|
|
displayName: "Package for Linux"
|
|
condition: ${{ parameters.build_linux }}
|
|
pool:
|
|
name: $[variables.${{ parameters.buildAgentPoolVar }}]
|
|
vmImage: $(linuxVmImage)
|
|
demands:
|
|
- ImageOverride -equals $(linuxVmImage)
|
|
steps:
|
|
- template: '.\common\install-node.yml'
|
|
|
|
- template: '.\build-linux.yml'
|
|
|
|
- task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
|
|
displayName: 'Generate Software Manifest'
|
|
inputs:
|
|
BuildDropPath: '$(Build.SourcesDirectory)/dist/'
|
|
|
|
- task: CopyFiles@2
|
|
displayName: 'ArtifactIgnore'
|
|
inputs:
|
|
SourceFolder: '$(Build.SourcesDirectory)/'
|
|
Contents: '.artifactignore'
|
|
TargetFolder: '$(Build.SourcesDirectory)/dist/'
|
|
|
|
- publish: $(Build.SourcesDirectory)/dist/
|
|
displayName: 'Staging artifact for signing'
|
|
artifact: Linux
|
|
- stage: 'CodeSign'
|
|
displayName: 'CodeSign Packages'
|
|
dependsOn: [SDL, Test, Package]
|
|
pool:
|
|
name: $[variables.${{ parameters.buildAgentPoolVar }}]
|
|
vmImage: $(linuxVmImage)
|
|
demands:
|
|
- ImageOverride -equals $(linuxVmImage)
|
|
jobs:
|
|
|
|
- job: signWindows
|
|
displayName: 'Windows'
|
|
condition: ${{ parameters.build_win }}
|
|
steps:
|
|
- download: current
|
|
artifact: Windows
|
|
|
|
- task: EsrpCodeSigning@2
|
|
displayName: 'Sign Windows MSI package'
|
|
inputs:
|
|
ConnectedServiceName: 'Azure IoT Explorer CodeSign'
|
|
FolderPath: '$(Pipeline.Workspace)'
|
|
Pattern: '*.msi'
|
|
signConfigType: 'inlineSignParams'
|
|
inlineOperation: |
|
|
[
|
|
{
|
|
"KeyCode": "CP-230012",
|
|
"OperationCode": "SigntoolSign",
|
|
"Parameters": {
|
|
"OpusName": "Microsoft",
|
|
"OpusInfo": "http://www.microsoft.com",
|
|
"FileDigest": "/fd \"SHA256\"",
|
|
"PageHash": "/NPH",
|
|
"TimeStamp": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
|
|
},
|
|
"ToolName": "sign",
|
|
"ToolVersion": "1.0"
|
|
},
|
|
{
|
|
"KeyCode": "CP-230012",
|
|
"OperationCode": "SigntoolVerify",
|
|
"Parameters": {
|
|
"VerifyAll": "/all"
|
|
},
|
|
"ToolName": "sign",
|
|
"ToolVersion": "1.0"
|
|
}
|
|
]
|
|
SessionTimeout: '60'
|
|
MaxConcurrency: '50'
|
|
MaxRetryAttempts: '5'
|
|
VerboseLogin: false
|
|
|
|
- task: CopyFiles@2
|
|
displayName: 'ArtifactIgnore'
|
|
inputs:
|
|
SourceFolder: $(Build.SourcesDirectory)/
|
|
Contents: '.artifactignore'
|
|
TargetFolder: $(Pipeline.Workspace)
|
|
|
|
- publish: $(Pipeline.Workspace)
|
|
displayName: 'Staging signed artifact for release'
|
|
artifact: Windows_Signed
|
|
|
|
- job: signMac
|
|
displayName: 'MacOS'
|
|
condition: ${{ parameters.build_mac }}
|
|
steps:
|
|
- download: current
|
|
artifact: Mac
|
|
|
|
- task: EsrpCodeSigning@2
|
|
displayName: 'Sign MacOS DMG'
|
|
inputs:
|
|
ConnectedServiceName: 'Azure IoT Explorer CodeSign'
|
|
FolderPath: '$(Pipeline.Workspace)'
|
|
Pattern: '*.dmg'
|
|
signConfigType: 'inlineSignParams'
|
|
inlineOperation: |
|
|
[
|
|
{
|
|
"KeyCode" : "CP-401337-Apple",
|
|
"OperationCode" : "MacAppDeveloperSign",
|
|
"Parameters" : {
|
|
"Hardening": "--options=runtime"
|
|
},
|
|
"ToolName" : "sign",
|
|
"ToolVersion" : "1.0"
|
|
}
|
|
]
|
|
SessionTimeout: '60'
|
|
MaxConcurrency: '50'
|
|
MaxRetryAttempts: '5'
|
|
VerboseLogin: false
|
|
|
|
- task: EsrpCodeSigning@2
|
|
displayName: 'Sign MacOS DMG - Notarized'
|
|
inputs:
|
|
ConnectedServiceName: 'Azure IoT Explorer CodeSign'
|
|
FolderPath: '$(Pipeline.Workspace)'
|
|
Pattern: '*.dmg'
|
|
signConfigType: 'inlineSignParams'
|
|
inlineOperation: |
|
|
[
|
|
{
|
|
"KeyCode" : "CP-401337-Apple",
|
|
"OperationCode" : "MacAppNotarize",
|
|
"Parameters" : {"BundleId":"com.microsoft.azure.iot.pnp.ui"},
|
|
"ToolName" : "sign",
|
|
"ToolVersion" : "1.0"
|
|
}
|
|
]
|
|
SessionTimeout: '60'
|
|
MaxConcurrency: '50'
|
|
MaxRetryAttempts: '5'
|
|
VerboseLogin: false
|
|
|
|
- task: CopyFiles@2
|
|
displayName: 'ArtifactIgnore'
|
|
condition: succeededOrFailed()
|
|
inputs:
|
|
SourceFolder: $(Build.SourcesDirectory)/
|
|
Contents: '.artifactignore'
|
|
TargetFolder: $(Pipeline.Workspace)
|
|
|
|
- publish: $(Pipeline.Workspace)
|
|
displayName: 'Staging signed artifact for release'
|
|
artifact: Mac_Signed
|
|
|
|
- job: signLinux
|
|
displayName: 'Linux'
|
|
condition: ${{ parameters.build_linux }}
|
|
steps:
|
|
- download: current
|
|
artifact: Linux
|
|
|
|
- task: EsrpCodeSigning@2
|
|
displayName: 'Sign Linux DEB package'
|
|
inputs:
|
|
ConnectedServiceName: 'Azure IoT Explorer CodeSign'
|
|
FolderPath: '$(Pipeline.Workspace)'
|
|
Pattern: '*.deb'
|
|
signConfigType: 'inlineSignParams'
|
|
inlineOperation: |
|
|
[
|
|
{
|
|
"KeyCode" : "CP-450778-Pgp",
|
|
"OperationCode" : "LinuxSign",
|
|
"Parameters" : {},
|
|
"ToolName" : "sign",
|
|
"ToolVersion" : "1.0"
|
|
}
|
|
]
|
|
SessionTimeout: '60'
|
|
MaxConcurrency: '50'
|
|
MaxRetryAttempts: '5'
|
|
VerboseLogin: false
|
|
|
|
- task: CopyFiles@2
|
|
displayName: 'ArtifactIgnore'
|
|
inputs:
|
|
SourceFolder: $(Build.SourcesDirectory)/
|
|
Contents: '.artifactignore'
|
|
TargetFolder: $(Pipeline.Workspace)
|
|
|
|
- publish: $(Pipeline.Workspace)
|
|
displayName: 'Staging signed artifact for release'
|
|
artifact: Linux_Signed
|
|
|
|
- stage: 'Release'
|
|
displayName: 'Publish Release'
|
|
condition: ${{ parameters.release }}
|
|
dependsOn: [SDL, Test, Package, CodeSign]
|
|
pool:
|
|
name: $[variables.${{ parameters.buildAgentPoolVar }}]
|
|
vmImage: $(linuxVmImage)
|
|
demands:
|
|
- ImageOverride -equals $(linuxVmImage)
|
|
jobs:
|
|
- deployment: 'StageRelease'
|
|
displayName: 'Stage GitHub Release'
|
|
environment: 'production'
|
|
|
|
- job: publishRelease
|
|
displayName: 'Publish artifacts and draft GitHub Release'
|
|
steps:
|
|
- download: current
|
|
artifact: Windows_Signed
|
|
|
|
- download: current
|
|
artifact: Mac_Signed
|
|
|
|
- download: current
|
|
artifact: Linux_Signed
|
|
|
|
- task: CopyFiles@2
|
|
displayName: 'Flatten files for release'
|
|
inputs:
|
|
SourceFolder: $(Pipeline.Workspace)
|
|
Contents: |
|
|
**/*.deb
|
|
**/*.msi
|
|
# **/*.dmg - removed mac artifact until we fix a codesign / packaging issue
|
|
flattenFolders: true
|
|
TargetFolder: $(Pipeline.Workspace)/release
|
|
|
|
- task: GitHubRelease@1
|
|
displayName: 'Draft Github release (if tagged)'
|
|
inputs:
|
|
gitHubConnection: 'Azure IoT Explorer Github Service Connection'
|
|
repositoryName: '$(Build.Repository.Name)'
|
|
action: 'create'
|
|
target: '$(Build.SourceVersion)'
|
|
tagSource: 'gitTag'
|
|
isDraft: true
|
|
addChangeLog: true
|
|
assetUploadMode: replace
|
|
changeLogCompareToRelease: 'lastFullRelease'
|
|
changeLogType: 'commitBased'
|
|
assets: '$(Pipeline.Workspace)/release/*.*'
|