tye/azure-pipelines.yml

190 строки
6.8 KiB
YAML

#
# See https://docs.microsoft.com/azure/devops/pipelines/yaml-schema for details
#
variables:
- name: _TeamName
value: AspNetCore
- name: DOTNET_SKIP_FIRST_TIME_EXPERIENCE
value: true
- name: _PublishUsingPipelines
value: true
- name: _BuildConfig
value: Release
# used for post-build phases, internal builds only
- ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
- group: DotNet-AspNet-SDLValidation-Params
# CI and PR triggers
trigger:
batch: true
branches:
include:
- main
- release/*
pr:
autoCancel: false
branches:
include:
- '*'
stages:
- stage: build
displayName: Build
jobs:
- template: /eng/common/templates/jobs/jobs.yml
parameters:
enableMicrobuild: true
enablePublishBuildArtifacts: true
enablePublishTestResults: true
enablePublishBuildAssets: true
enablePublishUsingPipelines: ${{ variables._PublishUsingPipelines }}
enableTelemetry: true
jobs:
- job: Windows
pool:
${{ if eq(variables['System.TeamProject'], 'public') }}:
name: NetCorePublic-Pool
queue: BuildPool.Server.Amd64.VS2019.Open
${{ if ne(variables['System.TeamProject'], 'public') }}:
name: NetCoreInternal-Pool
queue: BuildPool.Server.Amd64.VS2019
variables:
# Only enable publishing in official builds.
- ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
# Publish-Build-Assets provides: MaestroAccessToken, BotAccount-dotnet-maestro-bot-PAT
- group: Publish-Build-Assets
- name: _OfficialBuildArgs
value: /p:DotNetSignType=$(_SignType)
/p:TeamName=$(_TeamName)
/p:DotNetPublishUsingPipelines=$(_PublishUsingPipelines)
/p:OfficialBuildId=$(BUILD.BUILDNUMBER)
- name: _SignType
value: real
# else
- ${{ if or(eq(variables['System.TeamProject'], 'public'), in(variables['Build.Reason'], 'PullRequest')) }}:
- name: _OfficialBuildArgs
value: ''
- name: _SignType
value: test
steps:
- checkout: self
clean: true
- script: docker version
- script: docker images
- script: eng\common\cibuild.cmd -configuration $(_BuildConfig) -prepareMachine $(_OfficialBuildArgs)
displayName: Build and Publish
- task: PublishBuildArtifacts@1
displayName: Upload TestResults
condition: always()
continueOnError: true
inputs:
pathtoPublish: artifacts/TestResults/$(_BuildConfig)/
artifactName: $(Agent.Os)_$(Agent.JobName) TestResults
artifactType: Container
parallel: true
- task: PublishBuildArtifacts@1
displayName: Upload package artifacts
condition: and(succeeded(), eq(variables['system.pullrequest.isfork'], false), eq(variables['_BuildConfig'], 'Release'))
inputs:
pathtoPublish: artifacts/packages/
artifactName: artifacts
artifactType: Container
parallel: true
- job: Ubuntu_16_04
displayName: 'Ubuntu 16.04'
pool:
vmImage: ubuntu-16.04
variables:
- name: _SignType
value: none
- name: MSBUILDDISABLENODEREUSE
value: 1
- ${{ if and(eq(variables['System.TeamProject'], 'internal'), notin(variables['Build.Reason'], 'PullRequest')) }}:
- name: _OfficialBuildArgs
value: -p:OfficialBuildId=$(Build.BuildNumber)
# else
- ${{ if or(eq(variables['System.TeamProject'], 'public'), in(variables['Build.Reason'], 'PullRequest')) }}:
- name: _OfficialBuildArgs
value: ''
steps:
- checkout: self
clean: true
- script: eng/common/cibuild.sh
--configuration $(_BuildConfig)
--prepareMachine
displayName: Build
- task: PublishBuildArtifacts@1
displayName: Upload TestResults
condition: always()
continueOnError: true
inputs:
pathtoPublish: artifacts/TestResults/$(_BuildConfig)/
artifactName: $(Agent.Os)_$(Agent.JobName) TestResults
artifactType: Container
parallel: true
- job: OSX_10_14
displayName: 'OSX'
pool:
vmImage: macOS-10.14
variables:
- name: _SignType
value: none
- name: MSBUILDDISABLENODEREUSE
value: 1
- ${{ if and(eq(variables['System.TeamProject'], 'internal'), notin(variables['Build.Reason'], 'PullRequest')) }}:
- name: _OfficialBuildArgs
value: -p:OfficialBuildId=$(Build.BuildNumber)
# else
- ${{ if or(eq(variables['System.TeamProject'], 'public'), in(variables['Build.Reason'], 'PullRequest')) }}:
- name: _OfficialBuildArgs
value: ''
steps:
- checkout: self
clean: true
- script: eng/common/cibuild.sh
--configuration $(_BuildConfig)
--prepareMachine
displayName: Build
- task: PublishBuildArtifacts@1
displayName: Upload TestResults
condition: always()
continueOnError: true
inputs:
pathtoPublish: artifacts/TestResults/$(_BuildConfig)/
artifactName: $(Agent.Os)_$(Agent.JobName) TestResults
artifactType: Container
parallel: true
- ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
- template: eng\common\templates\post-build\post-build.yml
parameters:
publishingInfraVersion: 3
# Symbol validation isn't being very reliable lately. This should be enabled back
# once this issue is resolved: https://github.com/dotnet/arcade/issues/2871
enableSymbolValidation: false
# It's a private repo in github so this won't pass until we create an internal mirror
enableSourceLinkValidation: false
# This is to enable SDL runs part of Post-Build Validation Stage
SDLValidationParameters:
enable: true
continueOnError: false
params: ' -SourceToolsList @("policheck","credscan")
-TsaInstanceURL $(_TsaInstanceURL)
-TsaProjectName $(_TsaProjectName)
-TsaNotificationEmail $(_TsaNotificationEmail)
-TsaCodebaseAdmin $(_TsaCodebaseAdmin)
-TsaBugAreaPath $(_TsaBugAreaPath)
-TsaIterationPath $(_TsaIterationPath)
-TsaRepositoryName "Tye"
-TsaCodebaseName "Tye"
-TsaPublish $True
-PoliCheckAdditionalRunConfigParams @("UserExclusionPath < $(Build.SourcesDirectory)/eng/PoliCheckExclusions.xml")'