191 строка
5.0 KiB
YAML
191 строка
5.0 KiB
YAML
# Azure DevOps
|
|
# CI pipeline for PSRule.Rules.MSFT.OSS
|
|
|
|
variables:
|
|
version: '1.1.0'
|
|
buildConfiguration: 'Release'
|
|
disable.coverage.autogenerate: 'true'
|
|
imageName: 'ubuntu-20.04'
|
|
|
|
# Use build number format, i.e. 1.1.0-B2112001
|
|
name: $(version)-B$(date:yyMM)$(rev:rrr)
|
|
|
|
trigger:
|
|
branches:
|
|
include:
|
|
- 'main'
|
|
- 'release/*'
|
|
tags:
|
|
include:
|
|
- 'v1.*'
|
|
|
|
pr:
|
|
branches:
|
|
include:
|
|
- 'main'
|
|
- 'release/*'
|
|
|
|
stages:
|
|
|
|
# Build pipeline
|
|
- stage: Build
|
|
displayName: Build
|
|
dependsOn: []
|
|
jobs:
|
|
- job:
|
|
pool:
|
|
vmImage: $(imageName)
|
|
displayName: 'Module'
|
|
steps:
|
|
|
|
# Install pipeline dependencies
|
|
- powershell: ./.azure-pipelines/pipeline-deps.ps1
|
|
displayName: 'Install dependencies'
|
|
|
|
# Build module
|
|
- powershell: Invoke-Build -Configuration $(buildConfiguration) -Build $(Build.BuildNumber)
|
|
displayName: 'Build module'
|
|
|
|
# DotNet test results
|
|
- task: PublishTestResults@2
|
|
displayName: 'Publish unit test results'
|
|
inputs:
|
|
testRunTitle: 'DotNet on $(imageName)'
|
|
testRunner: VSTest
|
|
testResultsFiles: 'reports/*.trx'
|
|
mergeTestResults: true
|
|
platform: $(imageName)
|
|
configuration: $(buildConfiguration)
|
|
publishRunAttachments: true
|
|
condition: succeededOrFailed()
|
|
|
|
# PSRule results
|
|
- task: PublishTestResults@2
|
|
displayName: 'Publish PSRule results'
|
|
inputs:
|
|
testRunTitle: 'PSRule on $(imageName)'
|
|
testRunner: NUnit
|
|
testResultsFiles: 'reports/ps-rule*.xml'
|
|
mergeTestResults: true
|
|
platform: $(imageName)
|
|
configuration: $(buildConfiguration)
|
|
publishRunAttachments: true
|
|
condition: succeededOrFailed()
|
|
|
|
# Generate artifacts
|
|
- publish: out/modules/PSRule.Rules.MSFT.OSS
|
|
displayName: 'Publish module'
|
|
artifact: PSRule.Rules.MSFT.OSS
|
|
|
|
# Analysis pipeline
|
|
- stage: Analysis
|
|
displayName: Analysis
|
|
dependsOn: []
|
|
variables:
|
|
# Already run in build stage
|
|
skipComponentGovernanceDetection: 'true'
|
|
jobs:
|
|
|
|
- job: Secret_Scan
|
|
pool:
|
|
vmImage: 'windows-2022'
|
|
displayName: Secret scan
|
|
|
|
steps:
|
|
- task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2
|
|
displayName: 'Scan for secrets'
|
|
inputs:
|
|
debugMode: false
|
|
toolMajorVersion: V2
|
|
|
|
- task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@2
|
|
displayName: 'Publish scan logs'
|
|
continueOnError: true
|
|
|
|
- task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@1
|
|
displayName: 'Check for failures'
|
|
inputs:
|
|
CredScan: true
|
|
ToolLogsNotFoundAction: Error
|
|
|
|
# Test pipeline
|
|
- stage: Test
|
|
dependsOn: Build
|
|
variables:
|
|
# Already run in build stage
|
|
skipComponentGovernanceDetection: 'true'
|
|
jobs:
|
|
|
|
- template: jobs/test.yaml
|
|
parameters:
|
|
name: ubuntu_22_04_coverage
|
|
imageName: 'ubuntu-22.04'
|
|
displayName: 'PowerShell coverage'
|
|
coverage: 'true'
|
|
publishResults: 'false'
|
|
|
|
- template: jobs/test.yaml
|
|
parameters:
|
|
name: macOS_11
|
|
displayName: 'PowerShell 7.2 - macOS-11'
|
|
imageName: 'macOS-11'
|
|
|
|
- template: jobs/test.yaml
|
|
parameters:
|
|
name: windows_2022
|
|
displayName: 'PowerShell 7.2 - Windows 2022'
|
|
imageName: 'windows-2022'
|
|
|
|
- template: jobs/testContainer.yaml
|
|
parameters:
|
|
name: ps_7_2_ubuntu_20_04
|
|
displayName: 'PowerShell 7.2 - ubuntu-22.04'
|
|
imageName: mcr.microsoft.com/powershell
|
|
imageTag: 7.2-ubuntu-22.04
|
|
|
|
# Release pipeline
|
|
- stage: Release
|
|
displayName: Release
|
|
dependsOn: [ 'Test', 'Analysis' ]
|
|
condition: and(succeeded(), startsWith(variables['Build.SourceBranch'], 'refs/tags/v1.'))
|
|
variables:
|
|
# Already run in build stage
|
|
skipComponentGovernanceDetection: 'true'
|
|
jobs:
|
|
- job:
|
|
displayName: Live
|
|
pool:
|
|
vmImage: $(imageName)
|
|
variables:
|
|
isPreRelease: $[contains(variables['Build.SourceBranchName'], '-B')]
|
|
steps:
|
|
|
|
# Download module from build
|
|
- task: DownloadPipelineArtifact@2
|
|
displayName: 'Download module'
|
|
inputs:
|
|
artifact: PSRule.Rules.MSFT.OSS
|
|
path: $(Build.SourcesDirectory)/out/modules/PSRule.Rules.MSFT.OSS
|
|
|
|
# Install pipeline dependencies
|
|
- powershell: ./.azure-pipelines/pipeline-deps.ps1
|
|
displayName: 'Install dependencies'
|
|
|
|
# Install pipeline dependencies and build module
|
|
- powershell: Invoke-Build Release -ApiKey $(apiKey)
|
|
displayName: 'Publish module'
|
|
|
|
# Update GitHub release
|
|
- task: GitHubRelease@1
|
|
displayName: 'GitHub release'
|
|
inputs:
|
|
gitHubConnection: 'AzureDevOps-PSRule.Rules.MSFT.OSS'
|
|
repositoryName: '$(Build.Repository.Name)'
|
|
action: edit
|
|
tag: '$(Build.SourceBranchName)'
|
|
releaseNotesSource: inline
|
|
releaseNotesInline: 'See [change log](https://github.com/Microsoft/PSRule.Rules.MSFT.OSS/blob/main/CHANGELOG.md)'
|
|
assetUploadMode: replace
|
|
addChangeLog: false
|
|
isPreRelease: $(isPreRelease)
|