зеркало из https://github.com/microsoft/kiota.git
829 строки
40 KiB
YAML
829 строки
40 KiB
YAML
# Copyright (c) Microsoft Corporation. All rights reserved.
|
|
# Licensed under the MIT License.
|
|
|
|
name: $(BuildDefinitionName)_$(SourceBranchName)_$(Date:yyyyMMdd)$(Rev:.r)
|
|
|
|
trigger:
|
|
paths:
|
|
exclude:
|
|
[
|
|
"abstractions/**",
|
|
"authentication/**",
|
|
"serialization/**",
|
|
"http/**",
|
|
"**.md",
|
|
".vscode/**",
|
|
"**.svg",
|
|
]
|
|
tags:
|
|
include:
|
|
- "v*"
|
|
exclude:
|
|
- "*preview*" # exclude preview tags so we don't publish twice
|
|
schedules:
|
|
- cron: "0 18 * * 4" # 18:00 UTC every Thursday ~ 14:00 EST every Thursday
|
|
displayName: Weekly preview
|
|
branches:
|
|
include:
|
|
- main
|
|
always: true
|
|
|
|
variables:
|
|
buildPlatform: "Any CPU"
|
|
buildConfiguration: "Release"
|
|
ProductBinPath: '$(Build.SourcesDirectory)\src\kiota\bin\$(BuildConfiguration)'
|
|
|
|
parameters:
|
|
- name: previewBranch
|
|
type: string
|
|
default: "refs/heads/main"
|
|
- name: distributions
|
|
type: object
|
|
default:
|
|
- architecture: "win-x86"
|
|
jobPrefix: "win_x86"
|
|
os: "windows"
|
|
image: "windows-latest"
|
|
pool: Azure-Pipelines-1ESPT-ExDShared
|
|
- architecture: "win-x64"
|
|
jobPrefix: "win_x64"
|
|
os: "windows"
|
|
image: "windows-latest"
|
|
pool: Azure-Pipelines-1ESPT-ExDShared
|
|
- architecture: "linux-x64"
|
|
jobPrefix: "linux_x64"
|
|
os: "linux"
|
|
image: "ubuntu-latest"
|
|
pool: Azure-Pipelines-1ESPT-ExDShared
|
|
- architecture: "osx-x64"
|
|
jobPrefix: "osx_x64"
|
|
os: "macOS"
|
|
image: "macOS-latest"
|
|
pool: Azure Pipelines
|
|
# MacOS images aren't available in 1ES templates
|
|
# https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/1es-pipeline-templates/onboarding/macos-support
|
|
- architecture: "osx-arm64"
|
|
jobPrefix: "osx_arm64"
|
|
os: "macOS"
|
|
image: "macOS-latest"
|
|
pool: Azure Pipelines
|
|
|
|
resources:
|
|
repositories:
|
|
- repository: 1ESPipelineTemplates
|
|
type: git
|
|
name: 1ESPipelineTemplates/1ESPipelineTemplates
|
|
ref: refs/tags/release
|
|
|
|
extends:
|
|
template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates
|
|
parameters:
|
|
sdl:
|
|
sourceAnalysisPool:
|
|
name: Azure-Pipelines-1ESPT-ExDShared
|
|
os: windows
|
|
image: windows-latest
|
|
stages:
|
|
- stage: build
|
|
jobs:
|
|
- job: update_appsettings
|
|
pool:
|
|
name: Azure-Pipelines-1ESPT-ExDShared
|
|
os: linux
|
|
image: ubuntu-latest
|
|
templateContext:
|
|
sdl:
|
|
baseline:
|
|
baselineFile: $(Build.SourcesDirectory)/guardian/SDL/common/.gdnbaselines
|
|
suppression:
|
|
suppressionFile: $(Build.SourcesDirectory)/guardian/SDL/common/.gdnsuppress
|
|
steps:
|
|
- checkout: self
|
|
clean: true
|
|
submodules: true
|
|
|
|
- pwsh: $(Build.SourcesDirectory)/scripts/update-versions.ps1
|
|
displayName: "Update dependencies versions"
|
|
|
|
- pwsh: |
|
|
New-Item -Path $(Build.ArtifactStagingDirectory)/AppSettings -ItemType Directory -Force -Verbose
|
|
Copy-Item $(Build.SourcesDirectory)/src/kiota/appsettings.json $(Build.ArtifactStagingDirectory)/AppSettings/appsettings.json -Force -Verbose
|
|
displayName: Prepare staging folder for upload
|
|
|
|
- task: 1ES.PublishPipelineArtifact@1
|
|
displayName: "Publish Artifact: AppSettings"
|
|
inputs:
|
|
artifactName: AppSettings
|
|
targetPath: "$(Build.ArtifactStagingDirectory)/AppSettings"
|
|
|
|
- job: build
|
|
dependsOn: [update_appsettings]
|
|
pool:
|
|
name: Azure-Pipelines-1ESPT-ExDShared
|
|
os: windows # needed for compliance tasks
|
|
image: windows-latest
|
|
templateContext:
|
|
sdl:
|
|
baseline:
|
|
baselineFile: $(Build.SourcesDirectory)/guardian/SDL/common/.gdnbaselines
|
|
suppression:
|
|
suppressionFile: $(Build.SourcesDirectory)/guardian/SDL/common/.gdnsuppress
|
|
steps:
|
|
- checkout: self
|
|
clean: true
|
|
submodules: true
|
|
|
|
- task: DownloadPipelineArtifact@2
|
|
inputs:
|
|
artifact: AppSettings
|
|
source: current
|
|
targetPath: $(Build.ArtifactStagingDirectory)/AppSettings
|
|
|
|
- pwsh: |
|
|
Copy-Item $(Build.ArtifactStagingDirectory)/AppSettings/appsettings.json $(Build.SourcesDirectory)/src/kiota/appsettings.json -Force -Verbose
|
|
displayName: Copy the appsettings.json
|
|
|
|
- task: UseDotNet@2
|
|
displayName: "Use .NET 6" # needed for ESRP signing
|
|
inputs:
|
|
version: 6.x
|
|
|
|
- task: UseDotNet@2
|
|
displayName: "Use .NET 8"
|
|
inputs:
|
|
version: 8.x
|
|
|
|
# Install the nuget tool.
|
|
- task: NuGetToolInstaller@0
|
|
displayName: "Use NuGet >=6.1.0"
|
|
inputs:
|
|
versionSpec: ">=6.1.0"
|
|
checkLatest: true
|
|
|
|
- pwsh: $(Build.SourcesDirectory)/scripts/get-prerelease-version.ps1 -currentBranch $(Build.SourceBranch) -previewBranch ${{ parameters.previewBranch }} -excludeHeadingDash
|
|
displayName: "Set version suffix"
|
|
|
|
- pwsh: $(Build.SourcesDirectory)/scripts/update-version-suffix-for-source-generator.ps1 -versionSuffix "$(versionSuffix)"
|
|
displayName: "Set version suffix in csproj for generators"
|
|
|
|
- pwsh: $(Build.SourcesDirectory)/scripts/get-version-from-csproj.ps1
|
|
displayName: "Get Kiota's version-number from .csproj"
|
|
|
|
- pwsh: $(Build.SourcesDirectory)/scripts/get-release-notes.ps1 -version $(artifactVersion)
|
|
condition: eq(variables['isPrerelease'], 'false')
|
|
displayName: "Get release notes from CHANGELOG.md"
|
|
|
|
- pwsh: $(Build.SourcesDirectory)/scripts/get-release-notes.ps1 -version Unreleased
|
|
condition: eq(variables['isPrerelease'], 'true')
|
|
|
|
# Build the Product project
|
|
- task: DotNetCoreCLI@2
|
|
condition: eq(variables['isPrerelease'], 'true')
|
|
displayName: "build"
|
|
inputs:
|
|
projects: '$(Build.SourcesDirectory)\kiota.sln'
|
|
arguments: '--configuration $(BuildConfiguration) --no-incremental --version-suffix "$(versionSuffix)"'
|
|
|
|
# Build the Product project
|
|
- task: DotNetCoreCLI@2
|
|
condition: eq(variables['isPrerelease'], 'false')
|
|
displayName: "build"
|
|
inputs:
|
|
projects: '$(Build.SourcesDirectory)\kiota.sln'
|
|
arguments: "--configuration $(BuildConfiguration) --no-incremental"
|
|
|
|
# Run the Unit test
|
|
- task: DotNetCoreCLI@2
|
|
displayName: "test"
|
|
inputs:
|
|
command: test
|
|
projects: '$(Build.SourcesDirectory)\kiota.sln'
|
|
arguments: "--configuration $(BuildConfiguration) --no-build"
|
|
|
|
- task: EsrpCodeSigning@5
|
|
displayName: "ESRP CodeSigning"
|
|
inputs:
|
|
ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection'
|
|
AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8'
|
|
AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2'
|
|
AuthAKVName: 'akv-prod-eastus'
|
|
AuthCertName: 'ReferenceLibraryPrivateCert'
|
|
AuthSignCertName: 'ReferencePackagePublisherCertificate'
|
|
FolderPath: '$(Build.SourcesDirectory)\src'
|
|
signConfigType: inlineSignParams
|
|
UseMinimatch: true
|
|
Pattern: |
|
|
**\*.exe
|
|
**\*.dll
|
|
inlineOperation: |
|
|
[
|
|
{
|
|
"keyCode": "CP-230012",
|
|
"operationSetCode": "SigntoolSign",
|
|
"parameters": [
|
|
{
|
|
"parameterName": "OpusName",
|
|
"parameterValue": "Microsoft"
|
|
},
|
|
{
|
|
"parameterName": "OpusInfo",
|
|
"parameterValue": "http://www.microsoft.com"
|
|
},
|
|
{
|
|
"parameterName": "FileDigest",
|
|
"parameterValue": "/fd \"SHA256\""
|
|
},
|
|
{
|
|
"parameterName": "PageHash",
|
|
"parameterValue": "/NPH"
|
|
},
|
|
{
|
|
"parameterName": "TimeStamp",
|
|
"parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
|
|
}
|
|
],
|
|
"toolName": "sign",
|
|
"toolVersion": "1.0"
|
|
},
|
|
{
|
|
"keyCode": "CP-230012",
|
|
"operationSetCode": "SigntoolVerify",
|
|
"parameters": [ ],
|
|
"toolName": "sign",
|
|
"toolVersion": "1.0"
|
|
}
|
|
]
|
|
SessionTimeout: 20
|
|
MaxConcurrency: 50
|
|
MaxRetryAttempts: 5
|
|
PendingAnalysisWaitTimeoutMinutes: 5
|
|
|
|
# Pack
|
|
- pwsh: dotnet pack $(Build.SourcesDirectory)/src/kiota/kiota.csproj -o $(Build.ArtifactStagingDirectory) --configuration $(BuildConfiguration) --no-build --include-symbols --include-source /p:SymbolPackageFormat=snupkg --version-suffix "$(versionSuffix)"
|
|
condition: eq(variables['isPrerelease'], 'true')
|
|
displayName: "pack kiota"
|
|
|
|
- pwsh: dotnet pack $(Build.SourcesDirectory)/src/kiota/kiota.csproj -o $(Build.ArtifactStagingDirectory) --configuration $(BuildConfiguration) --no-build --include-symbols --include-source /p:SymbolPackageFormat=snupkg
|
|
condition: eq(variables['isPrerelease'], 'false')
|
|
displayName: "pack kiota"
|
|
|
|
- pwsh: dotnet pack $(Build.SourcesDirectory)/src/Kiota.Builder/Kiota.Builder.csproj -o $(Build.ArtifactStagingDirectory) --configuration $(BuildConfiguration) --no-build --include-symbols --include-source /p:SymbolPackageFormat=snupkg --version-suffix "$(versionSuffix)"
|
|
condition: eq(variables['isPrerelease'], 'true')
|
|
displayName: "pack kiota builder"
|
|
|
|
- pwsh: dotnet pack $(Build.SourcesDirectory)/src/Kiota.Builder/Kiota.Builder.csproj -o $(Build.ArtifactStagingDirectory) --configuration $(BuildConfiguration) --no-build --include-symbols --include-source /p:SymbolPackageFormat=snupkg
|
|
condition: eq(variables['isPrerelease'], 'false')
|
|
displayName: "pack kiota builder"
|
|
|
|
- task: EsrpCodeSigning@5
|
|
displayName: "ESRP CodeSigning Nuget Packages"
|
|
inputs:
|
|
ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection'
|
|
AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8'
|
|
AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2'
|
|
AuthAKVName: 'akv-prod-eastus'
|
|
AuthCertName: 'ReferenceLibraryPrivateCert'
|
|
AuthSignCertName: 'ReferencePackagePublisherCertificate'
|
|
FolderPath: "$(Build.ArtifactStagingDirectory)"
|
|
UseMinimatch: true
|
|
Pattern: "*.nupkg"
|
|
signConfigType: inlineSignParams
|
|
inlineOperation: |
|
|
[
|
|
{
|
|
"keyCode": "CP-401405",
|
|
"operationSetCode": "NuGetSign",
|
|
"parameters": [ ],
|
|
"toolName": "sign",
|
|
"toolVersion": "1.0"
|
|
},
|
|
{
|
|
"keyCode": "CP-401405",
|
|
"operationSetCode": "NuGetVerify",
|
|
"parameters": [ ],
|
|
"toolName": "sign",
|
|
"toolVersion": "1.0"
|
|
}
|
|
]
|
|
SessionTimeout: 20
|
|
MaxConcurrency: 50
|
|
MaxRetryAttempts: 5
|
|
PendingAnalysisWaitTimeoutMinutes: 5
|
|
|
|
- task: CopyFiles@2
|
|
displayName: Prepare staging folder for upload
|
|
inputs:
|
|
targetFolder: $(Build.ArtifactStagingDirectory)/Nugets
|
|
sourceFolder: $(Build.ArtifactStagingDirectory)
|
|
content: "*.nupkg"
|
|
|
|
- task: 1ES.PublishPipelineArtifact@1
|
|
displayName: "Publish Artifact: Nugets"
|
|
inputs:
|
|
artifactName: Nugets
|
|
targetPath: "$(Build.ArtifactStagingDirectory)/Nugets"
|
|
|
|
# using a loop instead of a matrix due to 1ES template limitations
|
|
# https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/1es-pipeline-templates/faqs
|
|
- ${{ each distribution in parameters.distributions }}:
|
|
- job: ${{ distribution.jobPrefix }}_build_binaries
|
|
dependsOn: [update_appsettings]
|
|
pool:
|
|
name: ${{ distribution.pool }}
|
|
os: ${{ distribution.os }}
|
|
image: ${{ distribution.image }}
|
|
templateContext:
|
|
sdl:
|
|
baseline:
|
|
baselineFile: $(Build.SourcesDirectory)/guardian/SDL/common/.gdnbaselines
|
|
suppression:
|
|
suppressionFile: $(Build.SourcesDirectory)/guardian/SDL/common/.gdnsuppress
|
|
|
|
steps:
|
|
- checkout: self
|
|
clean: true
|
|
submodules: true
|
|
- task: UseDotNet@2
|
|
displayName: "Use .NET 6" # needed for ESRP signing
|
|
inputs:
|
|
version: 6.x
|
|
- task: UseDotNet@2
|
|
displayName: "Use .NET 8"
|
|
inputs:
|
|
version: 8.x
|
|
|
|
- task: DownloadPipelineArtifact@2
|
|
inputs:
|
|
artifact: AppSettings
|
|
source: current
|
|
targetPath: $(Build.ArtifactStagingDirectory)/AppSettings
|
|
|
|
- pwsh: |
|
|
Copy-Item $(Build.ArtifactStagingDirectory)/AppSettings/appsettings.json $(Build.SourcesDirectory)/src/kiota/appsettings.json -Force -Verbose
|
|
displayName: Copy the appsettings.json
|
|
|
|
- pwsh: $(Build.SourcesDirectory)/scripts/get-prerelease-version.ps1 -currentBranch $(Build.SourceBranch) -previewBranch ${{ parameters.previewBranch }} -excludeHeadingDash
|
|
displayName: "Set version suffix"
|
|
|
|
- pwsh: $(Build.SourcesDirectory)/scripts/update-version-suffix-for-source-generator.ps1 -versionSuffix "$(versionSuffix)"
|
|
displayName: "Set version suffix in csproj for generators"
|
|
|
|
- pwsh: dotnet publish src/kiota/kiota.csproj -c Release --runtime ${{ distribution.architecture }} -p:PublishSingleFile=true --self-contained --output $(Build.ArtifactStagingDirectory)/binaries/${{ distribution.architecture }} --version-suffix "$(versionSuffix)"
|
|
condition: eq(variables['isPrerelease'], 'true')
|
|
displayName: publish kiota as executable
|
|
|
|
- pwsh: dotnet publish src/kiota/kiota.csproj -c Release --runtime ${{ distribution.architecture }} -p:PublishSingleFile=true --self-contained --output $(Build.ArtifactStagingDirectory)/binaries/${{ distribution.architecture }}
|
|
condition: eq(variables['isPrerelease'], 'false')
|
|
displayName: publish kiota as executable
|
|
|
|
- task: AzureKeyVault@2
|
|
displayName: "Azure Key Vault: Get Secrets"
|
|
inputs:
|
|
azureSubscription: "MicrosofGraphKeyVault connection"
|
|
KeyVaultName: MicrosofGraphKeyVault
|
|
SecretsFilter: "graph-cli-apple-developer-certificate,graph-cli-apple-developer-certificate-password"
|
|
condition: and(succeeded(), startsWith('${{ distribution.architecture }}', 'osx'))
|
|
- bash: |
|
|
set -e
|
|
security create-keychain -p pwd $(agent.tempdirectory)/buildagent.keychain
|
|
security default-keychain -s $(agent.tempdirectory)/buildagent.keychain
|
|
security unlock-keychain -p pwd $(agent.tempdirectory)/buildagent.keychain
|
|
echo "$(graph-cli-apple-developer-certificate)" | base64 -D > $(agent.tempdirectory)/cert.p12
|
|
security import $(agent.tempdirectory)/cert.p12 -k $(agent.tempdirectory)/buildagent.keychain -P "$(graph-cli-apple-developer-certificate-password)" -T /usr/bin/codesign
|
|
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k pwd $(agent.tempdirectory)/buildagent.keychain
|
|
codesign -s 6V7V694XP3 --deep --force --options runtime --entitlements scripts/entitlements.plist $(Build.ArtifactStagingDirectory)/binaries/${{ distribution.architecture }}/kiota
|
|
displayName: Set Hardened Entitlements
|
|
condition: and(succeeded(), startsWith('${{ distribution.architecture }}', 'osx'))
|
|
|
|
- task: EsrpCodeSigning@5
|
|
condition: and(succeeded(), startsWith('${{ distribution.architecture }}', 'win'))
|
|
inputs:
|
|
ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection'
|
|
AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8'
|
|
AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2'
|
|
AuthAKVName: 'akv-prod-eastus'
|
|
AuthCertName: 'ReferenceLibraryPrivateCert'
|
|
AuthSignCertName: 'ReferencePackagePublisherCertificate'
|
|
FolderPath: $(Build.ArtifactStagingDirectory)/binaries/${{ distribution.architecture }}
|
|
signConfigType: inlineSignParams
|
|
UseMinimatch: true
|
|
inlineOperation: |
|
|
[
|
|
{
|
|
"keyCode": "CP-230012",
|
|
"operationSetCode": "SigntoolSign",
|
|
"parameters": [
|
|
{
|
|
"parameterName": "OpusName",
|
|
"parameterValue": "Microsoft"
|
|
},
|
|
{
|
|
"parameterName": "OpusInfo",
|
|
"parameterValue": "http://www.microsoft.com"
|
|
},
|
|
{
|
|
"parameterName": "FileDigest",
|
|
"parameterValue": "/fd \"SHA256\""
|
|
},
|
|
{
|
|
"parameterName": "PageHash",
|
|
"parameterValue": "/NPH"
|
|
},
|
|
{
|
|
"parameterName": "TimeStamp",
|
|
"parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
|
|
}
|
|
],
|
|
"toolName": "sign",
|
|
"toolVersion": "1.0"
|
|
},
|
|
{
|
|
"keyCode": "CP-230012",
|
|
"operationSetCode": "SigntoolVerify",
|
|
"parameters": [ ],
|
|
"toolName": "sign",
|
|
"toolVersion": "1.0"
|
|
}
|
|
]
|
|
SessionTimeout: 20
|
|
MaxConcurrency: 50
|
|
MaxRetryAttempts: 5
|
|
PendingAnalysisWaitTimeoutMinutes: 5
|
|
Pattern: |
|
|
**\*.exe
|
|
**\*.dll
|
|
- pwsh: Remove-Item $(Build.ArtifactStagingDirectory)/binaries/${{ distribution.architecture }}/*.md -Verbose -Force -ErrorAction SilentlyContinue
|
|
- task: ArchiveFiles@2
|
|
displayName: Archive binaries
|
|
inputs:
|
|
rootFolderOrFile: $(Build.ArtifactStagingDirectory)/binaries/${{ distribution.architecture }}
|
|
includeRootFolder: false
|
|
archiveType: zip
|
|
archiveFile: $(Build.ArtifactStagingDirectory)/binaries/${{ distribution.architecture }}.zip
|
|
replaceExistingArchive: true
|
|
- task: EsrpCodeSigning@5
|
|
condition: and(succeeded(), startsWith('${{ distribution.architecture }}', 'osx'))
|
|
inputs:
|
|
ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection'
|
|
AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8'
|
|
AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2'
|
|
AuthAKVName: 'akv-prod-eastus'
|
|
AuthCertName: 'ReferenceLibraryPrivateCert'
|
|
AuthSignCertName: 'ReferencePackagePublisherCertificate'
|
|
FolderPath: $(Build.ArtifactStagingDirectory)/binaries
|
|
signConfigType: inlineSignParams
|
|
UseMinimatch: true
|
|
inlineOperation: |
|
|
[
|
|
{
|
|
"keyCode": "CP-401337-Apple",
|
|
"OperationCode": "MacAppDeveloperSign",
|
|
"Parameters": {
|
|
"Hardening": "--options=runtime"
|
|
},
|
|
"ToolName": "sign",
|
|
"ToolVersion": "1.0"
|
|
}
|
|
]
|
|
SessionTimeout: 20
|
|
MaxConcurrency: 50
|
|
MaxRetryAttempts: 5
|
|
PendingAnalysisWaitTimeoutMinutes: 5
|
|
Pattern: |
|
|
**/*.zip
|
|
- task: EsrpCodeSigning@5
|
|
condition: and(succeeded(), startsWith('${{ distribution.architecture }}', 'osx'))
|
|
inputs:
|
|
ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection'
|
|
AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8'
|
|
AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2'
|
|
AuthAKVName: 'akv-prod-eastus'
|
|
AuthCertName: 'ReferenceLibraryPrivateCert'
|
|
AuthSignCertName: 'ReferencePackagePublisherCertificate'
|
|
FolderPath: $(Build.ArtifactStagingDirectory)/binaries
|
|
signConfigType: inlineSignParams
|
|
UseMinimatch: true
|
|
inlineOperation: |
|
|
[
|
|
{
|
|
"keyCode": "CP-401337-Apple",
|
|
"OperationCode": "MacAppNotarize",
|
|
"Parameters": {
|
|
"BundleId": "com.microsoft.kiota"
|
|
},
|
|
"ToolName": "sign",
|
|
"ToolVersion": "1.0"
|
|
}
|
|
]
|
|
SessionTimeout: 20
|
|
MaxConcurrency: 50
|
|
MaxRetryAttempts: 5
|
|
PendingAnalysisWaitTimeoutMinutes: 5
|
|
Pattern: |
|
|
**/*.zip
|
|
- task: 1ES.PublishPipelineArtifact@1
|
|
displayName: "Publish Artifact: binaries"
|
|
inputs:
|
|
artifactName: Binaries_${{ distribution.jobPrefix }}
|
|
sbomBuildDropPath: $(Build.ArtifactStagingDirectory)/binaries/${{ distribution.architecture }}
|
|
targetPath: "$(Build.ArtifactStagingDirectory)/binaries/${{ distribution.architecture }}.zip"
|
|
|
|
- job: build_vscode_extension
|
|
dependsOn:
|
|
[
|
|
win_x64_build_binaries,
|
|
win_x86_build_binaries,
|
|
linux_x64_build_binaries,
|
|
osx_x64_build_binaries,
|
|
osx_arm64_build_binaries,
|
|
]
|
|
pool:
|
|
name: Azure-Pipelines-1ESPT-ExDShared
|
|
os: linux
|
|
image: ubuntu-latest
|
|
templateContext:
|
|
sdl:
|
|
baseline:
|
|
baselineFile: $(Build.SourcesDirectory)/guardian/SDL/common/.gdnbaselines
|
|
suppression:
|
|
suppressionFile: $(Build.SourcesDirectory)/guardian/SDL/common/.gdnsuppress
|
|
steps:
|
|
- checkout: self
|
|
clean: true
|
|
submodules: true
|
|
- task: NodeTool@0
|
|
inputs:
|
|
versionSpec: "18.x"
|
|
- ${{ each distribution in parameters.distributions }}:
|
|
- task: DownloadPipelineArtifact@2
|
|
displayName: Download ${{ distribution.jobPrefix }} binaries from artifacts
|
|
inputs:
|
|
artifact: Binaries_${{ distribution.jobPrefix }}
|
|
source: current
|
|
targetPath: $(Build.ArtifactStagingDirectory)/Binaries
|
|
- pwsh: $(Build.SourcesDirectory)/scripts/get-prerelease-version.ps1 -currentBranch $(Build.SourceBranch) -previewBranch ${{ parameters.previewBranch }}
|
|
displayName: "Set version suffix"
|
|
- pwsh: $(Build.SourcesDirectory)/scripts/get-version-from-csproj.ps1
|
|
displayName: "Get Kiota's version-number from .csproj"
|
|
- pwsh: $(Build.SourcesDirectory)/scripts/update-vscode-releases.ps1 -version $(artifactVersion)$(versionSuffix) -filePath $(Build.SourcesDirectory)/vscode/microsoft-kiota/package.json -binaryFolderPath $(Build.ArtifactStagingDirectory)/Binaries
|
|
displayName: "Update VSCode extension version-number"
|
|
- script: npm i -g @vscode/vsce
|
|
displayName: "Install vsce"
|
|
- script: npm ci
|
|
displayName: "Install dependencies"
|
|
workingDirectory: $(Build.SourcesDirectory)/vscode/microsoft-kiota
|
|
- script: vsce package --pre-release
|
|
displayName: "Package VSCode extension as pre-release"
|
|
workingDirectory: $(Build.SourcesDirectory)/vscode/microsoft-kiota
|
|
condition: eq(variables['isPrerelease'], 'true')
|
|
- script: vsce package
|
|
displayName: "Package VSCode extension as release"
|
|
workingDirectory: $(Build.SourcesDirectory)/vscode/microsoft-kiota
|
|
condition: eq(variables['isPrerelease'], 'false')
|
|
- pwsh: |
|
|
$extensionFiles = Get-ChildItem -Filter *.vsix -Recurse
|
|
if ($extensionFiles.Count -ne 1) {
|
|
Write-Error "Expected 1 extension file, found $($extensionFiles.Count)"
|
|
exit 1
|
|
}
|
|
$extensionFileName = $extensionFiles[0].BaseName
|
|
Write-Output "##vso[task.setvariable variable=extensionFileName;isOutput=true]$extensionFileName"
|
|
displayName: "Get extension file name"
|
|
workingDirectory: $(Build.SourcesDirectory)/vscode/microsoft-kiota
|
|
name: getExtensionFileName
|
|
- script: vsce generate-manifest -i $(getExtensionFileName.extensionFileName).vsix -o $(getExtensionFileName.extensionFileName).manifest
|
|
displayName: 'Generate extension manifest'
|
|
workingDirectory: $(Build.SourcesDirectory)/vscode/microsoft-kiota
|
|
- script: cp $(getExtensionFileName.extensionFileName).manifest $(getExtensionFileName.extensionFileName).signature.p7s
|
|
displayName: 'Prepare manifest for signing'
|
|
workingDirectory: $(Build.SourcesDirectory)/vscode/microsoft-kiota
|
|
- task: EsrpCodeSigning@5
|
|
inputs:
|
|
ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection'
|
|
AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8'
|
|
AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2'
|
|
AuthAKVName: 'akv-prod-eastus'
|
|
AuthCertName: 'ReferenceLibraryPrivateCert'
|
|
AuthSignCertName: 'ReferencePackagePublisherCertificate'
|
|
FolderPath: $(Build.SourcesDirectory)/vscode/microsoft-kiota
|
|
UseMinimatch: true
|
|
Pattern: '**\*.signature.p7s'
|
|
signConfigType: inlineSignParams
|
|
inlineOperation: |
|
|
[
|
|
{
|
|
"keyCode": "CP-401405",
|
|
"operationSetCode": "VSCodePublisherSign",
|
|
"parameters" : [],
|
|
"toolName": "sign",
|
|
"toolVersion": "1.0"
|
|
}
|
|
]
|
|
SessionTimeout: 90
|
|
MaxConcurrency: 25
|
|
MaxRetryAttempts: 5
|
|
PendingAnalysisWaitTimeoutMinutes: 5
|
|
displayName: 'Sign extension'
|
|
- task: CopyFiles@2
|
|
displayName: Prepare staging folder for upload
|
|
inputs:
|
|
targetFolder: $(Build.ArtifactStagingDirectory)/VSCode
|
|
sourceFolder: $(Build.SourcesDirectory)/vscode/microsoft-kiota
|
|
contents: |
|
|
*.vsix
|
|
*.manifest
|
|
*.signature.p7s
|
|
- task: 1ES.PublishPipelineArtifact@1
|
|
displayName: "Publish Artifact: VSCode"
|
|
inputs:
|
|
artifactName: VSCode
|
|
targetPath: "$(Build.ArtifactStagingDirectory)/VSCode"
|
|
|
|
- stage: deploy
|
|
condition: and(or(contains(variables['build.sourceBranch'], 'refs/tags/v'), eq(variables['build.sourceBranch'], '${{ parameters.previewBranch }}')), succeeded())
|
|
dependsOn: build
|
|
jobs:
|
|
- job: vs_marketplace
|
|
pool:
|
|
name: Azure-Pipelines-1ESPT-ExDShared
|
|
os: linux
|
|
image: ubuntu-latest
|
|
templateContext:
|
|
sdl:
|
|
baseline:
|
|
baselineFile: $(Build.SourcesDirectory)/guardian/SDL/common/.gdnbaselines
|
|
suppression:
|
|
suppressionFile: $(Build.SourcesDirectory)/guardian/SDL/common/.gdnsuppress
|
|
dependsOn:
|
|
- github_release
|
|
steps:
|
|
- download: none
|
|
- checkout: self
|
|
clean: true
|
|
submodules: true
|
|
- task: DownloadPipelineArtifact@2
|
|
inputs:
|
|
artifact: VSCode
|
|
source: current
|
|
- task: NodeTool@0
|
|
inputs:
|
|
versionSpec: "18.x"
|
|
- pwsh: npm i -g @vscode/vsce
|
|
- pwsh: $(Build.SourcesDirectory)/scripts/get-prerelease-version.ps1 -currentBranch $(Build.SourceBranch) -previewBranch ${{ parameters.previewBranch }}
|
|
displayName: "Set version suffix"
|
|
- task: AzureCLI@2
|
|
inputs:
|
|
azureSubscription: "kiota-vscode-marketplace-publish"
|
|
scriptType: "pscore"
|
|
scriptLocation: 'inlineScript'
|
|
inlineScript: |
|
|
$aadToken = az account get-access-token --query accessToken --resource 499b84ac-1321-427f-aa17-267ca6975798 -o tsv
|
|
Get-ChildItem -Path $(Pipeline.Workspace) -Filter *.vsix -Recurse | ForEach-Object {
|
|
$packagePath = $_.FullName
|
|
$manifestPath = $packagePath.Replace("vsix", "manifest")
|
|
$signaturePath = $packagePath.Replace("vsix", "signature.p7s")
|
|
Write-Host "Publishing $packagePath"
|
|
if ($Env:isPrerelease -eq "true") {
|
|
Write-Host "Publishing $packagePath as a pre-release"
|
|
vsce publish --pat "$aadToken" --packagePath $packagePath --manifestPath $manifestPath --signaturePath $signaturePath --pre-release
|
|
}
|
|
else {
|
|
Write-Host "Publishing $packagePath as a release"
|
|
vsce publish --pat "$aadToken" --packagePath $packagePath --manifestPath $manifestPath --signaturePath $signaturePath
|
|
}
|
|
}
|
|
env:
|
|
isPrerelease: $(isPrerelease)
|
|
- deployment: github_release
|
|
pool:
|
|
name: Azure-Pipelines-1ESPT-ExDShared
|
|
os: linux
|
|
image: ubuntu-latest
|
|
templateContext:
|
|
sdl:
|
|
baseline:
|
|
baselineFile: $(Build.SourcesDirectory)/guardian/SDL/common/.gdnbaselines
|
|
suppression:
|
|
suppressionFile: $(Build.SourcesDirectory)/guardian/SDL/common/.gdnsuppress
|
|
dependsOn: []
|
|
environment: kiota-github-releases
|
|
strategy:
|
|
runOnce:
|
|
deploy:
|
|
steps:
|
|
- download: none
|
|
- checkout: self
|
|
clean: true
|
|
submodules: true
|
|
- ${{ each distribution in parameters.distributions }}:
|
|
- task: DownloadPipelineArtifact@2
|
|
displayName: Download ${{ distribution.jobPrefix }} binaries from artifacts
|
|
inputs:
|
|
artifact: Binaries_${{ distribution.jobPrefix }}
|
|
source: current
|
|
- task: DownloadPipelineArtifact@2
|
|
inputs:
|
|
artifact: VSCode
|
|
source: current
|
|
- task: DownloadPipelineArtifact@2
|
|
inputs:
|
|
artifact: Nugets
|
|
source: current
|
|
- pwsh: $(Build.SourcesDirectory)/scripts/get-prerelease-version.ps1 -currentBranch $(Build.SourceBranch) -previewBranch ${{ parameters.previewBranch }}
|
|
displayName: "Set version suffix"
|
|
- pwsh: $(Build.SourcesDirectory)/scripts/get-version-from-csproj.ps1
|
|
displayName: "Get Kiota's version-number from .csproj"
|
|
- pwsh: $(Build.SourcesDirectory)/scripts/get-release-notes.ps1 -version $(artifactVersion) -createNotes
|
|
condition: eq(variables['isPrerelease'], 'false')
|
|
displayName: "Get release notes from CHANGELOG.md"
|
|
- pwsh: $(Build.SourcesDirectory)/scripts/get-release-notes.ps1 -version Unreleased -createNotes
|
|
condition: eq(variables['isPrerelease'], 'true')
|
|
displayName: "Get release notes from CHANGELOG.md"
|
|
- task: GitHubRelease@1
|
|
condition: eq(variables['isPrerelease'], 'false')
|
|
inputs:
|
|
gitHubConnection: "microsoftkiota"
|
|
tagSource: userSpecifiedTag
|
|
tag: "v$(artifactVersion)"
|
|
title: "v$(artifactVersion)"
|
|
releaseNotesSource: filePath
|
|
releaseNotesFilePath: $(Build.SourcesDirectory)/release-notes.txt
|
|
assets: |
|
|
$(Pipeline.Workspace)/*.zip
|
|
$(Pipeline.Workspace)/*.vsix
|
|
$(Pipeline.Workspace)/*.nupkg
|
|
$(Pipeline.Workspace)/*.snupkg
|
|
addChangeLog: false
|
|
- task: GitHubRelease@1
|
|
condition: eq(variables['isPrerelease'], 'true')
|
|
inputs:
|
|
gitHubConnection: "microsoftkiota"
|
|
tagSource: userSpecifiedTag
|
|
tag: "v$(artifactVersion)$(versionSuffix)"
|
|
title: "v$(artifactVersion)$(versionSuffix)"
|
|
releaseNotesSource: filePath
|
|
releaseNotesFilePath: $(Build.SourcesDirectory)/release-notes.txt
|
|
assets: |
|
|
$(Pipeline.Workspace)/*.zip
|
|
$(Pipeline.Workspace)/*.vsix
|
|
$(Pipeline.Workspace)/*.nupkg
|
|
$(Pipeline.Workspace)/*.snupkg
|
|
addChangeLog: false
|
|
isPreRelease: true
|
|
|
|
- deployment: deploy_kiota
|
|
pool:
|
|
name: Azure-Pipelines-1ESPT-ExDShared
|
|
os: linux
|
|
image: ubuntu-latest
|
|
dependsOn: []
|
|
environment: nuget-org
|
|
strategy:
|
|
runOnce:
|
|
deploy:
|
|
steps:
|
|
- download: none
|
|
- task: DownloadPipelineArtifact@2
|
|
displayName: Download nupkg from artifacts
|
|
inputs:
|
|
artifact: Nugets
|
|
source: current
|
|
- powershell: |
|
|
Remove-Item "$(Pipeline.Workspace)/Microsoft.OpenApi.Kiota.Builder.*.nupkg" -Verbose
|
|
displayName: remove other nupkgs to avoid duplication
|
|
- task: 1ES.PublishNuget@1
|
|
displayName: "NuGet push"
|
|
inputs:
|
|
packagesToPush: "$(Pipeline.Workspace)/Microsoft.OpenApi.Kiota.*.nupkg"
|
|
packageParentPath: '$(Pipeline.Workspace)'
|
|
nuGetFeedType: external
|
|
publishFeedCredentials: "OpenAPI Nuget Connection"
|
|
|
|
- deployment: deploy_builder
|
|
pool:
|
|
name: Azure-Pipelines-1ESPT-ExDShared
|
|
os: linux
|
|
image: ubuntu-latest
|
|
dependsOn: []
|
|
environment: nuget-org
|
|
strategy:
|
|
runOnce:
|
|
deploy:
|
|
steps:
|
|
- download: none
|
|
- task: DownloadPipelineArtifact@2
|
|
displayName: Download nupkg from artifacts
|
|
inputs:
|
|
artifact: Nugets
|
|
source: current
|
|
- powershell: |
|
|
Remove-Item "$(Pipeline.Workspace)/Microsoft.OpenApi.Kiota.*.nupkg" -Verbose -Exclude "*.Builder.*"
|
|
displayName: remove other nupkgs to avoid duplication
|
|
- task: 1ES.PublishNuget@1
|
|
displayName: "NuGet push"
|
|
inputs:
|
|
packagesToPush: "$(Pipeline.Workspace)/Microsoft.OpenApi.Kiota.Builder.*.nupkg"
|
|
packageParentPath: '$(Pipeline.Workspace)'
|
|
nuGetFeedType: external
|
|
publishFeedCredentials: "OpenAPI Nuget Connection"
|