Merge remote-tracking branch 'libtemplate/microbuild' into libtemplateUpdate
This commit is contained in:
Коммит
bc6561477b
|
@ -9,7 +9,7 @@
|
|||
]
|
||||
},
|
||||
"dotnet-coverage": {
|
||||
"version": "17.10.1",
|
||||
"version": "17.10.3",
|
||||
"commands": [
|
||||
"dotnet-coverage"
|
||||
]
|
||||
|
|
|
@ -7,6 +7,7 @@
|
|||
"ms-dotnettools.csharp",
|
||||
"k--kato.docomment",
|
||||
"editorconfig.editorconfig",
|
||||
"esbenp.prettier-vscode",
|
||||
"pflannery.vscode-versionlens",
|
||||
"davidanson.vscode-markdownlint",
|
||||
"dotjoshjohnson.xml",
|
||||
|
|
|
@ -10,5 +10,15 @@
|
|||
"[xml]": {
|
||||
"editor.wordWrap": "off"
|
||||
},
|
||||
"dotnet.defaultSolution": "Microsoft.VisualStudio.Validation.sln"
|
||||
// Treat these files as Azure Pipelines files
|
||||
"files.associations": {
|
||||
"**/azure-pipelines/**/*.yml": "azure-pipelines",
|
||||
"azure-pipelines.yml": "azure-pipelines"
|
||||
},
|
||||
// Use Prettier as the default formatter for Azure Pipelines files.
|
||||
// Needs to be explicitly configured: https://github.com/Microsoft/azure-pipelines-vscode#document-formatting
|
||||
"[azure-pipelines]": {
|
||||
"editor.defaultFormatter": "esbenp.prettier-vscode",
|
||||
"editor.formatOnSave": false // enable this when the conform
|
||||
},
|
||||
}
|
||||
|
|
|
@ -5,15 +5,15 @@
|
|||
<ManagePackageVersionsCentrally>true</ManagePackageVersionsCentrally>
|
||||
<CentralPackageTransitivePinningEnabled>true</CentralPackageTransitivePinningEnabled>
|
||||
|
||||
<MicroBuildVersion>2.0.147</MicroBuildVersion>
|
||||
<MicroBuildVersion>2.0.149</MicroBuildVersion>
|
||||
</PropertyGroup>
|
||||
<ItemGroup>
|
||||
<PackageVersion Include="Microsoft.CodeAnalysis.ResxSourceGenerator" Version="3.3.5-beta1.23330.2" />
|
||||
<PackageVersion Include="Microsoft.NET.Test.Sdk" Version="17.8.0" />
|
||||
<PackageVersion Include="Microsoft.NET.Test.Sdk" Version="17.9.0" />
|
||||
<PackageVersion Include="Microsoft.VisualStudio.Internal.MicroBuild.NonShipping" Version="$(MicroBuildVersion)" />
|
||||
<PackageVersion Include="Moq" Version="4.20.70" />
|
||||
<PackageVersion Include="xunit.runner.visualstudio" Version="2.5.6" />
|
||||
<PackageVersion Include="xunit" Version="2.6.6" />
|
||||
<PackageVersion Include="xunit.runner.visualstudio" Version="2.5.7" />
|
||||
<PackageVersion Include="xunit" Version="2.7.0" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<GlobalPackageReference Include="CSharpIsNullAnalyzer" Version="0.1.495" />
|
||||
|
|
|
@ -14,7 +14,7 @@ trigger:
|
|||
- azure-pipelines/release.yml
|
||||
|
||||
parameters:
|
||||
- name: includeMacOS
|
||||
- name: EnableMacOSBuild
|
||||
displayName: Build on macOS
|
||||
type: boolean
|
||||
default: false # macOS is often bogged down in Azure Pipelines
|
||||
|
@ -24,13 +24,11 @@ parameters:
|
|||
default: true
|
||||
|
||||
variables:
|
||||
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
|
||||
BuildConfiguration: Release
|
||||
codecov_token: 1c079a51-729f-4e18-9792-2a75f2e074e0
|
||||
NUGET_PACKAGES: $(Agent.TempDirectory)/.nuget/packages/
|
||||
- template: /azure-pipelines/BuildStageVariables.yml@self
|
||||
|
||||
jobs:
|
||||
- template: azure-pipelines/build.yml
|
||||
parameters:
|
||||
includeMacOS: ${{ parameters.includeMacOS }}
|
||||
Is1ESPT: false
|
||||
EnableMacOSBuild: ${{ parameters.EnableMacOSBuild }}
|
||||
RunTests: ${{ parameters.RunTests }}
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
variables:
|
||||
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
|
||||
BuildConfiguration: Release
|
||||
NUGET_PACKAGES: $(Agent.TempDirectory)/.nuget/packages/
|
||||
codecov_token: 1c079a51-729f-4e18-9792-2a75f2e074e0
|
|
@ -0,0 +1,16 @@
|
|||
<?xml version="1.0"?>
|
||||
<package >
|
||||
<metadata>
|
||||
<id>Microsoft.VisualStudio.Validation.VSInsertionMetadata</id>
|
||||
<version>$version$</version>
|
||||
<authors>Microsoft</authors>
|
||||
<owners>Microsoft</owners>
|
||||
<projectUrl>https://github.com/Microsoft/vs-validation</projectUrl>
|
||||
<requireLicenseAcceptance>false</requireLicenseAcceptance>
|
||||
<description>Contains metadata for insertion into VS.</description>
|
||||
<copyright>© Microsoft Corporation. All rights reserved.</copyright>
|
||||
</metadata>
|
||||
<files>
|
||||
<file src="ProfilingInputs.props" target="InsertionVS/" />
|
||||
</files>
|
||||
</package>
|
|
@ -0,0 +1,112 @@
|
|||
trigger: none
|
||||
pr: none
|
||||
schedules:
|
||||
- cron: "0 3 * * Fri" # Thu @ 8 or 9 PM Mountain Time (depending on DST)
|
||||
displayName: Weekly OptProf run
|
||||
branches:
|
||||
include:
|
||||
- 'v*.*'
|
||||
- main
|
||||
always: true # we must keep data fresh since optimizationdata drops are purged after 30 days
|
||||
|
||||
# Avoid errant CI builds: https://developercommunity.visualstudio.com/content/problem/1154409/azure-pipeline-is-triggering-due-to-events-that-ne.html
|
||||
#resources:
|
||||
# repositories:
|
||||
# - repository: scripts
|
||||
# type: git
|
||||
# name: DeploymentScripts
|
||||
# ref: refs/heads/test
|
||||
|
||||
variables:
|
||||
- template: GlobalVariables.yml
|
||||
- name: PublicRelease
|
||||
value: false # avoid using nice version since we're building a preliminary/unoptimized package
|
||||
- name: IsOptProf
|
||||
value: true
|
||||
|
||||
stages:
|
||||
- stage: Library
|
||||
variables:
|
||||
- name: OptProf
|
||||
value: true
|
||||
- template: BuildStageVariables.yml
|
||||
jobs:
|
||||
- template: build.yml
|
||||
parameters:
|
||||
Is1ESPT: false
|
||||
RealSign: true
|
||||
windowsPool: VSEngSS-MicroBuild2022-1ES
|
||||
EnableMacOSBuild: false
|
||||
ShouldSkipOptimize: true
|
||||
IsOptProf: true
|
||||
RunTests: false
|
||||
- stage: QueueVSBuild
|
||||
jobs:
|
||||
- job: QueueOptProf
|
||||
pool: VSEngSS-MicroBuild2022-1ES
|
||||
variables:
|
||||
InsertPayloadName: LibraryName
|
||||
InsertTopicBranch: team/VS-IDE/LibraryName-OptProf-run-$(Build.BuildId)
|
||||
steps:
|
||||
- checkout: none # We don't need source from our own repo
|
||||
clean: true
|
||||
|
||||
# Pipeline YAML does not yet support checking out other repos. So we'll do it by hand.
|
||||
# - checkout: scripts # We DO need source from the DeploymentScripts repo
|
||||
# clean: true
|
||||
# path: $(Agent.TempDirectory)/DeploymentScripts
|
||||
# fetchDepth: 1
|
||||
- script: 'git -c http.extraheader="AUTHORIZATION: bearer $(System.AccessToken)" clone https://devdiv.visualstudio.com/DevDiv/_git/DeploymentScripts --depth 1 --branch test "$(Agent.TempDirectory)/DeploymentScripts"'
|
||||
displayName: Download DeploymentScripts repo
|
||||
|
||||
- task: DownloadBuildArtifacts@0
|
||||
displayName: Download insertion artifacts
|
||||
inputs:
|
||||
artifactName: VSInsertion-Windows
|
||||
downloadPath: $(Agent.TempDirectory)
|
||||
- task: DownloadBuildArtifacts@0
|
||||
displayName: Download variables artifacts
|
||||
inputs:
|
||||
artifactName: Variables-Windows
|
||||
downloadPath: $(Agent.TempDirectory)
|
||||
- task: PowerShell@2
|
||||
displayName: Set pipeline variables based on artifacts
|
||||
inputs:
|
||||
targetType: filePath
|
||||
filePath: $(Agent.TempDirectory)/Variables-Windows/_pipelines.ps1
|
||||
- task: NuGetCommand@2
|
||||
displayName: Push CoreXT packages to VS feed
|
||||
inputs:
|
||||
command: push
|
||||
packagesToPush: $(Agent.TempDirectory)/VSInsertion-Windows/*.nupkg
|
||||
publishVstsFeed: 97a41293-2972-4f48-8c0e-05493ae82010 # VS feed
|
||||
allowPackageConflicts: true
|
||||
- task: MicroBuildInsertVsPayload@4
|
||||
displayName: Insert VS Payload
|
||||
inputs:
|
||||
TeamName: $(TeamName)
|
||||
TeamEmail: $(TeamEmail)
|
||||
SkipCreatePR: true
|
||||
CustomScriptExecutionCommand: src\VSSDK\NuGet\AllowUnstablePackages.ps1
|
||||
- task: benjhuser.tfs-extensions-build-tasks.trigger-build-task.TriggerBuild@3
|
||||
displayName: Trigger a new build of DD-CB-TestSignVS-devCI
|
||||
inputs:
|
||||
buildDefinition: DD-CB-TestSignVS-devCI
|
||||
useSameBranch: false
|
||||
branchToUse: $(InsertTopicBranch)
|
||||
storeInEnvironmentVariable: true
|
||||
queueBuildForUserThatTriggeredBuild: false
|
||||
authenticationMethod: OAuth Token
|
||||
password: $(System.AccessToken)
|
||||
- task: PowerShell@2
|
||||
displayName: Associate InsertionOutputs artifacts with CloudBuild
|
||||
inputs:
|
||||
targetType: filePath
|
||||
filePath: $(Agent.TempDirectory)/DeploymentScripts/Scripts/Insertion/WriteArtifact.ps1
|
||||
arguments: '-oldBuildID $(Build.BuildId) -newBuildID $(TriggeredBuildIds) -artifactName "InsertionOutputs" -accessToken $(System.AccessToken)'
|
||||
- task: PowerShell@2
|
||||
displayName: Tag the build with LibraryName-insertion
|
||||
inputs:
|
||||
targetType: filePath
|
||||
filePath: $(Agent.TempDirectory)/DeploymentScripts/Scripts/Insertion/TagBuild.ps1
|
||||
arguments: '-buildID $(TriggeredBuildIds) -tagName "LibraryName-insertion" -accessToken $(System.AccessToken)'
|
|
@ -0,0 +1,89 @@
|
|||
trigger: none
|
||||
pr: none
|
||||
|
||||
resources:
|
||||
pipelines:
|
||||
- pipeline: VisualStudioBuildUnderTest
|
||||
source: DD-CB-TestSignVS-devCI
|
||||
trigger:
|
||||
tags:
|
||||
- LibraryName-insertion
|
||||
- pipeline: DartLab
|
||||
source: DartLab
|
||||
branch: main
|
||||
- pipeline: DartLab.OptProf
|
||||
source: DartLab.OptProf
|
||||
branch: main
|
||||
repositories:
|
||||
- repository: DartLabTemplates
|
||||
type: git
|
||||
name: DartLab.Templates
|
||||
ref: refs/heads/main
|
||||
- repository: DartLabOptProfTemplates
|
||||
type: git
|
||||
name: DartLab.OptProf
|
||||
ref: refs/heads/main
|
||||
|
||||
parameters:
|
||||
|
||||
# The prefix naming of the OptimizationInputs drop
|
||||
- name: optimizationDropPrefix
|
||||
type: string
|
||||
default: OptimizationInputs/$(System.TeamProject)/$(Build.Repository.Name)
|
||||
|
||||
stages:
|
||||
- template: \templates\stages\visual-studio\single-runsettings.yml@DartLabOptProfTemplates
|
||||
parameters:
|
||||
##### Required #####
|
||||
runSettingsURI: $(Pipeline.Workspace)\VisualStudioBuildUnderTest\BuildArtifacts\runsettings\LibraryName.OptProf.runsettings
|
||||
visualStudioBootstrapperURI: https://vsdrop.corp.microsoft.com/file/v1/$(VisualStudio.BuildUnderTest.ProductsDropName);bootstrappers/Enterprise/vs_enterprise.exe
|
||||
##### Optional #####
|
||||
name: OptProfProfilingWorkflow
|
||||
displayName: OptProf Profiling Workflow
|
||||
optOptimizationInputsDropName: $(OptimizationInputsDropName)
|
||||
previousOptimizationInputsDropName: $(PreviousOptimizationInputsDropName)
|
||||
testLabPoolName: VS-Platform
|
||||
##### Step Hooks #####
|
||||
preTestMachineConfigurationStepList:
|
||||
- download: VisualStudioBuildUnderTest
|
||||
- task: PowerShell@2
|
||||
name: SetProductsDropName
|
||||
displayName: Set 'VisualStudio.BuildUnderTest.ProductsDropName'
|
||||
inputs:
|
||||
filePath: $(DartLab.Path)\Scripts\VisualStudio\Build\Get-VisualStudioDropName.ps1
|
||||
arguments: -DropNamePrefix 'Products' -VstsDropUrlsJson '$(Pipeline.Workspace)\VisualStudioBuildUnderTest\BuildArtifacts\VstsDropUrls.json' -OutVariableName 'VisualStudio.BuildUnderTest.ProductsDropName'
|
||||
preDeployAndRunTestsStepList:
|
||||
- download: VisualStudioBuildUnderTest
|
||||
prePublishOptimizationInputsDropStepList:
|
||||
# Set parameter for PreviousOptimizationInputsDropName, MicroBuildCommitID, and OptimizationInputsDropName
|
||||
- powershell: |
|
||||
try {
|
||||
$artifactName = 'InsertionOutputs'
|
||||
$BuildID = $(resources.pipeline.VisualStudioBuildUnderTest.runID)
|
||||
$artifact = Get-BuildArtifact -InstanceURL 'https://dev.azure.com/devdiv' -ProjectName 'DevDiv' -BuildID $BuildID -ArtifactName $artifactName -OAuthAccessToken (ConvertTo-SecureString '$(System.AccessToken)' -AsPlainText -Force)
|
||||
$containerName = $artifact.Resource.Data -Split '/' | Select-Object -Last 1
|
||||
$fileName = Join-Path $containerName 'Metadata.json'
|
||||
$jsonString = Read-BuildArtifactFile -InstanceURL 'https://dev.azure.com/devdiv' -ProjectName 'DevDiv' -BuildID $BuildID -ArtifactName $artifactName -FileName $fileName -OAuthAccessToken (ConvertTo-SecureString '$(System.AccessToken)' -AsPlainText -Force)
|
||||
$json = $jsonString | ConvertFrom-Json
|
||||
|
||||
Write-Host "The content of the metadata.json file was $json"
|
||||
|
||||
$dropname = $json.OptimizationData
|
||||
$commitID = $json.CommitID
|
||||
$OptimizationInputsDropName = "${{parameters.optimizationDropPrefix}}/$($commitID)/$(Build.BuildId)/$(System.StageId)/$(System.StageAttempt)"
|
||||
|
||||
Write-Host "PreviousOptimizationInputsDropName: $dropname"
|
||||
Set-AzurePipelinesVariable 'PreviousOptimizationInputsDropName' $dropname
|
||||
|
||||
Write-Host "MicroBuildCommitID: $commitID"
|
||||
Set-AzurePipelinesVariable 'MicroBuildCommitID' $commitID
|
||||
|
||||
Write-Host "OptimizationInputsDropName: $OptimizationInputsDropName"
|
||||
Set-AzurePipelinesVariable 'OptimizationInputsDropName' $OptimizationInputsDropName
|
||||
}
|
||||
catch {
|
||||
Write-Host $_
|
||||
Write-Error "Failed to set OptimizationInputsDropName pipeline variable"
|
||||
throw
|
||||
}
|
||||
displayName: Set MicroBuildCommitID, PreviousOptimizationInputsDropName, and OptimizationInputsDropName
|
|
@ -0,0 +1,5 @@
|
|||
<Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<ItemGroup>
|
||||
<TestStore Include="%TESTSTORE%" />
|
||||
</ItemGroup>
|
||||
</Project>
|
|
@ -0,0 +1,19 @@
|
|||
{
|
||||
"tsaVersion": "TsaV2",
|
||||
"codebase": "NewOrUpdate",
|
||||
"codebaseName": "LibraryName",
|
||||
"tsaStamp": "DevDiv",
|
||||
"tsaEnvironment": "PROD",
|
||||
"notificationAliases": [
|
||||
"vsidemicrobuild@microsoft.com"
|
||||
],
|
||||
"codebaseAdmins": [
|
||||
"REDMOND\\andarno"
|
||||
],
|
||||
"instanceUrl": "https://devdiv.visualstudio.com",
|
||||
"projectName": "DevDiv",
|
||||
"areaPath": "DevDiv\\VS Core",
|
||||
"iterationPath": "DevDiv",
|
||||
"alltools": true,
|
||||
"repositoryName": "Library.Template"
|
||||
}
|
|
@ -0,0 +1,44 @@
|
|||
parameters:
|
||||
- name: windowsPool
|
||||
type: object
|
||||
|
||||
jobs:
|
||||
- job: apiscan
|
||||
displayName: APIScan
|
||||
dependsOn: Windows
|
||||
pool: ${{ parameters.windowsPool }}
|
||||
timeoutInMinutes: 120
|
||||
variables:
|
||||
- name: SymbolsFeatureName
|
||||
value: $[ dependencies.Windows.outputs['SetPipelineVariables.SymbolsFeatureName'] ]
|
||||
- name: NBGV_MajorMinorVersion
|
||||
value: $[ dependencies.Windows.outputs['nbgv.NBGV_MajorMinorVersion'] ]
|
||||
- ${{ if eq(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}:
|
||||
# https://dev.azure.com/devdiv/DevDiv/_wiki/wikis/DevDiv.wiki/25351/APIScan-step-by-step-guide-to-setting-up-a-Pipeline
|
||||
- group: VSCloudServices-APIScan # Expected to provide ApiScanClientId, ApiScanSecret, ApiScanTenant
|
||||
steps:
|
||||
# We need TSAOptions.json
|
||||
- checkout: self
|
||||
fetchDepth: 1
|
||||
|
||||
- download: current
|
||||
artifact: APIScanInputs
|
||||
displayName: 🔻 Download APIScanInputs artifact
|
||||
|
||||
- task: APIScan@2
|
||||
displayName: 🔍 Run APIScan
|
||||
inputs:
|
||||
softwareFolder: $(Pipeline.Workspace)/APIScanInputs
|
||||
softwareName: $(SymbolsFeatureName)
|
||||
softwareVersionNum: $(NBGV_MajorMinorVersion)
|
||||
isLargeApp: false
|
||||
toolVersion: Latest
|
||||
env:
|
||||
AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId);TenantId=$(ApiScanTenant);AppKey=$(ApiScanSecret)
|
||||
|
||||
# File bugs when APIScan finds issues
|
||||
- task: TSAUpload@2
|
||||
displayName: 🪳 TSA upload
|
||||
inputs:
|
||||
GdnPublishTsaOnboard: True
|
||||
GdnPublishTsaConfigFile: $(Build.SourcesDirectory)\azure-pipelines\TSAOptions.json
|
|
@ -44,7 +44,7 @@ extends:
|
|||
pool:
|
||||
name: AzurePipelines-EO
|
||||
demands:
|
||||
- ImageOverride -equals AzurePipelinesUbuntu20.04compliantGPT
|
||||
- ImageOverride -equals 1ESPT-Ubuntu22.04
|
||||
os: Linux
|
||||
|
||||
steps:
|
||||
|
|
|
@ -0,0 +1,24 @@
|
|||
$inputs = & "$PSScriptRoot/symbols.ps1"
|
||||
|
||||
if (!$inputs) { return }
|
||||
|
||||
# Filter out specific files that APIScan does not support.
|
||||
# Specifically, APIScan doesn't support Windows ARM64 binaries, nor linux/OSX binaries.
|
||||
$outputs = @{}
|
||||
$forbiddenSubPaths = @(
|
||||
, 'arm64'
|
||||
, 'win-arm64'
|
||||
, 'linux-*'
|
||||
, 'osx*'
|
||||
)
|
||||
|
||||
$inputs.GetEnumerator() | % {
|
||||
$list = $_.Value | ? {
|
||||
$path = $_.Replace('\', '/')
|
||||
return !($forbiddenSubPaths | ? { $path -like "*/$_/*" })
|
||||
}
|
||||
$outputs[$_.Key] = $list
|
||||
}
|
||||
|
||||
|
||||
$outputs
|
|
@ -1,5 +1,7 @@
|
|||
# Identify LCE files and the binary files they describe
|
||||
$BinRoot = [System.IO.Path]::GetFullPath("$PSScriptRoot\..\..\bin")
|
||||
if (!(Test-Path $BinRoot)) { return }
|
||||
|
||||
$FilesToCopy = @()
|
||||
$FilesToCopy += Get-ChildItem -Recurse -File -Path $BinRoot |? { $_.FullName -match '\\Localize\\' }
|
||||
|
||||
|
|
|
@ -16,13 +16,43 @@ if (!$BuildConfiguration) {
|
|||
$BuildConfiguration = 'Debug'
|
||||
}
|
||||
|
||||
$PackagesRoot = "$RepoRoot/bin/Packages/$BuildConfiguration/NuGet"
|
||||
$NuGetPackages = "$RepoRoot/bin/Packages/$BuildConfiguration/NuGet"
|
||||
|
||||
if (!(Test-Path $PackagesRoot)) {
|
||||
Write-Warning "Skipping because packages haven't been built yet."
|
||||
if (!(Test-Path $NuGetPackages)) {
|
||||
Write-Warning "Skipping because NuGet packages haven't been built yet."
|
||||
return @{}
|
||||
}
|
||||
|
||||
@{
|
||||
"$PackagesRoot" = (Get-ChildItem $PackagesRoot -Recurse)
|
||||
$result = @{
|
||||
"$NuGetPackages" = (Get-ChildItem $NuGetPackages -Recurse)
|
||||
}
|
||||
|
||||
if ($env:IsOptProf) {
|
||||
$CoreXTPackages = "$RepoRoot/bin/Packages/$BuildConfiguration/CoreXT"
|
||||
|
||||
$ArtifactBasePath = "$RepoRoot\obj\_artifacts"
|
||||
$ArtifactPath = "$ArtifactBasePath\VSInsertion"
|
||||
if (-not (Test-Path $ArtifactPath)) { New-Item -ItemType Directory -Path $ArtifactPath | Out-Null }
|
||||
|
||||
$profilingInputs = [xml](Get-Content -Path "$PSScriptRoot\..\ProfilingInputs.props")
|
||||
$profilingInputs.Project.ItemGroup.TestStore.Include = "vstsdrop:" + (& "$PSScriptRoot\..\variables\ProfilingInputsDropName.ps1")
|
||||
$profilingInputs.Save("$ArtifactPath\ProfilingInputs.props")
|
||||
|
||||
$InsertionMetadataVersion = $(dotnet tool run nbgv get-version -p "$RepoRoot\src" -f json | ConvertFrom-Json).NuGetPackageVersion
|
||||
if ($env:BUILD_BUILDID) {
|
||||
# We must ensure unique versions for the insertion metadata package so
|
||||
# it can contain information that is unique to this build.
|
||||
# In particular it includes the ProfilingInputsDropName, which contains the BuildId.
|
||||
# A non-unique package version here may collide with a prior run of this same commit,
|
||||
# ultimately resulting in a failure of the optprof run.
|
||||
$InsertionMetadataVersion += '.' + $env:BUILD_BUILDID
|
||||
}
|
||||
& (& "$PSScriptRoot\..\Get-NuGetTool.ps1") pack "$PSScriptRoot\..\InsertionMetadataPackage.nuspec" -OutputDirectory $CoreXTPackages -BasePath $ArtifactPath -Version $InsertionMetadataVersion | Out-Null
|
||||
if ($LASTEXITCODE -ne 0) {
|
||||
exit $LASTEXITCODE
|
||||
}
|
||||
|
||||
$result["$CoreXTPackages"] = (Get-ChildItem "$CoreXTPackages\Microsoft.VisualStudio.Validation.VSInsertionMetadata.$InsertionMetadataVersion.nupkg");
|
||||
}
|
||||
|
||||
$result
|
||||
|
|
|
@ -1,7 +1,83 @@
|
|||
parameters:
|
||||
##### The following parameters are not set by other YAML files that import this one,
|
||||
##### but we use parameters because they support rich types and defaults.
|
||||
##### Feel free to adjust their default value as needed.
|
||||
|
||||
# Whether this repo uses OptProf to optimize the built binaries.
|
||||
- name: EnableOptProf
|
||||
type: boolean
|
||||
default: false
|
||||
# Whether this repo is localized.
|
||||
- name: EnableLocalization
|
||||
type: boolean
|
||||
default: true
|
||||
# Whether to run `dotnet format` as part of the build to ensure code style consistency.
|
||||
# This is just one of a a few mechanisms to enforce code style consistency.
|
||||
- name: EnableDotNetFormatCheck
|
||||
type: boolean
|
||||
default: true
|
||||
# This lists the names of the artifacts that will be published *from every OS build agent*.
|
||||
# Any new azure-pipelines/artifacts/*.ps1 script needs to be added to this list.
|
||||
# If an artifact is only generated or collected on one OS, it should NOT be listed here,
|
||||
# but should be manually added to the `outputs:` field in the appropriate OS job.
|
||||
- name: artifact_names
|
||||
type: object
|
||||
default:
|
||||
- build_logs
|
||||
- coverageResults
|
||||
- deployables
|
||||
- projectAssetsJson
|
||||
- symbols
|
||||
- testResults
|
||||
- test_symbols
|
||||
- Variables
|
||||
# The Enable*Build parameters turn non-Windows agents on or off.
|
||||
# Their default value should be based on whether the build and tests are expected/required to pass on that platform.
|
||||
# Callers (e.g. Official.yml) *may* expose these parameters at queue-time in order to turn OFF optional agents.
|
||||
- name: EnableLinuxBuild
|
||||
type: boolean
|
||||
default: true
|
||||
- name: EnableMacOSBuild
|
||||
type: boolean
|
||||
default: true
|
||||
|
||||
##### 👆🏼 You MAY change the defaults above.
|
||||
##### 👇🏼 You should NOT change the defaults below.
|
||||
|
||||
##### The following parameters are expected to be set by other YAML files that import this one.
|
||||
##### Those without defaults require explicit values to be provided by our importers.
|
||||
|
||||
# Indicates whether the entrypoint file is 1ESPT compliant. Use this parameter to switch between publish tasks to fit 1ES or non-1ES needs.
|
||||
- name: Is1ESPT
|
||||
type: boolean
|
||||
|
||||
- name: RealSign
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
# Whether this particular run is an OptProf profiling run.
|
||||
# This is used to skip unit tests and other non-essential work to improve reliability of the OptProf pipeline.
|
||||
- name: IsOptProf
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
- name: RunTests
|
||||
type: boolean
|
||||
default: true
|
||||
|
||||
- name: EnableAPIScan
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
# This parameter exists to provide a workaround to get a build out even when no OptProf profiling outputs can be found.
|
||||
# Entrypoint yaml files like official.yml should expose this as a queue-time setting when EnableOptProf is true in this file.
|
||||
# The OptProf.yml entrypoint sets this parameter to true so that collecting profile data isn't blocked by a prior lack of profile data.
|
||||
- name: ShouldSkipOptimize
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
# The pool parameters are set to defaults that work in the azure-public AzDO account.
|
||||
# They are overridden by callers for the devdiv AzDO account to use 1ES compliant pools.
|
||||
- name: windowsPool
|
||||
type: object
|
||||
default:
|
||||
|
@ -14,53 +90,42 @@ parameters:
|
|||
type: object
|
||||
default:
|
||||
vmImage: macOS-12
|
||||
- name: includeMacOS
|
||||
type: boolean
|
||||
- name: RunTests
|
||||
type: boolean
|
||||
default: true
|
||||
- name: EnableCompliance
|
||||
type: boolean
|
||||
default: false
|
||||
- name: EnableAPIScan
|
||||
type: boolean
|
||||
default: false
|
||||
- name: artifact_names
|
||||
type: object
|
||||
default:
|
||||
- build_logs
|
||||
- coverageResults
|
||||
- deployables
|
||||
- projectAssetsJson
|
||||
- symbols
|
||||
- testResults
|
||||
- test_symbols
|
||||
- Variables
|
||||
|
||||
jobs:
|
||||
- job: Windows
|
||||
pool: ${{ parameters.windowsPool }}
|
||||
timeoutInMinutes: 180 # Give plenty of time due to real signing
|
||||
variables:
|
||||
- ${{ if eq(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}:
|
||||
# https://dev.azure.com/devdiv/DevDiv/_wiki/wikis/DevDiv.wiki/25351/APIScan-step-by-step-guide-to-setting-up-a-Pipeline
|
||||
- group: VSCloudServices-APIScan # Expected to provide ApiScanClientId, ApiScanSecret, ApiScanTenant
|
||||
${{ if eq(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}:
|
||||
templateContext:
|
||||
mb:
|
||||
signing:
|
||||
enabled: true
|
||||
zipSources: false
|
||||
${{ if or(parameters.RealSign, eq(variables['Build.Reason'],'Schedule')) }}:
|
||||
${{ if parameters.RealSign }}:
|
||||
signType: real
|
||||
${{ else }}:
|
||||
signType: test
|
||||
sbom:
|
||||
enabled: true
|
||||
localization:
|
||||
enabled: true
|
||||
enabled: ${{ parameters.EnableLocalization }}
|
||||
${{ if eq(variables['Build.Reason'], 'pullRequest') }}:
|
||||
languages: ENU,JPN
|
||||
optprof:
|
||||
enabled: ${{ parameters.EnableOptProf }}
|
||||
ProfilingInputsDropName: $(ProfilingInputsDropName)
|
||||
OptimizationInputsLookupMethod: DropPrefix
|
||||
DropNamePrefix: OptimizationInputs/$(System.TeamProject)/$(Build.Repository.Name)
|
||||
ShouldSkipOptimize: ${{ parameters.ShouldSkipOptimize }}
|
||||
AccessToken: $(System.AccessToken)
|
||||
mbpresteps:
|
||||
- checkout: self
|
||||
fetchDepth: 0 # avoid shallow clone so nbgv can do its work.
|
||||
clean: true
|
||||
- ${{ if parameters.EnableOptProf }}:
|
||||
- powershell: Write-Host "##vso[task.setvariable variable=PROFILINGINPUTSDROPNAME]$(azure-pipelines/variables/ProfilingInputsDropName.ps1)"
|
||||
displayName: ⚙ Set ProfilingInputsDropName for optprof
|
||||
|
||||
outputParentDirectory: $(Build.ArtifactStagingDirectory)
|
||||
outputs:
|
||||
- ${{ each artifact_name in parameters.artifact_names }}:
|
||||
|
@ -69,24 +134,29 @@ jobs:
|
|||
displayName: 📢 Publish ${{ artifact_name }}-Windows
|
||||
targetPath: $(Build.ArtifactStagingDirectory)/${{ artifact_name }}-Windows
|
||||
artifactName: ${{ artifact_name }}-Windows
|
||||
condition: succeededOrFailed()
|
||||
- output: pipelineArtifact
|
||||
displayName: 📢 Publish VSInsertion-Windows
|
||||
targetPath: $(Build.ArtifactStagingDirectory)/VSInsertion-Windows
|
||||
artifactName: VSInsertion-Windows
|
||||
- output: pipelineArtifact
|
||||
displayName: 📢 Publish LocBin-Windows
|
||||
targetPath: $(Build.ArtifactStagingDirectory)/LocBin-Windows
|
||||
artifactName: LocBin-Windows
|
||||
# This is useful when false positives appear so we can copy some of the output into the suppressions file.
|
||||
- output: pipelineArtifact
|
||||
displayName: 📢 Publish Guardian failures
|
||||
targetPath: $(Build.ArtifactStagingDirectory)/guardian_failures_as_suppressions
|
||||
artifactName: guardian_failures_as_suppressions
|
||||
condition: failed()
|
||||
- ${{ if parameters.EnableLocalization }}:
|
||||
- output: pipelineArtifact
|
||||
displayName: 📢 Publish LocBin-Windows
|
||||
targetPath: $(Build.ArtifactStagingDirectory)/LocBin-Windows
|
||||
artifactName: LocBin-Windows
|
||||
- ${{ if parameters.EnableAPIScan }}:
|
||||
- output: pipelineArtifact
|
||||
displayName: 📢 Publish APIScanInputs
|
||||
targetPath: $(Build.ArtifactStagingDirectory)/APIScanInputs-Windows
|
||||
artifactName: APIScanInputs
|
||||
steps:
|
||||
- checkout: self
|
||||
fetchDepth: 0 # avoid shallow clone so nbgv can do its work.
|
||||
clean: true
|
||||
- ${{ if not(parameters.Is1ESPT) }}:
|
||||
- checkout: self
|
||||
fetchDepth: 0 # avoid shallow clone so nbgv can do its work.
|
||||
clean: true
|
||||
- ${{ if parameters.EnableOptProf }}:
|
||||
- powershell: Write-Host "##vso[task.setvariable variable=PROFILINGINPUTSDROPNAME]$(azure-pipelines/variables/ProfilingInputsDropName.ps1)"
|
||||
displayName: ⚙ Set ProfilingInputsDropName for optprof
|
||||
|
||||
- ${{ if eq(variables['Build.Reason'], 'Schedule') }}:
|
||||
- template: schedule-only-steps.yml
|
||||
|
@ -95,93 +165,122 @@ jobs:
|
|||
|
||||
- script: dotnet nbgv cloud -ca
|
||||
displayName: ⚙ Set build number
|
||||
name: nbgv
|
||||
|
||||
- ${{ if eq(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}:
|
||||
- template: microbuild.before.yml
|
||||
parameters:
|
||||
EnableLocalization: ${{ parameters.EnableLocalization }}
|
||||
EnableOptProf: ${{ parameters.EnableOptProf }}
|
||||
IsOptProf: ${{ parameters.IsOptProf }}
|
||||
ShouldSkipOptimize: ${{ parameters.ShouldSkipOptimize }}
|
||||
RealSign: ${{ parameters.RealSign }}
|
||||
|
||||
- template: dotnet.yml
|
||||
parameters:
|
||||
Is1ESPT: ${{ parameters.Is1ESPT }}
|
||||
RunTests: ${{ parameters.RunTests }}
|
||||
IsOptProf: ${{ parameters.IsOptProf }}
|
||||
|
||||
- ${{ if and(parameters.EnableDotNetFormatCheck, not(parameters.EnableLinuxBuild)) }}:
|
||||
- script: dotnet format --verify-no-changes --no-restore
|
||||
displayName: 💅 Verify formatted code
|
||||
|
||||
- ${{ if eq(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}:
|
||||
- template: microbuild.after.yml
|
||||
parameters:
|
||||
EnableCompliance: ${{ parameters.EnableCompliance }}
|
||||
EnableAPIScan: ${{ parameters.EnableAPIScan }}
|
||||
EnableOptProf: ${{ parameters.EnableOptProf }}
|
||||
IsOptProf: ${{ parameters.IsOptProf }}
|
||||
|
||||
- job: Linux
|
||||
pool: ${{ parameters.linuxPool }}
|
||||
${{ if eq(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}:
|
||||
templateContext:
|
||||
mb:
|
||||
${{ if or(parameters.RealSign, eq(variables['Build.Reason'],'Schedule')) }}:
|
||||
signing:
|
||||
enabled: false # enable when building unique artifacts on this agent that must be signed
|
||||
signType: real
|
||||
outputParentDirectory: $(Build.ArtifactStagingDirectory)
|
||||
outputs:
|
||||
- ${{ each artifact_name in parameters.artifact_names }}:
|
||||
- ${{ if or(ne(artifact_name, 'testResults'), parameters.RunTests) }}:
|
||||
- output: pipelineArtifact
|
||||
displayName: 📢 Publish ${{ artifact_name }}-Linux
|
||||
targetPath: $(Build.ArtifactStagingDirectory)/${{ artifact_name }}-Linux
|
||||
artifactName: ${{ artifact_name }}-Linux
|
||||
steps:
|
||||
- checkout: self
|
||||
fetchDepth: 0 # avoid shallow clone so nbgv can do its work.
|
||||
clean: true
|
||||
- template: install-dependencies.yml
|
||||
- template: dotnet.yml
|
||||
parameters:
|
||||
RunTests: ${{ parameters.RunTests }}
|
||||
- script: dotnet format --verify-no-changes --no-restore
|
||||
displayName: 💅 Verify formatted code
|
||||
- ${{ if not(parameters.IsOptProf) }}:
|
||||
- ${{ if parameters.EnableLinuxBuild }}:
|
||||
- job: Linux
|
||||
pool: ${{ parameters.linuxPool }}
|
||||
${{ if eq(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}:
|
||||
templateContext:
|
||||
mb:
|
||||
${{ if parameters.RealSign }}:
|
||||
signing:
|
||||
enabled: false # enable when building unique artifacts on this agent that must be signed
|
||||
signType: real
|
||||
outputParentDirectory: $(Build.ArtifactStagingDirectory)
|
||||
outputs:
|
||||
- ${{ each artifact_name in parameters.artifact_names }}:
|
||||
- ${{ if or(ne(artifact_name, 'testResults'), parameters.RunTests) }}:
|
||||
- output: pipelineArtifact
|
||||
displayName: 📢 Publish ${{ artifact_name }}-Linux
|
||||
targetPath: $(Build.ArtifactStagingDirectory)/${{ artifact_name }}-Linux
|
||||
artifactName: ${{ artifact_name }}-Linux
|
||||
condition: succeededOrFailed()
|
||||
steps:
|
||||
- checkout: self
|
||||
fetchDepth: 0 # avoid shallow clone so nbgv can do its work.
|
||||
clean: true
|
||||
- template: install-dependencies.yml
|
||||
- template: dotnet.yml
|
||||
parameters:
|
||||
Is1ESPT: ${{ parameters.Is1ESPT }}
|
||||
RunTests: ${{ parameters.RunTests }}
|
||||
- ${{ if parameters.EnableDotNetFormatCheck }}:
|
||||
- script: dotnet format --verify-no-changes --no-restore
|
||||
displayName: 💅 Verify formatted code
|
||||
|
||||
- job: macOS
|
||||
condition: ${{ parameters.includeMacOS }}
|
||||
pool: ${{ parameters.macOSPool }}
|
||||
${{ if eq(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}:
|
||||
templateContext:
|
||||
mb:
|
||||
${{ if or(parameters.RealSign, eq(variables['Build.Reason'],'Schedule')) }}:
|
||||
signing:
|
||||
enabled: false # enable when building unique artifacts on this agent that must be signed
|
||||
signType: real
|
||||
outputParentDirectory: $(Build.ArtifactStagingDirectory)
|
||||
outputs:
|
||||
- ${{ each artifact_name in parameters.artifact_names }}:
|
||||
- ${{ if or(ne(artifact_name, 'testResults'), parameters.RunTests) }}:
|
||||
- output: pipelineArtifact
|
||||
displayName: 📢 Publish ${{ artifact_name }}-macOS
|
||||
targetPath: $(Build.ArtifactStagingDirectory)/${{ artifact_name }}-macOS
|
||||
artifactName: ${{ artifact_name }}-macOS
|
||||
steps:
|
||||
- checkout: self
|
||||
fetchDepth: 0 # avoid shallow clone so nbgv can do its work.
|
||||
clean: true
|
||||
- template: install-dependencies.yml
|
||||
- template: dotnet.yml
|
||||
parameters:
|
||||
RunTests: ${{ parameters.RunTests }}
|
||||
- ${{ if parameters.EnableMacOSBuild }}:
|
||||
- job: macOS
|
||||
pool: ${{ parameters.macOSPool }}
|
||||
${{ if eq(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}:
|
||||
templateContext:
|
||||
mb:
|
||||
${{ if parameters.RealSign }}:
|
||||
signing:
|
||||
enabled: false # enable when building unique artifacts on this agent that must be signed
|
||||
signType: real
|
||||
outputParentDirectory: $(Build.ArtifactStagingDirectory)
|
||||
outputs:
|
||||
- ${{ each artifact_name in parameters.artifact_names }}:
|
||||
- ${{ if or(ne(artifact_name, 'testResults'), parameters.RunTests) }}:
|
||||
- output: pipelineArtifact
|
||||
displayName: 📢 Publish ${{ artifact_name }}-macOS
|
||||
targetPath: $(Build.ArtifactStagingDirectory)/${{ artifact_name }}-macOS
|
||||
artifactName: ${{ artifact_name }}-macOS
|
||||
condition: succeededOrFailed()
|
||||
steps:
|
||||
- checkout: self
|
||||
fetchDepth: 0 # avoid shallow clone so nbgv can do its work.
|
||||
clean: true
|
||||
- template: install-dependencies.yml
|
||||
- template: dotnet.yml
|
||||
parameters:
|
||||
Is1ESPT: ${{ parameters.Is1ESPT }}
|
||||
RunTests: ${{ parameters.RunTests }}
|
||||
|
||||
- job: WrapUp
|
||||
dependsOn:
|
||||
- Windows
|
||||
- Linux
|
||||
- macOS
|
||||
pool: ${{ parameters.windowsPool }} # Use Windows agent because PublishSymbols task requires it (https://github.com/microsoft/azure-pipelines-tasks/issues/13821).
|
||||
condition: succeededOrFailed()
|
||||
steps:
|
||||
- checkout: self
|
||||
fetchDepth: 0 # avoid shallow clone so nbgv can do its work.
|
||||
clean: true
|
||||
- template: install-dependencies.yml
|
||||
parameters:
|
||||
initArgs: -NoRestore
|
||||
- template: publish-symbols.yml
|
||||
parameters:
|
||||
includeMacOS: ${{ parameters.includeMacOS }}
|
||||
- ${{ if parameters.RunTests }}:
|
||||
- template: publish-codecoverage.yml
|
||||
- job: WrapUp
|
||||
dependsOn:
|
||||
- Windows
|
||||
- ${{ if parameters.EnableLinuxBuild }}:
|
||||
- Linux
|
||||
- ${{ if parameters.EnableMacOSBuild }}:
|
||||
- macOS
|
||||
pool: ${{ parameters.windowsPool }} # Use Windows agent because PublishSymbols task requires it (https://github.com/microsoft/azure-pipelines-tasks/issues/13821).
|
||||
condition: succeededOrFailed()
|
||||
steps:
|
||||
- checkout: self
|
||||
fetchDepth: 0 # avoid shallow clone so nbgv can do its work.
|
||||
clean: true
|
||||
- template: install-dependencies.yml
|
||||
parameters:
|
||||
includeMacOS: ${{ parameters.includeMacOS }}
|
||||
initArgs: -NoRestore
|
||||
- template: publish-symbols.yml
|
||||
parameters:
|
||||
EnableLinuxBuild: ${{ parameters.EnableLinuxBuild }}
|
||||
EnableMacOSBuild: ${{ parameters.EnableMacOSBuild }}
|
||||
- ${{ if parameters.RunTests }}:
|
||||
- template: publish-codecoverage.yml
|
||||
parameters:
|
||||
EnableLinuxBuild: ${{ parameters.EnableLinuxBuild }}
|
||||
EnableMacOSBuild: ${{ parameters.EnableMacOSBuild }}
|
||||
|
||||
- ${{ if parameters.EnableAPIScan }}:
|
||||
- template: apiscan.yml
|
||||
parameters:
|
||||
windowsPool: ${{ parameters.windowsPool }}
|
||||
|
|
|
@ -1,27 +1,37 @@
|
|||
parameters:
|
||||
RunTests:
|
||||
- name: RunTests
|
||||
- name: IsOptProf
|
||||
type: boolean
|
||||
default: false
|
||||
- name: Is1ESPT
|
||||
type: boolean
|
||||
|
||||
steps:
|
||||
|
||||
- script: dotnet build -t:build,pack --no-restore -c $(BuildConfiguration) -warnaserror /bl:"$(Build.ArtifactStagingDirectory)/build_logs/build.binlog"
|
||||
displayName: 🛠 dotnet build
|
||||
|
||||
- powershell: azure-pipelines/dotnet-test-cloud.ps1 -Configuration $(BuildConfiguration) -Agent $(Agent.JobName) -PublishResults
|
||||
displayName: 🧪 dotnet test
|
||||
condition: and(succeeded(), ${{ parameters.RunTests }})
|
||||
- ${{ if not(parameters.IsOptProf) }}:
|
||||
- powershell: azure-pipelines/dotnet-test-cloud.ps1 -Configuration $(BuildConfiguration) -Agent $(Agent.JobName) -PublishResults
|
||||
displayName: 🧪 dotnet test
|
||||
condition: and(succeeded(), ${{ parameters.RunTests }})
|
||||
|
||||
- ${{ if parameters.IsOptProf }}:
|
||||
# We have to artifically run this script so that the extra .nupkg is produced for variables/InsertConfigValues.ps1 to notice.
|
||||
- powershell: azure-pipelines\artifacts\VSInsertion.ps1
|
||||
displayName: 🔧 Prepare VSInsertion artifact
|
||||
|
||||
- powershell: azure-pipelines/variables/_pipelines.ps1
|
||||
failOnStderr: true
|
||||
displayName: ⚙ Update pipeline variables based on build outputs
|
||||
condition: succeededOrFailed()
|
||||
|
||||
- ${{ if eq(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}:
|
||||
- ${{ if parameters.Is1ESPT }}:
|
||||
- powershell: azure-pipelines/artifacts/_pipelines.ps1 -StageOnly -AvoidSymbolicLinks -ArtifactNameSuffix "-$(Agent.JobName)" -Verbose
|
||||
failOnStderr: true
|
||||
displayName: 📢 Stage artifacts
|
||||
condition: succeededOrFailed()
|
||||
|
||||
- ${{ if ne(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}:
|
||||
- ${{ else }}:
|
||||
- powershell: azure-pipelines/artifacts/_pipelines.ps1 -ArtifactNameSuffix "-$(Agent.JobName)" -Verbose
|
||||
failOnStderr: true
|
||||
displayName: 📢 Publish artifacts
|
||||
|
|
|
@ -7,7 +7,7 @@ steps:
|
|||
displayName: 🔏 Authenticate NuGet feeds
|
||||
inputs:
|
||||
${{ if eq(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}:
|
||||
nuGetServiceConnections: azure-public/msft_consumption
|
||||
nuGetServiceConnections: azure-public/msft_consumption # Only necessary for GitHub-hosted repos
|
||||
forceReinstallCredentialProvider: true
|
||||
|
||||
- powershell: |
|
||||
|
|
|
@ -1,6 +1,10 @@
|
|||
parameters:
|
||||
EnableCompliance:
|
||||
EnableAPIScan:
|
||||
- name: EnableOptProf
|
||||
type: boolean
|
||||
default: false
|
||||
- name: IsOptProf
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
steps:
|
||||
- task: MicroBuildCodesignVerify@3
|
||||
|
@ -10,20 +14,21 @@ steps:
|
|||
$(Build.SourcesDirectory)/bin/Packages/$(BuildConfiguration)/NuGet
|
||||
condition: and(succeeded(), eq(variables['Agent.OS'], 'Windows_NT'))
|
||||
|
||||
- task: Ref12Analyze@0
|
||||
displayName: 📑 Ref12 (Codex) Analyze
|
||||
inputs:
|
||||
codexoutputroot: $(Build.ArtifactStagingDirectory)\Codex
|
||||
workflowArguments: |
|
||||
/sourcesDirectory:$(Build.SourcesDirectory)
|
||||
/codexRepoUrl:$(Build.Repository.Uri)
|
||||
/repoName:$(Build.Repository.Name)
|
||||
/additionalCodexArguments:-bld
|
||||
/additionalCodexArguments:$(Build.ArtifactStagingDirectory)/build_logs
|
||||
condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/main'), ne(variables['Build.Reason'], 'PullRequest'), eq(variables['Agent.OS'], 'Windows_NT'))
|
||||
continueOnError: true
|
||||
- ${{ if parameters.IsOptProf }}:
|
||||
- task: ms-vscs-artifact.build-tasks.artifactDropTask-1.artifactDropTask@0
|
||||
inputs:
|
||||
dropServiceURI: https://devdiv.artifacts.visualstudio.com
|
||||
buildNumber: $(ProfilingInputsDropName)
|
||||
sourcePath: $(Build.ArtifactStagingDirectory)\OptProf\ProfilingInputs
|
||||
toLowerCase: false
|
||||
usePat: true
|
||||
displayName: 📢 Publish to Artifact Services - ProfilingInputs
|
||||
condition: and(succeeded(), ne(variables['Build.Reason'], 'PullRequest'))
|
||||
continueOnError: true
|
||||
|
||||
- ${{ if eq(parameters.EnableCompliance, 'true') }}:
|
||||
- template: secure-development-tools.yml
|
||||
parameters:
|
||||
EnableAPIScan: ${{ parameters.EnableAPIScan }}
|
||||
- task: PublishBuildArtifacts@1
|
||||
inputs:
|
||||
PathtoPublish: $(Build.ArtifactStagingDirectory)/InsertionOutputs
|
||||
ArtifactName: InsertionOutputs
|
||||
ArtifactType: Container
|
||||
displayName: 📢 Publish InsertionOutputs as Azure DevOps artifacts
|
||||
|
|
|
@ -1,11 +1,53 @@
|
|||
steps:
|
||||
- task: ComponentGovernanceComponentDetection@0
|
||||
displayName: 🔍 Component Detection
|
||||
parameters:
|
||||
- name: EnableLocalization
|
||||
type: boolean
|
||||
default: false
|
||||
- name: EnableOptProf
|
||||
type: boolean
|
||||
default: false
|
||||
- name: IsOptProf
|
||||
type: boolean
|
||||
default: false
|
||||
- name: ShouldSkipOptimize
|
||||
type: boolean
|
||||
default: false
|
||||
- name: RealSign
|
||||
type: boolean
|
||||
|
||||
- task: notice@0
|
||||
displayName: 🛠️ Generate NOTICE file
|
||||
inputs:
|
||||
outputfile: $(System.DefaultWorkingDirectory)/obj/NOTICE
|
||||
outputformat: text
|
||||
condition: and(succeeded(), ne(variables['Build.Reason'], 'PullRequest'))
|
||||
retryCountOnTaskFailure: 3 # fails when the cloud service is overloaded
|
||||
steps:
|
||||
- ${{ if and(not(parameters.IsOptProf), ne(variables['Build.Reason'], 'PullRequest')) }}:
|
||||
# notice@0 requires CG detection to run first, and non-default branches don't inject it automatically.
|
||||
- ${{ if ne(variables['Build.SourceBranch'], 'refs/heads/main') }}:
|
||||
- task: ComponentGovernanceComponentDetection@0
|
||||
displayName: 🔍 Component Detection
|
||||
|
||||
- task: notice@0
|
||||
displayName: 🛠️ Generate NOTICE file
|
||||
inputs:
|
||||
outputfile: $(System.DefaultWorkingDirectory)/obj/NOTICE
|
||||
outputformat: text
|
||||
retryCountOnTaskFailure: 3 # fails when the cloud service is overloaded
|
||||
continueOnError: ${{ not(parameters.RealSign) }} # Tolerate failures when we're not building something that may ship.
|
||||
|
||||
- ${{ if parameters.IsOptProf }}:
|
||||
# We have to install these plugins ourselves for Optprof runs because those pipelines haven't migrated to 1ES PT yet.
|
||||
- task: MicroBuildOptProfPlugin@6
|
||||
inputs:
|
||||
ProfilingInputsDropName: $(ProfilingInputsDropName)
|
||||
OptimizationInputsLookupMethod: DropPrefix
|
||||
DropNamePrefix: OptimizationInputs/$(System.TeamProject)/$(Build.Repository.Name)
|
||||
ShouldSkipOptimize: ${{ parameters.ShouldSkipOptimize }}
|
||||
AccessToken: $(System.AccessToken)
|
||||
displayName: 🔧 Install OptProf Plugin
|
||||
|
||||
- task: MicroBuildSigningPlugin@4
|
||||
inputs:
|
||||
signType: Real
|
||||
zipSources: false
|
||||
displayName: 🔧 Install MicroBuild Signing Plugin
|
||||
|
||||
- ${{ if parameters.EnableLocalization }}:
|
||||
- task: MicroBuildLocalizationPlugin@4
|
||||
inputs:
|
||||
languages: $(LocLanguages)
|
||||
displayName: 🔧 Install MicroBuild Localization Plugin
|
||||
|
|
|
@ -24,11 +24,18 @@ trigger:
|
|||
# - 'v17.*'
|
||||
|
||||
parameters:
|
||||
# As an entrypoint pipeline yml file, all parameters here show up in the Queue Run dialog.
|
||||
# If any paramaters should NOT be queue-time options, they should be removed from here
|
||||
# and references to them in this file replaced with hard-coded values.
|
||||
- name: RealSign
|
||||
displayName: Real sign?
|
||||
type: boolean
|
||||
default: false
|
||||
- name: includeMacOS
|
||||
# - name: ShouldSkipOptimize # Uncomment this and references to it below when setting EnableOptProf to true in build.yml.
|
||||
# displayName: Skip OptProf optimization
|
||||
# type: boolean
|
||||
# default: false
|
||||
- name: EnableMacOSBuild
|
||||
displayName: Build on macOS
|
||||
type: boolean
|
||||
default: false # macOS is often bogged down in Azure Pipelines
|
||||
|
@ -43,7 +50,7 @@ parameters:
|
|||
- name: EnableAPIScan
|
||||
displayName: Include APIScan with Compliance tools
|
||||
type: boolean
|
||||
default: true
|
||||
default: false # enable in individual repos only AFTER updating TSAOptions.json with your own values
|
||||
|
||||
resources:
|
||||
repositories:
|
||||
|
@ -61,66 +68,69 @@ extends:
|
|||
parameters:
|
||||
sdl:
|
||||
sourceAnalysisPool: VSEngSS-MicroBuild2022-1ES
|
||||
policheck:
|
||||
enabled: true
|
||||
exclusionsFile: $(System.DefaultWorkingDirectory)\azure-pipelines\PoliCheckExclusions.xml
|
||||
suppression:
|
||||
suppressionFile: $(System.DefaultWorkingDirectory)\azure-pipelines\falsepositives.gdnsuppress
|
||||
sbom:
|
||||
enabled: ${{ or(parameters.RealSign, eq(variables['Build.Reason'],'Schedule')) }} # Disable the generation for SBOMs for artifacts in unsigned builds since it's slow
|
||||
stages:
|
||||
- stage: Build
|
||||
variables:
|
||||
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
|
||||
BuildConfiguration: Release
|
||||
NUGET_PACKAGES: $(Agent.TempDirectory)/.nuget/packages/
|
||||
Packaging.EnableSBOMSigning: false
|
||||
Codeql.Enabled: true
|
||||
- template: /azure-pipelines/BuildStageVariables.yml@self
|
||||
jobs:
|
||||
- template: /azure-pipelines/build.yml@self
|
||||
parameters:
|
||||
RealSign: ${{ parameters.RealSign }}
|
||||
EnableCompliance: ${{ parameters.EnableCompliance }}
|
||||
EnableAPIScan: ${{ parameters.EnableAPIScan }}
|
||||
Is1ESPT: true
|
||||
RealSign: ${{ or(parameters.RealSign, eq(variables['Build.Reason'],'Schedule')) }}
|
||||
# ShouldSkipOptimize: ${{ parameters.ShouldSkipOptimize }}
|
||||
EnableAPIScan: ${{ and(parameters.EnableCompliance, parameters.EnableAPIScan, ne(variables['Build.Reason'], 'pullRequest')) }}
|
||||
windowsPool: VSEngSS-MicroBuild2022-1ES
|
||||
linuxPool:
|
||||
name: AzurePipelines-EO
|
||||
demands:
|
||||
- ImageOverride -equals AzurePipelinesUbuntu20.04compliantGPT
|
||||
- ImageOverride -equals 1ESPT-Ubuntu22.04
|
||||
os: Linux
|
||||
macOSPool:
|
||||
name: Azure Pipelines
|
||||
vmImage: macOS-12
|
||||
os: macOS
|
||||
includeMacOS: ${{ parameters.includeMacOS }}
|
||||
EnableMacOSBuild: ${{ parameters.EnableMacOSBuild }}
|
||||
RunTests: ${{ parameters.RunTests }}
|
||||
- template: /azure-pipelines/prepare-insertion-stages.yml@self
|
||||
parameters:
|
||||
RealSign: ${{ parameters.RealSign }}
|
||||
RealSign: ${{ or(parameters.RealSign, eq(variables['Build.Reason'],'Schedule')) }}
|
||||
${{ else }}:
|
||||
template: azure-pipelines/MicroBuild.1ES.Unofficial.yml@MicroBuildTemplate
|
||||
parameters:
|
||||
sdl:
|
||||
sourceAnalysisPool: VSEngSS-MicroBuild2022-1ES
|
||||
suppression:
|
||||
suppressionFile: $(System.DefaultWorkingDirectory)\azure-pipelines\falsepositives.gdnsuppress
|
||||
stages:
|
||||
- stage: Build
|
||||
variables:
|
||||
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
|
||||
BuildConfiguration: Release
|
||||
NUGET_PACKAGES: $(Agent.TempDirectory)/.nuget/packages/
|
||||
Packaging.EnableSBOMSigning: false
|
||||
Codeql.Enabled: true
|
||||
- template: /azure-pipelines/BuildStageVariables.yml@self
|
||||
jobs:
|
||||
- template: /azure-pipelines/build.yml@self
|
||||
parameters:
|
||||
RealSign: ${{ parameters.RealSign }}
|
||||
EnableCompliance: ${{ parameters.EnableCompliance }}
|
||||
EnableAPIScan: ${{ parameters.EnableAPIScan }}
|
||||
Is1ESPT: true
|
||||
RealSign: ${{ or(parameters.RealSign, eq(variables['Build.Reason'],'Schedule')) }}
|
||||
# ShouldSkipOptimize: ${{ parameters.ShouldSkipOptimize }}
|
||||
EnableAPIScan: ${{ and(parameters.EnableCompliance, parameters.EnableAPIScan, ne(variables['Build.Reason'], 'pullRequest')) }}
|
||||
windowsPool: VSEngSS-MicroBuild2022-1ES
|
||||
linuxPool:
|
||||
name: AzurePipelines-EO
|
||||
demands:
|
||||
- ImageOverride -equals AzurePipelinesUbuntu20.04compliantGPT
|
||||
- ImageOverride -equals 1ESPT-Ubuntu22.04
|
||||
os: Linux
|
||||
macOSPool:
|
||||
name: Azure Pipelines
|
||||
vmImage: macOS-12
|
||||
os: macOS
|
||||
includeMacOS: ${{ parameters.includeMacOS }}
|
||||
EnableMacOSBuild: ${{ parameters.EnableMacOSBuild }}
|
||||
RunTests: ${{ parameters.RunTests }}
|
||||
- template: /azure-pipelines/prepare-insertion-stages.yml@self
|
||||
parameters:
|
||||
RealSign: ${{ parameters.RealSign }}
|
||||
RealSign: ${{ or(parameters.RealSign, eq(variables['Build.Reason'],'Schedule')) }}
|
||||
|
|
|
@ -33,32 +33,32 @@ stages:
|
|||
SymbolsAgentPath: $(Pipeline.Workspace)/symbols-legacy
|
||||
azureSubscription: Symbols Upload (DevDiv)
|
||||
|
||||
- job: push
|
||||
displayName: azure-public/vssdk feed
|
||||
${{ if parameters.ArchiveSymbols }}:
|
||||
dependsOn: symbol_archive
|
||||
pool:
|
||||
name: AzurePipelines-EO
|
||||
demands:
|
||||
- ImageOverride -equals AzurePipelinesUbuntu20.04compliantGPT
|
||||
os: Linux
|
||||
templateContext:
|
||||
outputParentDirectory: $(Pipeline.Workspace)
|
||||
outputs:
|
||||
- output: nuget
|
||||
displayName: 📦 Push nuget packages
|
||||
packagesToPush: '(Pipeline.Workspace)/deployables-Windows/NuGet/*.nupkg'
|
||||
packageParentPath: (Pipeline.Workspace)/deployables-Windows/NuGet
|
||||
allowPackageConflicts: true
|
||||
nuGetFeedType: external
|
||||
publishFeedCredentials: azure-public/vssdk
|
||||
steps:
|
||||
- checkout: none
|
||||
- download: current
|
||||
artifact: Variables-Windows
|
||||
displayName: 🔻 Download Variables-Windows artifact
|
||||
- powershell: $(Pipeline.Workspace)/Variables-Windows/_pipelines.ps1
|
||||
displayName: ⚙️ Set pipeline variables based on artifacts
|
||||
- download: current
|
||||
artifact: deployables-Windows
|
||||
displayName: 🔻 Download deployables-Windows artifact
|
||||
- ${{ if true }}: # leave the condition to avoid merge conflicts later.
|
||||
- job: push
|
||||
displayName: azure-public/vssdk feed
|
||||
${{ if parameters.ArchiveSymbols }}:
|
||||
dependsOn: symbol_archive
|
||||
pool:
|
||||
name: AzurePipelines-EO
|
||||
demands:
|
||||
- ImageOverride -equals 1ESPT-Ubuntu22.04
|
||||
os: Linux
|
||||
templateContext:
|
||||
outputs:
|
||||
- output: nuget
|
||||
displayName: 📦 Push nuget packages
|
||||
packagesToPush: '$(Pipeline.Workspace)/deployables-Windows/NuGet/*.nupkg'
|
||||
packageParentPath: $(Pipeline.Workspace)/deployables-Windows/NuGet
|
||||
allowPackageConflicts: true
|
||||
nuGetFeedType: external
|
||||
publishFeedCredentials: azure-public/vssdk
|
||||
steps:
|
||||
- checkout: none
|
||||
- download: current
|
||||
artifact: Variables-Windows
|
||||
displayName: 🔻 Download Variables-Windows artifact
|
||||
- powershell: $(Pipeline.Workspace)/Variables-Windows/_pipelines.ps1
|
||||
displayName: ⚙️ Set pipeline variables based on artifacts
|
||||
- download: current
|
||||
artifact: deployables-Windows
|
||||
displayName: 🔻 Download deployables-Windows artifact
|
||||
|
|
|
@ -1,20 +1,24 @@
|
|||
parameters:
|
||||
includeMacOS:
|
||||
- name: EnableMacOSBuild
|
||||
type: boolean
|
||||
- name: EnableLinuxBuild
|
||||
type: boolean
|
||||
|
||||
steps:
|
||||
- download: current
|
||||
artifact: coverageResults-Windows
|
||||
displayName: 🔻 Download Windows code coverage results
|
||||
continueOnError: true
|
||||
- download: current
|
||||
artifact: coverageResults-Linux
|
||||
displayName: 🔻 Download Linux code coverage results
|
||||
continueOnError: true
|
||||
- download: current
|
||||
artifact: coverageResults-macOS
|
||||
displayName: 🔻 Download macOS code coverage results
|
||||
continueOnError: true
|
||||
condition: and(succeeded(), ${{ parameters.includeMacOS }})
|
||||
- ${{ if parameters.EnableLinuxBuild }}:
|
||||
- download: current
|
||||
artifact: coverageResults-Linux
|
||||
displayName: 🔻 Download Linux code coverage results
|
||||
continueOnError: true
|
||||
- ${{ if parameters.EnableMacOSBuild }}:
|
||||
- download: current
|
||||
artifact: coverageResults-macOS
|
||||
displayName: 🔻 Download macOS code coverage results
|
||||
continueOnError: true
|
||||
- powershell: azure-pipelines/Merge-CodeCoverage.ps1 -Path '$(Pipeline.Workspace)' -OutputFile coveragereport/merged.cobertura.xml -Format Cobertura -Verbose
|
||||
displayName: ⚙ Merge coverage
|
||||
- task: PublishCodeCoverageResults@1
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
parameters:
|
||||
includeMacOS:
|
||||
- name: EnableMacOSBuild
|
||||
type: boolean
|
||||
- name: EnableLinuxBuild
|
||||
type: boolean
|
||||
|
||||
steps:
|
||||
- task: DownloadPipelineArtifact@2
|
||||
|
@ -8,19 +11,20 @@ steps:
|
|||
path: $(Pipeline.Workspace)/symbols/Windows
|
||||
displayName: 🔻 Download Windows symbols
|
||||
continueOnError: true
|
||||
- task: DownloadPipelineArtifact@2
|
||||
inputs:
|
||||
artifact: symbols-Linux
|
||||
path: $(Pipeline.Workspace)/symbols/Linux
|
||||
displayName: 🔻 Download Linux symbols
|
||||
continueOnError: true
|
||||
- task: DownloadPipelineArtifact@2
|
||||
inputs:
|
||||
artifact: symbols-macOS
|
||||
path: $(Pipeline.Workspace)/symbols/macOS
|
||||
displayName: 🔻 Download macOS symbols
|
||||
continueOnError: true
|
||||
condition: ${{ parameters.includeMacOS }}
|
||||
- ${{ if parameters.EnableLinuxBuild }}:
|
||||
- task: DownloadPipelineArtifact@2
|
||||
inputs:
|
||||
artifact: symbols-Linux
|
||||
path: $(Pipeline.Workspace)/symbols/Linux
|
||||
displayName: 🔻 Download Linux symbols
|
||||
continueOnError: true
|
||||
- ${{ if parameters.EnableMacOSBuild }}:
|
||||
- task: DownloadPipelineArtifact@2
|
||||
inputs:
|
||||
artifact: symbols-macOS
|
||||
path: $(Pipeline.Workspace)/symbols/macOS
|
||||
displayName: 🔻 Download macOS symbols
|
||||
continueOnError: true
|
||||
|
||||
- task: DownloadPipelineArtifact@2
|
||||
inputs:
|
||||
|
@ -28,19 +32,20 @@ steps:
|
|||
path: $(Pipeline.Workspace)/test_symbols/Windows
|
||||
displayName: 🔻 Download Windows test symbols
|
||||
continueOnError: true
|
||||
- task: DownloadPipelineArtifact@2
|
||||
inputs:
|
||||
artifact: test_symbols-Linux
|
||||
path: $(Pipeline.Workspace)/test_symbols/Linux
|
||||
displayName: 🔻 Download Linux test symbols
|
||||
continueOnError: true
|
||||
- task: DownloadPipelineArtifact@2
|
||||
inputs:
|
||||
artifact: test_symbols-macOS
|
||||
path: $(Pipeline.Workspace)/test_symbols/macOS
|
||||
displayName: 🔻 Download macOS test symbols
|
||||
continueOnError: true
|
||||
condition: ${{ parameters.includeMacOS }}
|
||||
- ${{ if parameters.EnableLinuxBuild }}:
|
||||
- task: DownloadPipelineArtifact@2
|
||||
inputs:
|
||||
artifact: test_symbols-Linux
|
||||
path: $(Pipeline.Workspace)/test_symbols/Linux
|
||||
displayName: 🔻 Download Linux test symbols
|
||||
continueOnError: true
|
||||
- ${{ if parameters.EnableMacOSBuild }}:
|
||||
- task: DownloadPipelineArtifact@2
|
||||
inputs:
|
||||
artifact: test_symbols-macOS
|
||||
path: $(Pipeline.Workspace)/test_symbols/macOS
|
||||
displayName: 🔻 Download macOS test symbols
|
||||
continueOnError: true
|
||||
|
||||
- task: PublishSymbols@2
|
||||
inputs:
|
||||
|
|
|
@ -14,6 +14,9 @@ resources:
|
|||
tags:
|
||||
- auto-release
|
||||
|
||||
variables:
|
||||
- template: GlobalVariables.yml
|
||||
|
||||
extends:
|
||||
template: azure-pipelines/MicroBuild.1ES.Official.yml@MicroBuildTemplate
|
||||
parameters:
|
||||
|
@ -27,10 +30,9 @@ extends:
|
|||
pool:
|
||||
name: AzurePipelines-EO
|
||||
demands:
|
||||
- ImageOverride -equals AzurePipelinesUbuntu20.04compliantGPT
|
||||
- ImageOverride -equals 1ESPT-Ubuntu22.04
|
||||
os: Linux
|
||||
templateContext:
|
||||
outputParentDirectory: $(Pipeline.Workspace)
|
||||
outputs:
|
||||
- output: nuget
|
||||
displayName: 📦 Push packages to nuget.org
|
||||
|
|
|
@ -1,56 +0,0 @@
|
|||
parameters:
|
||||
EnableAPIScan:
|
||||
|
||||
steps:
|
||||
|
||||
- powershell: echo "##vso[build.addbuildtag]compliance"
|
||||
displayName: 🏷️ Tag run with 'compliance'
|
||||
|
||||
- task: CopyFiles@2
|
||||
displayName: 📂 Collect APIScan inputs
|
||||
inputs:
|
||||
SourceFolder: $(Build.ArtifactStagingDirectory)/Symbols-$(Agent.JobName)
|
||||
# Exclude any patterns from the Contents (e.g. `!**/git2*`) that we have symbols for but do not need to run APIScan on.
|
||||
Contents: |
|
||||
**
|
||||
!**/arm64/**
|
||||
!**/win-arm64/**
|
||||
!**/linux-*/**
|
||||
!**/osx*/**
|
||||
TargetFolder: $(Build.ArtifactStagingDirectory)/APIScanInputs
|
||||
|
||||
- task: APIScan@2
|
||||
displayName: 🔍 Run APIScan
|
||||
inputs:
|
||||
softwareFolder: $(Build.ArtifactStagingDirectory)/APIScanInputs
|
||||
softwareName: $(SymbolsFeatureName)
|
||||
softwareVersionNum: $(NBGV_MajorMinorVersion)
|
||||
isLargeApp: false
|
||||
toolVersion: Latest
|
||||
condition: and(succeeded(), ${{ parameters.EnableAPIScan }}, ne(variables.ApiScanClientId, ''))
|
||||
env:
|
||||
AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId);TenantId=$(ApiScanTenant);AppKey=$(ApiScanSecret)
|
||||
|
||||
- task: SdtReport@2
|
||||
displayName: 📃 Create Security Analysis Report
|
||||
inputs:
|
||||
GdnExportAllTools: true
|
||||
|
||||
- task: PublishSecurityAnalysisLogs@3
|
||||
displayName: 📢 Publish Code Analysis Logs
|
||||
inputs:
|
||||
ArtifactName: CodeAnalysisLogs
|
||||
ArtifactType: Container
|
||||
PublishProcessedResults: true
|
||||
AllTools: true
|
||||
ToolLogsNotFoundAction: Standard
|
||||
|
||||
- task: PostAnalysis@2
|
||||
displayName: 🏋️♀️ Break on compliance issues
|
||||
inputs:
|
||||
GdnBreakAllTools: true
|
||||
GdnBreakGdnToolBinSkimSeverity: Warning
|
||||
GdnBreakSuppressionFiles: $(System.DefaultWorkingDirectory)/azure-pipelines/falsepositives.gdnsuppress
|
||||
GdnBreakSuppressionSets: falsepositives
|
||||
GdnBreakOutputSuppressionFile: $(Build.ArtifactStagingDirectory)/guardian_failures_as_suppressions/
|
||||
GdnBreakOutputSuppressionSet: falsepositives
|
|
@ -1,13 +0,0 @@
|
|||
# This is a list of AzDO account names or email addresses.
|
||||
# Add your team DL and/or whoever should be notified of insertion PRs.
|
||||
$contacts = ,$env:BUILD_REQUESTEDFOREMAIL
|
||||
$contacts += 'Andrew Arnott'
|
||||
|
||||
if (Test-Path "$PSScriptRoot\TeamEmail.ps1") {
|
||||
$contacts += & "$PSScriptRoot\TeamEmail.ps1"
|
||||
}
|
||||
|
||||
$contacts = $contacts |? { $_ }
|
||||
if ($contacts) {
|
||||
[string]::Join(',', $contacts)
|
||||
}
|
|
@ -0,0 +1,5 @@
|
|||
if ($env:SYSTEM_TEAMPROJECT) {
|
||||
"ProfilingInputs/$env:SYSTEM_TEAMPROJECT/$env:BUILD_REPOSITORY_NAME/$env:BUILD_SOURCEBRANCHNAME/$env:BUILD_BUILDID"
|
||||
} else {
|
||||
Write-Warning "No Azure Pipelines build detected. No Azure Pipelines drop name will be computed."
|
||||
}
|
|
@ -50,8 +50,11 @@ extends:
|
|||
- task: MicroBuildInsertVsPayload@4
|
||||
displayName: 🏭 Insert VS Payload
|
||||
inputs:
|
||||
TeamName: $(TeamName)
|
||||
TeamEmail: $(TeamEmail)
|
||||
InsertionPayloadName: $(Build.Repository.Name) $(Build.BuildNumber)
|
||||
InsertionBuildPolicy: Request Perf DDRITs
|
||||
InsertionReviewers: $(Build.RequestedFor),Andrew Arnott
|
||||
AutoCompletePR: true
|
||||
AutoCompleteMergeStrategy: Squash
|
||||
- powershell: |
|
||||
|
|
|
@ -32,9 +32,10 @@ extends:
|
|||
jobs:
|
||||
- template: /azure-pipelines/build.yml@self
|
||||
parameters:
|
||||
Is1ESPT: true
|
||||
RealSign: true
|
||||
windowsPool: VSEngSS-MicroBuild2022-1ES
|
||||
includeMacOS: false
|
||||
EnableMacOSBuild: false
|
||||
RunTests: false
|
||||
|
||||
- template: /azure-pipelines/prepare-insertion-stages.yml@self
|
||||
|
@ -70,12 +71,14 @@ extends:
|
|||
- task: MicroBuildInsertVsPayload@4
|
||||
displayName: 🏭 Insert VS Payload
|
||||
inputs:
|
||||
TeamName: $(TeamName)
|
||||
TeamEmail: $(TeamEmail)
|
||||
InsertionPayloadName: $(Build.Repository.Name) VALIDATION BUILD $(Build.BuildNumber) ($(Build.SourceBranch)) [Skip-SymbolCheck]
|
||||
InsertionDescription: |
|
||||
This PR is for **validation purposes only** for !$(System.PullRequest.PullRequestId). **Do not complete**.
|
||||
CustomScriptExecutionCommand: src/VSSDK/NuGet/AllowUnstablePackages.ps1
|
||||
InsertionBuildPolicy: Request Perf DDRITs
|
||||
InsertionReviewers: $(Build.RequestedForEmail)
|
||||
InsertionReviewers: $(Build.RequestedFor)
|
||||
AutoCompletePR: false
|
||||
- powershell: |
|
||||
$insertionPRId = azure-pipelines/Get-InsertionPRId.ps1
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"sdk": {
|
||||
"version": "8.0.100",
|
||||
"version": "8.0.201",
|
||||
"rollForward": "patch",
|
||||
"allowPrerelease": false
|
||||
}
|
||||
|
|
Загрузка…
Ссылка в новой задаче