vscode-java-dependency/.azure-pipelines/nightly.yml

172 строки
7.0 KiB
YAML

name: $(Date:yyyyMMdd).$(Rev:r)
variables:
- name: Codeql.Enabled
value: true
schedules:
- cron: 0 0 * * *
branches:
include:
- refs/heads/main
resources:
repositories:
- repository: self
type: git
ref: refs/heads/main
- repository: 1esPipelines
type: git
name: 1ESPipelineTemplates/1ESPipelineTemplates
ref: refs/tags/release
trigger: none
extends:
template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines
parameters:
pool:
name: 1ES_JavaTooling_Pool
image: 1ES_JavaTooling_Windows_2022
os: windows
sdl:
sourceAnalysisPool:
name: 1ES_JavaTooling_Pool
image: 1ES_JavaTooling_Windows_2022
os: windows
customBuildTags:
- MigrationTooling-mseng-VSJava-13463-Tool
stages:
- stage: Build
jobs:
- job: Job_1
displayName: Agent job 1
templateContext:
outputs:
- output: pipelineArtifact
artifactName: extension
targetPath: $(Build.ArtifactStagingDirectory)
displayName: "Publish Artifact: extension"
steps:
- checkout: self
clean: true
fetchTags: true
- task: NodeTool@0
displayName: Use Node 20.x
inputs:
versionSpec: 20.x
- task: JavaToolInstaller@0
displayName: Use Java 17
inputs:
versionSpec: "17"
jdkArchitectureOption: x64
jdkSourceOption: PreInstalled
- task: Npm@1
displayName: npm install
inputs:
verbose: false
- task: Bash@3
displayName: npx gulp build_server
inputs:
targetType: inline
script: |-
# Build the jars to the server folder.
npm run build-server
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
displayName: ESRP CodeSigning
inputs:
ConnectedServiceName: 'ESRP-Release-Test'
AppRegistrationClientId: '1992ee18-e9d2-42d6-ab20-94dd947a44b6'
AppRegistrationTenantId: '72f988bf-86f1-41af-91ab-2d7cd011db47'
AuthAKVName: 'vscjavaci'
AuthCertName: 'vscjava-esrprelease-auth'
AuthSignCertName: 'VSCJava-CodeSign'
FolderPath: server
Pattern: com.microsoft.jdtls.ext.*.jar
signConfigType: inlineSignParams
inlineOperation: |-
[
{
"KeyCode" : "CP-447347-Java",
"OperationCode" : "JavaSign",
"Parameters" : {
"SigAlg" : "SHA256withRSA",
"Timestamp" : "-tsa http://sha256timestamp.ws.digicert.com/sha256/timestamp"
},
"ToolName" : "sign",
"ToolVersion" : "1.0"
},
{
"KeyCode" : "CP-447347-Java",
"OperationCode" : "JavaVerify",
"Parameters" : {},
"ToolName" : "sign",
"ToolVersion" : "1.0"
}
]
- task: CmdLine@2
displayName: Replace AI Key
inputs:
script: npx json@9.0.6 -I -f package.json -e "this.aiKey=\"%AI_KEY%\""
- task: Bash@3
displayName: Bash Script
inputs:
targetType: inline
script: |-
node ./scripts/prepare-nightly-build.js
mv ./package.insiders.json ./package.json
- script: npx @vscode/vsce@latest package --pre-release -o extension.vsix
displayName: 'vsce package --pre-release'
### Copy files for APIScan
- task: CopyFiles@2
displayName: "Copy Files for APIScan"
inputs:
Contents: "*.vsix"
TargetFolder: $(Agent.TempDirectory)/APIScanFiles
condition: and(succeeded(), ne(variables['DisableAPIScan'], 'true'))
### Run latest version of APIScan listed at https://www.1eswiki.com/wiki/APIScan_Build_Task
- task: APIScan@2
displayName: Run APIScan
inputs:
softwareFolder: $(Agent.TempDirectory)/APIScanFiles
softwareName: "vscode-java-dependency"
softwareVersionNum: "$(Build.BuildId)"
isLargeApp: false
toolVersion: "Latest"
condition: and(succeeded(), ne(variables['DisableAPIScan'], 'true'))
env:
AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId);TenantId=$(ApiScanTenant);AppKey=$(ApiScanSecret)
- script: npx @vscode/vsce@latest generate-manifest -i extension.vsix -o extension.manifest
displayName: 'Generate extension manifest'
- script: cp extension.manifest extension.signature.p7s
displayName: 'Prepare manifest for signing'
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
inputs:
ConnectedServiceName: 'ESRP-Release-Test'
AppRegistrationClientId: '1992ee18-e9d2-42d6-ab20-94dd947a44b6'
AppRegistrationTenantId: '72f988bf-86f1-41af-91ab-2d7cd011db47'
AuthAKVName: 'vscjavaci'
AuthCertName: 'vscjava-esrprelease-auth'
AuthSignCertName: 'VSCJava-CodeSign'
FolderPath: '.'
Pattern: 'extension.signature.p7s'
signConfigType: inlineSignParams
inlineOperation: |
[
{
"keyCode": "CP-401405",
"operationSetCode": "VSCodePublisherSign",
"parameters" : [],
"toolName": "sign",
"toolVersion": "1.0"
}
]
SessionTimeout: 90
MaxConcurrency: 25
MaxRetryAttempts: 5
PendingAnalysisWaitTimeoutMinutes: 5
displayName: 'Sign extension'
- task: CopyFiles@2
displayName: "Copy Files to: $(Build.ArtifactStagingDirectory)"
inputs:
Contents: |
extension.vsix
extension.manifest
extension.signature.p7s
TargetFolder: $(Build.ArtifactStagingDirectory)