Skip to content

Commit

Permalink
Update to 1ESPT (#7784)
Browse files Browse the repository at this point in the history 
* Update dependencies from https://github.com/dotnet/arcade build

Microsoft.DotNet.Arcade.Sdk
 From Version 7.0.0-beta.24163.12 -> To Version 7.0.0-beta.24171.2

* Update dependencies from https://github.com/dotnet/arcade build

Microsoft.DotNet.Arcade.Sdk
 From Version 7.0.0-beta.24163.12 -> To Version 7.0.0-beta.24171.6

* Update dependencies from https://github.com/dotnet/arcade build

Microsoft.DotNet.Arcade.Sdk
 From Version 7.0.0-beta.24163.12 -> To Version 7.0.0-beta.24171.6

* Update dependencies from https://github.com/dotnet/arcade build

Microsoft.DotNet.Arcade.Sdk
 From Version 7.0.0-beta.24163.12 -> To Version 7.0.0-beta.24171.6

* Update dependencies from https://github.com/dotnet/arcade build

Microsoft.DotNet.Arcade.Sdk
 From Version 7.0.0-beta.24163.12 -> To Version 7.0.0-beta.24171.6

* Update dependencies from https://github.com/dotnet/arcade build

Microsoft.DotNet.Arcade.Sdk
 From Version 7.0.0-beta.24163.12 -> To Version 7.0.0-beta.24172.6

* Update dependencies from https://github.com/dotnet/arcade build

Microsoft.DotNet.Arcade.Sdk
 From Version 7.0.0-beta.24163.12 -> To Version 7.0.0-beta.24172.6

* Update dependencies from https://github.com/dotnet/arcade build 20240326.7

Microsoft.DotNet.Arcade.Sdk
 From Version 7.0.0-beta.24163.12 -> To Version 7.0.0-beta.24176.7

* Update dependencies from https://github.com/dotnet/arcade build 20240326.7

Microsoft.DotNet.Arcade.Sdk
 From Version 7.0.0-beta.24163.12 -> To Version 7.0.0-beta.24176.7

* Update dependencies from https://github.com/dotnet/arcade build 20240326.7

Microsoft.DotNet.Arcade.Sdk
 From Version 7.0.0-beta.24163.12 -> To Version 7.0.0-beta.24176.7

* 1ES

* Fix YAML

---------

Co-authored-by: dotnet-maestro[bot] <dotnet-maestro[bot]@users.noreply.github.com>
  • Loading branch information
@joeloff @dotnet-maestro
joeloff and dotnet-maestro[bot] authored Apr 3, 2024
1 parent 998e696 commit 580301b
Showing 1 changed file with 199 additions and 178 deletions.
377 changes: 199 additions & 178 deletions azure-pipelines.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,185 +39,206 @@ variables:
- name: _InternalRuntimeDownloadArgs
value: ''

stages:
- stage: build
displayName: Build
jobs:
- ${{ if and( ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
- ${{ if startsWith(variables['Build.SourceBranch'], 'refs/heads/release/') }}:
- template: /eng/common/templates/job/onelocbuild.yml
parameters:
MirrorRepo: templating
LclSource: lclFilesfromPackage
LclPackageId: 'LCL-JUNO-PROD-TEMPLATING'
MirrorBranch: ${{ replace(variables['Build.SourceBranch'], 'refs/heads/', '') }}
JobNameSuffix: '_release'
condition: ${{ variables.EnableReleaseOneLocBuild }}
- ${{ if eq(variables['Build.SourceBranch'], 'refs/heads/main') }}:
- template: /eng/common/templates/job/onelocbuild.yml
parameters:
MirrorRepo: templating
LclSource: lclFilesfromPackage
LclPackageId: 'LCL-JUNO-PROD-TMPLTNGMAIN'
MirrorBranch: 'main'
JobNameSuffix: '_main'
condition: eq(variables['Build.SourceBranch'], 'refs/heads/main')
- template: /eng/common/templates/jobs/jobs.yml
parameters:
enableMicrobuild: true
enablePublishBuildArtifacts: true
enablePublishTestResults: true
enablePublishBuildAssets: true
enablePublishUsingPipelines: ${{ variables._PublishUsingPipelines }}
enableSourceBuild: true
enableTelemetry: true
helixRepo: dotnet/templating
jobs:
- job: Windows_NT
timeoutInMinutes: 90
pool:
${{ if eq(variables['System.TeamProject'], 'public') }}:
name: NetCore-Svc-Public
vmImage: 1es-windows-2019-open
${{ if eq(variables['System.TeamProject'], 'internal') }}:
name: NetCore1ESPool-Svc-Internal
demands: ImageOverride -equals windows.vs2019.amd64
variables:
- _InternalBuildArgs: ''
- template: /eng/common/templates-official/variables/pool-providers.yml

# Only enable publishing in non-public, non PR scenarios.
- ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
# DotNet-Blob-Feed provides: dotnetfeed-storage-access-key-1
# DotNet-Symbol-Server-Pats provides: microsoft-symbol-server-pat, symweb-symbol-server-pat
# Publish-Build-Assets provides: MaestroAccessToken, BotAccount-dotnet-maestro-bot-PAT
- group: DotNet-Blob-Feed
- group: Publish-Build-Assets
- _InternalBuildArgs: /p:DotNetSignType=$(_SignType) /p:TeamName=$(_TeamName)
/p:DotNetPublishUsingPipelines=$(_PublishUsingPipelines)
/p:OfficialBuildId=$(BUILD.BUILDNUMBER)
resources:
repositories:
- repository: 1esPipelines
type: git
name: 1ESPipelineTemplates/1ESPipelineTemplates
ref: refs/tags/release

strategy:
matrix:
Build_Release:
_BuildConfig: Release
# PRs or external builds are not signed.
${{ if or(eq(variables['System.TeamProject'], 'public'), in(variables['Build.Reason'], 'PullRequest')) }}:
_SignType: test
_DotNetPublishToBlobFeed : false
${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
_SignType: real
_DotNetPublishToBlobFeed : true
${{ if or(eq(variables['System.TeamProject'], 'public'), in(variables['Build.Reason'], 'PullRequest')) }}:
Build_Debug:
_BuildConfig: Debug
_SignType: test
parameters:
- name: buildConfigurations
type: object
default:
# Always build the Release configuration, but never sign for PRs.
- buildConfig: Release
- buildConfig: Debug

steps:
- checkout: self
clean: true
- ${{ if ne(variables['System.TeamProject'], 'public') }}:
- task: PowerShell@2
displayName: Setup Private Feeds Credentials
inputs:
filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.ps1
arguments: -ConfigFile $(Build.SourcesDirectory)/NuGet.config -Password $Env:Token
env:
Token: $(dn-bot-dnceng-artifact-feeds-rw)
# Use utility script to run script command dependent on agent OS.
- script: eng/common/cibuild.cmd
-configuration $(_BuildConfig)
-prepareMachine
-integrationTest
$(_InternalBuildArgs)
$(_InternalRuntimeDownloadArgs)
displayName: Windows Build / Publish
extends:
${{ if notin(variables['Build.Reason'], 'PullRequest') }}:
template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines
${{ else }}:
template: v1/1ES.Unofficial.PipelineTemplate.yml@1esPipelines
parameters:
sdl:
sourceAnalysisPool:
name: $(DncEngInternalBuildPool)
image: 1es-windows-2022
os: windows
customBuildTags:
- ES365AIMigrationTooling

- ${{ if or(eq(variables['System.TeamProject'], 'public'), in(variables['Build.Reason'], 'PullRequest')) }}:
- job: OSX
pool:
vmImage: 'macOS-latest'
strategy:
matrix:
debug_configuration:
_BuildConfig: Debug
_SignType: none
release_configuration:
_BuildConfig: Release
_SignType: none
steps:
- ${{ if ne(variables['System.TeamProject'], 'public') }}:
- task: Bash@3
displayName: Setup Private Feeds Credentials
inputs:
filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.sh
arguments: $(Build.SourcesDirectory)/NuGet.config $Token
env:
Token: $(dn-bot-dnceng-artifact-feeds-rw)
- script: eng/common/cibuild.sh
--configuration $(_BuildConfig)
--prepareMachine
--integrationTest
$(_InternalRuntimeDownloadArgs)
name: Build
displayName: Build

- ${{ if or(eq(variables['System.TeamProject'], 'public'), in(variables['Build.Reason'], 'PullRequest')) }}:
- job: Linux
pool:
${{ if eq(variables['System.TeamProject'], 'public') }}:
vmImage: ubuntu-latest
${{ if eq(variables['System.TeamProject'], 'internal') }}:
name: NetCore1ESPool-Svc-Internal
demands: ImageOverride -equals Build.Ubuntu.2204.Amd64
strategy:
matrix:
debug_configuration:
_BuildConfig: Debug
_SignType: none
release_configuration:
_BuildConfig: Release
_SignType: none
steps:
- ${{ if ne(variables['System.TeamProject'], 'public') }}:
- task: Bash@3
displayName: Setup Private Feeds Credentials
inputs:
filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.sh
arguments: $(Build.SourcesDirectory)/NuGet.config $Token
env:
Token: $(dn-bot-dnceng-artifact-feeds-rw)
- script: eng/common/cibuild.sh
--configuration $(_BuildConfig)
--prepareMachine
--integrationTest
$(_InternalRuntimeDownloadArgs)
name: Build
displayName: Build
condition: succeeded()

- ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
- template: eng\common\templates\post-build\post-build.yml
parameters:
publishingInfraVersion: 3
# Symbol validation isn't being very reliable lately. This should be enabled back
# once this issue is resolved: https://github.com/dotnet/arcade/issues/2871
enableSymbolValidation: false
# Sourcelink validation isn't passing for Arcade due to some regressions. This should be
# enabled back once this issue is resolved: https://github.com/dotnet/arcade/issues/2912
enableSourceLinkValidation: false
publishDependsOn:
- Validate
# This is to enable SDL runs part of Post-Build Validation Stage
SDLValidationParameters:
enable: true
continueOnError: false
params: ' -SourceToolsList @("policheck","credscan")
-TsaInstanceURL $(_TsaInstanceURL)
-TsaProjectName $(_TsaProjectName)
-TsaNotificationEmail $(_TsaNotificationEmail)
-TsaCodebaseAdmin $(_TsaCodebaseAdmin)
-TsaBugAreaPath $(_TsaBugAreaPath)
-TsaIterationPath $(_TsaIterationPath)
-TsaRepositoryName $(_TsaRepsitoryName)
-TsaCodebaseName $(_TsaCodebaseName)
-TsaPublish $True'
stages:
- stage: build
displayName: Build
jobs:
- ${{ if and( ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
- ${{ if startsWith(variables['Build.SourceBranch'], 'refs/heads/release/') }}:
- template: /eng/common/templates-official/job/onelocbuild.yml@self
parameters:
MirrorRepo: templating
LclSource: lclFilesfromPackage
LclPackageId: 'LCL-JUNO-PROD-TEMPLATING'
MirrorBranch: ${{ replace(variables['Build.SourceBranch'], 'refs/heads/', '') }}
JobNameSuffix: '_release'
condition: ${{ variables.EnableReleaseOneLocBuild }}
- ${{ if eq(variables['Build.SourceBranch'], 'refs/heads/main') }}:
- template: /eng/common/templates-official/job/onelocbuild.yml@self
parameters:
MirrorRepo: templating
LclSource: lclFilesfromPackage
LclPackageId: 'LCL-JUNO-PROD-TMPLTNGMAIN'
MirrorBranch: 'main'
JobNameSuffix: '_main'
condition: eq(variables['Build.SourceBranch'], 'refs/heads/main')
- template: /eng/common/templates-official/jobs/jobs.yml@self
parameters:
enableMicrobuild: true
enablePublishBuildArtifacts: true
enablePublishTestResults: true
enablePublishBuildAssets: true
enablePublishUsingPipelines: ${{ variables._PublishUsingPipelines }}
enableSourceBuild: true
enableTelemetry: true
helixRepo: dotnet/templating
jobs:
- ${{ each config in parameters.buildConfigurations }}:
- job: Windows_NT_${{ config.buildConfig }}
displayName: Windows_NT ${{ config.buildConfig }}
timeoutInMinutes: 90
pool:
${{ if eq(variables['System.TeamProject'], 'public') }}:
name: $(DncEngInternalBuildPool)
image: 1es-windows-2022-open
os: windows
${{ if eq(variables['System.TeamProject'], 'internal') }}:
name: $(DncEngInternalBuildPool)
image: 1es-windows-2022
os: windows
variables:
- _BuildConfig: ${{ config.buildConfig }}
- _SignType: test
- ${{ if notin(variables['Build.Reason'], 'PullRequest') }}:
- _SignType: real
- _InternalBuildArgs: ''

# Only enable publishing in non-public, non PR scenarios.
- ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
# DotNet-Blob-Feed provides: dotnetfeed-storage-access-key-1
# DotNet-Symbol-Server-Pats provides: microsoft-symbol-server-pat, symweb-symbol-server-pat
# Publish-Build-Assets provides: MaestroAccessToken, BotAccount-dotnet-maestro-bot-PAT
- group: DotNet-Blob-Feed
- group: Publish-Build-Assets
- _InternalBuildArgs: /p:DotNetSignType=$(_SignType) /p:TeamName=$(_TeamName)
/p:DotNetPublishUsingPipelines=$(_PublishUsingPipelines)
/p:OfficialBuildId=$(BUILD.BUILDNUMBER)

steps:
- checkout: self
clean: true
- ${{ if ne(variables['System.TeamProject'], 'public') }}:
- task: PowerShell@2
displayName: Setup Private Feeds Credentials
inputs:
filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.ps1
arguments: -ConfigFile $(Build.SourcesDirectory)/NuGet.config -Password $Env:Token
env:
Token: $(dn-bot-dnceng-artifact-feeds-rw)
# Use utility script to run script command dependent on agent OS.
- script: eng/common/cibuild.cmd
-configuration $(_BuildConfig)
-prepareMachine
-integrationTest
$(_InternalBuildArgs)
$(_InternalRuntimeDownloadArgs)
displayName: Windows Build / Publish

- ${{ if in(variables['Build.Reason'], 'PullRequest') }}:
- ${{ each config in parameters.buildConfigurations }}:
- job: OSX_${{ config.buildConfig }}
displayName: OSX ${{ config.buildConfig }}
pool:
vmImage: 'macOS-latest'
variables:
- _BuildConfig: ${{ config.buildConfig }}
- _SignType: none

steps:
- ${{ if ne(variables['System.TeamProject'], 'public') }}:
- task: Bash@3
displayName: Setup Private Feeds Credentials
inputs:
filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.sh
arguments: $(Build.SourcesDirectory)/NuGet.config $Token
env:
Token: $(dn-bot-dnceng-artifact-feeds-rw)
- script: eng/common/cibuild.sh
--configuration $(_BuildConfig)
--prepareMachine
--integrationTest
$(_InternalRuntimeDownloadArgs)
name: Build
displayName: Build

- ${{ if in(variables['Build.Reason'], 'PullRequest') }}:
- ${{ each config in parameters.buildConfigurations }}:
- job: Linux_${{ config.buildConfig }}
displayName: Linux ${{ config.buildConfig }}
pool:
${{ if eq(variables['System.TeamProject'], 'public') }}:
name: $(DncEngPublicBuildPool)
image: 1es-ubuntu-2204-open
os: linux
${{ if eq(variables['System.TeamProject'], 'internal') }}:
name: $(DncEngInternalBuildPool)
image: 1es-ubuntu-2204
os: linux
variables:
- _BuildConfig: ${{ config.buildConfig }}
- _SignType: none
steps:
- ${{ if ne(variables['System.TeamProject'], 'public') }}:
- task: Bash@3
displayName: Setup Private Feeds Credentials
inputs:
filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.sh
arguments: $(Build.SourcesDirectory)/NuGet.config $Token
env:
Token: $(dn-bot-dnceng-artifact-feeds-rw)
- script: eng/common/cibuild.sh
--configuration $(_BuildConfig)
--prepareMachine
--integrationTest
$(_InternalRuntimeDownloadArgs)
name: Build
displayName: Build
condition: succeeded()

- ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
- template: eng/common/templates-official/post-build/post-build.yml@self
parameters:
publishingInfraVersion: 3
# Symbol validation isn't being very reliable lately. This should be enabled back
# once this issue is resolved: https://github.com/dotnet/arcade/issues/2871
enableSymbolValidation: false
# Sourcelink validation isn't passing for Arcade due to some regressions. This should be
# enabled back once this issue is resolved: https://github.com/dotnet/arcade/issues/2912
enableSourceLinkValidation: false
publishDependsOn:
- Validate
# This is to enable SDL runs part of Post-Build Validation Stage
SDLValidationParameters:
enable: true
continueOnError: false
params: ' -SourceToolsList @("policheck","credscan")
-TsaInstanceURL $(_TsaInstanceURL)
-TsaProjectName $(_TsaProjectName)
-TsaNotificationEmail $(_TsaNotificationEmail)
-TsaCodebaseAdmin $(_TsaCodebaseAdmin)
-TsaBugAreaPath $(_TsaBugAreaPath)
-TsaIterationPath $(_TsaIterationPath)
-TsaRepositoryName $(_TsaRepsitoryName)
-TsaCodebaseName $(_TsaCodebaseName)
-TsaPublish $True'

0 comments on commit 580301b

Please sign in to comment.