diff --git a/eng/docker-tools/DEV-GUIDE.md b/eng/docker-tools/DEV-GUIDE.md index 00f9ff978..ea0301f2d 100644 --- a/eng/docker-tools/DEV-GUIDE.md +++ b/eng/docker-tools/DEV-GUIDE.md @@ -160,7 +160,7 @@ Build Stage └── Apply EOL annotations ``` - Full pipeline with all stages -- Images flow: `buildAcr` → `publishAcr` → MAR (see [`publish-config-prod.yml`](templates/stages/dotnet/publish-config-prod.yml) for ACR definitions) +- Images flow: `BuildRegistry` → `PublishRegistry` → MAR (see [`publish-config-prod.yml`](templates/stages/dotnet/publish-config-prod.yml) for ACR definitions) - Tests run against staged images - Only successful builds get published diff --git a/eng/docker-tools/templates/jobs/build-images.yml b/eng/docker-tools/templates/jobs/build-images.yml index 1f7f9b566..b820d2f4b 100644 --- a/eng/docker-tools/templates/jobs/build-images.yml +++ b/eng/docker-tools/templates/jobs/build-images.yml @@ -32,6 +32,7 @@ jobs: - ${{ parameters.commonInitStepsForMatrixAndBuild }} - template: /eng/docker-tools/templates/jobs/${{ format('../steps/init-docker-{0}.yml', parameters.dockerClientOS) }}@self parameters: + publishConfig: ${{ parameters.publishConfig }} cleanupDocker: true - ${{ parameters.customInitSteps }} - template: /eng/docker-tools/templates/steps/set-image-info-path-var.yml@self @@ -51,7 +52,7 @@ jobs: # the environment variable for us. $imageBuilderBuildArgs = "$env:IMAGEBUILDERBUILDARGS $env:IMAGEBUILDER_QUEUEARGS --image-info-output-path $(imageInfoContainerDir)/$(legName)-image-info.json $(commonMatrixAndBuildOptions)" if ($env:SYSTEM_TEAMPROJECT -eq "${{ parameters.internalProjectName }}" -and $env:BUILD_REASON -ne "PullRequest") { - $imageBuilderBuildArgs = "$imageBuilderBuildArgs --repo-prefix ${{ parameters.publishConfig.buildAcr.repoPrefix }} --push" + $imageBuilderBuildArgs = "$imageBuilderBuildArgs --repo-prefix ${{ parameters.publishConfig.BuildRegistry.repoPrefix }} --push" } # If the pipeline isn't configured to disable the cache and a build variable hasn't been set to disable the cache @@ -66,14 +67,8 @@ jobs: parameters: name: BuildImages displayName: Build Images - serviceConnections: - # "name" here refers to the argument name, not the service connection name. - # It should probably be changed to "argName". - - name: acr - id: ${{ parameters.publishConfig.buildAcr.serviceConnection.id }} - tenantId: ${{ parameters.publishConfig.buildAcr.serviceConnection.tenantId }} - clientId: ${{ parameters.publishConfig.buildAcr.serviceConnection.clientId }} - - ${{ if parameters.storageAccountServiceConnection }}: + ${{ if parameters.storageAccountServiceConnection }}: + serviceConnections: - name: storage id: ${{ parameters.storageAccountServiceConnection.id }} tenantId: ${{ parameters.storageAccountServiceConnection.tenantId }} @@ -89,8 +84,8 @@ jobs: --architecture $(architecture) --retry --digests-out-var 'builtImages' - --acr-subscription '${{ parameters.publishConfig.buildAcr.subscription }}' - --acr-resource-group '${{ parameters.publishConfig.buildAcr.resourceGroup }}' + --acr-subscription '${{ parameters.publishConfig.BuildRegistry.subscription }}' + --acr-resource-group '${{ parameters.publishConfig.BuildRegistry.resourceGroup }}' $(manifestVariables) $(imageBuilderBuildArgs) - template: /eng/docker-tools/templates/steps/publish-artifact.yml@self @@ -104,12 +99,12 @@ jobs: - powershell: | $images = "$(BuildImages.builtImages)" if (-not $images) { return 0 } - $syftImageName = "${{ parameters.publishConfig.publicMirrorAcr.server }}/$(imageNames.syft)" + $syftImageName = "${{ parameters.publishConfig.PublicMirrorRegistry.server }}/$(imageNames.syft)" & $(engDockerToolsPath)/Pull-Image.ps1 $syftImageName $images -Split ',' | ForEach-Object { echo "Generating SBOM for $_"; $targetImageName = "$_"; - $formattedImageName = $targetImageName.Replace('${{ parameters.publishConfig.buildAcr.server }}/${{ parameters.publishConfig.buildAcr.repoPrefix }}', "").Replace('/', '_').Replace(':', '_'); + $formattedImageName = $targetImageName.Replace('${{ parameters.publishConfig.BuildRegistry.server }}/${{ parameters.publishConfig.BuildRegistry.repoPrefix }}', "").Replace('/', '_').Replace(':', '_'); $sbomChildDir = "$(sbomDirectory)/$formattedImageName"; New-Item -Type Directory -Path $sbomChildDir > $null; docker build --output=$sbomChildDir -f $(engDockerToolsPath)/Dockerfile.syft --build-arg SYFT_IMAGE_NAME=$syftImageName --build-arg TARGET_IMAGE_NAME=$targetImageName -t syft-sbom $(engDockerToolsPath); diff --git a/eng/docker-tools/templates/jobs/copy-base-images-staging.yml b/eng/docker-tools/templates/jobs/copy-base-images-staging.yml index 20ce1f4da..f422f2d00 100644 --- a/eng/docker-tools/templates/jobs/copy-base-images-staging.yml +++ b/eng/docker-tools/templates/jobs/copy-base-images-staging.yml @@ -25,5 +25,5 @@ jobs: pool: ${{ parameters.pool }} customInitSteps: ${{ parameters.customInitSteps }} additionalOptions: ${{ parameters.additionalOptions }} - acr: ${{ parameters.publishConfig.internalMirrorAcr }} - repoPrefix: ${{ parameters.publishConfig.internalMirrorAcr.repoPrefix }} + acr: ${{ parameters.publishConfig.InternalMirrorRegistry }} + repoPrefix: ${{ parameters.publishConfig.InternalMirrorRegistry.repoPrefix }} diff --git a/eng/docker-tools/templates/jobs/generate-matrix.yml b/eng/docker-tools/templates/jobs/generate-matrix.yml index 606dec57f..81017bbb2 100644 --- a/eng/docker-tools/templates/jobs/generate-matrix.yml +++ b/eng/docker-tools/templates/jobs/generate-matrix.yml @@ -63,10 +63,5 @@ jobs: parameters: name: matrix displayName: Generate ${{ parameters.matrixType }} Matrix - serviceConnections: - - name: acr - tenantId: $(build.serviceConnection.tenantId) - clientId: $(build.serviceConnection.clientId) - id: $(build.serviceConnection.id) internalProjectName: internal args: $(generateBuildMatrixCommand) diff --git a/eng/docker-tools/templates/jobs/publish.yml b/eng/docker-tools/templates/jobs/publish.yml index cb9b454ac..9682b4d0e 100644 --- a/eng/docker-tools/templates/jobs/publish.yml +++ b/eng/docker-tools/templates/jobs/publish.yml @@ -21,7 +21,7 @@ jobs: - name: imageBuilder.commonCmdArgs value: >- --manifest '$(manifest)' - --registry-override '${{ parameters.publishConfig.publishAcr.server }}' + --registry-override '${{ parameters.publishConfig.PublishRegistry.server }}' $(manifestVariables) $(imageBuilder.queueArgs) - name: publishNotificationRepoName @@ -53,6 +53,8 @@ jobs: - template: /eng/docker-tools/templates/steps/retain-build.yml@self - template: /eng/docker-tools/templates/steps/init-docker-linux.yml@self + parameters: + publishConfig: ${{ parameters.publishConfig }} - pwsh: | $azdoOrgName = Split-Path -Leaf $Env:SYSTEM_COLLECTIONURI @@ -95,21 +97,16 @@ jobs: - template: /eng/docker-tools/templates/steps/run-imagebuilder.yml@self parameters: displayName: Copy Images - serviceConnections: - - name: acr - id: ${{ parameters.publishConfig.publishAcr.serviceConnection.id }} - tenantId: ${{ parameters.publishConfig.publishAcr.serviceConnection.tenantId }} - clientId: ${{ parameters.publishConfig.publishAcr.serviceConnection.clientId }} internalProjectName: ${{ parameters.internalProjectName }} args: >- copyAcrImages - '${{ parameters.publishConfig.buildAcr.subscription }}' - '${{ parameters.publishConfig.buildAcr.resourceGroup }}' - '${{ parameters.publishConfig.buildAcr.repoPrefix }}' - '${{ parameters.publishConfig.buildAcr.server }}' + '${{ parameters.publishConfig.BuildRegistry.subscription }}' + '${{ parameters.publishConfig.BuildRegistry.resourceGroup }}' + '${{ parameters.publishConfig.BuildRegistry.repoPrefix }}' + '${{ parameters.publishConfig.BuildRegistry.server }}' --os-type '*' --architecture '*' - --repo-prefix '${{ parameters.publishConfig.publishAcr.repoPrefix }}' + --repo-prefix '${{ parameters.publishConfig.PublishRegistry.repoPrefix }}' --image-info '$(imageInfoContainerDir)/image-info.json' $(dryRunArg) $(imageBuilder.pathArgs) @@ -118,17 +115,12 @@ jobs: - template: /eng/docker-tools/templates/steps/run-imagebuilder.yml@self parameters: displayName: Publish Manifest - serviceConnections: - - name: acr - id: ${{ parameters.publishConfig.publishAcr.serviceConnection.id }} - tenantId: ${{ parameters.publishConfig.publishAcr.serviceConnection.tenantId }} - clientId: ${{ parameters.publishConfig.publishAcr.serviceConnection.clientId }} internalProjectName: ${{ parameters.internalProjectName }} dockerClientOS: ${{ parameters.dockerClientOS }} args: >- publishManifest '$(imageInfoContainerDir)/image-info.json' - --repo-prefix '${{ parameters.publishConfig.publishAcr.repoPrefix }}' + --repo-prefix '${{ parameters.publishConfig.PublishRegistry.repoPrefix }}' --os-type '*' --architecture '*' $(dryRunArg) @@ -208,17 +200,12 @@ jobs: - template: /eng/docker-tools/templates/steps/run-imagebuilder.yml@self parameters: displayName: Generate EOL Annotation Data - serviceConnections: - - name: acr - id: ${{ parameters.publishConfig.publishAcr.serviceConnection.id }} - tenantId: ${{ parameters.publishConfig.publishAcr.serviceConnection.tenantId }} - clientId: ${{ parameters.publishConfig.publishAcr.serviceConnection.clientId }} internalProjectName: internal condition: and(succeeded(), eq(variables['publishEolAnnotations'], 'true')) args: >- generateEolAnnotationDataForPublish - '${{ parameters.publishConfig.publishAcr.server }}' - '${{ parameters.publishConfig.publishAcr.repoPrefix }}' + '${{ parameters.publishConfig.PublishRegistry.server }}' + '${{ parameters.publishConfig.PublishRegistry.repoPrefix }}' '$(artifactsPath)/eol-annotation-data/eol-annotation-data.json' '$(imageInfoContainerDir)/full-image-info-orig.json' '$(imageInfoContainerDir)/full-image-info-new.json' @@ -236,7 +223,7 @@ jobs: - template: /eng/docker-tools/templates/steps/annotate-eol-digests.yml@self parameters: - acr: ${{ parameters.publishConfig.publishAcr }} + acr: ${{ parameters.publishConfig.PublishRegistry }} dataFile: $(artifactsPath)/eol-annotation-data/eol-annotation-data.json - script: > @@ -275,7 +262,7 @@ jobs: $(gitHubNotificationsRepoInfo.authArgs) '$(gitHubNotificationsRepoInfo.org)' '$(gitHubNotificationsRepoInfo.repo)' - --repo-prefix '${{ parameters.publishConfig.publishAcr.repoPrefix }}' + --repo-prefix '${{ parameters.publishConfig.PublishRegistry.repoPrefix }}' --task "🟪 Copy Images" --task "🟪 Publish Manifest" --task "🟪 Wait for Image Ingestion" @@ -284,8 +271,8 @@ jobs: --task "🟪 Publish Image Info" --task "🟪 Ingest Kusto Image Info" --task "🟪 Generate EOL Annotation Data" - --task "🟪 Annotate EOL Images (${{ parameters.publishConfig.publishAcr.server }})" - --task "🟪 Wait for Annotation Ingestion (${{ parameters.publishConfig.publishAcr.server }})" + --task "🟪 Annotate EOL Images (${{ parameters.publishConfig.PublishRegistry.server }})" + --task "🟪 Wait for Annotation Ingestion (${{ parameters.publishConfig.PublishRegistry.server }})" $(dryRunArg) $(imageBuilder.commonCmdArgs) displayName: Post Publish Notification diff --git a/eng/docker-tools/templates/stages/dotnet/publish-config-nonprod.yml b/eng/docker-tools/templates/stages/dotnet/publish-config-nonprod.yml index 379b8d01f..e6c586775 100644 --- a/eng/docker-tools/templates/stages/dotnet/publish-config-nonprod.yml +++ b/eng/docker-tools/templates/stages/dotnet/publish-config-nonprod.yml @@ -50,7 +50,7 @@ stages: # publishConfig schema is defined in src/ImageBuilder/Configuration/PublishConfiguration.cs. # This will get converted to JSON and placed in appsettings.json to be loaded by ImageBuilder at runtime. publishConfig: - internalMirrorAcr: + InternalMirrorRegistry: server: $(acr-staging-test.server) repoPrefix: $(mirrorRepoPrefix) resourceGroup: $(testResourceGroup) @@ -61,7 +61,7 @@ stages: clientId: $(internal-mirror-test.serviceConnection.clientId) tenantId: $(testTenant) - publicMirrorAcr: + PublicMirrorRegistry: server: $(public-mirror.server) resourceGroup: $(public-mirror.resourceGroup) subscription: $(public-mirror.subscription) @@ -71,7 +71,7 @@ stages: tenantId: $(public-mirror.serviceConnection.tenantId) clientId: $(public-mirror.serviceConnection.clientId) - buildAcr: + BuildRegistry: server: $(acr-staging-test.server) resourceGroup: $(testResourceGroup) subscription: $(testSubscription) @@ -94,7 +94,7 @@ stages: clientId: $(test-nonprod.serviceConnection.clientId) tenantId: $(testTenant) - publishAcr: + PublishRegistry: server: $(acr-test.server) resourceGroup: $(testResourceGroup) subscription: $(testSubscription) diff --git a/eng/docker-tools/templates/stages/dotnet/publish-config-prod.yml b/eng/docker-tools/templates/stages/dotnet/publish-config-prod.yml index e3ea368b0..2f4e77d59 100644 --- a/eng/docker-tools/templates/stages/dotnet/publish-config-prod.yml +++ b/eng/docker-tools/templates/stages/dotnet/publish-config-prod.yml @@ -50,7 +50,7 @@ stages: # publishConfig schema is defined in src/ImageBuilder/Configuration/PublishConfiguration.cs. # This will get converted to JSON and placed in appsettings.json to be loaded by ImageBuilder at runtime. publishConfig: - internalMirrorAcr: + InternalMirrorRegistry: server: $(acr-staging.server) repoPrefix: $(mirrorRepoPrefix) resourceGroup: $(acr-staging.resourceGroup) @@ -61,7 +61,7 @@ stages: clientId: $(internal-mirror.serviceConnection.clientId) tenantId: $(internal-mirror.serviceConnection.tenantId) - publicMirrorAcr: + PublicMirrorRegistry: server: $(public-mirror.server) resourceGroup: $(public-mirror.resourceGroup) subscription: $(public-mirror.subscription) @@ -71,7 +71,7 @@ stages: tenantId: $(public-mirror.serviceConnection.tenantId) clientId: $(public-mirror.serviceConnection.clientId) - buildAcr: + BuildRegistry: server: $(acr-staging.server) resourceGroup: $(acr-staging.resourceGroup) subscription: $(acr-staging.subscription) @@ -94,7 +94,7 @@ stages: clientId: $(test.serviceConnection.clientId) tenantId: $(test.serviceConnection.tenantId) - publishAcr: + PublishRegistry: server: $(acr.server) resourceGroup: $(acr.resourceGroup) subscription: $(acr.subscription) diff --git a/eng/docker-tools/templates/steps/annotate-eol-digests.yml b/eng/docker-tools/templates/steps/annotate-eol-digests.yml index 0cb090c1c..8e2f7571b 100644 --- a/eng/docker-tools/templates/steps/annotate-eol-digests.yml +++ b/eng/docker-tools/templates/steps/annotate-eol-digests.yml @@ -11,11 +11,6 @@ steps: - template: /eng/docker-tools/templates/steps/run-imagebuilder.yml@self parameters: displayName: Annotate EOL Images (${{ parameters.acr.server }}) - serviceConnections: - - name: acr - id: ${{ parameters.acr.serviceConnection.id }} - tenantId: ${{ parameters.acr.serviceConnection.tenantId }} - clientId: ${{ parameters.acr.serviceConnection.clientId }} internalProjectName: internal condition: and(succeeded(), eq(variables['publishEolAnnotations'], 'true')) args: >- diff --git a/eng/docker-tools/templates/steps/clean-acr-images.yml b/eng/docker-tools/templates/steps/clean-acr-images.yml index b791de305..65b8ceffa 100644 --- a/eng/docker-tools/templates/steps/clean-acr-images.yml +++ b/eng/docker-tools/templates/steps/clean-acr-images.yml @@ -16,11 +16,6 @@ steps: displayName: "Clean ${{ parameters.repo }} (${{ parameters.action }} > ${{ parameters.age }}d)" ${{ else }}: displayName: "Clean ${{ parameters.repo }} (${{ parameters.action }})" - serviceConnections: - - name: acr - id: ${{ parameters.publishConfig.cleanServiceConnection.id }} - tenantId: ${{ parameters.publishConfig.cleanServiceConnection.tenantId }} - clientId: ${{ parameters.publishConfig.cleanServiceConnection.clientId }} internalProjectName: ${{ parameters.internalProjectName }} args: >- cleanAcrImages diff --git a/eng/docker-tools/templates/steps/copy-base-images.yml b/eng/docker-tools/templates/steps/copy-base-images.yml index d54737083..b5c134bd1 100644 --- a/eng/docker-tools/templates/steps/copy-base-images.yml +++ b/eng/docker-tools/templates/steps/copy-base-images.yml @@ -28,11 +28,6 @@ steps: - template: /eng/docker-tools/templates/steps/run-imagebuilder.yml@self parameters: displayName: Copy Base Images - serviceConnections: - - name: "acr" - tenantId: ${{ parameters.acr.serviceConnection.tenantId }} - clientId: ${{ parameters.acr.serviceConnection.clientId }} - id: ${{ parameters.acr.serviceConnection.id }} continueOnError: ${{ parameters.continueOnError }} internalProjectName: 'internal' # Use environment variable to reference $(dryRunArg). Since $(dryRunArg) might be undefined, diff --git a/eng/docker-tools/templates/steps/init-docker-linux.yml b/eng/docker-tools/templates/steps/init-docker-linux.yml index c8669e19b..599b0de49 100644 --- a/eng/docker-tools/templates/steps/init-docker-linux.yml +++ b/eng/docker-tools/templates/steps/init-docker-linux.yml @@ -1,8 +1,21 @@ parameters: - setupImageBuilder: true - setupTestRunner: false - cleanupDocker: false - condition: true +- name: setupImageBuilder + type: boolean + default: true +- name: setupTestRunner + type: boolean + default: false +# Whether existing Docker images will be deleted +- name: cleanupDocker + type: boolean + default: false +# Whether or not to run the steps in this template +- name: condition + type: boolean + default: true +- name: publishConfig + type: object + default: null steps: - template: /eng/docker-tools/templates/steps/init-common.yml@self @@ -29,6 +42,21 @@ steps: displayName: Pull Image Builder condition: and(succeeded(), ${{ parameters.condition }}) + - ${{ if parameters.publishConfig }}: + # .NET Microsoft.Extensions.Configuration reads appsettings.json from the working directory when + # ImageBuilder is run. By putting the publish configuration in the root of the repo, it will be + # copied into the ImageBuilder container and read from there. + - powershell: |- + $appsettingsJsonContent = @" + { + "PublishConfiguration": ${{ convertToJson(parameters.publishConfig) }} + } + "@ + Set-Content -Path "appsettings.json" -Value $appsettingsJsonContent + Get-Content -Path "appsettings.json" + displayName: Output publish configuration + condition: and(succeeded(), ${{ parameters.condition }}) + - script: >- docker build -t $(imageNames.imageBuilder.withrepo) diff --git a/eng/docker-tools/templates/steps/init-docker-windows.yml b/eng/docker-tools/templates/steps/init-docker-windows.yml index e8593b5eb..f7095d12d 100644 --- a/eng/docker-tools/templates/steps/init-docker-windows.yml +++ b/eng/docker-tools/templates/steps/init-docker-windows.yml @@ -1,6 +1,7 @@ parameters: setupImageBuilder: true condition: true + publishConfig: null steps: - template: /eng/docker-tools/templates/steps/init-common.yml@self @@ -37,6 +38,19 @@ steps: displayName: Cleanup Setup Container condition: and(always(), ${{ parameters.condition }}) continueOnError: true + + - ${{ if parameters.publishConfig }}: + - powershell: |- + $appsettingsJsonContent = @" + { + "PublishConfiguration": ${{ convertToJson(parameters.publishConfig) }} + } + "@ + Set-Content -Path "$(Build.SourcesDirectory)/.Microsoft.DotNet.ImageBuilder/appsettings.json" -Value $appsettingsJsonContent + Get-Content -Path "$(Build.SourcesDirectory)/.Microsoft.DotNet.ImageBuilder/appsettings.json" + displayName: Output publish configuration + condition: and(succeeded(), ${{ parameters.condition }}) + - task: PowerShell@2 displayName: Define runImageBuilderCmd Variables condition: and(succeeded(), ${{ parameters.condition }}) diff --git a/eng/docker-tools/templates/steps/init-matrix-build-publish.yml b/eng/docker-tools/templates/steps/init-matrix-build-publish.yml index 8a555eccd..e5e6bf19c 100644 --- a/eng/docker-tools/templates/steps/init-matrix-build-publish.yml +++ b/eng/docker-tools/templates/steps/init-matrix-build-publish.yml @@ -20,7 +20,7 @@ steps: - powershell: | $commonMatrixAndBuildOptions = "--source-repo $(publicGitRepoUri)" if ("$(System.TeamProject)" -eq "internal" -and "$(Build.Reason)" -ne "PullRequest") { - $commonMatrixAndBuildOptions = "$commonMatrixAndBuildOptions --source-repo-prefix ${{ parameters.publishConfig.internalMirrorAcr.repoPrefix }} --registry-override ${{ parameters.publishConfig.buildAcr.server }}" + $commonMatrixAndBuildOptions = "$commonMatrixAndBuildOptions --source-repo-prefix ${{ parameters.publishConfig.InternalMirrorRegistry.repoPrefix }} --registry-override ${{ parameters.publishConfig.BuildRegistry.server }}" } if ("$(System.TeamProject)" -eq "public" -and "$(public-mirror.server)" -ne "") { diff --git a/eng/docker-tools/templates/steps/publish-readmes.yml b/eng/docker-tools/templates/steps/publish-readmes.yml index 270898050..c0daaf52f 100644 --- a/eng/docker-tools/templates/steps/publish-readmes.yml +++ b/eng/docker-tools/templates/steps/publish-readmes.yml @@ -6,7 +6,7 @@ steps: - script: > $(runImageBuilderCmd) publishMcrDocs --manifest '$(manifest)' - --registry-override '${{ parameters.publishConfig.publishAcr.server }}' + --registry-override '${{ parameters.publishConfig.PublishRegistry.server }}' '$(mcrDocsRepoInfo.userName)' '$(mcrDocsRepoInfo.email)' $(mcrDocsRepoInfo.authArgs) diff --git a/eng/docker-tools/templates/steps/run-imagebuilder.yml b/eng/docker-tools/templates/steps/run-imagebuilder.yml index 3613d809b..ab7415387 100644 --- a/eng/docker-tools/templates/steps/run-imagebuilder.yml +++ b/eng/docker-tools/templates/steps/run-imagebuilder.yml @@ -7,16 +7,12 @@ parameters: default: "Run ImageBuilder" - name: serviceConnections type: object - default: - # name: the name of the service connection argument that will be passed to the ImageBuilder command. - # For example, if the argument is --acr-service-connection, the name would be "acr". - - name: "" - # The service connection's ID (GUID). - id: "" - # The client ID of the Managed Idendity backing the service connection (GUID). - clientId: "" - # The ID of the tenant that the Managed Identity is in (GUID). - tenantId: "" + default: [] + # - name: The name of the service connection argument that will be passed to the ImageBuilder command. + # For example, if the argument is --acr-service-connection, the name would be "acr". + # id: The service connection's ID (GUID). + # clientId: The client ID of the Managed Idendity backing the service connection (GUID). + # tenantId: The ID of the tenant that the Managed Identity is in (GUID). - name: internalProjectName type: string default: null diff --git a/eng/docker-tools/templates/steps/set-dry-run.yml b/eng/docker-tools/templates/steps/set-dry-run.yml index 44e3062b0..4879f7459 100644 --- a/eng/docker-tools/templates/steps/set-dry-run.yml +++ b/eng/docker-tools/templates/steps/set-dry-run.yml @@ -15,7 +15,7 @@ steps: # Public builds need to use dry-run mode since they don't publish anywhere. $dryRunArg="--dry-run" } - elseif (-not "$(officialRepoPrefixes)".Split(',').Contains("${{ parameters.publishConfig.publishAcr.repoPrefix }}")) + elseif (-not "$(officialRepoPrefixes)".Split(',').Contains("${{ parameters.publishConfig.PublishRegistry.repoPrefix }}")) { # If we're running an internal build on an official pipeline but not # publishing to an official repo prefix, then use dry run mode. diff --git a/eng/docker-tools/templates/steps/test-images-linux-client.yml b/eng/docker-tools/templates/steps/test-images-linux-client.yml index 38426ab2a..add2b3207 100644 --- a/eng/docker-tools/templates/steps/test-images-linux-client.yml +++ b/eng/docker-tools/templates/steps/test-images-linux-client.yml @@ -24,7 +24,7 @@ steps: additionalTestArgs="$additionalTestArgs -TestCategories pre-build" else if [ "${{ variables['System.TeamProject'] }}" == "${{ parameters.internalProjectName }}" ] && [ "${{ variables['Build.Reason'] }}" != "PullRequest" ]; then - additionalTestArgs="$additionalTestArgs -PullImages -Registry ${{ parameters.publishConfig.buildAcr.server }} -RepoPrefix ${{ parameters.publishConfig.buildAcr.repoPrefix }} -ImageInfoPath $(artifactsPath)/image-info.json" + additionalTestArgs="$additionalTestArgs -PullImages -Registry ${{ parameters.publishConfig.BuildRegistry.server }} -RepoPrefix ${{ parameters.publishConfig.BuildRegistry.repoPrefix }} -ImageInfoPath $(artifactsPath)/image-info.json" if [ "$TESTCATEGORIESOVERRIDE" != "" ]; then additionalTestArgs="$additionalTestArgs -TestCategories $TESTCATEGORIESOVERRIDE" fi @@ -53,7 +53,7 @@ steps: $azLoginArgs = '--service-principal --tenant $env:AZURE_TENANT_ID -u $env:AZURE_CLIENT_ID --federated-token $env:AZURE_FEDERATED_TOKEN'; docker exec -e AZURE_TENANT_ID=$env:tenantId -e AZURE_CLIENT_ID=$env:servicePrincipalId -e AZURE_FEDERATED_TOKEN=$env:idToken $(testRunner.container) pwsh -File $(engDockerToolsRelativePath)/Invoke-WithRetry.ps1 - "az login $azLoginArgs; az acr login -n ${{ parameters.publishConfig.buildAcr.server }}" + "az login $azLoginArgs; az acr login -n ${{ parameters.publishConfig.BuildRegistry.server }}" - ${{ if eq(parameters.preBuildValidation, 'false') }}: - template: /eng/docker-tools/templates/steps/download-build-artifact.yml@self parameters: @@ -76,7 +76,7 @@ steps: displayName: Test Images condition: and(succeeded(), ${{ parameters.condition }}) - ${{ if and(eq(variables['System.TeamProject'], parameters.internalProjectName), ne(variables['Build.Reason'], 'PullRequest')) }}: - - script: docker exec $(testRunner.container) docker logout ${{ parameters.publishConfig.buildAcr.server }} + - script: docker exec $(testRunner.container) docker logout ${{ parameters.publishConfig.BuildRegistry.server }} displayName: Docker logout condition: and(always(), ${{ parameters.condition }}) continueOnError: true diff --git a/eng/docker-tools/templates/steps/test-images-windows-client.yml b/eng/docker-tools/templates/steps/test-images-windows-client.yml index ad84cff0e..c8e751f55 100644 --- a/eng/docker-tools/templates/steps/test-images-windows-client.yml +++ b/eng/docker-tools/templates/steps/test-images-windows-client.yml @@ -20,12 +20,12 @@ steps: condition: and(succeeded(), ${{ parameters.condition }}) command: >- az login --service-principal --tenant $env:tenantId -u $env:servicePrincipalId --federated-token $env:idToken; - $accessToken = $(az acr login -n ${{ parameters.publishConfig.buildAcr.server }} --expose-token --query accessToken --output tsv); - docker login ${{ parameters.publishConfig.buildAcr.server }} -u 00000000-0000-0000-0000-000000000000 -p $accessToken + $accessToken = $(az acr login -n ${{ parameters.publishConfig.BuildRegistry.server }} --expose-token --query accessToken --output tsv); + docker login ${{ parameters.publishConfig.BuildRegistry.server }} -u 00000000-0000-0000-0000-000000000000 -p $accessToken - ${{ parameters.customInitSteps }} - powershell: | if ("${{ variables['System.TeamProject'] }}" -eq "${{ parameters.internalProjectName }}" -and "${{ variables['Build.Reason'] }}" -ne "PullRequest") { - $additionalTestArgs="$env:ADDITIONALTESTARGS -PullImages -Registry ${{ parameters.publishConfig.buildAcr.server }} -RepoPrefix ${{ parameters.publishConfig.buildAcr.repoPrefix }} -ImageInfoPath $(artifactsPath)/image-info.json" + $additionalTestArgs="$env:ADDITIONALTESTARGS -PullImages -Registry ${{ parameters.publishConfig.BuildRegistry.server }} -RepoPrefix ${{ parameters.publishConfig.BuildRegistry.repoPrefix }} -ImageInfoPath $(artifactsPath)/image-info.json" } echo "##vso[task.setvariable variable=additionalTestArgs]$additionalTestArgs" displayName: Set Test Variables @@ -50,7 +50,7 @@ steps: displayName: Test Images condition: and(succeeded(), ${{ parameters.condition }}) - ${{ if and(eq(variables['System.TeamProject'], parameters.internalProjectName), ne(variables['Build.Reason'], 'PullRequest')) }}: - - script: docker logout ${{ parameters.publishConfig.buildAcr.server }} + - script: docker logout ${{ parameters.publishConfig.BuildRegistry.server }} displayName: Docker logout condition: and(always(), ${{ parameters.condition }}) continueOnError: true diff --git a/eng/docker-tools/templates/steps/validate-branch.yml b/eng/docker-tools/templates/steps/validate-branch.yml index 0fb1a841d..945aefa68 100644 --- a/eng/docker-tools/templates/steps/validate-branch.yml +++ b/eng/docker-tools/templates/steps/validate-branch.yml @@ -11,11 +11,11 @@ steps: exit 0 } - $isOfficialRepoPrefix = "$(officialRepoPrefixes)".Split(',').Contains("${{ parameters.publishConfig.publishAcr.repoPrefix }}") + $isOfficialRepoPrefix = "$(officialRepoPrefixes)".Split(',').Contains("${{ parameters.publishConfig.PublishRegistry.repoPrefix }}") if (-not $isOfficialRepoPrefix) { echo "This build will not publish to an official repo prefix, continuing." - echo "Publish repo prefix: ${{ parameters.publishConfig.publishAcr.repoPrefix }}" + echo "Publish repo prefix: ${{ parameters.publishConfig.PublishRegistry.repoPrefix }}" echo "Official repo prefixes: $(officialRepoPrefixes)" exit 0 } @@ -47,6 +47,6 @@ steps: echo "Build definition: $(Build.DefinitionName)" echo "1ESPT build type: $(OneESPT.BuildType)" echo "Current branch: $(sourceBranch)" - echo "Publish repo prefix: ${{ parameters.publishConfig.publishAcr.repoPrefix }}" + echo "Publish repo prefix: ${{ parameters.publishConfig.PublishRegistry.repoPrefix }}" exit 1 displayName: Validate Branch diff --git a/eng/docker-tools/templates/steps/wait-for-mcr-image-ingestion.yml b/eng/docker-tools/templates/steps/wait-for-mcr-image-ingestion.yml index 6c7236439..bffaf0378 100644 --- a/eng/docker-tools/templates/steps/wait-for-mcr-image-ingestion.yml +++ b/eng/docker-tools/templates/steps/wait-for-mcr-image-ingestion.yml @@ -30,7 +30,7 @@ steps: waitForMcrImageIngestion '${{ parameters.imageInfoPath }}' --manifest '$(manifest)' - --repo-prefix '${{ parameters.publishConfig.publishAcr.repoPrefix }}' + --repo-prefix '${{ parameters.publishConfig.PublishRegistry.repoPrefix }}' --min-queue-time '${{ parameters.minQueueTime }}' --timeout '$(mcrImageIngestionTimeout)' $(manifestVariables) diff --git a/eng/docker-tools/templates/variables/docker-images.yml b/eng/docker-tools/templates/variables/docker-images.yml index c20e2b373..295b12f48 100644 --- a/eng/docker-tools/templates/variables/docker-images.yml +++ b/eng/docker-tools/templates/variables/docker-images.yml @@ -1,5 +1,5 @@ variables: - imageNames.imageBuilderName: mcr.microsoft.com/dotnet-buildtools/image-builder:2862284 + imageNames.imageBuilderName: mcr.microsoft.com/dotnet-buildtools/image-builder:2864167 imageNames.imageBuilder: $(imageNames.imageBuilderName) imageNames.imageBuilder.withrepo: imagebuilder-withrepo:$(Build.BuildId)-$(System.JobId) imageNames.testRunner: mcr.microsoft.com/dotnet-buildtools/prereqs:azurelinux3.0-docker-testrunner diff --git a/eng/pipelines/templates/stages/build-test-publish.yml b/eng/pipelines/templates/stages/build-test-publish.yml index 945c35d47..6a860b41d 100644 --- a/eng/pipelines/templates/stages/build-test-publish.yml +++ b/eng/pipelines/templates/stages/build-test-publish.yml @@ -34,9 +34,9 @@ stages: - template: /eng/docker-tools/templates/stages/setup-service-connections.yml@self parameters: serviceConnections: - - name: ${{ parameters.publishConfig.internalMirrorAcr.serviceConnection.name }} - - name: ${{ parameters.publishConfig.buildAcr.serviceConnection.name }} - - name: ${{ parameters.publishConfig.publishAcr.serviceConnection.name }} + - name: ${{ parameters.publishConfig.InternalMirrorRegistry.serviceConnection.name }} + - name: ${{ parameters.publishConfig.BuildRegistry.serviceConnection.name }} + - name: ${{ parameters.publishConfig.PublishRegistry.serviceConnection.name }} - ${{ each serviceConnection in parameters.additionalServiceConnections }}: - name: ${{ serviceConnection.name }} diff --git a/eng/pipelines/templates/stages/cleanup-acr-images-custom.yml b/eng/pipelines/templates/stages/cleanup-acr-images-custom.yml index 3709436d7..8f4d310b7 100644 --- a/eng/pipelines/templates/stages/cleanup-acr-images-custom.yml +++ b/eng/pipelines/templates/stages/cleanup-acr-images-custom.yml @@ -29,6 +29,6 @@ stages: parameters: internalProjectName: internal repo: ${{ parameters.repo }} - acr: ${{ parameters.publishConfig.buildAcr }} + acr: ${{ parameters.publishConfig.BuildRegistry }} action: ${{ parameters.action }} age: ${{ parameters.age }} diff --git a/eng/pipelines/templates/stages/cleanup-acr-images.yml b/eng/pipelines/templates/stages/cleanup-acr-images.yml index f7f0b1ed3..47109eeb5 100644 --- a/eng/pipelines/templates/stages/cleanup-acr-images.yml +++ b/eng/pipelines/templates/stages/cleanup-acr-images.yml @@ -26,7 +26,7 @@ stages: publishConfig: ${{ parameters.publishConfig }} internalProjectName: ${{ parameters.internalProjectName }} repo: "build-staging/*" - acr: ${{ parameters.publishConfig.buildAcr }} + acr: ${{ parameters.publishConfig.BuildRegistry }} action: delete age: 15 - template: /eng/docker-tools/templates/steps/clean-acr-images.yml@self @@ -34,7 +34,7 @@ stages: publishConfig: ${{ parameters.publishConfig }} internalProjectName: ${{ parameters.internalProjectName }} repo: "public/dotnet/*" - acr: ${{ parameters.publishConfig.publishAcr }} + acr: ${{ parameters.publishConfig.PublishRegistry }} action: pruneEol age: 15 - template: /eng/docker-tools/templates/steps/clean-acr-images.yml@self @@ -42,7 +42,7 @@ stages: publishConfig: ${{ parameters.publishConfig }} internalProjectName: ${{ parameters.internalProjectName }} repo: "test/*" - acr: ${{ parameters.publishConfig.publishAcr }} + acr: ${{ parameters.publishConfig.PublishRegistry }} action: pruneAll age: 7 - template: /eng/docker-tools/templates/steps/clean-acr-images.yml@self @@ -50,7 +50,7 @@ stages: publishConfig: ${{ parameters.publishConfig }} internalProjectName: ${{ parameters.internalProjectName }} repo: "public/dotnet-buildtools/*" - acr: ${{ parameters.publishConfig.publishAcr }} + acr: ${{ parameters.publishConfig.PublishRegistry }} action: pruneEol age: 15 customArgs: $(excludedBuildToolsPrereqsImagesArgs) @@ -59,7 +59,7 @@ stages: # parameters: # publishConfig: ${{ parameters.publishConfig }} # repo: "mirror/*" - # acr: ${{ parameters.publishConfig.buildAcr }} + # acr: ${{ parameters.publishConfig.BuildRegistry }} # action: pruneDangling # age: 0 - job: Annotations @@ -72,10 +72,10 @@ stages: displayName: Create EOL Annotation Data Directory - template: /eng/pipelines/templates/steps/set-eol-annotations.yml@self parameters: - acr: ${{ parameters.publishConfig.buildAcr }} + acr: ${{ parameters.publishConfig.BuildRegistry }} - template: /eng/pipelines/templates/steps/set-eol-annotations.yml@self parameters: - acr: ${{ parameters.publishConfig.publicMirrorAcr }} + acr: ${{ parameters.publishConfig.PublicMirrorRegistry }} - template: /eng/docker-tools/templates/steps/publish-artifact.yml@self parameters: path: $(Build.ArtifactStagingDirectory)/eol-annotation-data