diff --git a/azure-pipelines-official.yml b/azure-pipelines-official.yml index a4a5973c68..b0039b87bf 100644 --- a/azure-pipelines-official.yml +++ b/azure-pipelines-official.yml @@ -1,226 +1,228 @@ -# CI trigger -trigger: - branches: - include: - - main - - feature/* - - hotfix/* - - release/* - paths: - include: - - '*' - exclude: - - '**/*.md' - - .config/* - - .devcontainer/* - - .github/* - - .vscode/* - - assets/* - - docs/* - - images/* - - .editorconfig - - .gitignore - - '*.txt' - - '*.github-issues' - -# Scheduled trigger that will run at 8:00 AM every Monday and Wednesday -schedules: -- cron: "0 8 * * Mon" - displayName: Weekly build for Localization Updates (Monday) - branches: - include: - - main -- cron: "0 8 * * Wed" - displayName: Weekly build for Localization Updates (Wednesday) - branches: - include: - - main - -variables: -- template: /eng/templates/variables-template.yml@self -- template: /eng/common/templates-official/variables/pool-providers.yml@self - -resources: - repositories: - - repository: 1esPipelines - type: git - name: 1ESPipelineTemplates/1ESPipelineTemplates - ref: refs/tags/release - -extends: - template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines - parameters: - sdl: - sourceAnalysisPool: - name: $(DncEngInternalBuildPool) - image: 1es-windows-2022 - os: windows - binskim: - enabled: true - scanOutputDirectoryOnly: true - policheck: - enabled: true - apiScan: - break: false - severity: error - sbom: - enabled: true - tsa: - enabled: true - config: - repositoryName: 'dotnet-interactive' - codebaseName: 'dotnet-interactive' - instanceUrl: 'https://devdiv.visualstudio.com/' - projectName: 'DEVDIV' - iterationPath: 'DevDiv\\Future Backlog' - areaPath: 'DevDiv\\NET Developer Experience\\VS Testing\\Interactive' - notificationAliases: ['dotnetInteractive@microsoft.com'] - serviceTreeID: 'ab4d58de-beb3-4714-866c-1b46a48ea002' - allTools: true - stages: - - stage: build - displayName: Build and Test - jobs: - - template: /eng/common/templates-official/job/onelocbuild.yml@self - parameters: - MirrorRepo: interactive - MirrorBranch: main - SkipLocProjectJsonGeneration: true - LclSource: lclFilesfromPackage - LclPackageId: 'LCL-JUNO-PROD-INTERACTIVE' - CreatePr: $(LocPRCreationEnabled) - - template: /eng/common/templates-official/jobs/jobs.yml@self - parameters: - enableMicrobuild: true - enablePublishBuildArtifacts: true - enablePublishTestResults: true - enablePublishBuildAssets: true - enablePublishUsingPipelines: $(_PublishUsingPipelines) - jobs: - - job: Windows_NT - pool: - name: $(DncEngInternalBuildPool) - demands: ImageOverride -equals 1es-windows-2022 - os: windows - timeoutInMinutes: 200 - variables: - - group: DotNet-Symbol-Server-Pats - - name: _SignType - value: Real - - name: _BuildArgs - value: /p:SignType=$(_SignType) - /p:DotNetSignType=$(_SignType) - /p:MicroBuild_SigningEnabled=true - /p:TeamName=$(_TeamName) - /p:DotNetPublishUsingPipelines=$(_PublishUsingPipelines) - /p:DotNetArtifactsCategory=$(_DotNetArtifactsCategory) - /p:DotNetSymbolServerTokenMsdl=$(microsoft-symbol-server-pat) - /p:DotNetSymbolServerTokenSymWeb=$(symweb-symbol-server-pat) - /p:OfficialBuildId=$(BUILD.BUILDNUMBER) - /p:PublishToSymbolServer=true - - templateContext: - outputParentDirectory: $(Build.ArtifactStagingDirectory) - outputs: - - output: pipelineArtifact - displayName: 'Publish Test results and Blame dumps' - targetPath: '$(Build.ArtifactStagingDirectory)/artifacts/TestResults/$(_BuildConfig)' - artifactName: 'Windows_test_results_and_dumps' - publishLocation: Container - condition: always() - - output: pipelineArtifact - displayName: 'Publish VSCode extension artifacts' - targetPath: '$(Build.ArtifactStagingDirectory)\vscode' - artifactName: 'vscode' - publishLocation: Container - - output: buildArtifacts - displayName: 'Publish NPM package artifacts' - PathtoPublish: '$(Build.ArtifactStagingDirectory)/npm' - ArtifactName: 'npm' - publishLocation: Container - - output: pipelineArtifact - displayName: 'Publish packages to artifacts container' - targetPath: '$(Build.ArtifactStagingDirectory)/artifacts/packages/$(_BuildConfig)' - artifactName: 'packages' - publishLocation: Container - - steps: - - checkout: self - clean: true - - # Use common task group - - template: /eng/templates/build-and-test-tasks.yml@self - parameters: - platform: windows - signType: $(_SignType) - - - template: /eng/common/templates-official/jobs/jobs.yml@self - parameters: - enableMicrobuild: true - enablePublishBuildArtifacts: true - enablePublishTestResults: true - enablePublishBuildAssets: false - enablePublishUsingPipelines: false - jobs: - - job: Linux - pool: - name: $(DncEngInternalBuildPool) - os: linux - demands: ImageOverride -equals 1es-ubuntu-2204 - timeoutInMinutes: 200 - templateContext: - outputs: - - output: pipelineArtifact - displayName: 'Publish Test results and Blame dumps' - condition: always() - targetPath: '$(Build.SourcesDirectory)/artifacts/TestResults/$(_BuildConfig)' - artifactName: 'Linux_test_results_and_dumps' - publishLocation: Container - - steps: - - checkout: self - clean: true - - # Use common task group - - template: /eng/templates/build-and-test-tasks.yml@self - parameters: - platform: linux - - #---------------------------------------------------------------------------------------------------------------------# - # Post Build # - #---------------------------------------------------------------------------------------------------------------------# - - template: /eng/common/templates-official/post-build/post-build.yml@self - parameters: - publishingInfraVersion: 3 - # signing validation currently has issues with dotnet 7; disabling as per internal guidance - enableSigningValidation: false - # Symbol validation is not entirely reliable as of yet, so should be turned off until https://github.com/dotnet/arcade/issues/2871 is resolved. - enableSymbolValidation: false - # SourceLink improperly looks for generated files. See https://github.com/dotnet/arcade/issues/3069 - enableSourceLinkValidation: false - # Enable SDL validation, passing through values from the 'DotNet-FSharp-SDLValidation-Params' group. - SDLValidationParameters: - enable: true - params: >- - -SourceToolsList @("policheck","credscan") - -TsaInstanceURL $(_TsaInstanceURL) - -TsaProjectName $(_TsaProjectName) - -TsaNotificationEmail $(_TsaNotificationEmail) - -TsaCodebaseAdmin $(_TsaCodebaseAdmin) - -TsaBugAreaPath $(_TsaBugAreaPath) - -TsaIterationPath $(_TsaIterationPath) - -TsaRepositoryName "Interactive" - -TsaCodebaseName "Interactive-GitHub" - -TsaPublish $True - -PoliCheckAdditionalRunConfigParams @("UserExclusionPath < $(Build.SourcesDirectory)/eng/policheck_exclusions.xml") - - #---------------------------------------------------------------------------------------------------------------------# - # NPM Publish # - #---------------------------------------------------------------------------------------------------------------------# - - template: /eng/publish/publish-npm.yml@self - parameters: - packageName: microsoft-polyglot-notebooks-*.tgz - registryUrl: pkgs.dev.azure.com/dnceng/public/_packaging/dotnet-tools/npm/registry/ - registryUser: dnceng - registryEmail: dnceng@microsoft.com - publishingBranch: main +# CI trigger +trigger: + branches: + include: + - main + - feature/* + - hotfix/* + - release/* + paths: + include: + - '*' + exclude: + - '**/*.md' + - .config/* + - .devcontainer/* + - .github/* + - .vscode/* + - assets/* + - docs/* + - images/* + - .editorconfig + - .gitignore + - '*.txt' + - '*.github-issues' + +# Scheduled trigger that will run at 8:00 AM every Monday and Wednesday +schedules: +- cron: "0 8 * * Mon" + displayName: Weekly build for Localization Updates (Monday) + branches: + include: + - main +- cron: "0 8 * * Wed" + displayName: Weekly build for Localization Updates (Wednesday) + branches: + include: + - main + +variables: +- template: /eng/templates/variables-template.yml@self +- template: /eng/common/templates-official/variables/pool-providers.yml@self + +resources: + repositories: + - repository: 1esPipelines + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release + +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines + parameters: + sdl: + sourceAnalysisPool: + name: $(DncEngInternalBuildPool) + image: 1es-windows-2022 + os: windows + binskim: + enabled: true + scanOutputDirectoryOnly: true + policheck: + enabled: true + apiScan: + break: false + severity: error + sbom: + enabled: true + tsa: + enabled: true + config: + repositoryName: 'dotnet-interactive' + codebaseName: 'dotnet-interactive' + instanceUrl: 'https://devdiv.visualstudio.com/' + projectName: 'DEVDIV' + iterationPath: 'DevDiv\\Future Backlog' + areaPath: 'DevDiv\\NET Developer Experience\\VS Testing\\Interactive' + notificationAliases: ['dotnetInteractive@microsoft.com'] + serviceTreeID: 'ab4d58de-beb3-4714-866c-1b46a48ea002' + allTools: true + settings: + networkIsolationPolicy: Permissive,CFSClean + stages: + - stage: build + displayName: Build and Test + jobs: + - template: /eng/common/templates-official/job/onelocbuild.yml@self + parameters: + MirrorRepo: interactive + MirrorBranch: main + SkipLocProjectJsonGeneration: true + LclSource: lclFilesfromPackage + LclPackageId: 'LCL-JUNO-PROD-INTERACTIVE' + CreatePr: $(LocPRCreationEnabled) + - template: /eng/common/templates-official/jobs/jobs.yml@self + parameters: + enableMicrobuild: true + enablePublishBuildArtifacts: true + enablePublishTestResults: true + enablePublishBuildAssets: true + enablePublishUsingPipelines: $(_PublishUsingPipelines) + jobs: + - job: Windows_NT + pool: + name: $(DncEngInternalBuildPool) + demands: ImageOverride -equals 1es-windows-2022 + os: windows + timeoutInMinutes: 200 + variables: + - group: DotNet-Symbol-Server-Pats + - name: _SignType + value: Real + - name: _BuildArgs + value: /p:SignType=$(_SignType) + /p:DotNetSignType=$(_SignType) + /p:MicroBuild_SigningEnabled=true + /p:TeamName=$(_TeamName) + /p:DotNetPublishUsingPipelines=$(_PublishUsingPipelines) + /p:DotNetArtifactsCategory=$(_DotNetArtifactsCategory) + /p:DotNetSymbolServerTokenMsdl=$(microsoft-symbol-server-pat) + /p:DotNetSymbolServerTokenSymWeb=$(symweb-symbol-server-pat) + /p:OfficialBuildId=$(BUILD.BUILDNUMBER) + /p:PublishToSymbolServer=true + + templateContext: + outputParentDirectory: $(Build.ArtifactStagingDirectory) + outputs: + - output: pipelineArtifact + displayName: 'Publish Test results and Blame dumps' + targetPath: '$(Build.ArtifactStagingDirectory)/artifacts/TestResults/$(_BuildConfig)' + artifactName: 'Windows_test_results_and_dumps' + publishLocation: Container + condition: always() + - output: pipelineArtifact + displayName: 'Publish VSCode extension artifacts' + targetPath: '$(Build.ArtifactStagingDirectory)\vscode' + artifactName: 'vscode' + publishLocation: Container + - output: buildArtifacts + displayName: 'Publish NPM package artifacts' + PathtoPublish: '$(Build.ArtifactStagingDirectory)/npm' + ArtifactName: 'npm' + publishLocation: Container + - output: pipelineArtifact + displayName: 'Publish packages to artifacts container' + targetPath: '$(Build.ArtifactStagingDirectory)/artifacts/packages/$(_BuildConfig)' + artifactName: 'packages' + publishLocation: Container + + steps: + - checkout: self + clean: true + + # Use common task group + - template: /eng/templates/build-and-test-tasks.yml@self + parameters: + platform: windows + signType: $(_SignType) + + - template: /eng/common/templates-official/jobs/jobs.yml@self + parameters: + enableMicrobuild: true + enablePublishBuildArtifacts: true + enablePublishTestResults: true + enablePublishBuildAssets: false + enablePublishUsingPipelines: false + jobs: + - job: Linux + pool: + name: $(DncEngInternalBuildPool) + os: linux + demands: ImageOverride -equals 1es-ubuntu-2204 + timeoutInMinutes: 200 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish Test results and Blame dumps' + condition: always() + targetPath: '$(Build.SourcesDirectory)/artifacts/TestResults/$(_BuildConfig)' + artifactName: 'Linux_test_results_and_dumps' + publishLocation: Container + + steps: + - checkout: self + clean: true + + # Use common task group + - template: /eng/templates/build-and-test-tasks.yml@self + parameters: + platform: linux + + #---------------------------------------------------------------------------------------------------------------------# + # Post Build # + #---------------------------------------------------------------------------------------------------------------------# + - template: /eng/common/templates-official/post-build/post-build.yml@self + parameters: + publishingInfraVersion: 3 + # signing validation currently has issues with dotnet 7; disabling as per internal guidance + enableSigningValidation: false + # Symbol validation is not entirely reliable as of yet, so should be turned off until https://github.com/dotnet/arcade/issues/2871 is resolved. + enableSymbolValidation: false + # SourceLink improperly looks for generated files. See https://github.com/dotnet/arcade/issues/3069 + enableSourceLinkValidation: false + # Enable SDL validation, passing through values from the 'DotNet-FSharp-SDLValidation-Params' group. + SDLValidationParameters: + enable: true + params: >- + -SourceToolsList @("policheck","credscan") + -TsaInstanceURL $(_TsaInstanceURL) + -TsaProjectName $(_TsaProjectName) + -TsaNotificationEmail $(_TsaNotificationEmail) + -TsaCodebaseAdmin $(_TsaCodebaseAdmin) + -TsaBugAreaPath $(_TsaBugAreaPath) + -TsaIterationPath $(_TsaIterationPath) + -TsaRepositoryName "Interactive" + -TsaCodebaseName "Interactive-GitHub" + -TsaPublish $True + -PoliCheckAdditionalRunConfigParams @("UserExclusionPath < $(Build.SourcesDirectory)/eng/policheck_exclusions.xml") + + #---------------------------------------------------------------------------------------------------------------------# + # NPM Publish # + #---------------------------------------------------------------------------------------------------------------------# + - template: /eng/publish/publish-npm.yml@self + parameters: + packageName: microsoft-polyglot-notebooks-*.tgz + registryUrl: pkgs.dev.azure.com/dnceng/public/_packaging/dotnet-tools/npm/registry/ + registryUser: dnceng + registryEmail: dnceng@microsoft.com + publishingBranch: main diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 750c3617e7..c798836f11 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -65,6 +65,8 @@ variables: - template: /eng/templates/variables-template.yml@self - template: /eng/common/templates/variables/pool-providers.yml@self +settings: + networkIsolationPolicy: Permissive,CFSClean stages: - stage: build displayName: Build and Test