diff --git a/vsts/pipelines/PlatformBinaries/dotnetcore.yml b/vsts/pipelines/PlatformBinaries/dotnetcore.yml index 87e83d0238..c61bf3d570 100644 --- a/vsts/pipelines/PlatformBinaries/dotnetcore.yml +++ b/vsts/pipelines/PlatformBinaries/dotnetcore.yml @@ -1,95 +1,10 @@ variables: - - group: Oryx - +- group: Oryx parameters: - name: destinationStorageAccountName displayName: Destination Storage Account Name type: string default: oryxsdksstaging - -stages: -- stage: Build - jobs: - - job: DotNetCore_Bookworm - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'dotnet' - debianFlavor: 'bookworm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: DotNetCore_Bullseye - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'dotnet' - debianFlavor: 'bullseye' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: DotNetCore_Buster - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'dotnet' - debianFlavor: 'buster' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: DotNetCore_Stretch - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'dotnet' - debianFlavor: 'stretch' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: DotNetCore_Ubuntu - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'dotnet' - debianFlavor: 'focal-scm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - -- stage: Release - dependsOn: Build - jobs: - - job: Publish_Platform_Binaries - timeoutInMinutes: 250 - displayName: Publish to Azure Blob Storage - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesReleaseTemplate.yml - parameters: - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - trigger: batch: true branches: @@ -100,4 +15,106 @@ trigger: - /* include: - platforms/dotnet - - vsts/PlatformBinaries/dotnetcore.yml \ No newline at end of file + - vsts/PlatformBinaries/dotnetcore.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: Build + jobs: + - job: DotNetCore_Bookworm + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'dotnet' + debianFlavor: 'bookworm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: DotNetCore_Bullseye + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'dotnet' + debianFlavor: 'bullseye' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: DotNetCore_Buster + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'dotnet' + debianFlavor: 'buster' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: DotNetCore_Stretch + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'dotnet' + debianFlavor: 'stretch' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: DotNetCore_Ubuntu + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'dotnet' + debianFlavor: 'focal-scm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - stage: Release + dependsOn: Build + jobs: + - job: Publish_Platform_Binaries + timeoutInMinutes: 250 + displayName: Publish to Azure Blob Storage + steps: + - template: /vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml@self + parameters: + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' \ No newline at end of file diff --git a/vsts/pipelines/PlatformBinaries/golang.yml b/vsts/pipelines/PlatformBinaries/golang.yml index 4fc974d8a4..4fc2046c69 100644 --- a/vsts/pipelines/PlatformBinaries/golang.yml +++ b/vsts/pipelines/PlatformBinaries/golang.yml @@ -1,82 +1,10 @@ variables: - - group: Oryx - +- group: Oryx parameters: - name: destinationStorageAccountName displayName: Destination Storage Account Name type: string default: oryxsdksstaging - -stages: -- stage: Build - jobs: - - job: Golang_Bullseye - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'golang' - debianFlavor: 'bullseye' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Golang_Buster - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'golang' - debianFlavor: 'buster' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Golang_Stretch - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'golang' - debianFlavor: 'stretch' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Golang_Ubuntu - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'golang' - debianFlavor: 'focal-scm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - -- stage: Release - dependsOn: Build - jobs: - - job: Publish_Platform_Binaries - timeoutInMinutes: 250 - displayName: Publish to Azure Blob Storage - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesReleaseTemplate.yml - parameters: - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - trigger: batch: true branches: @@ -87,4 +15,92 @@ trigger: - /* include: - platforms/golang - - vsts/PlatformBinaries/golang.yml \ No newline at end of file + - vsts/PlatformBinaries/golang.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: Build + jobs: + - job: Golang_Bullseye + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'golang' + debianFlavor: 'bullseye' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Golang_Buster + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'golang' + debianFlavor: 'buster' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Golang_Stretch + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'golang' + debianFlavor: 'stretch' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Golang_Ubuntu + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'golang' + debianFlavor: 'focal-scm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - stage: Release + dependsOn: Build + jobs: + - job: Publish_Platform_Binaries + timeoutInMinutes: 250 + displayName: Publish to Azure Blob Storage + steps: + - template: /vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml@self + parameters: + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' \ No newline at end of file diff --git a/vsts/pipelines/PlatformBinaries/java.yml b/vsts/pipelines/PlatformBinaries/java.yml index 01c262e715..cd6513896b 100644 --- a/vsts/pipelines/PlatformBinaries/java.yml +++ b/vsts/pipelines/PlatformBinaries/java.yml @@ -1,134 +1,10 @@ variables: - - group: Oryx - +- group: Oryx parameters: - name: destinationStorageAccountName displayName: Destination Storage Account Name type: string default: oryxsdksstaging - -stages: -- stage: Build - jobs: - - job: Java_Bullseye - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'java' - debianFlavor: 'bullseye' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Java_Buster - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'java' - debianFlavor: 'buster' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Java_Stretch - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'java' - debianFlavor: 'stretch' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Java_Ubuntu - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'java' - debianFlavor: 'focal-scm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Maven_Bullseye - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'maven' - debianFlavor: 'bullseye' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Maven_Buster - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'maven' - debianFlavor: 'buster' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Maven_Stretch - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'maven' - debianFlavor: 'stretch' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Maven_Ubuntu - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'maven' - debianFlavor: 'focal-scm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - -- stage: Release - dependsOn: Build - jobs: - - job: Publish_Platform_Binaries - timeoutInMinutes: 250 - displayName: Publish to Azure Blob Storage - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesReleaseTemplate.yml - parameters: - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - trigger: batch: true branches: @@ -139,4 +15,148 @@ trigger: - /* include: - platforms/java - - vsts/PlatformBinaries/java.yml \ No newline at end of file + - vsts/PlatformBinaries/java.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: Build + jobs: + - job: Java_Bullseye + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'java' + debianFlavor: 'bullseye' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Java_Buster + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'java' + debianFlavor: 'buster' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Java_Stretch + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'java' + debianFlavor: 'stretch' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Java_Ubuntu + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'java' + debianFlavor: 'focal-scm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Maven_Bullseye + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'maven' + debianFlavor: 'bullseye' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Maven_Buster + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'maven' + debianFlavor: 'buster' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Maven_Stretch + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'maven' + debianFlavor: 'stretch' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Maven_Ubuntu + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'maven' + debianFlavor: 'focal-scm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - stage: Release + dependsOn: Build + jobs: + - job: Publish_Platform_Binaries + timeoutInMinutes: 250 + displayName: Publish to Azure Blob Storage + steps: + - template: /vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml@self + parameters: + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' \ No newline at end of file diff --git a/vsts/pipelines/PlatformBinaries/node.yml b/vsts/pipelines/PlatformBinaries/node.yml index 906b086d40..cc9ec7f03a 100644 --- a/vsts/pipelines/PlatformBinaries/node.yml +++ b/vsts/pipelines/PlatformBinaries/node.yml @@ -1,95 +1,10 @@ variables: - - group: Oryx - +- group: Oryx parameters: - name: destinationStorageAccountName displayName: Destination Storage Account Name type: string default: oryxsdksstaging - -stages: -- stage: Build - jobs: - - job: Node_Bookworm - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'nodejs' - debianFlavor: 'bookworm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Node_Bullseye - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'nodejs' - debianFlavor: 'bullseye' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Node_Buster - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'nodejs' - debianFlavor: 'buster' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Node_Stretch - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'nodejs' - debianFlavor: 'stretch' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Node_Ubuntu - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'nodejs' - debianFlavor: 'focal-scm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - -- stage: Release - dependsOn: Build - jobs: - - job: Publish_Platform_Binaries - timeoutInMinutes: 250 - displayName: Publish to Azure Blob Storage - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesReleaseTemplate.yml - parameters: - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - trigger: batch: true branches: @@ -100,4 +15,106 @@ trigger: - /* include: - platforms/nodejs - - vsts/PlatformBinaries/node.yml \ No newline at end of file + - vsts/PlatformBinaries/node.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: Build + jobs: + - job: Node_Bookworm + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'nodejs' + debianFlavor: 'bookworm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Node_Bullseye + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'nodejs' + debianFlavor: 'bullseye' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Node_Buster + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'nodejs' + debianFlavor: 'buster' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Node_Stretch + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'nodejs' + debianFlavor: 'stretch' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Node_Ubuntu + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'nodejs' + debianFlavor: 'focal-scm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - stage: Release + dependsOn: Build + jobs: + - job: Publish_Platform_Binaries + timeoutInMinutes: 250 + displayName: Publish to Azure Blob Storage + steps: + - template: /vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml@self + parameters: + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' \ No newline at end of file diff --git a/vsts/pipelines/PlatformBinaries/php.yml b/vsts/pipelines/PlatformBinaries/php.yml index 290d45beec..b6d58465b9 100644 --- a/vsts/pipelines/PlatformBinaries/php.yml +++ b/vsts/pipelines/PlatformBinaries/php.yml @@ -1,95 +1,10 @@ variables: - - group: Oryx - +- group: Oryx parameters: - name: destinationStorageAccountName displayName: Destination Storage Account Name type: string default: oryxsdksstaging - -stages: -- stage: Build - jobs: - - job: Php_Bookworm_SDK - timeoutInMinutes: 1440 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'php' - debianFlavor: 'bookworm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Php_Bullseye_SDK - timeoutInMinutes: 1440 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'php' - debianFlavor: 'bullseye' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Php_Stretch_SDK - timeoutInMinutes: 1440 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'php' - debianFlavor: 'stretch' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Php_Buster_SDK - timeoutInMinutes: 1440 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'php' - debianFlavor: 'buster' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Php_Ubuntu_SDK - timeoutInMinutes: 1440 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'php' - debianFlavor: 'focal-scm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - -- stage: Release - dependsOn: Build - jobs: - - job: Publish_Platform_Binaries - timeoutInMinutes: 250 - displayName: Publish to Azure Blob Storage - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesReleaseTemplate.yml - parameters: - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - trigger: batch: true branches: @@ -100,4 +15,106 @@ trigger: - /* include: - platforms/php - - vsts/PlatformBinaries/php.yml \ No newline at end of file + - vsts/PlatformBinaries/php.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: Build + jobs: + - job: Php_Bookworm_SDK + timeoutInMinutes: 1440 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'php' + debianFlavor: 'bookworm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Php_Bullseye_SDK + timeoutInMinutes: 1440 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'php' + debianFlavor: 'bullseye' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Php_Stretch_SDK + timeoutInMinutes: 1440 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'php' + debianFlavor: 'stretch' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Php_Buster_SDK + timeoutInMinutes: 1440 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'php' + debianFlavor: 'buster' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Php_Ubuntu_SDK + timeoutInMinutes: 1440 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'php' + debianFlavor: 'focal-scm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - stage: Release + dependsOn: Build + jobs: + - job: Publish_Platform_Binaries + timeoutInMinutes: 250 + displayName: Publish to Azure Blob Storage + steps: + - template: /vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml@self + parameters: + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' \ No newline at end of file diff --git a/vsts/pipelines/PlatformBinaries/python.yml b/vsts/pipelines/PlatformBinaries/python.yml index 48378035cf..38cfa613b1 100644 --- a/vsts/pipelines/PlatformBinaries/python.yml +++ b/vsts/pipelines/PlatformBinaries/python.yml @@ -1,95 +1,10 @@ variables: - - group: Oryx - +- group: Oryx parameters: - name: destinationStorageAccountName displayName: Destination Storage Account Name type: string default: oryxsdksstaging - -stages: -- stage: Build - jobs: - - job: Python_Bookworm_SDK - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'python' - debianFlavor: 'bookworm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Python_Bullseye_SDK - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'python' - debianFlavor: 'bullseye' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Python_Buster_SDK - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'python' - debianFlavor: 'buster' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Python_Stretch_SDK - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'python' - debianFlavor: 'stretch' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Python_Ubuntu_SDK - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'python' - debianFlavor: 'focal-scm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - -- stage: Release - dependsOn: Build - jobs: - - job: Publish_Platform_Binaries - timeoutInMinutes: 250 - displayName: Publish to Azure Blob Storage - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesReleaseTemplate.yml - parameters: - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - trigger: batch: true branches: @@ -100,4 +15,106 @@ trigger: - /* include: - platforms/python - - vsts/PlatformBinaries/python.yml \ No newline at end of file + - vsts/PlatformBinaries/python.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: Build + jobs: + - job: Python_Bookworm_SDK + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'python' + debianFlavor: 'bookworm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Python_Bullseye_SDK + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'python' + debianFlavor: 'bullseye' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Python_Buster_SDK + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'python' + debianFlavor: 'buster' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Python_Stretch_SDK + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'python' + debianFlavor: 'stretch' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Python_Ubuntu_SDK + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'python' + debianFlavor: 'focal-scm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - stage: Release + dependsOn: Build + jobs: + - job: Publish_Platform_Binaries + timeoutInMinutes: 250 + displayName: Publish to Azure Blob Storage + steps: + - template: /vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml@self + parameters: + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' \ No newline at end of file diff --git a/vsts/pipelines/PlatformBinaries/ruby.yml b/vsts/pipelines/PlatformBinaries/ruby.yml index 8405f9d8bb..3c16e028cd 100644 --- a/vsts/pipelines/PlatformBinaries/ruby.yml +++ b/vsts/pipelines/PlatformBinaries/ruby.yml @@ -1,82 +1,10 @@ variables: - - group: Oryx - +- group: Oryx parameters: - name: destinationStorageAccountName displayName: Destination Storage Account Name type: string default: oryxsdksstaging - -stages: -- stage: Build - jobs: - - job: Ruby_Bullseye - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'ruby' - debianFlavor: 'bullseye' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Ruby_Buster - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'ruby' - debianFlavor: 'buster' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Ruby_Stretch - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'ruby' - debianFlavor: 'stretch' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Ruby_Ubuntu - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'ruby' - debianFlavor: 'focal-scm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - -- stage: Release - dependsOn: Build - jobs: - - job: Publish_Platform_Binaries - timeoutInMinutes: 250 - displayName: Publish to Azure Blob Storage - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesReleaseTemplate.yml - parameters: - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - trigger: batch: true branches: @@ -87,4 +15,92 @@ trigger: - /* include: - platforms/ruby - - vsts/PlatformBinaries/ruby.yml \ No newline at end of file + - vsts/PlatformBinaries/ruby.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: Build + jobs: + - job: Ruby_Bullseye + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'ruby' + debianFlavor: 'bullseye' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Ruby_Buster + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'ruby' + debianFlavor: 'buster' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Ruby_Stretch + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'ruby' + debianFlavor: 'stretch' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Ruby_Ubuntu + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'ruby' + debianFlavor: 'focal-scm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - stage: Release + dependsOn: Build + jobs: + - job: Publish_Platform_Binaries + timeoutInMinutes: 250 + displayName: Publish to Azure Blob Storage + steps: + - template: /vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml@self + parameters: + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' \ No newline at end of file diff --git a/vsts/pipelines/baseImages/dotnetcore.yml b/vsts/pipelines/baseImages/dotnetcore.yml index e2022cfc13..0695591eed 100644 --- a/vsts/pipelines/baseImages/dotnetcore.yml +++ b/vsts/pipelines/baseImages/dotnetcore.yml @@ -8,47 +8,60 @@ variables: value: true - name: Packaging.EnableSBOMSigning value: true - -jobs: -- template: ../templates/_buildimageBasesJobTemplate.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - displayName: Build DotNetCore runtime buster base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: dotnetcore - imageDebianFlavor: buster - artifactsFileName: dotnetcore-runtimeimage-bases-buster.txt - jobName: Build_DotNetCore_BaseImage_Buster - -- template: ../templates/_buildimageBasesJobTemplate.yml - parameters: - displayName: Build DotNetCore runtime bullseye base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: dotnetcore - imageDebianFlavor: bullseye - artifactsFileName: dotnetcore-runtimeimage-bases-bullseye.txt - jobName: Build_DotNetCore_BaseImage_Bullseye - -- template: ../templates/_buildimageBasesJobTemplate.yml - parameters: - displayName: Build DotNetCore runtime bookworm base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: dotnetcore - imageDebianFlavor: bookworm - artifactsFileName: dotnetcore-runtimeimage-bases-bookworm.txt - jobName: Build_DotNetCore_BaseImage_Bookworm - -- job: Release_DotNetCoreRuntimeBaseImage - dependsOn: - - Build_DotNetCore_BaseImage_Buster - - Build_DotNetCore_BaseImage_Bullseye - - Build_DotNetCore_BaseImage_Bookworm - displayName: Push images to MCR - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_releaseBaseImagesStepTemplate.yml - parameters: - baseImageName: 'dotnetcore' \ No newline at end of file + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling-BulkMigrated + stages: + - stage: stage + jobs: + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build DotNetCore runtime buster base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: dotnetcore + imageDebianFlavor: buster + artifactsFileName: dotnetcore-runtimeimage-bases-buster.txt + jobName: Build_DotNetCore_BaseImage_Buster + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build DotNetCore runtime bullseye base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: dotnetcore + imageDebianFlavor: bullseye + artifactsFileName: dotnetcore-runtimeimage-bases-bullseye.txt + jobName: Build_DotNetCore_BaseImage_Bullseye + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build DotNetCore runtime bookworm base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: dotnetcore + imageDebianFlavor: bookworm + artifactsFileName: dotnetcore-runtimeimage-bases-bookworm.txt + jobName: Build_DotNetCore_BaseImage_Bookworm + - job: Release_DotNetCoreRuntimeBaseImage + dependsOn: + - Build_DotNetCore_BaseImage_Buster + - Build_DotNetCore_BaseImage_Bullseye + - Build_DotNetCore_BaseImage_Bookworm + displayName: Push images to MCR + timeoutInMinutes: 250 + steps: + - template: /vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml@self + parameters: + baseImageName: 'dotnetcore' \ No newline at end of file diff --git a/vsts/pipelines/baseImages/node.yml b/vsts/pipelines/baseImages/node.yml index d89ce545ba..7e89a2cd0c 100644 --- a/vsts/pipelines/baseImages/node.yml +++ b/vsts/pipelines/baseImages/node.yml @@ -8,45 +8,58 @@ variables: value: true - name: Packaging.EnableSBOMSigning value: true - -jobs: -- template: ../templates/_buildimageBasesJobTemplate.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - displayName: Build Node runtime buster based images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: node - imageDebianFlavor: buster - artifactsFileName: node-runtimeimage-bases-buster.txt - jobName: Build_Buster_BaseImages - -- template: ../templates/_buildimageBasesJobTemplate.yml - parameters: - displayName: Build Node runtime bullseye base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: node - imageDebianFlavor: bullseye - artifactsFileName: node-runtimeimage-bases-bullseye.txt - jobName: Build_Bullseye_BaseImages - -- template: ../templates/_buildimageBasesJobTemplate.yml - parameters: - displayName: Build Node runtime bookworm base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: node - imageDebianFlavor: bookworm - artifactsFileName: node-runtimeimage-bases-bookworm.txt - jobName: Build_Bookworm_BaseImages - -- job: Release_NodeRuntimeBaseImage - dependsOn: - - Build_Buster_BaseImages - displayName: Push images to MCR - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_releaseBaseImagesStepTemplate.yml - parameters: - baseImageName: 'node' + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling-BulkMigrated + stages: + - stage: stage + jobs: + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build Node runtime buster based images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: node + imageDebianFlavor: buster + artifactsFileName: node-runtimeimage-bases-buster.txt + jobName: Build_Buster_BaseImages + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build Node runtime bullseye base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: node + imageDebianFlavor: bullseye + artifactsFileName: node-runtimeimage-bases-bullseye.txt + jobName: Build_Bullseye_BaseImages + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build Node runtime bookworm base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: node + imageDebianFlavor: bookworm + artifactsFileName: node-runtimeimage-bases-bookworm.txt + jobName: Build_Bookworm_BaseImages + - job: Release_NodeRuntimeBaseImage + dependsOn: + - Build_Buster_BaseImages + displayName: Push images to MCR + timeoutInMinutes: 250 + steps: + - template: /vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml@self + parameters: + baseImageName: 'node' \ No newline at end of file diff --git a/vsts/pipelines/baseImages/php-fpm.yml b/vsts/pipelines/baseImages/php-fpm.yml index f2bf16197a..95b62a21ca 100644 --- a/vsts/pipelines/baseImages/php-fpm.yml +++ b/vsts/pipelines/baseImages/php-fpm.yml @@ -8,47 +8,60 @@ variables: value: true - name: Packaging.EnableSBOMSigning value: true - -jobs: -- template: ../templates/_buildimageBasesJobTemplate.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - displayName: Build php buster runtime base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: php-fpm - imageDebianFlavor: buster - artifactsFileName: php-fpm-runtimeimage-bases-buster.txt - jobName: Build_PHP_FPM_Buster_Base - -- template: ../templates/_buildimageBasesJobTemplate.yml - parameters: - displayName: Build php bullseye runtime base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: php-fpm - imageDebianFlavor: bullseye - artifactsFileName: php-fpm-runtimeimage-bases-bullseye.txt - jobName: Build_PHP_Fpm_Bullseye_Base - -- template: ../templates/_buildimageBasesJobTemplate.yml - parameters: - displayName: Build php bookworm runtime base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: php-fpm - imageDebianFlavor: bookworm - artifactsFileName: php-fpm-runtimeimage-bases-bookworm.txt - jobName: Build_PHP_Fpm_Bookworm_Base - -- job: Release_PhpRuntimeBaseImage - dependsOn: - - Build_Php_Fpm_Buster_Base - - Build_PHP_Fpm_Bullseye_Base - - Build_PHP_Fpm_Bookworm_Base - displayName: Push images to MCR - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_releaseBaseImagesStepTemplate.yml - parameters: - baseImageName: 'php-fpm' + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling-BulkMigrated + stages: + - stage: stage + jobs: + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build php buster runtime base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: php-fpm + imageDebianFlavor: buster + artifactsFileName: php-fpm-runtimeimage-bases-buster.txt + jobName: Build_PHP_FPM_Buster_Base + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build php bullseye runtime base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: php-fpm + imageDebianFlavor: bullseye + artifactsFileName: php-fpm-runtimeimage-bases-bullseye.txt + jobName: Build_PHP_Fpm_Bullseye_Base + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build php bookworm runtime base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: php-fpm + imageDebianFlavor: bookworm + artifactsFileName: php-fpm-runtimeimage-bases-bookworm.txt + jobName: Build_PHP_Fpm_Bookworm_Base + - job: Release_PhpRuntimeBaseImage + dependsOn: + - Build_Php_Fpm_Buster_Base + - Build_PHP_Fpm_Bullseye_Base + - Build_PHP_Fpm_Bookworm_Base + displayName: Push images to MCR + timeoutInMinutes: 250 + steps: + - template: /vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml@self + parameters: + baseImageName: 'php-fpm' diff --git a/vsts/pipelines/baseImages/php.yml b/vsts/pipelines/baseImages/php.yml index 78944bd174..1ca3afd92b 100644 --- a/vsts/pipelines/baseImages/php.yml +++ b/vsts/pipelines/baseImages/php.yml @@ -8,47 +8,60 @@ variables: value: true - name: Packaging.EnableSBOMSigning value: true - -jobs: -- template: ../templates/_buildimageBasesJobTemplate.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - displayName: Build php runtime buster base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: php - imageDebianFlavor: buster - artifactsFileName: php-runtimeimage-bases-buster.txt - jobName: Build_Buster_BaseImages - -- template: ../templates/_buildimageBasesJobTemplate.yml - parameters: - displayName: Build php runtime bullseye base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: php - imageDebianFlavor: bullseye - artifactsFileName: php-runtimeimage-bases-bullseye.txt - jobName: Build_Bullseye_BaseImages - -- template: ../templates/_buildimageBasesJobTemplate.yml - parameters: - displayName: Build php runtime bookworm base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: php - imageDebianFlavor: bookworm - artifactsFileName: php-runtimeimage-bases-bookworm.txt - jobName: Build_Bookworm_BaseImages - -- job: Release_PhpRuntimeBaseImage - dependsOn: - - Build_Buster_BaseImages - - Build_Bullseye_BaseImages - - Build_Bookworm_BaseImages - displayName: Push images to MCR - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_releaseBaseImagesStepTemplate.yml - parameters: - baseImageName: 'php' + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling-BulkMigrated + stages: + - stage: stage + jobs: + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build php runtime buster base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: php + imageDebianFlavor: buster + artifactsFileName: php-runtimeimage-bases-buster.txt + jobName: Build_Buster_BaseImages + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build php runtime bullseye base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: php + imageDebianFlavor: bullseye + artifactsFileName: php-runtimeimage-bases-bullseye.txt + jobName: Build_Bullseye_BaseImages + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build php runtime bookworm base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: php + imageDebianFlavor: bookworm + artifactsFileName: php-runtimeimage-bases-bookworm.txt + jobName: Build_Bookworm_BaseImages + - job: Release_PhpRuntimeBaseImage + dependsOn: + - Build_Buster_BaseImages + - Build_Bullseye_BaseImages + - Build_Bookworm_BaseImages + displayName: Push images to MCR + timeoutInMinutes: 250 + steps: + - template: /vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml@self + parameters: + baseImageName: 'php' diff --git a/vsts/pipelines/baseImages/python.yml b/vsts/pipelines/baseImages/python.yml index 1d29aba81f..86a0b8f73e 100644 --- a/vsts/pipelines/baseImages/python.yml +++ b/vsts/pipelines/baseImages/python.yml @@ -8,37 +8,51 @@ variables: value: true - name: Packaging.EnableSBOMSigning value: true - -jobs: -- template: ../templates/_buildimageBasesJobTemplate.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - displayName: Build python runtime bullseye base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: python - imageDebianFlavor: bullseye - artifactsFileName: python-runtimeimage-bases-bullseye.txt - jobName: Build_Bullseye_BaseImages - -- template: ../templates/_buildimageBasesJobTemplate.yml - parameters: - displayName: Build python runtime bookworm base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: python - imageDebianFlavor: bookworm - artifactsFileName: python-runtimeimage-bases-bookworm.txt - jobName: Build_Bookworm_BaseImages - -- job: Release_PythonRuntimeBaseImage - dependsOn: - - Build_Bullseye_BaseImages - - Build_Bookworm_BaseImages - displayName: Push images to MCR - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_releaseBaseImagesStepTemplate.yml - parameters: - baseImageName: 'python' + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling-BulkMigrated + stages: + - stage: stage + jobs: + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build python runtime bullseye base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: python + imageDebianFlavor: bullseye + artifactsFileName: python-runtimeimage-bases-bullseye.txt + jobName: Build_Bullseye_BaseImages + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build python runtime bookworm base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: python + imageDebianFlavor: bookworm + artifactsFileName: python-runtimeimage-bases-bookworm.txt + jobName: Build_Bookworm_BaseImages + - job: Release_PythonRuntimeBaseImage + dependsOn: + - Build_Bullseye_BaseImages + - Build_Bookworm_BaseImages + displayName: Push images to MCR + timeoutInMinutes: 250 + steps: + - template: /vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml@self + parameters: + baseImageName: 'python' \ No newline at end of file diff --git a/vsts/pipelines/ci.yml b/vsts/pipelines/ci.yml index fdab6281c9..94195443a0 100644 --- a/vsts/pipelines/ci.yml +++ b/vsts/pipelines/ci.yml @@ -1,285 +1,269 @@ parameters: - - name: storageAccountUrl - displayName: SDK storage account URL for production images and testing - type: string - default: https://oryx-cdn.microsoft.io - values: - - https://oryx-cdn.microsoft.io - - name: buildImages - type: object - default: - - - key: Latest - value: latest - - - key: Jamstack - value: jamstack - - - key: GithubActions - value: githubactions - - - key: Full - value: full - - - key: Cli - value: cli-stretch - - - key: CliBuster - value: cli-buster - - - key: CliBullseye - value: cli-bullseye - - - key: CliBuilderBullseye - value: cli-builder-bullseye - - - key: Buildpack - value: buildpack - +- name: storageAccountUrl + displayName: SDK storage account URL for production images and testing + type: string + default: https://oryx-cdn.microsoft.io + values: + - https://oryx-cdn.microsoft.io +- name: buildImages + type: object + default: + - key: Latest + value: latest + - key: Jamstack + value: jamstack + - key: GithubActions + value: githubactions + - key: Full + value: full + - key: Cli + value: cli-stretch + - key: CliBuster + value: cli-buster + - key: CliBullseye + value: cli-bullseye + - key: CliBuilderBullseye + value: cli-builder-bullseye + - key: Buildpack + value: buildpack resources: -- repo: self - + repositories: + - repository: MicroBuildTemplate + type: git + name: 1ESPipelineTemplates/MicroBuildTemplate + ref: refs/tags/release variables: group: Oryx Packaging.EnableSBOMSigning: true - -stages: - - stage: CreateReleaseTag - jobs: - - job: CreateReleaseTag - pool: +trigger: none +extends: + template: azure-pipelines/MicroBuild.1ES.Official.yml@MicroBuildTemplate + parameters: + sdl: + sourceAnalysisPool: name: AzurePipelines-EO - demands: + image: AzurePipelinesWindows2022compliantGPT + os: windows + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + customBuildTags: + - ES365AIMigrationTooling-BulkMigrated + stages: + - stage: CreateReleaseTag + jobs: + - job: CreateReleaseTag + pool: + name: AzurePipelines-EO + demands: - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - variables: - skipComponentGovernanceDetection: true - steps: - - checkout: self - clean: true - - - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - - task: ShellScript@2 - inputs: - scriptPath: ./vsts/scripts/createReleaseTag.sh - displayName: 'Create release tag' - - script: | - set -ex - sourcesArtifactsDir="$(Build.SourcesDirectory)/artifacts" - mkdir -p "$sourcesArtifactsDir" - echo "$(RELEASE_TAG_NAME)" > "$sourcesArtifactsDir/releaseTag.txt" - displayName: 'Write release tag name to an artifact file' - - task: PublishPipelineArtifact@1 - displayName: 'Publish artifact file having the release tag name' - inputs: - targetPath: $(Build.SourcesDirectory)/artifacts/releaseTag.txt - artifactName: releaseTag - - - stage: Build - displayName: Build Stage - jobs: - - job: Job_Security - displayName: Security - condition: succeeded() - pool: - name: Azure Pipelines - vmImage: windows-2022 - steps: - - template: templates/_securityChecks.yml - - - job: Job_SignBinaries - displayName: Sign Oryx Binaries - pool: - name: VSEngSS-MicroBuild2022-1ES - demands: - - msbuild - - visualstudio - variables: - SignType: 'test' - skipComponentGovernanceDetection: true - steps: - - task: DownloadPipelineArtifact@2 - displayName: 'Download artifact file having release tag name' - inputs: - targetPath: $(Build.SourcesDirectory)/artifacts/releaseTag - artifactName: 'releaseTag' - - powershell: | - $file = "$env:BUILD_SOURCESDIRECTORY\artifacts\releaseTag\releaseTag.txt" - if (Test-Path $file) { - $tagName = [IO.File]::ReadAllText($file) - Write-Host "Content is $tagName" - echo "##vso[task.setvariable variable=RELEASE_TAG_NAME;]$tagName" - } - displayName: 'Set release tag name as environment variable' - - template: templates/_signBinary.yml - - # Job loop for BuildImages - - ${{ each buildImage in parameters.buildImages }}: - - job: Job_BuildImage_${{ buildImage.key }} - displayName: 'Build & Test ${{ buildImage.key }} Build image' - #dependsOn: Job_SignBinaries + variables: + skipComponentGovernanceDetection: true + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish artifact file having the release tag name' + targetPath: $(Build.SourcesDirectory)/artifacts/releaseTag.txt + artifactName: releaseTag + steps: + - checkout: self + clean: true + - task: ShellScript@2 + inputs: + scriptPath: ./vsts/scripts/createReleaseTag.sh + displayName: 'Create release tag' + - script: | + set -ex + sourcesArtifactsDir="$(Build.SourcesDirectory)/artifacts" + mkdir -p "$sourcesArtifactsDir" + echo "$(RELEASE_TAG_NAME)" > "$sourcesArtifactsDir/releaseTag.txt" + displayName: 'Write release tag name to an artifact file' + - stage: Build + displayName: Build Stage + jobs: + - job: Job_Security + displayName: Security + condition: succeeded() + pool: + name: Azure Pipelines + vmImage: windows-2022 + steps: + - template: /vsts/pipelines/templates/_securityChecks.yml@self + - job: Job_SignBinaries + displayName: Sign Oryx Binaries + pool: + name: VSEngSS-MicroBuild2022-1ES + demands: + - msbuild + - visualstudio + variables: + SignType: 'test' + skipComponentGovernanceDetection: true + templateContext: + mb: + signing: + enabled: true + signType: '$(setSignTypeVariable.SignType)' + outputs: + - output: pipelineArtifact + displayName: 'Publish Pipeline Artifact' + condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) + artifactName: 'signed_binaries' + targetPath: '$(Build.ArtifactStagingDirectory)' + steps: + - task: DownloadPipelineArtifact@2 + displayName: 'Download artifact file having release tag name' + inputs: + targetPath: $(Build.SourcesDirectory)/artifacts/releaseTag + artifactName: 'releaseTag' + - powershell: | + $file = "$env:BUILD_SOURCESDIRECTORY\artifacts\releaseTag\releaseTag.txt" + if (Test-Path $file) { + $tagName = [IO.File]::ReadAllText($file) + Write-Host "Content is $tagName" + echo "##vso[task.setvariable variable=RELEASE_TAG_NAME;]$tagName" + } + displayName: 'Set release tag name as environment variable' + - template: /vsts/pipelines/templates/_signBinary.yml@self + - ${{ each buildImage in parameters.buildImages }}: + - job: Job_BuildImage_${{ buildImage.key }} + displayName: 'Build & Test ${{ buildImage.key }} Build image' + condition: succeeded() + timeoutInMinutes: 480 + pool: + name: AzurePipelines-EO + demands: + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + variables: + SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] + skipComponentGovernanceDetection: true + steps: + - script: | + echo "##vso[task.setvariable variable=BuildBuildImages;]true" + echo "##vso[task.setvariable variable=TestBuildImages;]true" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestRuntimeImages;]false" + echo "##vso[task.setvariable variable=PushBuildImages;]true" + echo "##vso[task.setvariable variable=PushRuntimeImages;]false" + echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]true" + echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" + if [[ "${{ buildImage.value }}" =~ "cli-builder" ]]; then + echo "##vso[task.setvariable variable=PushBuilderImages;]true" + fi + displayName: 'Set variables' + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self + parameters: + imageType: ${{ buildImage.value }} + - job: Job_Buster_RuntimeImages + displayName: Build and Test Buster Runtime Images + dependsOn: Job_SignBinaries condition: succeeded() timeoutInMinutes: 480 pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: - SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] # map in the signtype variable + SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] skipComponentGovernanceDetection: true - steps: - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]true" - echo "##vso[task.setvariable variable=TestBuildImages;]true" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestRuntimeImages;]false" - echo "##vso[task.setvariable variable=PushBuildImages;]true" - echo "##vso[task.setvariable variable=PushRuntimeImages;]false" + echo "##vso[task.setvariable variable=BuildBuildImages;]false" + echo "##vso[task.setvariable variable=TestBuildImages;]false" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]true" + echo "##vso[task.setvariable variable=TestRuntimeImages;]true" + echo "##vso[task.setvariable variable=PushRuntimeImages;]true" + echo "##vso[task.setvariable variable=PushBuildImages;]false" echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]true" echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - if [[ "${{ buildImage.value }}" =~ "cli-builder" ]]; then - echo "##vso[task.setvariable variable=PushBuilderImages;]true" - fi displayName: 'Set variables' - - - template: templates/_setReleaseTag.yml - - - template: templates/_buildTemplate.yml + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self parameters: - imageType: ${{ buildImage.value }} - - - job: Job_Buster_RuntimeImages - displayName: Build and Test Buster Runtime Images - dependsOn: Job_SignBinaries - condition: succeeded() - timeoutInMinutes: 480 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - variables: - SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] # map in the signtype variable - skipComponentGovernanceDetection: true - - steps: - - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]false" - echo "##vso[task.setvariable variable=TestBuildImages;]false" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]true" - echo "##vso[task.setvariable variable=TestRuntimeImages;]true" - echo "##vso[task.setvariable variable=PushRuntimeImages;]true" - echo "##vso[task.setvariable variable=PushBuildImages;]false" - echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]true" - echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - displayName: 'Set variables' - - - template: templates/_setReleaseTag.yml - - - template: templates/_buildTemplate.yml - parameters: imageType: buster - - - job: Job_Bullseye_RuntimeImages - displayName: Build and Test Bullseye Runtime Images - dependsOn: Job_SignBinaries - condition: succeeded() - timeoutInMinutes: 480 - pool: - name: AzurePipelines-EO - demands: + - job: Job_Bullseye_RuntimeImages + displayName: Build and Test Bullseye Runtime Images + dependsOn: Job_SignBinaries + condition: succeeded() + timeoutInMinutes: 480 + pool: + name: AzurePipelines-EO + demands: - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - variables: - SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] # map in the signtype variable - skipComponentGovernanceDetection: true - - steps: - - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]false" - echo "##vso[task.setvariable variable=TestBuildImages;]false" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]true" - echo "##vso[task.setvariable variable=TestRuntimeImages;]true" - echo "##vso[task.setvariable variable=PushRuntimeImages;]true" - echo "##vso[task.setvariable variable=PushBuildImages;]false" - echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]true" - echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - displayName: 'Set variables' - - - template: templates/_setReleaseTag.yml - - - template: templates/_buildTemplate.yml - parameters: + variables: + SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] + skipComponentGovernanceDetection: true + steps: + - script: | + echo "##vso[task.setvariable variable=BuildBuildImages;]false" + echo "##vso[task.setvariable variable=TestBuildImages;]false" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]true" + echo "##vso[task.setvariable variable=TestRuntimeImages;]true" + echo "##vso[task.setvariable variable=PushRuntimeImages;]true" + echo "##vso[task.setvariable variable=PushBuildImages;]false" + echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]true" + echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" + displayName: 'Set variables' + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self + parameters: imageType: bullseye - - - job: Job_Bookworm_RuntimeImages - displayName: Build and Test Bookworm Runtime Images - dependsOn: Job_SignBinaries - condition: succeeded() - timeoutInMinutes: 480 - pool: - name: AzurePipelines-EO - demands: + - job: Job_Bookworm_RuntimeImages + displayName: Build and Test Bookworm Runtime Images + dependsOn: Job_SignBinaries + condition: succeeded() + timeoutInMinutes: 480 + pool: + name: AzurePipelines-EO + demands: - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - variables: - SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] # map in the signtype variable - skipComponentGovernanceDetection: true - - steps: - - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]false" - echo "##vso[task.setvariable variable=TestBuildImages;]false" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]true" - echo "##vso[task.setvariable variable=TestRuntimeImages;]true" - echo "##vso[task.setvariable variable=PushRuntimeImages;]true" - echo "##vso[task.setvariable variable=PushBuildImages;]false" - echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]true" - echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - displayName: 'Set variables' - - - template: templates/_setReleaseTag.yml - - - template: templates/_buildTemplate.yml - parameters: + variables: + SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] + skipComponentGovernanceDetection: true + steps: + - script: | + echo "##vso[task.setvariable variable=BuildBuildImages;]false" + echo "##vso[task.setvariable variable=TestBuildImages;]false" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]true" + echo "##vso[task.setvariable variable=TestRuntimeImages;]true" + echo "##vso[task.setvariable variable=PushRuntimeImages;]true" + echo "##vso[task.setvariable variable=PushBuildImages;]false" + echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]true" + echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" + displayName: 'Set variables' + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self + parameters: imageType: bookworm - - - template: templates/_integrationJobTemplate.yml - parameters: + - template: /vsts/pipelines/templates/_integrationJobTemplate.yml@self + parameters: storageAccountUrl: ${{ parameters.storageAccountUrl }} - - - job: Job_ProductionStorageAccountTest - displayName: Test Production Storage Account - pool: - name: AzurePipelines-EO - demands: + - job: Job_ProductionStorageAccountTest + displayName: Test Production Storage Account + pool: + name: AzurePipelines-EO + demands: - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - variables: - skipComponentGovernanceDetection: true - steps: - - task: UseDotNet@2 - displayName: 'Use .NET Core sdk 7.x' - inputs: - version: 7.0.306 - - - task: ShellScript@2 - displayName: 'Test production storage account' - env: - ORYX_TEST_SDK_STORAGE_URL: ${{ parameters.storageAccountUrl }} - inputs: - scriptPath: ./build/testIntegration.sh - args: StorageAccountTests=Prod - - - stage: Release - displayName: Release Stage - dependsOn: Build - condition: > - and(succeeded(), or(eq(variables['Build.SourceBranch'], 'refs/heads/main'), - startsWith(variables['Build.SourceBranch'],'refs/heads/patch/'), - startsWith(variables['Build.SourceBranch'],'refs/heads/exp/'))) - - jobs: - - template: templates/_releaseJobTemplate.yml - -trigger: none \ No newline at end of file + variables: + skipComponentGovernanceDetection: true + steps: + - task: UseDotNet@2 + displayName: 'Use .NET Core sdk 7.x' + inputs: + version: 7.0.306 + - task: ShellScript@2 + displayName: 'Test production storage account' + env: + ORYX_TEST_SDK_STORAGE_URL: ${{ parameters.storageAccountUrl }} + inputs: + scriptPath: ./build/testIntegration.sh + args: StorageAccountTests=Prod + - stage: Release + displayName: Release Stage + dependsOn: Build + condition: > + and(succeeded(), or(eq(variables['Build.SourceBranch'], 'refs/heads/main'), startsWith(variables['Build.SourceBranch'],'refs/heads/patch/'), startsWith(variables['Build.SourceBranch'],'refs/heads/exp/'))) + jobs: + - template: /vsts/pipelines/templates/_releaseJobTemplate.yml@self \ No newline at end of file diff --git a/vsts/pipelines/templates/_buildTemplate.yml b/vsts/pipelines/templates/_buildTemplate.yml index db47fbd943..000593473b 100644 --- a/vsts/pipelines/templates/_buildTemplate.yml +++ b/vsts/pipelines/templates/_buildTemplate.yml @@ -3,7 +3,6 @@ parameters: acrName: oryxdevmcr.azurecr.io imageName: oryxdevmcr.azurecr.io/public/oryx imageType: null - steps: - script: | if [ "$(BuildBuildImages)" != "true" ] && [ "$(BuildRuntimeImages)" != "true" ] && [ "$(TestIntegration)" != "true" ] @@ -13,7 +12,6 @@ steps: exit 1 fi displayName: 'Validate pipeline run' - - script: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc @@ -22,10 +20,8 @@ steps: docker images && docker system prune -fa && docker images && echo displayName: 'clean docker images' condition: or(eq(variables['TestBuildImages'], 'true'), eq(variables['TestRuntimeImages'], 'true')) - - checkout: self clean: true - - task: DownloadPipelineArtifact@0 displayName: 'Download Pipeline Artifact' inputs: @@ -33,32 +29,19 @@ steps: artifactName: 'signed_binaries' targetPath: '$(Build.SourcesDirectory)' condition: > - and(succeeded(), - or(in(variables['SIGNTYPE'], 'real', 'Real'), in(variables['SignType'], 'real', 'Real')), - or(startsWith(variables['Build.SourceBranch'], 'refs/heads/main'), - startsWith(variables['Build.SourceBranch'],'refs/heads/patch/'), - startsWith(variables['Build.SourceBranch'],'refs/heads/exp/'))) - + and(succeeded(), or(in(variables['SIGNTYPE'], 'real', 'Real'), in(variables['SignType'], 'real', 'Real')), or(startsWith(variables['Build.SourceBranch'], 'refs/heads/main'), startsWith(variables['Build.SourceBranch'],'refs/heads/patch/'), startsWith(variables['Build.SourceBranch'],'refs/heads/exp/'))) - task: UseDotNet@2 displayName: 'Use .NET Core sdk 7.x' inputs: version: 7.0.306 - - script: | dotnet --version && dotnet msbuild -version && echo displayName: 'Print dotnet and msbuild version' - - task: ShellScript@2 displayName: 'Build Oryx.sln' inputs: scriptPath: ./build/buildSln.sh args: Oryx.sln - -- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - task: Docker@1 displayName: Container registry logout inputs: @@ -72,23 +55,19 @@ steps: command: login azureSubscriptionEndpoint: ${{ parameters.ascName }} azureContainerRegistry: ${{ parameters.acrName }} - - script: | docker images && docker system prune -fa && df -h && echo displayName: 'Free up space for oryx layers' - - task: ShellScript@2 displayName: 'Test build script generator' inputs: scriptPath: ./build/testBuildScriptGenerator.sh condition: and(succeeded(), eq(variables['TestBuildImages'], 'true')) - - task: ShellScript@2 displayName: 'Test startup script generators' inputs: scriptPath: ./build/testStartupScriptGenerators.sh condition: and(succeeded(), eq(variables['TestRuntimeImages'], 'true')) - - task: ShellScript@2 displayName: 'Build build images' env: @@ -97,7 +76,6 @@ steps: scriptPath: ./build/buildBuildImages.sh args: -t ${{ parameters.imageType }} -s $(storageAccountUrl) condition: and(succeeded(), eq(variables['BuildBuildImages'], 'true')) - - task: ShellScript@2 displayName: 'Build runtime images' env: @@ -106,24 +84,20 @@ steps: scriptPath: ./build/buildRunTimeImages.sh args: -s $(storageAccountUrl) ${{ parameters.imageType }} condition: and(succeeded(), eq(variables['BuildRuntimeImages'], 'true')) - - - script: | docker images && docker system prune -f && df -h && echo displayName: 'clean docker unknown layers' - - script: | docker -v - echo "Installing Docker CE version 24.0.5................" + echo "Installing Docker CE version 24.0.5." curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt update sudo apt-get install docker-ce=5:24.0.5~3-0~ubuntu-focal docker-ce-cli=5:24.0.5~3-0~ubuntu-focal containerd.io - echo "After installing ................" + echo "After installing ." docker -v displayName: 'Install Docker 24.0.5' condition: true - - task: ShellScript@2 displayName: 'Test build images' env: @@ -133,7 +107,6 @@ steps: scriptPath: ./build/testBuildImages.sh args: skipBuildingImages ${{ parameters.imageName }} $(Build.DefinitionName).$(RELEASE_TAG_NAME) ${{ parameters.imageType }} condition: and(succeeded(), eq(variables['TestBuildImages'], 'true')) - - task: ShellScript@2 displayName: 'Test runtime images' env: @@ -143,13 +116,11 @@ steps: scriptPath: ./build/testRunTimeImages.sh args: skipBuildingImages ${{ parameters.imageName }} $(Build.DefinitionName).$(RELEASE_TAG_NAME) category=runtime-${{ parameters.imageType }} condition: and(succeeded(), eq(variables['TestRuntimeImages'], 'true')) - - task: DownloadBuildArtifacts@0 displayName: 'Download Build Artifacts' inputs: artifactName: drop condition: and(succeeded(), eq(variables['TestIntegration'], 'true')) - - task: Shellpp@0 displayName: 'Pull and Retag recently built oryx build and runtime images' inputs: @@ -157,14 +128,12 @@ steps: scriptPath: ./vsts/scripts/pullAndTag.sh args: $(System.ArtifactsDirectory)/drop/images/build-images-acr.txt condition: and(succeeded(), eq(variables['TestIntegration'], 'true')) - - task: Shellpp@0 displayName: 'Build a build image for tests' inputs: type: FilePath scriptPath: ./build/buildTestBuildImages.sh condition: and(succeeded(), eq(variables['TestIntegration'], 'true')) - - task: ShellScript@2 displayName: 'Test integration' inputs: @@ -178,7 +147,6 @@ steps: ORYX_TEST_SDK_STORAGE_URL: $(storageAccountUrl) ORYX_SDK_STORAGE_ACCOUNT_ACCESS_TOKEN: $(ORYX-SDK-STAGING-PRIVATE-SAS-TOKEN) condition: and(succeeded(), eq(variables['TestIntegration'], 'true')) - - task: CopyFiles@2 displayName: 'Copy source projects output to artifacts folder' inputs: @@ -189,7 +157,6 @@ steps: overWrite: true flattenFolders: true condition: true - - task: CopyFiles@2 displayName: 'Copy artifacts from source repo to agent artifacts folder' inputs: @@ -198,77 +165,47 @@ steps: targetFolder: $(Build.ArtifactStagingDirectory) overWrite: true condition: true - -- task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: Generate Software Bill of Materials (SBOM) - inputs: - BuildDropPath: '$(Build.ArtifactStagingDirectory)' - AdditionalComponentDetectorArgs: '--DirectoryExclusionList **/SampleApps/**' - - task: PublishTestResults@2 inputs: testRunner: 'xUnit' testResultsFiles: '$(Build.ArtifactStagingDirectory)/testResults/*.xml' mergeTestResults: true condition: true - -- task: Docker@1 +- task: 1ES.PushContainerImage@1 displayName: 'Push build images to ACR' inputs: - azureSubscriptionEndpoint: ${{ parameters.ascName }} - azureContainerRegistry: ${{ parameters.acrName }} - command: 'Push an image' - pushMultipleImages: true - imageNamesPath: '$(Build.ArtifactStagingDirectory)/images/build-images-acr.txt' - includeLatestTag: false - enforceDockerNamingConvention: false - condition: and(succeeded(), or(eq(variables['PushBuildImages'], 'true'), eq(variables['PushBuilderImages'], 'true')), eq(variables['BuildBuildImages'], 'true')) - -- task: Docker@1 + image: ${{ parameters.acrName }}/${{ parameters.ascName }} + remoteImage: ${{ parameters.acrName }}/${{ parameters.ascName }}:${{ parameters.acrName }} +- task: 1ES.PushContainerImage@1 displayName: 'Push runtime images to ACR' inputs: - azureSubscriptionEndpoint: ${{ parameters.ascName }} - azureContainerRegistry: ${{ parameters.acrName }} - command: 'Push an image' - pushMultipleImages: true - imageNamesPath: '$(Build.ArtifactStagingDirectory)/images/runtime-images-acr.${{ parameters.imageType }}.txt' - includeLatestTag: false - enforceDockerNamingConvention: false + image: ${{ parameters.acrName }}/${{ parameters.acrName }}:${{ parameters.imageType }} + remoteImage: ${{ parameters.acrName }}/${{ parameters.acrName }}:${{ parameters.imageType }} condition: and(succeeded(), eq(variables['PushRuntimeImages'], 'true'), eq(variables['BuildRuntimeImages'], 'true')) - - task: ShellScript@2 displayName: 'Clean up Docker containers and images' inputs: scriptPath: ./vsts/scripts/cleanDocker.sh condition: or(eq(variables['TestBuildImages'], 'true'), eq(variables['TestRuntimeImages'], 'true'), eq(variables['TestIntegration'], 'true')) - - task: ShellScript@2 displayName: 'Clean up Docker mounted directories' inputs: scriptPath: ./vsts/scripts/removeDockerArtifacts.sh condition: or(eq(variables['TestBuildImages'], 'true'), eq(variables['TestRuntimeImages'], 'true'), eq(variables['TestIntegration'], 'true')) - - script: | docker images && docker system prune -fa && df -h && docker images && echo displayName: 'clean docker images and stopped containers' - - task: ShellScript@2 displayName: 'Generate release notes' inputs: scriptPath: ./vsts/scripts/generateReleaseNotes.sh condition: and(succeeded(), eq(variables['PushBuildImages'], 'true'), eq(variables['BuildBuildImages'], 'true')) - - task: ArchiveFiles@2 displayName: 'Archive docker files and scripts for Oryx build and runtime images' inputs: rootFolderOrFile: images archiveFile: '$(Build.ArtifactStagingDirectory)/images/dockerFiles.zip' condition: true - -- task: PublishBuildArtifacts@1 - displayName: 'Publish Artifact: drop' - condition: true - - task: mspremier.PostBuildCleanup.PostBuildCleanup-task.PostBuildCleanup@3 displayName: 'Clean Agent Directories' - condition: true + condition: true \ No newline at end of file diff --git a/vsts/pipelines/templates/_builderTemplate.yml b/vsts/pipelines/templates/_builderTemplate.yml index 57af09174d..0890946854 100644 --- a/vsts/pipelines/templates/_builderTemplate.yml +++ b/vsts/pipelines/templates/_builderTemplate.yml @@ -1,32 +1,27 @@ parameters: ascName: oryx-new-service-connection acrName: oryxdevmcr.azurecr.io - steps: - script: | curl -sSL "https://github.com/buildpacks/pack/releases/download/v0.28.0/pack-v0.28.0-linux.tgz" | tar -C /usr/local/bin/ --no-same-owner -xzv pack displayName: 'Install Pack CLI' condition: true - - task: Docker@1 displayName: Container registry login inputs: command: login azureSubscriptionEndpoint: ${{ parameters.ascName }} azureContainerRegistry: ${{ parameters.acrName }} - - task: ShellScript@2 displayName: 'Build base builder images' inputs: scriptPath: ./builders/base/buildBaseBuilder.sh args: -f ${{ parameters.acrName }} -r "public/oryx/builder" -v $(Build.DefinitionName).$(Build.BuildNumber) - - task: ShellScript@2 displayName: 'Build container apps builder images' inputs: scriptPath: ./builders/container-apps/buildCappsBuilder.sh args: -f ${{ parameters.acrName }} -r "public/oryx/builder" -t "capps-$(Build.DefinitionName).$(Build.BuildNumber)" -b "${{ parameters.acrName }}/public/oryx/builder:$(Build.DefinitionName).$(Build.BuildNumber)" - - task: CopyFiles@2 displayName: 'Copy artifacts from source repo to agent artifacts folder' inputs: @@ -34,25 +29,13 @@ steps: contents: '**/*.*' targetFolder: $(Build.ArtifactStagingDirectory) overWrite: true - -- task: Docker@1 +- task: 1ES.PushContainerImage@1 displayName: 'Push base build images to ACR' inputs: - azureSubscriptionEndpoint: ${{ parameters.ascName }} - azureContainerRegistry: ${{ parameters.acrName }} - command: 'Push an image' - pushMultipleImages: true - imageNamesPath: '$(Build.ArtifactStagingDirectory)/images/builder-images-acr.txt' - includeLatestTag: false - enforceDockerNamingConvention: false - -- task: Docker@1 + image: ${{ parameters.acrName }}/${{ parameters.acrName }}:$(Build.BuildNumber) + remoteImage: ${{ parameters.acrName }}/${{ parameters.acrName }}:$(Build.BuildNumber) +- task: 1ES.PushContainerImage@1 displayName: 'Push container apps builder images to ACR' inputs: - azureSubscriptionEndpoint: ${{ parameters.ascName }} - azureContainerRegistry: ${{ parameters.acrName }} - command: 'Push an image' - pushMultipleImages: true - imageNamesPath: '$(Build.ArtifactStagingDirectory)/images/capps-builder-images-acr.txt' - includeLatestTag: false - enforceDockerNamingConvention: false \ No newline at end of file + image: ${{ parameters.acrName }}/${{ parameters.ascName }}:$(Build.ArtifactStagingDirectory)/images/capps-builder-images-acr.txt + remoteImage: ${{ parameters.acrName }}/${{ parameters.ascName }}:$(Build.ArtifactStagingDirectory)/images/capps-builder-images-acr.txt \ No newline at end of file diff --git a/vsts/pipelines/templates/_buildimageBasesJobTemplate.yml b/vsts/pipelines/templates/_buildimageBasesJobTemplate.yml index 701537907a..812bc2ced5 100644 --- a/vsts/pipelines/templates/_buildimageBasesJobTemplate.yml +++ b/vsts/pipelines/templates/_buildimageBasesJobTemplate.yml @@ -1,25 +1,13 @@ -parameters: - displayName: '' - imageDir: '' - imageDebianFlavor: '' - scriptPath: '' - artifactsFileName: '' - jobName: '' - jobs: - job: ${{ parameters.jobName }} displayName: ${{ parameters.displayName }} - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant timeoutInMinutes: 250 - steps: - - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + targetPath: $(Build.ArtifactStagingDirectory) + steps: - task: ShellScript@2 displayName: Build images inputs: @@ -28,13 +16,6 @@ jobs: env: ORYX_SDK_STORAGE_ACCOUNT_ACCESS_TOKEN: $(ORYX-SDK-STAGING-PRIVATE-SAS-TOKEN) DOTNET_PRIVATE_STORAGE_ACCOUNT_ACCESS_TOKEN: $(DotnetPrivateStorageAccountAccessToken) - - - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: Generate Software Bill of Materials (SBOM) - inputs: - BuildDropPath: '$(Build.ArtifactStagingDirectory)' - AdditionalComponentDetectorArgs: '--DirectoryExclusionList **/SampleApps/**' - - task: CopyFiles@2 displayName: Copy artifacts to staging directory inputs: @@ -43,29 +24,17 @@ jobs: targetFolder: $(Build.ArtifactStagingDirectory) overWrite: true condition: true - - - task: Docker@1 + - task: 1ES.PushContainerImage@1 displayName: Push built base images to dev ACR inputs: - command: push - azureSubscriptionEndpoint: $(ascName) - azureContainerRegistry: $(acrName) - pushMultipleImages: true - imageNamesPath: '$(Build.ArtifactStagingDirectory)/images/${{ parameters.artifactsFileName }}' - enforceDockerNamingConvention: false - + image: '$(Build.ArtifactStagingDirectory)/images/${{ parameters.artifactsFileName }}' + remoteImage: $(acrname)/$(Build.ArtifactStagingDirectory)/images/${{ parameters.artifactsFileName }} - task: ShellScript@2 displayName: 'Clean up Docker containers and images' inputs: scriptPath: ./vsts/scripts/cleanDocker.sh - - - task: PublishBuildArtifacts@1 - displayName: Publish build artifacts - inputs: - pathtoPublish: $(Build.ArtifactStagingDirectory) - - task: ShellScript@2 displayName: 'Clean up Docker containers and images' inputs: scriptPath: ./vsts/scripts/cleanDocker.sh - condition: true + condition: true \ No newline at end of file diff --git a/vsts/pipelines/templates/_integrationJobTemplate.yml b/vsts/pipelines/templates/_integrationJobTemplate.yml index 6d3edee76c..7f14fafcb1 100644 --- a/vsts/pipelines/templates/_integrationJobTemplate.yml +++ b/vsts/pipelines/templates/_integrationJobTemplate.yml @@ -1,25 +1,17 @@ parameters: - - name: storageAccountUrl - type: string - default: https://oryxsdksstaging.blob.core.windows.net - +- name: storageAccountUrl + type: string + default: https://oryxsdksstaging.blob.core.windows.net jobs: -# Python integration tests -- template: integrationTests/_pythonIntegrationJobTemplate.yml +- template: /vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml@self parameters: storageAccountUrl: ${{ parameters.storageAccountUrl }} - -# DotNetCore integration tests -- template: integrationTests/_dotnetcoreIntegrationJobTemplate.yml +- template: /vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml@self parameters: storageAccountUrl: ${{ parameters.storageAccountUrl }} - -# NodeJS integration tests -- template: integrationTests/_nodeIntegrationJobTemplate.yml +- template: /vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml@self parameters: storageAccountUrl: ${{ parameters.storageAccountUrl }} - -# PHP integration tests -- template: integrationTests/_phpIntegrationJobTemplate.yml +- template: /vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml@self parameters: storageAccountUrl: ${{ parameters.storageAccountUrl }} \ No newline at end of file diff --git a/vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml b/vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml index df85c79267..461a771033 100644 --- a/vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml +++ b/vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml @@ -1,21 +1,12 @@ parameters: destinationSdkStorageAccountName: 'oryxsdksstaging' - steps: - - checkout: self clean: true - - task: DownloadBuildArtifacts@0 displayName: 'Download Artifacts' inputs: artifactName: drop - -- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - task: ShellScript@2 displayName: Upload files to Azure Storage env: @@ -27,12 +18,10 @@ steps: inputs: scriptPath: ./vsts/scripts/publishFilesToAzureStorage.sh args: ${{ parameters.destinationSdkStorageAccountName }} - - task: UseDotNet@2 displayName: 'Use .NET Core SDK 7.x' inputs: version: 7.0.306 - - task: ShellScript@2 displayName: 'Test Dev storage account' env: diff --git a/vsts/pipelines/templates/_platformBinariesTemplate.yml b/vsts/pipelines/templates/_platformBinariesTemplate.yml index 4ae719caff..294e83bf79 100644 --- a/vsts/pipelines/templates/_platformBinariesTemplate.yml +++ b/vsts/pipelines/templates/_platformBinariesTemplate.yml @@ -1,22 +1,14 @@ parameters: - platformName: '' - debianFlavor: '' - destinationSdkStorageAccountName: '' - + platformName: '' + debianFlavor: '' + destinationSdkStorageAccountName: '' steps: - checkout: self clean: true - -- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - task: UseDotNet@2 displayName: 'Use .NET Core sdk 7.x' inputs: version: 7.0.306 - - task: ShellScript@2 displayName: 'Building platform binaries' env: @@ -25,7 +17,6 @@ steps: inputs: scriptPath: ./build/buildPlatformBinaries.sh args: ${{ parameters.platformName }} ${{ parameters.debianFlavor }} https://${{ parameters.destinationSdkStorageAccountName }}.blob.core.windows.net - - task: CopyFiles@2 displayName: 'Copy artifacts from source repo to agent artifacts folder' inputs: @@ -33,10 +24,4 @@ steps: contents: '**/*.*' targetFolder: $(Build.ArtifactStagingDirectory) overWrite: true - condition: true - -- task: PublishBuildArtifacts@1 - displayName: Publish build artifacts - inputs: - pathtoPublish: $(Build.ArtifactStagingDirectory) - condition: true + condition: true \ No newline at end of file diff --git a/vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml b/vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml index 145a846779..6f050f5dd6 100644 --- a/vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml +++ b/vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml @@ -4,64 +4,49 @@ parameters: acrProdName: oryxmcr acrPmeProdName: oryxprodmcr acrPmeProdSrvConnection: Oryx-PME-ACR-Production - baseImageName: '' # defaults + baseImageName: '' baseImageRepository: public/oryx/base - steps: - checkout: self clean: true - -- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - task: Docker@1 displayName: Container registry login inputs: command: login azureSubscriptionEndpoint: ${{ parameters.ascName }} azureContainerRegistry: ${{ parameters.acrDevName }}.azurecr.io - - task: DownloadBuildArtifacts@0 displayName: 'Download Artifacts for release' inputs: artifactName: drop - - task: CopyFiles@2 displayName: 'Copy Files to: $(Build.ArtifactStagingDirectory)' inputs: SourceFolder: '$(System.ArtifactsDirectory)' TargetFolder: '$(Build.ArtifactStagingDirectory)' - - task: Shellpp@0 displayName: 'Pull and create release tags for PME staging ACR' inputs: type: FilePath scriptPath: ./vsts/scripts/tagBaseImagesForRelease.sh args: '${{ parameters.baseImageName }} ${{ parameters.acrPmeProdName }}' - - task: Docker@2 displayName: Login to production PME ACR inputs: command: login containerRegistry: ${{ parameters.acrPmeProdSrvConnection }} - -- script: echo base image is ${{ parameters.baseImageName }} and repository is ${{ parameters.baseImageRepository }} - +- script: echo base image is ${{ parameters.baseImageName }} and repository is ${{ parameters.baseImageRepository }} - task: Shellpp@0 displayName: 'Push images to PME staging ACR' inputs: type: FilePath scriptPath: ./vsts/scripts/pushBaseImagesToRegistry.sh args: '$(Build.ArtifactStagingDirectory)/drop/images/${{ parameters.baseImageName }}/${{ parameters.acrPmeProdName }}' - - task: Docker@2 displayName: Logout from PME ACR inputs: command: logout containerRegistry: ${{ parameters.acrPmeProdSrvConnection }} - - task: ShellScript@2 displayName: 'Clean up Docker containers and images' inputs: diff --git a/vsts/pipelines/templates/_releaseJobTemplate.yml b/vsts/pipelines/templates/_releaseJobTemplate.yml index 4064b0cd6e..39b0528908 100644 --- a/vsts/pipelines/templates/_releaseJobTemplate.yml +++ b/vsts/pipelines/templates/_releaseJobTemplate.yml @@ -4,7 +4,7 @@ jobs: pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: skipComponentGovernanceDetection: true timeoutInMinutes: 300 @@ -13,15 +13,13 @@ jobs: echo "##vso[task.setvariable variable=ReleaseBuildImages;]true" echo "##vso[task.setvariable variable=ReleaseRuntimeImages;]false" displayName: 'Set variables' - - - template: _releaseStepTemplate.yml - + - template: /vsts/pipelines/templates/_releaseStepTemplate.yml@self - job: Release_RuntimeImages displayName: Push Runtime Images to MCR pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: skipComponentGovernanceDetection: true timeoutInMinutes: 400 @@ -30,35 +28,25 @@ jobs: echo "##vso[task.setvariable variable=ReleaseBuildImages;]false" echo "##vso[task.setvariable variable=ReleaseRuntimeImages;]true" displayName: 'Set variables' - - - template: _releaseStepTemplate.yml - + - template: /vsts/pipelines/templates/_releaseStepTemplate.yml@self - job: Release_GitHub displayName: Create GitHub release - dependsOn: - - Release_BuildImages - - Release_RuntimeImages + dependsOn: + - Release_BuildImages + - Release_RuntimeImages pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: skipComponentGovernanceDetection: true - steps: - task: DownloadPipelineArtifact@2 displayName: 'Download Oryx binaries to publish to release' inputs: artifactName: 'signed_binaries' path: $(Build.SourcesDirectory)/artifacts - - - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - - template: _setReleaseTag.yml - + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self - task: GitHubRelease@0 displayName: 'GitHub release (create)' inputs: diff --git a/vsts/pipelines/templates/_releaseStepTemplate.yml b/vsts/pipelines/templates/_releaseStepTemplate.yml index 5288df3fe1..671c653163 100644 --- a/vsts/pipelines/templates/_releaseStepTemplate.yml +++ b/vsts/pipelines/templates/_releaseStepTemplate.yml @@ -5,14 +5,7 @@ parameters: acrPmeProdName: oryxprodmcr acrPmeProdSrvConnection: Oryx-PME-ACR-Production prodImageName: oryxmcr.azurecr.io/public/oryx - steps: - -- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - script: | if [ "$(ReleaseBuildImages)" != "true" ] && [ "$(ReleaseRuntimeImages)" != "true" ] then @@ -21,19 +14,17 @@ steps: exit 1 fi displayName: 'Validate release pipeline run' - - script: | docker -v - echo "Installing Docker CE version 24.0.5................" + echo "Installing Docker CE version 24.0.5." curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt update sudo apt-get install docker-ce=5:24.0.5~3-0~ubuntu-focal docker-ce-cli=5:24.0.5~3-0~ubuntu-focal containerd.io - echo "After installing ................" + echo "After installing ." docker -v displayName: 'Install Docker 24.0.5' condition: true - - script: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc @@ -41,78 +32,65 @@ steps: sudo rm -rf "$AGENT_TOOLSDIRECTORY" docker images && docker system prune -fa && docker images && echo displayName: 'clean docker images' - +- task: UseDotNet@2 + displayName: 'Use .NET Core sdk 7.x' + inputs: + version: 7.0.306 - script: | - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg - echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null - sudo apt update - sudo apt-get install docker-ce=5:24.0.5~3-0~ubuntu-focal docker-ce-cli=5:24.0.5~3-0~ubuntu-focal containerd.io - docker -v + curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg + echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + sudo apt update + sudo apt-get install docker-ce=5:24.0.5~3-0~ubuntu-focal docker-ce-cli=5:24.0.5~3-0~ubuntu-focal containerd.io + docker -v displayName: 'Install Docker 24.0.5' - - checkout: self clean: true - - task: Docker@1 displayName: Container registry login inputs: command: login azureSubscriptionEndpoint: ${{ parameters.ascName }} azureContainerRegistry: ${{ parameters.acrDevName }} - - task: DownloadBuildArtifacts@0 displayName: 'Download Artifacts for release' inputs: artifactName: drop - - task: CopyFiles@2 displayName: 'Copy Files to: $(Build.ArtifactStagingDirectory)' inputs: SourceFolder: '$(System.ArtifactsDirectory)' TargetFolder: '$(Build.ArtifactStagingDirectory)' - -- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - -- template: _setReleaseTag.yml - +- template: /vsts/pipelines/templates/_setReleaseTag.yml@self - task: Shellpp@0 displayName: 'Pull and create release tags for build images' inputs: type: FilePath scriptPath: ./vsts/scripts/tagBuildImagesForRelease.sh - args: + args: '' condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) - - task: Shellpp@0 displayName: 'Pull and create release tags for runtime images' inputs: type: FilePath scriptPath: ./vsts/scripts/tagRunTimeImagesForRelease.sh condition: and(succeeded(), eq(variables['ReleaseRuntimeImages'], 'true')) - - task: Shellpp@0 displayName: 'Pull and create release tags for CLI images' inputs: type: FilePath scriptPath: ./vsts/scripts/tagCliImagesForRelease.sh condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) - - task: Docker@1 displayName: Dev Container registry logout inputs: command: logout azureSubscriptionEndpoint: ${{ parameters.ascName }} azureContainerRegistry: ${{ parameters.acrDevName }} - - task: Docker@2 displayName: Login to PME ACR - inputs: + inputs: command: login containerRegistry: ${{ parameters.acrPmeProdSrvConnection }} - - task: Shellpp@0 displayName: 'Push build images to PME staging ACR' inputs: @@ -120,7 +98,6 @@ steps: scriptPath: ./vsts/scripts/pushImagesToRegistry.sh args: '$(Build.ArtifactStagingDirectory)/drop/images/${{ parameters.acrPmeProdName }}-build-images-mcr.txt' condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) - - task: Shellpp@0 displayName: 'Push CLI image to PME staging ACR' inputs: @@ -128,7 +105,6 @@ steps: scriptPath: ./vsts/scripts/pushImagesToRegistry.sh args: '$(Build.ArtifactStagingDirectory)/drop/images/${{ parameters.acrPmeProdName }}-cli-images-mcr.txt' condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) - - task: Shellpp@0 displayName: 'Push runtime images to PME staging ACR' inputs: @@ -136,13 +112,11 @@ steps: scriptPath: ./vsts/scripts/pushImagesToRegistry.sh args: '$(Build.ArtifactStagingDirectory)/drop/images/${{ parameters.acrPmeProdName }}-runtime-images-mcr.txt' condition: and(succeeded(), eq(variables['ReleaseRuntimeImages'], 'true')) - - task: Docker@2 displayName: Logout from PME ACR - inputs: + inputs: command: logout containerRegistry: '${{ parameters.acrPmeProdSrvConnection }}' - - task: ShellScript@2 displayName: 'Clean up Docker containers and images' inputs: diff --git a/vsts/pipelines/templates/_securityChecks.yml b/vsts/pipelines/templates/_securityChecks.yml index e5ab02583a..1f9d7e63d9 100644 --- a/vsts/pipelines/templates/_securityChecks.yml +++ b/vsts/pipelines/templates/_securityChecks.yml @@ -1,38 +1,21 @@ steps: - checkout: self clean: true - -- task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@1 - displayName: 'Run PoliCheck' - inputs: - targetType: F - condition: always() - -- task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2 - displayName: 'Run CredScan' - inputs: - debugMode: false - condition: always() - - task: NuGetToolInstaller@1 inputs: versionSpec: 5.8.x - - task: UseDotNet@2 displayName: 'Use .NET Core sdk 7.x' inputs: version: 7.0.306 - - script: | dotnet --version && dotnet msbuild -version && echo displayName: 'Print dotnet and msbuild version' - - task: NuGetCommand@2 displayName: 'Run "nuget restore" on Oryx solution' inputs: command: 'restore' restoreSolution: '$(Build.SourcesDirectory)\Oryx.sln' - - task: VSBuild@1 displayName: 'Build the Oryx solution' inputs: @@ -40,37 +23,11 @@ steps: configuration: 'debug' createLogFile: true logFileVerbosity: diagnostic - - task: PowerShell@2 displayName: 'Wait 30 seconds after building solution' inputs: targetType: 'inline' script: 'Start-Sleep -Seconds 30' - -- task: securedevelopmentteam.vss-secure-development-tools.build-task-roslynanalyzers.RoslynAnalyzers@2 - displayName: 'Run Roslyn Analyzers' - condition: always() - -- task: securedevelopmentteam.vss-secure-development-tools.build-task-binskim.BinSkim@3 - displayName: 'Run BinSkim ' - inputs: - arguments: 'analyze Microsoft.Oryx*.dll --recurse --output $(Build.BinariesDirectory)\binskim.sarif --verbose' - condition: always() - -- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - -- task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@1 - displayName: 'Post Analysis' - inputs: - BinSkim: true - CredScan: true - PoliCheck: true - RoslynAnalyzers: true - continueOnError: false - - task: AntiMalware@3 displayName: 'Run Antimalware Scan' inputs: diff --git a/vsts/pipelines/templates/_setReleaseTag.yml b/vsts/pipelines/templates/_setReleaseTag.yml index e08e805b14..91b71548c2 100644 --- a/vsts/pipelines/templates/_setReleaseTag.yml +++ b/vsts/pipelines/templates/_setReleaseTag.yml @@ -4,7 +4,6 @@ steps: inputs: targetPath: $(Build.SourcesDirectory)/artifacts/releaseTag artifactName: 'releaseTag' - - script: | set -e file="$(Build.SourcesDirectory)/artifacts/releaseTag/releaseTag.txt" diff --git a/vsts/pipelines/templates/_signBinary.yml b/vsts/pipelines/templates/_signBinary.yml index bd27bef72e..f9d054900d 100644 --- a/vsts/pipelines/templates/_signBinary.yml +++ b/vsts/pipelines/templates/_signBinary.yml @@ -1,41 +1,25 @@ steps: -- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - powershell: | - Write-Host "##vso[task.setvariable variable=SignType;isOutput=true]real" + Write-Host "##vso[task.setvariable variable=SignType;isOutput=true]real" name: setSignTypeVariable displayName: 'Set sign binary variable' condition: > - and(in(variables['Build.Reason'], 'Schedule', 'Manual'), eq(variables['Build.DefinitionName'], 'Oryx-CI'), - or( - startsWith(variables['Build.SourceBranch'], 'refs/heads/main'), - startsWith(variables['Build.SourceBranch'], 'refs/heads/patch/'), - startsWith(variables['Build.SourceBranch'],'refs/heads/exp/' ))) - + and(in(variables['Build.Reason'], 'Schedule', 'Manual'), eq(variables['Build.DefinitionName'], 'Oryx-CI'), or( + startsWith(variables['Build.SourceBranch'], 'refs/heads/main'), + startsWith(variables['Build.SourceBranch'], 'refs/heads/patch/'), + startsWith(variables['Build.SourceBranch'],'refs/heads/exp/' ))) - script: | echo $(setSignTypeVariable.SignType) name: SignType - - task: NuGetToolInstaller@0 displayName: 'Use NuGet 4.6.2' inputs: versionSpec: 4.6.2 condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - -- task: ms-vseng.MicroBuildTasks.30666190-6959-11e5-9f96-f56098202fef.MicroBuildSigningPlugin@1 - displayName: 'Install Signing Plugin' - inputs: - signType: '$(setSignTypeVariable.SignType)' - condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - - task: UseDotNet@2 displayName: 'Use .NET Core sdk 7.x' inputs: version: 7.0.306 - - powershell: | Write-Host "Setting up git_commit and build_number as env variable" $env:GIT_COMMIT=$(git rev-parse HEAD) @@ -44,7 +28,6 @@ steps: dotnet publish -r linux-x64 -c Release src\BuildServer\BuildServer.csproj displayName: 'dotnet publish and after setting git_commit and build_number as env variable' condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - - task: VSBuild@1 displayName: 'Sign Oryx Binaries' inputs: @@ -52,7 +35,6 @@ steps: msbuildArgs: '/t:SignFiles /p:RuntimeIdentifier=linux-x64 /p:MicroBuild_SigningEnabled=true' configuration: '$(BuildConfiguration)' condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - - task: VSBuild@1 displayName: 'Sign Oryx Build Server Binaries' inputs: @@ -60,7 +42,6 @@ steps: msbuildArgs: '/t:SignFiles /p:RuntimeIdentifier=linux-x64 /p:MicroBuild_SigningEnabled=true' configuration: '$(BuildConfiguration)' condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - - task: ArchiveFiles@2 displayName: 'Create compressed file of Oryx binaries' inputs: @@ -72,7 +53,6 @@ steps: replaceExistingArchive: true verbose: true condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - - task: ArchiveFiles@2 displayName: 'Create compressed file of Oryx Build Server binaries' inputs: @@ -84,7 +64,6 @@ steps: replaceExistingArchive: true verbose: true condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - - task: CopyFiles@2 displayName: 'Copy Files to: $(Build.ArtifactStagingDirectory)/binaries' inputs: @@ -93,7 +72,6 @@ steps: TargetFolder: '$(Build.ArtifactStagingDirectory)/binaries' CleanTargetFolder: true condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - - task: CopyFiles@2 displayName: 'Copy BuildServer Files to: $(Build.ArtifactStagingDirectory)/binaries' inputs: @@ -101,11 +79,4 @@ steps: Contents: '**\*' TargetFolder: '$(Build.ArtifactStagingDirectory)/binaries' CleanTargetFolder: false - condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - -- task: PublishPipelineArtifact@0 - displayName: 'Publish Pipeline Artifact' - inputs: - artifactName: 'signed_binaries' - targetPath: '$(Build.ArtifactStagingDirectory)' condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) \ No newline at end of file diff --git a/vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml index 55a82b60bd..78b2aed23b 100644 --- a/vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml @@ -1,26 +1,25 @@ parameters: - - name: storageAccountUrl - type: string - default: https://oryxsdksstaging.blob.core.windows.net - - name: testMappings - type: object - default: - - category: '6.0' - buildTag: 'debian-buster' - - category: '6.0' - buildTag: 'github-actions-debian-buster' - - category: '7.0' - buildTag: 'github-actions-debian-buster' - - category: '8.0' - buildTag: 'github-actions-debian-bookworm' - - category: 'dynamic' - buildTag: 'debian-buster' - - category: 'dynamic' - buildTag: 'github-actions-debian-buster' - +- name: storageAccountUrl + type: string + default: https://oryxsdksstaging.blob.core.windows.net +- name: testMappings + type: object + default: + - category: '6.0' + buildTag: 'debian-buster' + - category: '6.0' + buildTag: 'github-actions-debian-buster' + - category: '7.0' + buildTag: 'github-actions-debian-buster' + - category: '8.0' + buildTag: 'github-actions-debian-bookworm' + - category: 'dynamic' + buildTag: 'debian-buster' + - category: 'dynamic' + buildTag: 'github-actions-debian-buster' jobs: - ${{ each mapping in parameters.testMappings }}: - - job: + - job: '' displayName: 'Run .NET Core ${{ mapping.category }} Integration Tests using build image tag ${{ mapping.buildTag }}' dependsOn: - Job_BuildImage_Latest @@ -31,22 +30,22 @@ jobs: pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: skipComponentGovernanceDetection: true timeoutInMinutes: 300 steps: - - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]false" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestBuildImages;]false" - echo "##vso[task.setvariable variable=TestRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=dotnetcore-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" - echo "##vso[task.setvariable variable=TestIntegration;]true" - echo "##vso[task.setvariable variable=PushBuildImages;]false" - echo "##vso[task.setvariable variable=PushRuntimeImages;]false" - echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" - echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - displayName: 'Set variables' - - template: ../_setReleaseTag.yml - - template: ../_buildTemplate.yml \ No newline at end of file + - script: | + echo "##vso[task.setvariable variable=BuildBuildImages;]false" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestBuildImages;]false" + echo "##vso[task.setvariable variable=TestRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=dotnetcore-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" + echo "##vso[task.setvariable variable=TestIntegration;]true" + echo "##vso[task.setvariable variable=PushBuildImages;]false" + echo "##vso[task.setvariable variable=PushRuntimeImages;]false" + echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" + echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" + displayName: 'Set variables' + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self \ No newline at end of file diff --git a/vsts/pipelines/templates/integrationTests/_golangIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_golangIntegrationJobTemplate.yml index 2c620f7126..36443745c1 100644 --- a/vsts/pipelines/templates/integrationTests/_golangIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_golangIntegrationJobTemplate.yml @@ -1,26 +1,25 @@ parameters: - - name: storageAccountUrl - type: string - default: https://oryxsdksstaging.blob.core.windows.net - - name: testMappings - type: object - default: - - category: '1.17' - buildTag: 'full-debian-buster' - - category: '1.17' - buildTag: 'full-debian-bullseye' - - category: '1.18' - buildTag: 'full-debian-buster' - - category: '1.18' - buildTag: 'full-debian-bullseye' - - category: '1.19' - buildTag: 'full-debian-buster' - - category: '1.19' - buildTag: 'full-debian-bullseye' - +- name: storageAccountUrl + type: string + default: https://oryxsdksstaging.blob.core.windows.net +- name: testMappings + type: object + default: + - category: '1.17' + buildTag: 'full-debian-buster' + - category: '1.17' + buildTag: 'full-debian-bullseye' + - category: '1.18' + buildTag: 'full-debian-buster' + - category: '1.18' + buildTag: 'full-debian-bullseye' + - category: '1.19' + buildTag: 'full-debian-buster' + - category: '1.19' + buildTag: 'full-debian-bullseye' jobs: - ${{ each mapping in parameters.testMappings }}: - - job: + - job: '' displayName: 'Run Golang ${{ mapping.category }} Integration Tests using build image tag ${{ mapping.buildTag }}' dependsOn: - Job_BuildImage_Full @@ -30,22 +29,22 @@ jobs: pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: skipComponentGovernanceDetection: true timeoutInMinutes: 300 steps: - - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]false" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestBuildImages;]false" - echo "##vso[task.setvariable variable=TestRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=golang-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" - echo "##vso[task.setvariable variable=TestIntegration;]true" - echo "##vso[task.setvariable variable=PushBuildImages;]false" - echo "##vso[task.setvariable variable=PushRuntimeImages;]false" - echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" - echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - displayName: 'Set variables' - - template: ../_setReleaseTag.yml - - template: ../_buildTemplate.yml \ No newline at end of file + - script: | + echo "##vso[task.setvariable variable=BuildBuildImages;]false" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestBuildImages;]false" + echo "##vso[task.setvariable variable=TestRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=golang-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" + echo "##vso[task.setvariable variable=TestIntegration;]true" + echo "##vso[task.setvariable variable=PushBuildImages;]false" + echo "##vso[task.setvariable variable=PushRuntimeImages;]false" + echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" + echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" + displayName: 'Set variables' + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self \ No newline at end of file diff --git a/vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml index cc99344a3d..d79da61eae 100644 --- a/vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml @@ -1,24 +1,23 @@ parameters: - - name: storageAccountUrl - type: string - default: https://oryxsdksstaging.blob.core.windows.net - - name: testMappings - type: object - default: - - category: '14-gh-buster' - buildTag: 'github-actions-debian-buster' - - category: '16' - buildTag: 'debian-buster' - - category: '18' - buildTag: 'github-actions-debian-bullseye' - - category: '20' - buildTag: 'github-actions-debian-bookworm' - - category: '20-bullseye' - buildTag: 'github-actions-debian-bullseye' - +- name: storageAccountUrl + type: string + default: https://oryxsdksstaging.blob.core.windows.net +- name: testMappings + type: object + default: + - category: '14-gh-buster' + buildTag: 'github-actions-debian-buster' + - category: '16' + buildTag: 'debian-buster' + - category: '18' + buildTag: 'github-actions-debian-bullseye' + - category: '20' + buildTag: 'github-actions-debian-bookworm' + - category: '20-bullseye' + buildTag: 'github-actions-debian-bullseye' jobs: - ${{ each mapping in parameters.testMappings }}: - - job: + - job: '' displayName: 'Run Node ${{ mapping.category }} Integration Tests using build image tag ${{ mapping.buildTag }}' dependsOn: - Job_BuildImage_Latest @@ -29,22 +28,22 @@ jobs: pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: skipComponentGovernanceDetection: true timeoutInMinutes: 300 steps: - - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]false" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestBuildImages;]false" - echo "##vso[task.setvariable variable=TestRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=node-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" - echo "##vso[task.setvariable variable=TestIntegration;]true" - echo "##vso[task.setvariable variable=PushBuildImages;]false" - echo "##vso[task.setvariable variable=PushRuntimeImages;]false" - echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" - echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - displayName: 'Set variables' - - template: ../_setReleaseTag.yml - - template: ../_buildTemplate.yml \ No newline at end of file + - script: | + echo "##vso[task.setvariable variable=BuildBuildImages;]false" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestBuildImages;]false" + echo "##vso[task.setvariable variable=TestRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=node-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" + echo "##vso[task.setvariable variable=TestIntegration;]true" + echo "##vso[task.setvariable variable=PushBuildImages;]false" + echo "##vso[task.setvariable variable=PushRuntimeImages;]false" + echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" + echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" + displayName: 'Set variables' + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self \ No newline at end of file diff --git a/vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml index 4b0c85605f..871fd35362 100644 --- a/vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml @@ -1,34 +1,23 @@ parameters: - - name: storageAccountUrl - type: string - default: https://oryxsdksstaging.blob.core.windows.net - - name: testMappings - type: object - default: - - category: '7.4' - buildTag: 'github-actions-debian-buster' - - category: '8.0' - buildTag: 'github-actions-debian-buster' - - category: '8.0' - buildTag: 'github-actions-debian-bullseye' - - category: '8.1' - buildTag: 'github-actions-debian-buster' - - category: '8.1' - buildTag: 'github-actions-debian-bullseye' - - category: '8.2' - buildTag: 'github-actions-debian-buster' - - category: '8.2' - buildTag: 'github-actions-debian-bullseye' - - category: '8.3' - buildTag: 'github-actions-debian-buster' - - category: '8.3' - buildTag: 'github-actions-debian-bullseye' - - category: '8.3' - buildTag: 'github-actions-debian-bookworm' - +- name: storageAccountUrl + type: string + default: https://oryxsdksstaging.blob.core.windows.net +- name: testMappings + type: object + default: + - category: '7.4' + buildTag: 'github-actions-debian-buster' + - category: '8.0' + buildTag: 'github-actions-debian-buster' + - category: '8.1' + buildTag: 'github-actions-debian-buster' + - category: '8.2' + buildTag: 'github-actions-debian-buster' + - category: '8.2' + buildTag: 'github-actions-debian-bullseye' jobs: - ${{ each mapping in parameters.testMappings }}: - - job: + - job: '' displayName: 'Run PHP ${{ mapping.category }} Integration Tests using build image tag ${{ mapping.buildTag }}' dependsOn: - Job_BuildImage_Latest @@ -39,22 +28,22 @@ jobs: pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: skipComponentGovernanceDetection: true timeoutInMinutes: 300 steps: - - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]false" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestBuildImages;]false" - echo "##vso[task.setvariable variable=TestRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=php-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" - echo "##vso[task.setvariable variable=TestIntegration;]true" - echo "##vso[task.setvariable variable=PushBuildImages;]false" - echo "##vso[task.setvariable variable=PushRuntimeImages;]false" - echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" - echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - displayName: 'Set variables' - - template: ../_setReleaseTag.yml - - template: ../_buildTemplate.yml \ No newline at end of file + - script: | + echo "##vso[task.setvariable variable=BuildBuildImages;]false" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestBuildImages;]false" + echo "##vso[task.setvariable variable=TestRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=php-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" + echo "##vso[task.setvariable variable=TestIntegration;]true" + echo "##vso[task.setvariable variable=PushBuildImages;]false" + echo "##vso[task.setvariable variable=PushRuntimeImages;]false" + echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" + echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" + displayName: 'Set variables' + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self \ No newline at end of file diff --git a/vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml index 4361135a71..4342f98679 100644 --- a/vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml @@ -1,32 +1,31 @@ parameters: - - name: storageAccountUrl - type: string - default: https://oryxsdksstaging.blob.core.windows.net - - name: testMappings - type: object - default: - - category: '3.7' - buildTag: 'github-actions-debian-bullseye' - - category: '3.8' - buildTag: 'github-actions-debian-bullseye' - - category: '3.9' - buildTag: 'debian-buster' - - category: '3.9' - buildTag: 'github-actions-debian-buster' - - category: '3.10' - buildTag: 'github-actions-debian-bullseye' - - category: '3.11' - buildTag: 'github-actions-debian-bullseye' - - category: '3.11' - buildTag: 'github-actions-debian-bookworm' - - category: '3.12' - buildTag: 'github-actions-debian-bullseye' - - category: '3.12' - buildTag: 'github-actions-debian-bookworm' - +- name: storageAccountUrl + type: string + default: https://oryxsdksstaging.blob.core.windows.net +- name: testMappings + type: object + default: + - category: '3.7' + buildTag: 'github-actions-debian-bullseye' + - category: '3.8' + buildTag: 'github-actions-debian-bullseye' + - category: '3.9' + buildTag: 'debian-buster' + - category: '3.9' + buildTag: 'github-actions-debian-buster' + - category: '3.10' + buildTag: 'github-actions-debian-bullseye' + - category: '3.11' + buildTag: 'github-actions-debian-bullseye' + - category: '3.11' + buildTag: 'github-actions-debian-bookworm' + - category: '3.12' + buildTag: 'github-actions-debian-bullseye' + - category: '3.12' + buildTag: 'github-actions-debian-bookworm' jobs: - ${{ each mapping in parameters.testMappings }}: - - job: + - job: '' displayName: 'Run Python ${{ mapping.category }} Integration Tests using build image tag ${{ mapping.buildTag }}' dependsOn: - Job_BuildImage_Latest @@ -37,22 +36,22 @@ jobs: pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: skipComponentGovernanceDetection: true timeoutInMinutes: 300 steps: - - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]false" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestBuildImages;]false" - echo "##vso[task.setvariable variable=TestRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=python-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" - echo "##vso[task.setvariable variable=TestIntegration;]true" - echo "##vso[task.setvariable variable=PushBuildImages;]false" - echo "##vso[task.setvariable variable=PushRuntimeImages;]false" - echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" - echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - displayName: 'Set variables' - - template: ../_setReleaseTag.yml - - template: ../_buildTemplate.yml \ No newline at end of file + - script: | + echo "##vso[task.setvariable variable=BuildBuildImages;]false" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestBuildImages;]false" + echo "##vso[task.setvariable variable=TestRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=python-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" + echo "##vso[task.setvariable variable=TestIntegration;]true" + echo "##vso[task.setvariable variable=PushBuildImages;]false" + echo "##vso[task.setvariable variable=PushRuntimeImages;]false" + echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" + echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" + displayName: 'Set variables' + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self \ No newline at end of file