Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add initial 1ES build config #52

Merged
merged 1 commit into from
Jun 27, 2024
Merged

Add initial 1ES build config #52

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
180 changes: 180 additions & 0 deletions .ado/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,180 @@
name: qiskit-qir-publish-$(BuildId)

# This pipeline is used to build and publish the PyQIR package
# It uses a Microsoft ADO template for additional security checks.

# Run on merges to main to ensure that the latest code
# is always able to be published.
trigger:
branches:
include:
- main

# Run the pipeline every day at 7:00 AM UTC to ensure
# codeql and other governance checks are up-to-date.
schedules:
- cron: "0 7 * * *"
displayName: 'Build for Component Governance'
branches:
include:
- main
always: true

resources:
repositories:
- repository: 1ESPipelineTemplates
type: git
name: 1ESPipelineTemplates/1ESPipelineTemplates
ref: refs/tags/release

parameters:
- name: hosts
type: object
default:
- name: linux_x86_64
poolName: 'Azure-Pipelines-DevTools-EO'
imageName: 'ubuntu-latest'
os: linux
- name: python
type: object
default:
- name: Python38
version: '3.8'
- name: Python39
version: '3.9'
- name: Python310
version: '3.10'
- name: Python311
version: '3.11'

extends:
template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates
parameters:
sdl:
sourceAnalysisPool:
name: 'Azure-Pipelines-DevTools-EO'
image: windows-2022
os: windows
stages:
- stage: build
displayName: Build
jobs:
- job: "Build_Python_Package"
pool:
name: 'Azure-Pipelines-DevTools-EO'
image: 'ubuntu-latest'
os: linux
timeoutInMinutes: 90
templateContext:
outputs:
- output: pipelineArtifact
displayName: 'Upload Python Package Artifact'
targetPath: $(System.DefaultWorkingDirectory)/dist
artifactName: dist
condition: succeeded()
steps:
- task: UsePythonVersion@0
inputs:
versionSpec: '3.11'
displayName: 'Use Python 3.11'

- script: |
python -m pip install --upgrade pip
python -m pip install -r requirements_dev.txt
displayName: 'Install dependencies'

- script: |
make dist
displayName: 'Build package'

- stage: test
displayName: test
dependsOn: build
condition: and(succeeded(), not(cancelled()), not(failed()))
jobs:
- ${{ each host in parameters.hosts }}:
- ${{ each python in parameters.python }}:
- job: Tests_Python_${{ python.name }}_${{ host.name }}_job
pool:
name: ${{ host.poolName }}
image: ${{ host.imageName }}
os: ${{ host.os }}
templateContext:
inputs: # All input build artifacts must be declared here
- input: pipelineArtifact
artifactName: dist
targetPath: $(System.DefaultWorkingDirectory)/dist
steps:
- task: UsePythonVersion@0
inputs:
versionSpec: '${{ python.version }}'
displayName: 'Use Python ${{ python.version }}'
- script: |
python -m pip install --upgrade pip
python -m pip install -r requirements_dev.txt
displayName: 'Install dependencies'
- script: |
python -m pip install dist/*.whl
displayName: 'Install package'
- script: |
pytest
displayName: 'Test package'

- stage: approval
displayName: Approval
dependsOn: test
condition: and(succeeded(), not(cancelled()), not(failed()), eq(variables['Build.Reason'], 'Manual'))
jobs:
- job: "Approval"
pool: server
timeoutInMinutes: 1440 # job times out in 1 day
steps:
- task: ManualValidation@0
timeoutInMinutes: 1440 # task times out in 1 day
inputs:
notifyUsers: ''
instructions: 'Please verify artifacts and approve the release'
onTimeout: 'reject'

- stage: release
displayName: Release
dependsOn: approval
condition: and(succeeded(), not(cancelled()), not(failed()), eq(variables['Build.Reason'], 'Manual'))
jobs:
# We will get a warning about extra files in the sbom validation saying it failed.
# This is expected as we have the wheels being downloaded to the same directory.
# So each successive wheel will have the previous wheel in the directory and each
# will be flagged as an extra file. See:
# http://aka.ms/drop-validation-failure-additional-files
- job: "Publish_Python_Packages"
pool:
name: 'Azure-Pipelines-DevTools-EO'
image: 'ubuntu-latest'
os: linux
templateContext:
type: releaseJob
isProduction: true
inputs: # All input build artifacts must be declared here
- input: pipelineArtifact
artifactName: dist
targetPath: $(System.DefaultWorkingDirectory)/dist
steps:
- script: |
ls $(System.DefaultWorkingDirectory)/dist
displayName: Display Py Artifacts in Publishing Dir

# - task: EsrpRelease@4
# condition: succeeded()
# displayName: Publish Py Packages
# inputs:
# ConnectedServiceName: 'ESRP_Release'
# Intent: 'PackageDistribution'
# ContentType: 'PyPi'
# FolderLocation: '$(System.DefaultWorkingDirectory)/dist'
# Owners: '$(OwnerPersonalAlias)@microsoft.com' # NB: Group email here fails the task with non-actionable output.
# Approvers: '[email protected]'
# # Auto-inserted Debugging defaults:
# ServiceEndpointUrl: 'https://api.esrp.microsoft.com'
# MainPublisher: 'QuantumDevelpmentKit' # ESRP Team's Correction (including the critical typo "Develpm").
# DomainTenantId: '72f988bf-86f1-41af-91ab-2d7cd011db47'

Loading