From 84524ba1af87001b9e34093b484eb2da2a84e85f Mon Sep 17 00:00:00 2001 From: "Scott Beddall (from Dev Box)" Date: Fri, 14 Jun 2024 13:32:20 -0700 Subject: [PATCH 1/7] ensure that we publish using ESRP --- azure-pipelines.yml | 138 +++++++++++++++----------- eng/1es-redirect.yml | 64 ++++++++++++ eng/image.yml | 26 +++++ eng/publish-1es-artifact.yml | 32 ++++++ eng/scripts/determine-release-tag.ps1 | 18 ++++ eng/test-steps.yml | 26 +++++ 6 files changed, 248 insertions(+), 56 deletions(-) create mode 100644 eng/1es-redirect.yml create mode 100644 eng/image.yml create mode 100644 eng/publish-1es-artifact.yml create mode 100644 eng/scripts/determine-release-tag.ps1 create mode 100644 eng/test-steps.yml diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 3530f220..f176a15c 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -1,64 +1,90 @@ trigger: - main -variables: - Codeql.Enabled: true +stages: + - stage: Build + variables: + - template: /eng/image.yml + jobs: + - job: Build_linux -strategy: - matrix: - Linux: - Pool: azsdk-pool-mms-ubuntu-2204-general - OsVmImage: ubuntu-22.04 - TargetFolder: drop-linux - Windows: - Pool: azsdk-pool-mms-win-2022-general - OsVmImage: windows-2022 - TargetFolder: drop + pool: + name: $(LINUXPOOL) + image: $(LINUXVMIMAGE) + os: linux -pool: - name: $(Pool) - vmImage: $(OSVmImage) + steps: + template: /eng/test-steps.yml + parameters: + ArtifactName: drop-linux -steps: -- script: npm ci - displayName: npm ci -- script: npm run lint - displayName: lint -- script: npm run prettier - displayName: prettier -- script: npm test - displayName: test -- script: npm pack - displayName: pack -- task: CopyFiles@2 - displayName: 'Copy Files to: $(TargetFolder)' - inputs: - Contents: '*.tgz' - TargetFolder: $(TargetFolder) -- task: PublishBuildArtifacts@1 - inputs: - pathtoPublish: $(Build.SourcesDirectory)/$(TargetFolder) - artifactName: $(TargetFolder) + - job: Build_Windows -- task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2 # CredScan@2 - inputs: - toolMajorVersion: 'V2' - condition: and(succeeded(), eq(variables['Agent.OS'],'Windows_NT')) # CredScan only supported on Windows + pool: + name: $(WINDOWSPOOL) + image: $(WINDOWSVMIMAGE) + os: windows -- task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@1 # PostAnalysis@1 - inputs: - AllTools: false - APIScan: false - BinSkim: false - CodesignValidation: false - CredScan: true - FortifySCA: false - FxCop: false - ModernCop: false - PoliCheck: false - RoslynAnalyzers: false - SDLNativeRules: false - Semmle: false - TSLint: false - ToolLogsNotFoundAction: 'Standard' - condition: and(succeeded(), eq(variables['Agent.OS'],'Windows_NT')) # CredScan only supported on Windows + steps: + template: /eng/test-steps.yml + parameters: + ArtifactName: drop + + + # only include if running on `internal` build with manual queue, otherwise never include + - ${{ if and(in(variables['Build.Reason'], 'Manual', ''), eq(variables['System.TeamProject'], 'internal'))}}: + - stage: Publish + displayName: Publish + dependsOn: Build_And_Test + + jobs: + - deployment: Publish + environment: 'package-publish' + pool: + name: azsdk-pool-mms-ubuntu-2004-general + image: azsdk-pool-mms-ubuntu-2004-1espt + os: linux + + strategy: + runOnce: + deploy: + steps: + - checkout: self + submodules: false + + - download: current + artifact: drop + timeoutInMinutes: 5 + + - task: PowerShell@2 + inputs: + filePath: '$(Build.SourcesDirectory)/eng/scripts/determine-release-tag.ps1' + failOnStderr: true + pwsh: true + + - pwsh: | + Write-Host "Will deploy with tag of $(Tag)" + Get-ChildItem "$(Pipeline.Workspace)/drop" -Recurse -Force ` + | Where-Object { $_.Name -like "*.tgz" } ` + | Copy-Item -Destination "$(Build.ArtifactStagingDirectory)" + + Get-ChildItem "$(Build.ArtifactStagingDirectory)" -Recurse -Force | % { Write-Host $_.FullName } + displayName: Move artifact to $(Build.ArtifactStagingDirectory) + + - task: EsrpRelease@7 + inputs: + displayName: 'Publish oav to ESRP' + ConnectedServiceName: 'Azure SDK Engineering System' + ClientId: '5f81938c-2544-4f1f-9251-dd9de5b8a81b' + KeyVaultName: 'AzureSDKEngKeyVault' + AuthCertName: 'azure-sdk-esrp-release-auth-certificate' + SignCertName: 'azure-sdk-esrp-release-sign-certificate' + Intent: 'PackageDistribution' + ContentType: 'npm' + FolderLocation: $(Build.ArtifactStagingDirectory) + Owners: ${{ coalesce(variables['Build.RequestedForEmail'], 'azuresdk@microsoft.com') }} + Approvers: 'azuresdk@microsoft.com' + ServiceEndpointUrl: 'https://api.esrp.microsoft.com' + MainPublisher: 'ESRPRELPACMANTEST' + DomainTenantId: '72f988bf-86f1-41af-91ab-2d7cd011db47' + productstate: $(Tag) diff --git a/eng/1es-redirect.yml b/eng/1es-redirect.yml new file mode 100644 index 00000000..4a968bf3 --- /dev/null +++ b/eng/1es-redirect.yml @@ -0,0 +1,64 @@ +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release + - repository: 1ESPipelineTemplatesCanary + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/canary + +parameters: +- name: stages + type: stageList + default: [] +- name: Use1ESOfficial + type: boolean + default: true +- name: oneESTemplateTag + type: string + default: release + +extends: + ${{ if and(parameters.Use1ESOfficial, eq(parameters.oneESTemplateTag, 'canary')) }}: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplatesCanary + ${{ elseif eq(parameters.oneESTemplateTag, 'canary') }}: + template: v1/1ES.Unofficial.PipelineTemplate.yml@1ESPipelineTemplatesCanary + ${{ elseif and(parameters.Use1ESOfficial, eq(variables['System.TeamProject'], 'internal')) }}: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + ${{ else }}: + template: v1/1ES.Unofficial.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + ${{ if eq(parameters.oneESTemplateTag, 'canary') }}: + # Enable 1es template team to verify validation has been run on canary + customBuildTags: + - 1ES.PT.Tag-refs/tags/canary + settings: + skipBuildTagsForGitHubPullRequests: true + sdl: + git: + longpaths: true + submodules: false + sourceRepositoriesToScan: + include: + - repository: self + submodule: false + runInSingleJob: true + sourceAnalysisPool: + name: azsdk-pool-mms-win-2022-general + image: azsdk-pool-mms-win-2022-1espt + os: windows + eslint: + enabled: false + justificationForDisabling: "ESLint injected task has failures because it uses an old version of mkdirp. We should not fail for tools not controlled by the repo. See: https://dev.azure.com/azur 19 e-sdk/internal/_build/results?buildId=3556850" + codeql: + compiled: + enabled: false + justificationForDisabling: "CodeQL times our pipelines out by running for 2+ hours before being force canceled." + psscriptanalyzer: + compiled: true + break: true + policy: M365 + + stages: ${{ parameters.stages }} \ No newline at end of file diff --git a/eng/image.yml b/eng/image.yml new file mode 100644 index 00000000..a7ce2512 --- /dev/null +++ b/eng/image.yml @@ -0,0 +1,26 @@ +# Default pool image selection. Set as variable so we can override at pipeline level + +variables: + - name: LINUXPOOL + value: azsdk-pool-mms-ubuntu-2004-general + - name: WINDOWSPOOL + value: azsdk-pool-mms-win-2022-general + - name: MACPOOL + value: Azure Pipelines + + - name: LINUXVMIMAGE + value: azsdk-pool-mms-ubuntu-2004-1espt + - name: LINUXNEXTVMIMAGE + value: ubuntu-22.04 + - name: WINDOWSVMIMAGE + value: azsdk-pool-mms-win-2022-1espt + - name: MACVMIMAGE + value: macos-11 + + # Values required for pool.os field in 1es pipeline templates + - name: LINUXOS + value: linux + - name: WINDOWSOS + value: windows + - name: MACOS + value: macOS \ No newline at end of file diff --git a/eng/publish-1es-artifact.yml b/eng/publish-1es-artifact.yml new file mode 100644 index 00000000..759d0455 --- /dev/null +++ b/eng/publish-1es-artifact.yml @@ -0,0 +1,32 @@ +# This step is used to prevent duplication of artifact publishes when there is an issue that would prevent the overall success of the job. +# Ensuring that we only publish when successful (and two a differently named artifact otherwise) will allow easy retry on a build pipeline +# without running into the "cannot override artifact" failure when we finally do get a passing run. + +# ArtifactName - The name of the artifact in the "successful" case. +# ArtifactPath - The path we will be publishing. +# CustomCondition - Used if there is additional logic necessary to prevent attempt of publish. +# SbomEnabled - Set whether to auto-inject 1es pipeline template sbom tasks + +parameters: + ArtifactName: '' + ArtifactPath: '' + CustomCondition: true + SbomEnabled: true + +steps: + - pwsh: | + if ($env:AGENT_JOBSTATUS -eq "Failed") { + Write-Host "##vso[task.setvariable variable=PublishArtifactName;]${{ parameters.ArtifactName }}-FailedAttempt$(System.JobAttempt)" + } else { + Write-Host "##vso[task.setvariable variable=PublishArtifactName;]${{ parameters.ArtifactName }}" + } + condition: and(succeededOrFailed(), ${{ parameters.CustomCondition }}) + displayName: Set Artifact Name $(Agent.JobStatus) + + - task: 1ES.PublishPipelineArtifact@1 + condition: and(succeededOrFailed(), ${{ parameters.CustomCondition }}) + displayName: 'Publish ${{ parameters.ArtifactName }} Artifacts' + inputs: + artifactName: '$(PublishArtifactName)' + targetPath: '${{ parameters.ArtifactPath }}' + sbomEnabled: ${{ parameters.SbomEnabled }} \ No newline at end of file diff --git a/eng/scripts/determine-release-tag.ps1 b/eng/scripts/determine-release-tag.ps1 new file mode 100644 index 00000000..223b6931 --- /dev/null +++ b/eng/scripts/determine-release-tag.ps1 @@ -0,0 +1,18 @@ +# Read the package.json file +$packageJsonPath = "$PSScriptRoot/../../package.json" +$packageJson = Get-Content $packageJsonPath -Raw | ConvertFrom-Json + +# Function to check if a version is non-GA +function Is-NonGA($version) { + return $version -match "-(alpha|beta|rc|pre)" +} + +$pkgVersion = $packageJson.version + +if (Is-NonGA($pkgVersion)) { + Write-Host "##vso[task.setvariable variable=Tag;]beta" +} +else { + Write-Host "##vso[task.setvariable variable=Tag;]latest" +} + diff --git a/eng/test-steps.yml b/eng/test-steps.yml new file mode 100644 index 00000000..f4c16cf8 --- /dev/null +++ b/eng/test-steps.yml @@ -0,0 +1,26 @@ +parameters: + - name: ArtifactName + type: string + default: 'drop' + +steps: + - script: npm ci + displayName: npm ci + - script: npm run lint + displayName: lint + - script: npm run prettier + displayName: prettier + - script: npm test + displayName: test + - script: npm pack + displayName: pack + - task: CopyFiles@2 + displayName: 'Copy Files to Staging' + inputs: + Contents: '*.tgz' + TargetFolder: $(Build.ArtifactStagingDirectory) + + - task: PublishBuildArtifacts@1 + inputs: + pathtoPublish: $(Build.ArtifactStagingDirectory) + artifactName: ${{ parameters.ArtifactName }} \ No newline at end of file From a6d17a6ba99975b8565f1e2746e62cdf0038fc50 Mon Sep 17 00:00:00 2001 From: "Scott Beddall (from Dev Box)" Date: Mon, 17 Jun 2024 16:06:34 -0700 Subject: [PATCH 2/7] correct indentation --- azure-pipelines.yml | 149 ++++++++++++++++++++++---------------------- 1 file changed, 76 insertions(+), 73 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index f176a15c..0ff21b24 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -1,90 +1,93 @@ trigger: - main -stages: - - stage: Build - variables: - - template: /eng/image.yml - jobs: - - job: Build_linux +extends: + template: /eng/templates/stages/1es-redirect.yml + parameters: + stages: + - stage: Build + variables: + - template: /eng/image.yml + jobs: + - job: Build_linux - pool: - name: $(LINUXPOOL) - image: $(LINUXVMIMAGE) - os: linux + pool: + name: $(LINUXPOOL) + image: $(LINUXVMIMAGE) + os: linux - steps: - template: /eng/test-steps.yml - parameters: - ArtifactName: drop-linux + steps: + template: /eng/test-steps.yml + parameters: + ArtifactName: drop-linux - - job: Build_Windows + - job: Build_Windows - pool: - name: $(WINDOWSPOOL) - image: $(WINDOWSVMIMAGE) - os: windows + pool: + name: $(WINDOWSPOOL) + image: $(WINDOWSVMIMAGE) + os: windows - steps: - template: /eng/test-steps.yml - parameters: - ArtifactName: drop + steps: + template: /eng/test-steps.yml + parameters: + ArtifactName: drop - # only include if running on `internal` build with manual queue, otherwise never include - - ${{ if and(in(variables['Build.Reason'], 'Manual', ''), eq(variables['System.TeamProject'], 'internal'))}}: - - stage: Publish - displayName: Publish - dependsOn: Build_And_Test + # only include if running on `internal` build with manual queue, otherwise never include + - ${{ if and(in(variables['Build.Reason'], 'Manual', ''), eq(variables['System.TeamProject'], 'internal'))}}: + - stage: Publish + displayName: Publish + dependsOn: Build_And_Test - jobs: - - deployment: Publish - environment: 'package-publish' - pool: - name: azsdk-pool-mms-ubuntu-2004-general - image: azsdk-pool-mms-ubuntu-2004-1espt - os: linux + jobs: + - deployment: Publish + environment: 'package-publish' + pool: + name: azsdk-pool-mms-ubuntu-2004-general + image: azsdk-pool-mms-ubuntu-2004-1espt + os: linux - strategy: - runOnce: - deploy: - steps: - - checkout: self - submodules: false + strategy: + runOnce: + deploy: + steps: + - checkout: self + submodules: false - - download: current - artifact: drop - timeoutInMinutes: 5 + - download: current + artifact: drop + timeoutInMinutes: 5 - - task: PowerShell@2 - inputs: - filePath: '$(Build.SourcesDirectory)/eng/scripts/determine-release-tag.ps1' - failOnStderr: true - pwsh: true + - task: PowerShell@2 + inputs: + filePath: '$(Build.SourcesDirectory)/eng/scripts/determine-release-tag.ps1' + failOnStderr: true + pwsh: true - - pwsh: | - Write-Host "Will deploy with tag of $(Tag)" - Get-ChildItem "$(Pipeline.Workspace)/drop" -Recurse -Force ` - | Where-Object { $_.Name -like "*.tgz" } ` - | Copy-Item -Destination "$(Build.ArtifactStagingDirectory)" + - pwsh: | + Write-Host "Will deploy with tag of $(Tag)" + Get-ChildItem "$(Pipeline.Workspace)/drop" -Recurse -Force ` + | Where-Object { $_.Name -like "*.tgz" } ` + | Copy-Item -Destination "$(Build.ArtifactStagingDirectory)" - Get-ChildItem "$(Build.ArtifactStagingDirectory)" -Recurse -Force | % { Write-Host $_.FullName } - displayName: Move artifact to $(Build.ArtifactStagingDirectory) + Get-ChildItem "$(Build.ArtifactStagingDirectory)" -Recurse -Force | % { Write-Host $_.FullName } + displayName: Move artifact to $(Build.ArtifactStagingDirectory) - - task: EsrpRelease@7 - inputs: - displayName: 'Publish oav to ESRP' - ConnectedServiceName: 'Azure SDK Engineering System' - ClientId: '5f81938c-2544-4f1f-9251-dd9de5b8a81b' - KeyVaultName: 'AzureSDKEngKeyVault' - AuthCertName: 'azure-sdk-esrp-release-auth-certificate' - SignCertName: 'azure-sdk-esrp-release-sign-certificate' - Intent: 'PackageDistribution' - ContentType: 'npm' - FolderLocation: $(Build.ArtifactStagingDirectory) - Owners: ${{ coalesce(variables['Build.RequestedForEmail'], 'azuresdk@microsoft.com') }} - Approvers: 'azuresdk@microsoft.com' - ServiceEndpointUrl: 'https://api.esrp.microsoft.com' - MainPublisher: 'ESRPRELPACMANTEST' - DomainTenantId: '72f988bf-86f1-41af-91ab-2d7cd011db47' - productstate: $(Tag) + - task: EsrpRelease@7 + inputs: + displayName: 'Publish oav to ESRP' + ConnectedServiceName: 'Azure SDK Engineering System' + ClientId: '5f81938c-2544-4f1f-9251-dd9de5b8a81b' + KeyVaultName: 'AzureSDKEngKeyVault' + AuthCertName: 'azure-sdk-esrp-release-auth-certificate' + SignCertName: 'azure-sdk-esrp-release-sign-certificate' + Intent: 'PackageDistribution' + ContentType: 'npm' + FolderLocation: $(Build.ArtifactStagingDirectory) + Owners: ${{ coalesce(variables['Build.RequestedForEmail'], 'azuresdk@microsoft.com') }} + Approvers: 'azuresdk@microsoft.com' + ServiceEndpointUrl: 'https://api.esrp.microsoft.com' + MainPublisher: 'ESRPRELPACMANTEST' + DomainTenantId: '72f988bf-86f1-41af-91ab-2d7cd011db47' + productstate: $(Tag) From 5df82ee0366b8830c6e99c749a77207f35f61238 Mon Sep 17 00:00:00 2001 From: "Scott Beddall (from Dev Box)" Date: Mon, 17 Jun 2024 16:07:31 -0700 Subject: [PATCH 3/7] correct path to 1es redirect --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 0ff21b24..318590d2 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -2,7 +2,7 @@ trigger: - main extends: - template: /eng/templates/stages/1es-redirect.yml + template: /eng/1es-redirect.yml parameters: stages: - stage: Build From 4c631adffd500f7ea722c9f23202919ac8837b4c Mon Sep 17 00:00:00 2001 From: "Scott Beddall (from Dev Box)" Date: Mon, 17 Jun 2024 16:09:16 -0700 Subject: [PATCH 4/7] properly call the step template --- azure-pipelines.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 318590d2..30304046 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -17,9 +17,9 @@ extends: os: linux steps: - template: /eng/test-steps.yml - parameters: - ArtifactName: drop-linux + - template: /eng/test-steps.yml + parameters: + ArtifactName: drop-linux - job: Build_Windows @@ -29,9 +29,9 @@ extends: os: windows steps: - template: /eng/test-steps.yml - parameters: - ArtifactName: drop + - template: /eng/test-steps.yml + parameters: + ArtifactName: drop # only include if running on `internal` build with manual queue, otherwise never include From a399ae42aabfcd7d398ad50116a544676bcb9017 Mon Sep 17 00:00:00 2001 From: "Scott Beddall (from Dev Box)" Date: Mon, 17 Jun 2024 16:10:36 -0700 Subject: [PATCH 5/7] additional updates to parameter passing --- eng/test-steps.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/eng/test-steps.yml b/eng/test-steps.yml index f4c16cf8..1bbc1349 100644 --- a/eng/test-steps.yml +++ b/eng/test-steps.yml @@ -20,7 +20,7 @@ steps: Contents: '*.tgz' TargetFolder: $(Build.ArtifactStagingDirectory) - - task: PublishBuildArtifacts@1 - inputs: - pathtoPublish: $(Build.ArtifactStagingDirectory) - artifactName: ${{ parameters.ArtifactName }} \ No newline at end of file + - template: /eng/publish-1es-artifact.yml + parameters: + ArtifactName: ${{ parameters.ArtifactName }} + ArtifactPath: $(Build.ArtifactStagingDirectory) From da9dd9d7cceb3b1b018a6390aabc4f705a8cc349 Mon Sep 17 00:00:00 2001 From: "Scott Beddall (from Dev Box)" Date: Mon, 17 Jun 2024 16:49:41 -0700 Subject: [PATCH 6/7] run prettier --- eng/1es-redirect.yml | 24 ++++++++++++------------ eng/image.yml | 2 +- eng/publish-1es-artifact.yml | 12 ++++++------ eng/test-steps.yml | 6 +++--- 4 files changed, 22 insertions(+), 22 deletions(-) diff --git a/eng/1es-redirect.yml b/eng/1es-redirect.yml index 4a968bf3..70f1e43e 100644 --- a/eng/1es-redirect.yml +++ b/eng/1es-redirect.yml @@ -10,15 +10,15 @@ resources: ref: refs/tags/canary parameters: -- name: stages - type: stageList - default: [] -- name: Use1ESOfficial - type: boolean - default: true -- name: oneESTemplateTag - type: string - default: release + - name: stages + type: stageList + default: [] + - name: Use1ESOfficial + type: boolean + default: true + - name: oneESTemplateTag + type: string + default: release extends: ${{ if and(parameters.Use1ESOfficial, eq(parameters.oneESTemplateTag, 'canary')) }}: @@ -42,8 +42,8 @@ extends: submodules: false sourceRepositoriesToScan: include: - - repository: self - submodule: false + - repository: self + submodule: false runInSingleJob: true sourceAnalysisPool: name: azsdk-pool-mms-win-2022-general @@ -61,4 +61,4 @@ extends: break: true policy: M365 - stages: ${{ parameters.stages }} \ No newline at end of file + stages: ${{ parameters.stages }} diff --git a/eng/image.yml b/eng/image.yml index a7ce2512..403c7fde 100644 --- a/eng/image.yml +++ b/eng/image.yml @@ -23,4 +23,4 @@ variables: - name: WINDOWSOS value: windows - name: MACOS - value: macOS \ No newline at end of file + value: macOS diff --git a/eng/publish-1es-artifact.yml b/eng/publish-1es-artifact.yml index 759d0455..c37e9d52 100644 --- a/eng/publish-1es-artifact.yml +++ b/eng/publish-1es-artifact.yml @@ -8,8 +8,8 @@ # SbomEnabled - Set whether to auto-inject 1es pipeline template sbom tasks parameters: - ArtifactName: '' - ArtifactPath: '' + ArtifactName: "" + ArtifactPath: "" CustomCondition: true SbomEnabled: true @@ -25,8 +25,8 @@ steps: - task: 1ES.PublishPipelineArtifact@1 condition: and(succeededOrFailed(), ${{ parameters.CustomCondition }}) - displayName: 'Publish ${{ parameters.ArtifactName }} Artifacts' + displayName: "Publish ${{ parameters.ArtifactName }} Artifacts" inputs: - artifactName: '$(PublishArtifactName)' - targetPath: '${{ parameters.ArtifactPath }}' - sbomEnabled: ${{ parameters.SbomEnabled }} \ No newline at end of file + artifactName: "$(PublishArtifactName)" + targetPath: "${{ parameters.ArtifactPath }}" + sbomEnabled: ${{ parameters.SbomEnabled }} diff --git a/eng/test-steps.yml b/eng/test-steps.yml index 1bbc1349..60dbae85 100644 --- a/eng/test-steps.yml +++ b/eng/test-steps.yml @@ -1,7 +1,7 @@ parameters: - name: ArtifactName type: string - default: 'drop' + default: "drop" steps: - script: npm ci @@ -15,9 +15,9 @@ steps: - script: npm pack displayName: pack - task: CopyFiles@2 - displayName: 'Copy Files to Staging' + displayName: "Copy Files to Staging" inputs: - Contents: '*.tgz' + Contents: "*.tgz" TargetFolder: $(Build.ArtifactStagingDirectory) - template: /eng/publish-1es-artifact.yml From 92d8826e0e06be8b9ec5aa37340670353aba0ee6 Mon Sep 17 00:00:00 2001 From: "Scott Beddall (from Dev Box)" Date: Tue, 18 Jun 2024 11:25:51 -0700 Subject: [PATCH 7/7] update the contributing guide --- CONTRIBUTING.md | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 81abcc4a..f6d04ecd 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -141,10 +141,9 @@ npm list -g oad # Should denote no packages installed ## Publish the package -- Ensure you bumped the package version in `openapi-diff` `package.json`. -- Verify [`public.openapi-diff`] passed. -- Use [`js - tools to npm - publish (@azure)`] to publish the package to the public `npm` feed. -- Verify in [`@azure/oad` versions] the package was published. +- Ensure you bumped the package version in [`openapi-diff`] `package.json`. +- Queue a run of the [`openapi-diff-build`] and approve the 'publish' stage. +- Verify in [`@azure/oad` versions] the package was published on npmjs.org. - Save it to `openapi-platform` feed via [upstream feeds of `openapi-platform`]. - To make `openapi-alps` use the newly published package: - Ensure that you update the minimum package version in relevant `package.json` files and then run `rush update` and commit the changes. @@ -160,7 +159,7 @@ npm list -g oad # Should denote no packages installed [`dotnet test`]: https://learn.microsoft.com/en-us/dotnet/core/tools/dotnet-test [`npm link`]: https://docs.npmjs.com/cli/v10/commands/npm-link [the cache]: https://docs.npmjs.com/cli/v10/configuring-npm/folders#cache -[`js - tools to npm - publish (@azure)`]: https://dev.azure.com/azure-sdk/internal/_release?definitionId=24&_a=releases&view=mine +[`openapi-diff-build`]: https://dev.azure.com/azure-sdk/internal/_build/index?definitionId=7030 [`public.openapi-diff`]: https://dev.azure.com/azure-sdk/public/_build?definitionId=135&_a=summary [upstream feeds of `openapi-platform`]: https://devdiv.visualstudio.com/DevDiv/_artifacts/feed/openapi-platform/Npm/@azure%2Foad/upstreams/ [`@azure/oad` versions]: https://www.npmjs.com/package/@azure/oad?activeTab=versions