Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CI] Migrate to 1ES #1773

Merged
merged 49 commits into from
Apr 12, 2024
Merged

[CI] Migrate to 1ES #1773

Show file tree
Hide file tree
Changes from 45 commits
Commits
Show all changes
49 commits
Select commit Hold shift + click to select a range
9248129
Initial template
AnatolyPristensky Mar 25, 2024
4b691c5
Update build-release-packages-1es.yml
AnatolyPristensky Mar 26, 2024
4c40920
Update build-release-packages-1es.yml
AnatolyPristensky Mar 26, 2024
3d32897
Update build-release-packages-1es.yml
AnatolyPristensky Mar 26, 2024
7bdcc04
Update OS
AnatolyPristensky Mar 26, 2024
475f1ef
Update build-release-packages-1es.yml
AnatolyPristensky Mar 26, 2024
b29a239
Correct formatting
AnatolyPristensky Mar 26, 2024
c19815f
Add Keyvault variable
AnatolyPristensky Mar 26, 2024
fa85d82
Test
AnatolyPristensky Mar 26, 2024
8547be4
RenameVar
AnatolyPristensky Mar 27, 2024
85736eb
RenameSecret
AnatolyPristensky Mar 27, 2024
15b3029
RenameStage
AnatolyPristensky Mar 27, 2024
c78fce8
Add Xamarin Stage
AnatolyPristensky Mar 27, 2024
3916963
Test wasm-tools
AnatolyPristensky Mar 28, 2024
ee2888f
Remove depends
AnatolyPristensky Mar 28, 2024
d9c11a9
Add Package Stage
AnatolyPristensky Mar 28, 2024
d917bbe
Correct formatting
AnatolyPristensky Mar 28, 2024
a2e9010
Formatting
AnatolyPristensky Mar 28, 2024
f7eb625
Correct format
AnatolyPristensky Mar 28, 2024
fdf2865
Update format
AnatolyPristensky Mar 28, 2024
3d79f80
Fix ESRP task
AnatolyPristensky Mar 28, 2024
46da89c
Add Dependency
AnatolyPristensky Mar 28, 2024
d31c016
Remove XamarinDependency for test Package stage
AnatolyPristensky Mar 28, 2024
4e94ebb
Switch Artifact Type
AnatolyPristensky Mar 28, 2024
2cc52d7
Сorrect Path
AnatolyPristensky Mar 28, 2024
719b64f
Disable API Scan for test
AnatolyPristensky Mar 28, 2024
5530672
Bump dotnet version to 7
DmitriyKirakosyan Mar 29, 2024
547e8f9
Remvoe installing wasm-tools
DmitriyKirakosyan Mar 29, 2024
053df99
Fix dependsOn
DmitriyKirakosyan Mar 29, 2024
dff51c6
demand msbuild
DmitriyKirakosyan Mar 29, 2024
5a65047
disable windows assemblies
DmitriyKirakosyan Mar 29, 2024
3a3f795
fix pipeline
DmitriyKirakosyan Mar 29, 2024
ff65e15
use .net 3
DmitriyKirakosyan Mar 29, 2024
5226261
use net 7
DmitriyKirakosyan Mar 29, 2024
e024725
Separate mac build groups
DmitriyKirakosyan Mar 30, 2024
c39f553
Update yml to build xamarin and dotnet separately
DmitriyKirakosyan Mar 30, 2024
426554a
move tasks
DmitriyKirakosyan Apr 1, 2024
a017daa
Try using macos 11
DmitriyKirakosyan Apr 1, 2024
3006556
Fix APIScan task
DmitriyKirakosyan Apr 1, 2024
a733316
Enable windows job
DmitriyKirakosyan Apr 1, 2024
00a77aa
Fix publish and download artifacts
DmitriyKirakosyan Apr 1, 2024
413c129
Fix assemblies location
DmitriyKirakosyan Apr 2, 2024
cabfd2e
Fix packaged files path
DmitriyKirakosyan Apr 2, 2024
5d6a1a3
Fix unity package path
DmitriyKirakosyan Apr 2, 2024
ea725a2
Remove CodeQL from github workflows
DmitriyKirakosyan Apr 2, 2024
93c8a85
Remove installation of net framework 461
DmitriyKirakosyan Apr 3, 2024
27d2d36
Increase job timeout for APIScan
DmitriyKirakosyan Apr 3, 2024
f99c98a
Run APIScan on master only
DmitriyKirakosyan Apr 4, 2024
39a374a
Remove redundant dotnet 3.1 installation
DmitriyKirakosyan Apr 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
384 changes: 384 additions & 0 deletions .azurepipelines/build-release-packages-1es.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,384 @@
trigger:
- master
- develop
pr:
- master
- develop
resources:
repositories:
- repository: self
type: git
ref: refs/heads/develop
- repository: 1ESPipelineTemplates
type: git
name: 1ESPipelineTemplates/1ESPipelineTemplates
ref: refs/tags/release
name: $(Build.SourceBranchName)_$(date:yyyyMMdd)$(rev:.r)
extends:
${{ if eq(variables['Build.SourceBranch'], 'refs/heads/master') }}:
template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates
${{ else }}:
template: v1/1ES.Unofficial.PipelineTemplate.yml@1ESPipelineTemplates
parameters:
pool:
name: 1ES-PT-Windows-2022
os: windows
customBuildTags:
- ES365AIMigrationTooling-BulkMigrated
sdl:
sourceAnalysisPool: 1ES-PT-Windows-2022
stages:
- stage: BuildWindowsAssemblies
dependsOn: []
jobs:
- job: sdkBuildJob
displayName: BuildWindowsAssemblies
cancelTimeoutInMinutes: 1
templateContext:
outputs:
- output: pipelineArtifact
displayName: 'Publish Artifact: framework'
path: '$(Build.ArtifactStagingDirectory)'
artifactName: windows-assemblies
steps:
- checkout: self
fetchTags: false

- task: AzureKeyVault@2
inputs:
azureSubscription: 'AC - Dev Infra & Build Pool'
KeyVaultName: 'mobile-center-sdk'
SecretsFilter: 'appcenter-sdk-blob-storage-access-secret'
RunAsPreJob: false

- task: PowerShell@2
displayName: 'Set Release Version'
inputs:
targetType: filePath
filePath: ./build.ps1
arguments: '"version.cake" --Target="SetReleaseVersion"'

- powershell: |
Set-Location "C:\Program Files (x86)\Microsoft Visual Studio\Installer\"
$InstallPath = "C:\Program Files\Microsoft Visual Studio\2022\Enterprise"
$componentsToAdd = @(
"Microsoft .NET Framework 4.6.1 Targeting Pack"
DmitriyKirakosyan marked this conversation as resolved.
Show resolved Hide resolved
)
[string]$workloadArgs = $componentsToAdd | ForEach-Object {" --add " + $_}
$Arguments = ('/c', "vs_installer.exe", 'modify', '--installPath', "`"$InstallPath`"",$workloadArgs, '--quiet', '--norestart', '--nocache')
$process = Start-Process -FilePath cmd.exe -ArgumentList $Arguments -Wait -PassThru -WindowStyle Hidden
if ($process.ExitCode -eq 0)
{
Write-Host "components have been successfully added"
}
else
{
Write-Host "components were not installed"
exit 1
}
displayName: 'Install Microsoft .NET Framework 4.6.1'

- task: cake-build.cake.cake-build-task.Cake@2
displayName: 'Prepare Assemblies'
inputs:
target: PrepareAssemblies
arguments: '--StorageAuthParams="$(appcenter-sdk-blob-storage-access-secret)"'
Version: 2.2.0


- task: CopyFiles@2
displayName: 'Copy Assemblies'
inputs:
SourceFolder: '$(Build.SourcesDirectory)\bin'
TargetFolder: '$(Build.ArtifactStagingDirectory)'

- stage: BuildDotNetAssemblies
dependsOn: []
pool:
name: Azure Pipelines
image: macos-11
os: macOS
demands:
- msbuild
jobs:
- job: sdkBuildJob
templateContext:
outputs:
- output: pipelineArtifact
displayName: 'Publish Artifact: framework'
path: '$(Build.ArtifactStagingDirectory)'
artifactName: dotnet-assemblies
steps:
- checkout: self
fetchTags: false

- task: Bash@3
displayName: 'Set Release Version'
inputs:
targetType: filePath
filePath: ./build.sh
arguments: '"version.cake" -t SetReleaseVersion'

- bash: 'sudo $AGENT_HOMEDIRECTORY/scripts/select-xamarin-sdk.sh 6_12_0'
displayName: 'Use Xamarin Bundle 6.12.0'

- task: JavaToolInstaller@0
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What for do we use Java?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This specific version of java was used to build Xamarin projects for Android.

displayName: 'Use Java 11'
inputs:
versionSpec: 11
jdkArchitectureOption: x64
jdkSourceOption: PreInstalled

- task: AzureKeyVault@2
inputs:
azureSubscription: 'AC - Dev Infra & Build Pool'
KeyVaultName: 'mobile-center-sdk'
SecretsFilter: 'appcenter-sdk-blob-storage-access-secret'
RunAsPreJob: false

- task: UseDotNet@2
displayName: 'Install .NET 7'
inputs:
packageType: 'sdk'
version: '7.0.308'

- bash: 'dotnet workload install android ios macos'
displayName: 'Install .NET workloads'

- task: cake-build.cake.cake-build-task.Cake@2
displayName: 'Prepare DotNet Assemblies'
inputs:
target: PrepareAssemblies
arguments: '--StorageAuthParams="$(appcenter-sdk-blob-storage-access-secret)"'
Version: 2.2.0

- task: UseDotNet@2
displayName: 'Install .NET 3.1'
DmitriyKirakosyan marked this conversation as resolved.
Show resolved Hide resolved
inputs:
packageType: 'sdk'
version: '3.1.413'

- task: cake-build.cake.cake-build-task.Cake@2
displayName: 'Prepare Xamarin Assemblies'
inputs:
target: PrepareAssemblies
arguments: '--MacPlatformId="mac-xamarin" --StorageAuthParams="$(appcenter-sdk-blob-storage-access-secret)"'
Version: 2.2.0

- task: CopyFiles@2
displayName: 'Copy Assemblies'
inputs:
SourceFolder: '$(Build.SourcesDirectory)/bin'
TargetFolder: '$(Build.ArtifactStagingDirectory)'

- stage: Package
dependsOn:
- BuildWindowsAssemblies
- BuildDotNetAssemblies
pool:
name: 1ES-PT-Windows-2022
os: windows
jobs:
- job: Package
templateContext:
outputs:
- output: pipelineArtifact
displayName: 'Publish Artifact: framework'
path: '$(Build.ArtifactStagingDirectory)'
artifactName: package
steps:
- checkout: self
fetchTags: false

- task: PowerShell@2
displayName: 'Set Release Version'
inputs:
targetType: filePath
filePath: ./build.ps1
arguments: '"version.cake" --Target="SetReleaseVersion"'

- powershell: |
$change_log_found = $False
$change_log = Foreach ($line in Get-Content "CHANGELOG.md") {
if ($change_log_found) {
if ($line -like "___") {
break
}
$line
} elseif ($line -like "## Version*") {
$change_log_found = $True
}
}
($change_log | Out-String).Trim() | Set-Content "RELEASE.md"
displayName: 'Collect Release Description'

- task: DownloadPipelineArtifact@2
displayName: 'Download Windows Assemblies'
inputs:
artifactName: windows-assemblies
downloadPath: '$(Build.ArtifactStagingDirectory)\assemblies'
extractTars: false

- task: DownloadPipelineArtifact@2
displayName: 'Download DotNet Assemblies'
inputs:
artifactName: dotnet-assemblies
downloadPath: '$(Build.ArtifactStagingDirectory)\assemblies'
extractTars: false

- task: DownloadSecureFile@1
displayName: 'Download the strong naming certificate'
inputs:
secureFile: 'appcenter-pair-key.snk'

- task: UseDotNet@2
displayName: 'Use .NET Core sdk 6.0.x'
inputs:
version: 6.0.x

- powershell: |
# Run script
.\scripts\strong-named-sign.cmd "$(Build.ArtifactStagingDirectory)\assemblies" "$(Agent.TempDirectory)\appcenter-pair-key.snk"
displayName: 'Sign assemblies with strong naming'

- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@2
displayName: 'Sign Assemblies'
inputs:
ConnectedServiceName: 'MobileCenter-ESRP'
FolderPath: '$(Build.ArtifactStagingDirectory)\assemblies'
Pattern: '*.dll,*.winmd'
signConfigType: inlineSignParams
inlineOperation: |
[
{
"keyCode": "CP-230012",
"operationSetCode": "SigntoolSign",
"parameters": [
{
"parameterName": "OpusName",
"parameterValue": "TestSign"
},
{
"parameterName": "OpusInfo",
"parameterValue": "http://test"
},
{
"parameterName": "PageHash",
"parameterValue": "/NPH"
},
{
"parameterName": "FileDigest",
"parameterValue": "/fd sha256"
},
{
"parameterName": "TimeStamp",
"parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
}
],
"toolName": "signtool.exe",
"toolVersion": "6.2.9304.0"
},
{
"keyCode": "CP-230012",
"operationSetCode": "SigntoolVerify",
"parameters": [],
"toolName": "signtool.exe",
"toolVersion": "6.2.9304.0"
}
]
SessionTimeout: 45
VerboseLogin: true

- task: CopyFiles@2
displayName: 'Move assemblies to bin'
DmitriyKirakosyan marked this conversation as resolved.
Show resolved Hide resolved
inputs:
SourceFolder: '$(Build.ArtifactStagingDirectory)\assemblies'
TargetFolder: '$(System.DefaultWorkingDirectory)\bin'

- task: AzureKeyVault@2
inputs:
azureSubscription: 'AC - Dev Infra & Build Pool'
KeyVaultName: 'mobile-center-sdk'
SecretsFilter: 'appcenter-sdk-managed-identity-clientid'
RunAsPreJob: false

- task: APIScan@2
displayName: 'Run APIScan'
inputs:
softwareFolder: 'bin'
softwareName: 'appcenter-sdk-dotnet'
softwareVersionNum: '$(Build.BuildId)'
isLargeApp: false
toolVersion: 'Latest'
verbosityLevel: verbose
condition: and(succeeded(), ne(variables['DisableAPIScan'], 'true'))
env:
AzureServicesAuthConnectionString: 'runAs=App;AppId=$(appcenter-sdk-managed-identity-clientid)'

- task: AzureKeyVault@2
inputs:
azureSubscription: 'AC - Dev Infra & Build Pool'
KeyVaultName: 'mobile-center-sdk'
SecretsFilter: 'appcenter-sdk-blob-storage-access-secret'
RunAsPreJob: false

- task: Cake@2
displayName: 'Pack NuGets'
inputs:
target: NuGet
arguments: '--MainPackage=true --AssembliesPath="$(Build.ArtifactStagingDirectory)\assemblies" --StorageAuthParams="$(appcenter-sdk-blob-storage-access-secret)"'
Version: 2.2.0

- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
displayName: 'Sign Packages'
enabled: false
inputs:
ConnectedServiceName: 'MobileCenter-ESRP'
FolderPath: '$(System.DefaultWorkingDirectory)/'
Pattern: 'Microsoft.AppCenter*.nupkg'
signConfigType: inlineSignParams
inlineOperation: |
[
{
"keyCode": "CP-401405",
"operationSetCode": "NuGetSign",
"parameters": [ ],
"toolName": "sign",
"toolVersion": "1.0"
},
{
"keyCode": "CP-401405",
"operationSetCode": "NuGetVerify",
"parameters": [ ],
"toolName": "sign",
"toolVersion": "1.0"
}
]
SessionTimeout: 45

- task: CopyFiles@2
displayName: 'Copy Packages'
inputs:
SourceFolder: '$(System.DefaultWorkingDirectory)\output'
Contents: |
*.nupkg
!Microsoft.AppCenter.Rum.*.nupkg
RELEASE.md
TargetFolder: '$(Build.ArtifactStagingDirectory)\Packages'
CleanTargetFolder: true
OverWrite: true

- powershell: |
$SdkVersion = Get-ChildItem $(System.DefaultWorkingDirectory)/output | Where-Object { $_.Name -match 'Microsoft\.AppCenter\.(\d+\.\d+\.\d+)\.nupkg' } | ForEach-Object { $matches[1] }

Write-Host "SDK version: $SdkVersion"
Write-Host "##vso[task.setvariable variable=SdkVersion]$SdkVersion"
displayName: 'Extract SDK Version From NuGet Filename'

- task: ArchiveFiles@2
displayName: 'Archive Unity UWP Assemblies'
inputs:
rootFolderOrFile: '$(Build.ArtifactStagingDirectory)/assemblies/unity_uwp'
includeRootFolder: false
archiveFile: '$(Build.ArtifactStagingDirectory)/AppCenter-SDK-Unity-UWP-$(SdkVersion).zip'

Loading