From b62c5fbffabd12032d44bda432c2c480bb884a5b Mon Sep 17 00:00:00 2001 From: Liviu Dima Date: Thu, 10 Oct 2024 15:59:24 +0300 Subject: [PATCH] Update to valid config. --- .azure-devops/nova-facade-release.yml | 123 ++++++++++++++------------ 1 file changed, 67 insertions(+), 56 deletions(-) diff --git a/.azure-devops/nova-facade-release.yml b/.azure-devops/nova-facade-release.yml index 75e7659..d25c9c2 100644 --- a/.azure-devops/nova-facade-release.yml +++ b/.azure-devops/nova-facade-release.yml @@ -5,9 +5,9 @@ resources: name: 1ESPipelineTemplates/1ESPipelineTemplates ref: refs/tags/release +pr: none trigger: - main -pr: none schedules: - cron: 0 0 * * Mon displayName: Nova-Facade weekly pipeline validation @@ -21,64 +21,75 @@ variables: - name: tags value: production,externalfacing - name: serviceTreeID - value: ade7d667-42f5-485a-91a9-f1dc6482a9b0 + value: 6F8CD842-E117-412F-BAE4-56A3B6166594 - name: adoNpmFeedBaseUrl value: https://pkgs.dev.azure.com/domoreexp/_apis/packaging/feeds/npm-mirror extends: - template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates - stages: - - stage: Release_And_Compliance - jobs: - - job: compliance - displayName: Compliance checks - pool: - name: Azure-Pipelines-1ESPT-ExDShared - image: windows-2022 - os: windows - steps: - - template: ./steps/service-tree.yml@self - parameters: - serviceTreeID: $(serviceTreeID) - - template: ./steps/compliance-steps.yml@self + template: v1/1ES.Unofficial.PipelineTemplate.yml@1ESPipelineTemplates - - job: Release + parameters: + sdl: + sourceAnalysisPool: + name: Azure-Pipelines-1ESPT-ExDShared + image: windows-2022 + os: windows + stages: + - stage: release variables: - - group: oss-secrets - dependsOn: Compliance - pool: - name: Azure-Pipelines-1ESPT-ExDShared - image: ubuntu-latest - os: linux - templateContext: - type: releaseJob - isProduction: true - steps: - - template: ./steps/service-tree.yml@self - parameters: - serviceTreeID: $(serviceTreeID) - - script: yarn - displayName: yarn - - script: | - yarn ci - displayName: build and test [test] - - script: | - git config user.email "gql-svc@microsoft.com" - git config user.name "Graphitation Service Account" - git remote set-url origin https://gql-svc:$(ossGithubPAT)@github.com/microsoft/nova-facade.git - displayName: Configure git for release - - script: yarn release -y -n $(ossNpmToken) --access public - displayName: Release - - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: 📒 Generate Manifest - inputs: - BuildDropPath: $(System.DefaultWorkingDirectory) - - task: 1ES.PublishPipelineArtifact@1 - displayName: 📒 Publish Manifest - inputs: - artifactName: SBom-$(System.JobAttempt) - targetPath: $(System.DefaultWorkingDirectory)/_manifest - - template: ./steps/pierce-ado-npm-mirror-cache.yml@self - parameters: - adoNpmFeedPat: $(adoNpmFeedPat) - adoNpmFeedBaseUrl: $(adoNpmFeedBaseUrl) + # OPTIONAL: Set this varibale to 'true' to enable signing in a target stage. + # Remove if signing is not required. + Build.ESRP.CodeSign.Enabled: true + # OPTIONAL: To disable required tools not applicable in the pipeline set to false. + # Supported values: BinSkim, Roslyn, ESLint, PREFast. + Build.SDL..Enabled: false + Build.SDL..Enabled: true + jobs: + - job: compliance + displayName: Compliance checks + pool: + name: Azure-Pipelines-1ESPT-ExDShared + image: windows-2022 + os: windows + steps: + - template: .azure-devops/steps/service-tree.yml@self + parameters: + serviceTreeID: $(serviceTreeID) + + - job: Release + variables: + - group: oss-secrets + dependsOn: Compliance + pool: + name: Azure-Pipelines-1ESPT-ExDShared + image: ubuntu-latest + os: linux + steps: + - template: .azure-devops/steps/service-tree.yml@self + parameters: + serviceTreeID: $(serviceTreeID) + - script: yarn + displayName: yarn + - script: | + yarn ci + displayName: build and test [test] + - script: | + git config user.email "gql-svc@microsoft.com" + git config user.name "Graphitation Service Account" + git remote set-url origin https://gql-svc:$(ossGithubPAT)@github.com/microsoft/nova-facade.git + displayName: Configure git for release + - script: yarn release -y -n $(ossNpmToken) --access public + displayName: Release + - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 + displayName: 📒 Generate Manifest + inputs: + BuildDropPath: $(System.DefaultWorkingDirectory) + - task: 1ES.PublishPipelineArtifact@1 + displayName: 📒 Publish Manifest + inputs: + artifactName: SBom-$(System.JobAttempt) + targetPath: $(System.DefaultWorkingDirectory)/_manifest + - template: .azure-devops/steps/pierce-ado-npm-mirror-cache.yml@self + parameters: + adoNpmFeedPat: $(adoNpmFeedPat) + adoNpmFeedBaseUrl: $(adoNpmFeedBaseUrl)