Skip to content

Commit

Permalink
Migrate release pipeline to governed template (#122)
Browse files Browse the repository at this point in the history
* Migrate release pipeline to governed template

* Update Release task to 1ES

* Update to valid config.

* Use official template

* Remove manifest generation as it is part of publish artifacts.

* Simplify pipeline and remove unneeded files.
  • Loading branch information
LSDima authored Oct 14, 2024
1 parent cb8c46f commit ffc2f10
Show file tree
Hide file tree
Showing 3 changed files with 56 additions and 103 deletions.
101 changes: 56 additions & 45 deletions .azure-devops/nova-facade-release.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,10 @@
resources:
repositories:
- repository: 1ESPipelineTemplates
type: git
name: 1ESPipelineTemplates/1ESPipelineTemplates
ref: refs/tags/release

pr: none
trigger:
- main
Expand All @@ -14,52 +21,56 @@ variables:
- name: tags
value: production,externalfacing
- name: serviceTreeID
value: 6F8CD842-E117-412F-BAE4-56A3B6166594
value: ade7d667-42f5-485a-91a9-f1dc6482a9b0
- name: adoNpmFeedBaseUrl
value: https://pkgs.dev.azure.com/domoreexp/_apis/packaging/feeds/npm-mirror

jobs:
- job: compliance
displayName: Compliance checks
pool:
name: 1ES-Teams-Windows-2022-DomoreexpGithub
steps:
- template: ./steps/service-tree.yml
parameters:
serviceTreeID: $(serviceTreeID)
- template: ./steps/compliance-steps.yml
extends:
template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates

- job: Release
variables:
- group: oss-secrets
dependsOn: Compliance
pool: "1ES-Teams-Ubuntu-Latest-Compliant-NCUS"
steps:
- template: ./steps/service-tree.yml
parameters:
serviceTreeID: $(serviceTreeID)
- script: yarn
displayName: yarn
- script: |
yarn ci
displayName: build and test [test]
- script: |
git config user.email "[email protected]"
git config user.name "Graphitation Service Account"
git remote set-url origin https://gql-svc:$(ossGithubPAT)@github.com/microsoft/nova-facade.git
displayName: Configure git for release
- script: yarn release -y -n $(ossNpmToken) --access public
displayName: Release
- task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
displayName: 📒 Generate Manifest
inputs:
BuildDropPath: $(System.DefaultWorkingDirectory)
- task: PublishPipelineArtifact@1
displayName: 📒 Publish Manifest
inputs:
artifactName: SBom-$(System.JobAttempt)
targetPath: $(System.DefaultWorkingDirectory)/_manifest
- template: ./steps/pierce-ado-npm-mirror-cache.yml
parameters:
adoNpmFeedPat: $(adoNpmFeedPat)
adoNpmFeedBaseUrl: $(adoNpmFeedBaseUrl)
parameters:
sdl:
sourceAnalysisPool:
name: Azure-Pipelines-1ESPT-ExDShared
image: windows-2022
os: windows
stages:
- stage: release
variables:
# OPTIONAL: Set this varibale to 'true' to enable signing in a target stage.
# Remove if signing is not required.
Build.ESRP.CodeSign.Enabled: true
# OPTIONAL: To disable required tools not applicable in the pipeline set to false.
# Supported values: BinSkim, Roslyn, ESLint, PREFast.
Build.SDL.<Roslyn>.Enabled: false
Build.SDL.<ESLint>.Enabled: true
jobs:
- job: Release
variables:
- group: oss-secrets
pool:
name: Azure-Pipelines-1ESPT-ExDShared
image: ubuntu-latest
os: linux
steps:
- script: yarn
displayName: yarn
- script: |
yarn ci
displayName: build and test [test]
- script: |
git config user.email "[email protected]"
git config user.name "Graphitation Service Account"
git remote set-url origin https://gql-svc:$(ossGithubPAT)@github.com/microsoft/nova-facade.git
displayName: Configure git for release
- script: yarn release -y -n $(ossNpmToken) --access public
displayName: Release
- task: 1ES.PublishPipelineArtifact@1
displayName: 📒 Publish Manifest
inputs:
artifactName: SBom-$(System.JobAttempt)
targetPath: $(System.DefaultWorkingDirectory)/_manifest
- template: .azure-devops/steps/pierce-ado-npm-mirror-cache.yml@self
parameters:
adoNpmFeedPat: $(adoNpmFeedPat)
adoNpmFeedBaseUrl: $(adoNpmFeedBaseUrl)
46 changes: 0 additions & 46 deletions .azure-devops/steps/compliance-steps.yml

This file was deleted.

12 changes: 0 additions & 12 deletions .azure-devops/steps/service-tree.yml

This file was deleted.

0 comments on commit ffc2f10

Please sign in to comment.