-
Notifications
You must be signed in to change notification settings - Fork 19
/
azure-pipelines-pr.yml
121 lines (105 loc) · 4.26 KB
/
azure-pipelines-pr.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
trigger: none
pr:
branches:
include:
- main
- production
stages:
- stage: GitHub_Issue_Verification
displayName: GitHub Issue Verification
condition: and(eq(variables['Build.Reason'], 'PullRequest'), notIn(variables['System.PullRequest.TargetBranch'], 'refs/heads/production', 'production'), notIn(variables['System.PullRequest.SourceBranch'], 'refs/heads/production', 'production'))
jobs:
- job: VerifyGitHubIssue
displayName: Verify GitHub Issue Link included in all PRs
pool:
vmImage: 'windows-latest'
steps:
- checkout: self
- powershell: eng/enforce-issue.ps1 -PullRequestNumber $(System.PullRequest.PullRequestNumber) -RepositoryName $(Build.Repository.Name)
displayName: Enforce GitHub issue link presence
- stage: build
dependsOn: []
displayName: Build
jobs:
- template: /eng/common/templates/jobs/jobs.yml
parameters:
enableMicrobuild: false
enablePublishBuildArtifacts: true
enablePublishTestResults: false
enablePublishBuildAssets: false
enablePublishUsingPipelines: false
enableTelemetry: true
jobs:
- job: Windows_NT
timeoutInMinutes: 90
pool:
${{ if eq(variables['System.TeamProject'], 'internal')}}:
name: NetCore1ESPool-Internal
demands: ImageOverride -equals 1es-windows-2019
${{ if eq(variables['System.TeamProject'], 'public')}}:
name: NetCore-Public
demands: ImageOverride -equals 1es-windows-2019-open
strategy:
matrix:
# Only build debug in non-official builds
${{ if or(eq(variables['System.TeamProject'], 'public'), in(variables['Build.Reason'], 'PullRequest')) }}:
debug_configuration:
_BuildConfig: Debug
_PublishType: none
_SignType: test
_DotNetPublishToBlobFeed : false
release_configuration:
_BuildConfig: Release
# PRs or external builds are not signed.
${{ if or(eq(variables['System.TeamProject'], 'public'), in(variables['Build.Reason'], 'PullRequest')) }}:
_PublishType: none
_SignType: test
_DotNetPublishToBlobFeed : false
steps:
- checkout: self
clean: true
- task: UseDotNet@2
displayName: Install Correct .NET Version
inputs:
useGlobalJson: true
- task: UseDotNet@2
displayName: Install .NET 6
inputs:
version: 6.x
- task: NuGetToolInstaller@0
inputs:
versionSpec: 6.1.x
- task: NodeTool@0
inputs:
versionSpec: 12.x
- task: NuGetCommand@2
displayName: Restore Packages
inputs:
command: restore
solution: "**/*.sln"
feedstoUse: config
- powershell: eng\set-version-parameters.ps1
displayName: Calculate release version variables
- powershell: |
[xml]$manifest = Get-Content src\Telemetry\TelemetryApplication\ApplicationPackageRoot\ApplicationManifest.xml
$manifest.SelectSingleNode("/*[local-name()='ApplicationManifest']/*[local-name()='Policies']").RemoveAll()
$manifest.SelectSingleNode("/*[local-name()='ApplicationManifest']/*[local-name()='Principals']").RemoveAll()
$manifest.Save("src\Telemetry\TelemetryApplication\ApplicationPackageRoot\ApplicationManifest.xml")
git diff
displayName: Remove Service Fabric RunAsPolicy from TelemetryApplication
- script: eng\common\cibuild.cmd
-configuration $(_BuildConfig)
-prepareMachine
/p:Test=false
/P:Sign=false
name: Build
displayName: Build / Publish
condition: succeeded()
- powershell: |
$manifestArgs = @()
Get-ChildItem .vault-config/*.yaml |% {
$manifestArgs += @("-m", $_.FullName)
}
dotnet run --project src/SecretManager/Microsoft.DncEng.SecretManager -- validate-all -b src @manifestArgs
displayName: Verify Secret Usages
- template: /eng/test.yaml