diff --git a/.azure-pipelines/ci-build.yml b/.azure-pipelines/ci-build.yml index 898c03946a..859a534df2 100644 --- a/.azure-pipelines/ci-build.yml +++ b/.azure-pipelines/ci-build.yml @@ -206,12 +206,12 @@ extends: - task: EsrpCodeSigning@5 displayName: "ESRP CodeSigning" inputs: - ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection' - AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8' - AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2' - AuthAKVName: 'akv-prod-eastus' - AuthCertName: 'ReferenceLibraryPrivateCert' - AuthSignCertName: 'ReferencePackagePublisherCertificate' + ConnectedServiceName: "Federated DevX ESRP Managed Identity Connection" + AppRegistrationClientId: "65035b7f-7357-4f29-bf25-c5ee5c3949f8" + AppRegistrationTenantId: "cdc5aeea-15c5-4db6-b079-fcadd2505dc2" + AuthAKVName: "akv-prod-eastus" + AuthCertName: "ReferenceLibraryPrivateCert" + AuthSignCertName: "ReferencePackagePublisherCertificate" FolderPath: '$(Build.SourcesDirectory)\src' signConfigType: inlineSignParams UseMinimatch: true @@ -281,12 +281,12 @@ extends: - task: EsrpCodeSigning@5 displayName: "ESRP CodeSigning Nuget Packages" inputs: - ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection' - AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8' - AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2' - AuthAKVName: 'akv-prod-eastus' - AuthCertName: 'ReferenceLibraryPrivateCert' - AuthSignCertName: 'ReferencePackagePublisherCertificate' + ConnectedServiceName: "Federated DevX ESRP Managed Identity Connection" + AppRegistrationClientId: "65035b7f-7357-4f29-bf25-c5ee5c3949f8" + AppRegistrationTenantId: "cdc5aeea-15c5-4db6-b079-fcadd2505dc2" + AuthAKVName: "akv-prod-eastus" + AuthCertName: "ReferenceLibraryPrivateCert" + AuthSignCertName: "ReferencePackagePublisherCertificate" FolderPath: "$(Build.ArtifactStagingDirectory)" UseMinimatch: true Pattern: "*.nupkg" @@ -401,12 +401,12 @@ extends: - task: EsrpCodeSigning@5 condition: and(succeeded(), startsWith('${{ distribution.architecture }}', 'win')) inputs: - ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection' - AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8' - AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2' - AuthAKVName: 'akv-prod-eastus' - AuthCertName: 'ReferenceLibraryPrivateCert' - AuthSignCertName: 'ReferencePackagePublisherCertificate' + ConnectedServiceName: "Federated DevX ESRP Managed Identity Connection" + AppRegistrationClientId: "65035b7f-7357-4f29-bf25-c5ee5c3949f8" + AppRegistrationTenantId: "cdc5aeea-15c5-4db6-b079-fcadd2505dc2" + AuthAKVName: "akv-prod-eastus" + AuthCertName: "ReferenceLibraryPrivateCert" + AuthSignCertName: "ReferencePackagePublisherCertificate" FolderPath: $(Build.ArtifactStagingDirectory)/binaries/${{ distribution.architecture }} signConfigType: inlineSignParams UseMinimatch: true @@ -469,12 +469,12 @@ extends: timeoutInMinutes: 15 retryCountOnTaskFailure: 4 inputs: - ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection' - AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8' - AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2' - AuthAKVName: 'akv-prod-eastus' - AuthCertName: 'ReferenceLibraryPrivateCert' - AuthSignCertName: 'ReferencePackagePublisherCertificate' + ConnectedServiceName: "Federated DevX ESRP Managed Identity Connection" + AppRegistrationClientId: "65035b7f-7357-4f29-bf25-c5ee5c3949f8" + AppRegistrationTenantId: "cdc5aeea-15c5-4db6-b079-fcadd2505dc2" + AuthAKVName: "akv-prod-eastus" + AuthCertName: "ReferenceLibraryPrivateCert" + AuthSignCertName: "ReferencePackagePublisherCertificate" FolderPath: $(Build.ArtifactStagingDirectory)/binaries signConfigType: inlineSignParams UseMinimatch: true @@ -501,12 +501,12 @@ extends: timeoutInMinutes: 15 retryCountOnTaskFailure: 4 inputs: - ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection' - AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8' - AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2' - AuthAKVName: 'akv-prod-eastus' - AuthCertName: 'ReferenceLibraryPrivateCert' - AuthSignCertName: 'ReferencePackagePublisherCertificate' + ConnectedServiceName: "Federated DevX ESRP Managed Identity Connection" + AppRegistrationClientId: "65035b7f-7357-4f29-bf25-c5ee5c3949f8" + AppRegistrationTenantId: "cdc5aeea-15c5-4db6-b079-fcadd2505dc2" + AuthAKVName: "akv-prod-eastus" + AuthCertName: "ReferenceLibraryPrivateCert" + AuthSignCertName: "ReferencePackagePublisherCertificate" FolderPath: $(Build.ArtifactStagingDirectory)/binaries signConfigType: inlineSignParams UseMinimatch: true @@ -562,12 +562,12 @@ extends: inputs: versionSpec: "18.x" - ${{ each distribution in parameters.distributions }}: - - task: DownloadPipelineArtifact@2 - displayName: Download ${{ distribution.jobPrefix }} binaries from artifacts - inputs: - artifact: Binaries_${{ distribution.jobPrefix }} - source: current - targetPath: $(Build.ArtifactStagingDirectory)/Binaries + - task: DownloadPipelineArtifact@2 + displayName: Download ${{ distribution.jobPrefix }} binaries from artifacts + inputs: + artifact: Binaries_${{ distribution.jobPrefix }} + source: current + targetPath: $(Build.ArtifactStagingDirectory)/Binaries - pwsh: $(Build.SourcesDirectory)/scripts/get-prerelease-version.ps1 -currentBranch $(Build.SourceBranch) -previewBranch ${{ parameters.previewBranch }} displayName: "Set version suffix" - pwsh: $(Build.SourcesDirectory)/scripts/get-version-from-csproj.ps1 @@ -599,19 +599,19 @@ extends: workingDirectory: $(Build.SourcesDirectory)/vscode/microsoft-kiota name: getExtensionFileName - script: vsce generate-manifest -i $(getExtensionFileName.extensionFileName).vsix -o $(getExtensionFileName.extensionFileName).manifest - displayName: 'Generate extension manifest' + displayName: "Generate extension manifest" workingDirectory: $(Build.SourcesDirectory)/vscode/microsoft-kiota - script: cp $(getExtensionFileName.extensionFileName).manifest $(getExtensionFileName.extensionFileName).signature.p7s - displayName: 'Prepare manifest for signing' + displayName: "Prepare manifest for signing" workingDirectory: $(Build.SourcesDirectory)/vscode/microsoft-kiota - task: EsrpCodeSigning@5 inputs: - ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection' - AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8' - AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2' - AuthAKVName: 'akv-prod-eastus' - AuthCertName: 'ReferenceLibraryPrivateCert' - AuthSignCertName: 'ReferencePackagePublisherCertificate' + ConnectedServiceName: "Federated DevX ESRP Managed Identity Connection" + AppRegistrationClientId: "65035b7f-7357-4f29-bf25-c5ee5c3949f8" + AppRegistrationTenantId: "cdc5aeea-15c5-4db6-b079-fcadd2505dc2" + AuthAKVName: "akv-prod-eastus" + AuthCertName: "ReferenceLibraryPrivateCert" + AuthSignCertName: "ReferencePackagePublisherCertificate" FolderPath: $(Build.SourcesDirectory)/vscode/microsoft-kiota UseMinimatch: true Pattern: '**\*.signature.p7s' @@ -630,7 +630,7 @@ extends: MaxConcurrency: 25 MaxRetryAttempts: 5 PendingAnalysisWaitTimeoutMinutes: 5 - displayName: 'Sign extension' + displayName: "Sign extension" - task: CopyFiles@2 displayName: Prepare staging folder for upload inputs: @@ -682,7 +682,7 @@ extends: inputs: azureSubscription: "kiota-vscode-marketplace-publish" scriptType: "pscore" - scriptLocation: 'inlineScript' + scriptLocation: "inlineScript" inlineScript: | $aadToken = az account get-access-token --query accessToken --resource 499b84ac-1321-427f-aa17-267ca6975798 -o tsv Get-ChildItem -Path $(Pipeline.Workspace) -Filter *.vsix -Recurse | ForEach-Object { @@ -707,6 +707,15 @@ extends: os: linux image: ubuntu-latest templateContext: + type: releaseJob + isProduction: true + inputs: + - input: pipelineArtifact + artifactName: VSCode + targetPath: "$(Pipeline.Workspace)" + - input: pipelineArtifact + artifactName: Nugets + targetPath: "$(Pipeline.Workspace)" sdl: baseline: baselineFile: $(Build.SourcesDirectory)/guardian/SDL/common/.gdnbaselines @@ -723,19 +732,11 @@ extends: clean: true submodules: true - ${{ each distribution in parameters.distributions }}: - - task: DownloadPipelineArtifact@2 - displayName: Download ${{ distribution.jobPrefix }} binaries from artifacts - inputs: - artifact: Binaries_${{ distribution.jobPrefix }} - source: current - - task: DownloadPipelineArtifact@2 - inputs: - artifact: VSCode - source: current - - task: DownloadPipelineArtifact@2 - inputs: - artifact: Nugets - source: current + - task: DownloadPipelineArtifact@2 + displayName: Download ${{ distribution.jobPrefix }} binaries from artifacts + inputs: + artifact: Binaries_${{ distribution.jobPrefix }} + source: current - pwsh: $(Build.SourcesDirectory)/scripts/get-prerelease-version.ps1 -currentBranch $(Build.SourceBranch) -previewBranch ${{ parameters.previewBranch }} displayName: "Set version suffix" - pwsh: $(Build.SourcesDirectory)/scripts/get-version-from-csproj.ps1 @@ -779,6 +780,13 @@ extends: isPreRelease: true - deployment: deploy_kiota + templateContext: + type: releaseJob + isProduction: true + inputs: + - input: pipelineArtifact + artifactName: Nugets + targetPath: "$(Pipeline.Workspace)" pool: name: Azure-Pipelines-1ESPT-ExDShared os: linux @@ -790,11 +798,6 @@ extends: deploy: steps: - download: none - - task: DownloadPipelineArtifact@2 - displayName: Download nupkg from artifacts - inputs: - artifact: Nugets - source: current - powershell: | Remove-Item "$(Pipeline.Workspace)/Microsoft.OpenApi.Kiota.Builder.*.nupkg" -Verbose displayName: remove other nupkgs to avoid duplication @@ -802,11 +805,18 @@ extends: displayName: "NuGet push" inputs: packagesToPush: "$(Pipeline.Workspace)/Microsoft.OpenApi.Kiota.*.nupkg" - packageParentPath: '$(Pipeline.Workspace)' + packageParentPath: "$(Pipeline.Workspace)" nuGetFeedType: external publishFeedCredentials: "OpenAPI Nuget Connection" - deployment: deploy_builder + templateContext: + type: releaseJob + isProduction: true + inputs: + - input: pipelineArtifact + artifactName: Nugets + targetPath: "$(Pipeline.Workspace)" pool: name: Azure-Pipelines-1ESPT-ExDShared os: linux @@ -818,11 +828,6 @@ extends: deploy: steps: - download: none - - task: DownloadPipelineArtifact@2 - displayName: Download nupkg from artifacts - inputs: - artifact: Nugets - source: current - powershell: | Remove-Item "$(Pipeline.Workspace)/Microsoft.OpenApi.Kiota.*.nupkg" -Verbose -Exclude "*.Builder.*" displayName: remove other nupkgs to avoid duplication @@ -830,6 +835,6 @@ extends: displayName: "NuGet push" inputs: packagesToPush: "$(Pipeline.Workspace)/Microsoft.OpenApi.Kiota.Builder.*.nupkg" - packageParentPath: '$(Pipeline.Workspace)' + packageParentPath: "$(Pipeline.Workspace)" nuGetFeedType: external publishFeedCredentials: "OpenAPI Nuget Connection"