Releases: microsoft/mu_devops
v9.1.5
What's Changed
-
Use cargo-binstall to sync rust tool versions @Javagedes (#319)
Change Details
Update RustSetupSteps to download cargo-binstall and use it to download all other rust tools. This is to make it easy for CI to pass the updated RustEnvironmentCheck (https://github.com/microsoft/mu_basecore/pull/737) by downloading the exact tool versions as specified in the rust-toolchain.toml file.
-
Change NuGetAuthenticate task to version 1. @apop5 (#296)
Change Details
Need to switch mu_devops to use NuGetAuthenticate@1 tasks. NuGetAuthenticate@0 is being depreciated, in some pipelines, starting 2024.01.31.
https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/reference/nuget-authenticate-v0?view=azure-pipelines
https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/reference/nuget-authenticate-v1?view=azure-pipelinesFixes #289
-
Add pipeline to cache cargo binstall @Javagedes (#318)
Change Details
Adds a pipeline to cache cargo binstall.
Adds
.tgz(short for.tar.gz) support to the DownloadCargoBinaryFromGitHub.py script. Also fixes a logic error in the conditional that decides which assets to download.See successful pipeline run: https://dev.azure.com/projectmu/mu/_build/results?buildId=64211&view=logs&j=402df595-8a03-57d0-41e1-0654a1932349
Full Changelog: v9.1.4...v9.1.5
Contributors
Assets 2
v9.1.4
What's Changed
-
.sync/workflows/codeql-platform: Update irrelevant plugin removal dir [Rebase \& FF] @makubacki (#317)
Change Details
Two commits. One to prepare `codeql-platform.yml` for 202311 and the other to expand contextual comments in both CodeQL workflow files.
.sync/workflows/codeql-platform: Update irrelevant plugin removal dir
Updates the directory used for irrelevant plugin removal in this
workflow to match codeql.yml which using the pytool directory rather
than the directory the CodeQL plugin is found in.This is important because the CodeQL plugin moved from .pytool to
BaseTools in Mu release 202311 so the plugin dir needs to be fixed
rather than relative to the CodeQL plugin location.
.sync/workflows/codeql: Add more inline documentation
Updates and adds some additional comments to the CodeQL workflow
files to give better context.
Full Changelog: v9.1.3...v9.1.4
Contributors
Assets 2
v9.1.3
What's Changed
-
Introduce extra\_build\_args to Jobs/PrGate.yml. Move extra\_install\_steps to after stuart\_update call. @apop5 (#292)
Change Details
extra_install_step is moved to after stuart_update.
extra_install_steps can be used to pass a call to another stuart_update to include the --codeql parameter.
-
.sync/Version.njk: Update Ubuntu container image @makubacki (#316)
Change Details
Update the Ubuntu build container to an image that includes Rust 1.74.
-
Update Version.njk for release @Javagedes (#313)
Change Details
Updates the mu_devops version in Version.njk to 9.1.2 in preparation for a 9.1.2 release of mu_devops that will be sync'd.
Full Changelog: v9.1.2...v9.1.3
Contributors
Assets 2
v9.1.2
What's Changed
-
.sync/Version.njk: Update to Rust 1.74 @makubacki (#310)
Change Details
Routine update to keep current.
-
.sync/version.njk: Update latest Mu branch to 202311 @makubacki (#309)
Change Details
Updates the latest and previous branches to 202311 and 202308.
Also updates references to 202302 throughout the repo to prevent the
examples from getting too stale over time.
Full Changelog: v9.1.1...v9.1.2
Contributors
Assets 2
v9.1.1
What's Changed
-
GitHub Action: Bump robinraju/release-downloader from 1.8 to 1.9 @makubacki (#307)
Change Details
Updates the CodeQL workflows to match the latest version that is being updated by dependabot in relevant repos.
Release notes
Sourced from robinraju/release-downloader's releases.
Release Downloader v1.9
What's Changed
- Correct minor typo in extract action input by
@philostlerin robinraju/release-downloader#666 - Fix broken link to CI status badge on README by
@robinrajuin robinraju/release-downloader#672 - Upgrade node runtime to v20 by
@xelarisin robinraju/release-downloader#673 - Add release name to output variable by
@robinrajuin robinraju/release-downloader#677 - Throw error when a release with no assets are obtained by
@robinrajuin robinraju/release-downloader#678 - Download latest pre-release by
@robinrajuin robinraju/release-downloader#679
Dependancy Updates
- Update dependencies by
@robinrajuin robinraju/release-downloader#671 - Bump
@types/nodefrom 20.9.4 to 20.11.8 by@dependabotin robinraju/release-downloader#674 - Bump
@typescript-eslint/parserfrom 6.12.0 to 6.19.1 by@dependabotin robinraju/release-downloader#675 - Bump eslint from 8.54.0 to 8.56.0 by
@dependabotin robinraju/release-downloader#676
New Contributors
@philostlermade their first contribution in robinraju/release-downloader#666@xelarismade their first contribution in robinraju/release-downloader#673
Full Changelog: robinraju/release-downloader@v1.8...v1.9
Commits
368754bDownload latest prerelease (#679)52c0768Throw error when a release with no assets are obtained (#678)a3ec587Add release name to output variable (#677)216d90dBump eslint from 8.54.0 to 8.56.0 (#676)f70dc82Bump@typescript-eslint/parserfrom 6.12.0 to 6.19.1 (#675)6dd543bBump@types/nodefrom 20.9.4 to 20.11.8 (#674)63ce2a8Upgrade node runtime to v20 (#673)50f312fFix broken link to CI status badge on README (#672)56fac71Update dependencies (#671)0ef9efaCorrect minor typo in extract action input (#666)- Additional commits viewable in compare view
- Correct minor typo in extract action input by
🔐 Security Impacting
-
workflows: Add permissions. @Javagedes (#305)
Change Details
Add permissions to the workflows across mu_devops. This includes the workflows sync'd across repositories, and workflows used in mu_devops itself.
With MU_BASECORE's Settings -> Code and automation -> Actions -> General -> Workflow permissions set to "Read repository contents and packages permissions" selected, I had no failures, with the following tested:
.github/workflows
- AutoMerger.yml - Untested
- FileSyncer.yml - Tested
- IssueAssignment.yml - Tested
- IssueTriager.yml - Tested
- LabelSyncer.yml - Tested
- Labeler.yml - Tested
- ReleaseDrafter.yml - Tested
.sync/workflows/leaf
- auto-approve.yml - Untested
- auto-merge.yml - Untested
- issue-assignment.yml - Tested through IssueAssignment.yml
- label-issues.yml - Tested through Labeler.yml
- label-sync.yml - Tested through LabelSyncer.yml
- pull-request-formatting-validator.yml - Tested Directly
- release-draft.yml - Tested through ReleaseDrafter.yml
- scheduled-maintenance.yml - Tested Directly
- stale.yml - Tested Directly
- submodule-release-update.yml - Untested
- triage-issues.yml - Tested
Full Changelog: v9.1.0...v9.1.1
Contributors
Assets 2
v9.1.0
What's Changed
-
.sync/workflows/codeql: Always remove plugins in .pytools @kenlautner (#302)
Change Details
With the CodeQL plugin moving to BaseTools (from .pytool) starting in release/202311, update the workflow to always remove unnecessary plugins (that slow down the workflow) in .pytools as opposed to relative the CodeQL plugin path.
-
.sync/workflows/codeql: Update sync action to v4 @makubacki (#301)
Change Details
Matches the latest version being propagated by dependabot.
🚀 Features & ✨ Enhancements
-
.sync/workflows/leaf/codeql.yml: Update CodeQL plugin from .pytool to BaseTools @makubacki (#299)
Change Details
The CodeQL plugin moved from .pytool to BaseTools in the Mu Basecore 202311 update. This change first looks for the plugin in BaseTools and falls back to the prior .pytool location if it is not found for backward compatibility with some earlier release branches that have not picked up the change.
Eventually, the .pytool fallback can be removed.
Issue to track removal of the fallback: #300
🐛 Bug Fixes
-
Fix issue with .pytool/Plugin removal which was introduced with the latest codeql.yml change. @kenlautner (#303)
Change Details
The latest codeql.yml change updated the cleanup step to find .pytool/Plugin folder directly instead of using a relevant path form the CodeQL plugin directory.
That change didn't take into account how all branches from release/202302 and older have the .pytool/Plugin version of CodeQL and was deleting all plugins in .pytool besides CompilerPlugin. This change excludes the CodeQL plugin if it exists as well.
Full Changelog: v9.0.6...v9.1.0
Contributors
Assets 2
v9.0.6
What's Changed
-
Rust: Makefile.toml: Add Feature flag support @Javagedes (#298)
Change Details
Adds additional environment variables to the Makefile.toml to set features when building.
setting the variable
FEATURESwill translate to passing--features <features>to the underlying build command.
Full Changelog: v9.0.5...v9.0.6
Contributors
Assets 2
v9.0.5
What's Changed
-
.sync/workflows/leaf: CodeQL workflow changes for upload-artifact v4 @makubacki (#291)
Change Details
Two key new restrictions:
- No more than 10 artifacts per job in a workflow run.
- It is no longer possible to upload to the same named artifact
multiple times.
These workflows can easily split their artifacts up under the 10
artifact limit while also not uploading to the same named artifact
in the process.Full Changelog: v9.0.4...v9.0.5
Contributors
Assets 2
v9.0.4
What's Changed
-
Bump setup-python action from v4 to v5 in sync files @makubacki (#288)
Change Details
Updates the sync files to use v5 so they will match the latest files updated by dependabot in the synced repo. Also updates the version in the file in the submodule-release-updater action.
Full Changelog: v9.0.3...v9.0.4
Contributors
Assets 2
v9.0.3
What's Changed
-
Start file sync for secureboot\_objects repo @apop5 (#285)
Change Details
Adding a first pass of filesync for the secureboot_objects repo.
@makubacki @Flickdm
Please verify that all necessary files are being sycned in this PR.
Full Changelog: v9.0.2...v9.0.3
