From 9d956d9c009d15eb63416137dfb2a84d03f26638 Mon Sep 17 00:00:00 2001 From: Dan Vouaux Date: Mon, 5 Feb 2024 14:46:25 -0800 Subject: [PATCH 1/8] Convert Bases Image pipelines to 1ES Template --- .../templates/_buildimageBasesJobTemplate.yml | 146 ++++++++++-------- 1 file changed, 83 insertions(+), 63 deletions(-) diff --git a/vsts/pipelines/templates/_buildimageBasesJobTemplate.yml b/vsts/pipelines/templates/_buildimageBasesJobTemplate.yml index 701537907a..f27d7c4986 100644 --- a/vsts/pipelines/templates/_buildimageBasesJobTemplate.yml +++ b/vsts/pipelines/templates/_buildimageBasesJobTemplate.yml @@ -1,71 +1,91 @@ -parameters: - displayName: '' - imageDir: '' - imageDebianFlavor: '' - scriptPath: '' - artifactsFileName: '' - jobName: '' +# trigger: none -jobs: -- job: ${{ parameters.jobName }} - displayName: ${{ parameters.displayName }} - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - timeoutInMinutes: 250 - steps: - - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' +# The `resources` specify the location and version of the 1ES PT. +resources: + repositories: + - repository: 1esPipelines + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release - - task: ShellScript@2 - displayName: Build images - inputs: - scriptPath: ${{ parameters.scriptPath }} - args: ${{ parameters.imageDir }} ${{ parameters.imageDebianFlavor }} - env: - ORYX_SDK_STORAGE_ACCOUNT_ACCESS_TOKEN: $(ORYX-SDK-STAGING-PRIVATE-SAS-TOKEN) - DOTNET_PRIVATE_STORAGE_ACCOUNT_ACCESS_TOKEN: $(DotnetPrivateStorageAccountAccessToken) +extends: + # The pipeline extends the 1ES PT which will inject different SDL and compliance tasks. + # For non-production pipelines, use "Unofficial" as defined below. + # For productions pipelines, use "Official". + template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines + parameters: + # Update the pool with your team's 1ES hosted pool. + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant # Name of the image in your pool. If not specified, first image of the pool is used + os: linux # OS of the image. Allowed values: windows, linux, macOS - - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: Generate Software Bill of Materials (SBOM) - inputs: - BuildDropPath: '$(Build.ArtifactStagingDirectory)' - AdditionalComponentDetectorArgs: '--DirectoryExclusionList **/SampleApps/**' + stages: + - stage: Stage + jobs: + - job: HostJob + timeoutInMinutes: 250 + # If the pipeline publishes artifacts, use `templateContext` to define the artifacts. + # This will enable 1ES PT to run SDL analysis tools on the artifacts and then upload them. + templateContext: + outputs: + - output: pipelineArtifact + targetPath: $(Build.ArtifactStagingDirectory) + artifactName: buildImageBasesJobArtifact + # Define the steps that the pipeline will run. + # In most cases, copy and paste the steps from the original pipeline. + steps: + - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 + displayName: 'Component Detection - OSS Compliance' + inputs: + ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - task: CopyFiles@2 - displayName: Copy artifacts to staging directory - inputs: - sourceFolder: '$(Build.SourcesDirectory)/artifacts' - contents: '**/*.*' - targetFolder: $(Build.ArtifactStagingDirectory) - overWrite: true - condition: true + - task: ShellScript@2 + displayName: Build images + inputs: + scriptPath: ${{ parameters.scriptPath }} + args: ${{ parameters.imageDir }} ${{ parameters.imageDebianFlavor }} + env: + ORYX_SDK_STORAGE_ACCOUNT_ACCESS_TOKEN: $(ORYX-SDK-STAGING-PRIVATE-SAS-TOKEN) + DOTNET_PRIVATE_STORAGE_ACCOUNT_ACCESS_TOKEN: $(DotnetPrivateStorageAccountAccessToken) - - task: Docker@1 - displayName: Push built base images to dev ACR - inputs: - command: push - azureSubscriptionEndpoint: $(ascName) - azureContainerRegistry: $(acrName) - pushMultipleImages: true - imageNamesPath: '$(Build.ArtifactStagingDirectory)/images/${{ parameters.artifactsFileName }}' - enforceDockerNamingConvention: false + - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 + displayName: Generate Software Bill of Materials (SBOM) + inputs: + BuildDropPath: '$(Build.ArtifactStagingDirectory)' + AdditionalComponentDetectorArgs: '--DirectoryExclusionList **/SampleApps/**' - - task: ShellScript@2 - displayName: 'Clean up Docker containers and images' - inputs: - scriptPath: ./vsts/scripts/cleanDocker.sh + - task: CopyFiles@2 + displayName: Copy artifacts to staging directory + inputs: + sourceFolder: '$(Build.SourcesDirectory)/artifacts' + contents: '**/*.*' + targetFolder: $(Build.ArtifactStagingDirectory) + overWrite: true + condition: true - - task: PublishBuildArtifacts@1 - displayName: Publish build artifacts - inputs: - pathtoPublish: $(Build.ArtifactStagingDirectory) + - task: Docker@1 + displayName: Push built base images to dev ACR + inputs: + command: push + azureSubscriptionEndpoint: $(ascName) + azureContainerRegistry: $(acrName) + pushMultipleImages: true + imageNamesPath: '$(Build.ArtifactStagingDirectory)/images/${{ parameters.artifactsFileName }}' + enforceDockerNamingConvention: false - - task: ShellScript@2 - displayName: 'Clean up Docker containers and images' - inputs: - scriptPath: ./vsts/scripts/cleanDocker.sh - condition: true + - task: ShellScript@2 + displayName: 'Clean up Docker containers and images' + inputs: + scriptPath: ./vsts/scripts/cleanDocker.sh + + - task: PublishBuildArtifacts@1 + displayName: Publish build artifacts + inputs: + pathtoPublish: $(Build.ArtifactStagingDirectory) + + - task: ShellScript@2 + displayName: 'Clean up Docker containers and images' + inputs: + scriptPath: ./vsts/scripts/cleanDocker.sh + condition: true \ No newline at end of file From e3641833b16727c8fd1bf86661591bc4bfa233cd Mon Sep 17 00:00:00 2001 From: Dan Vouaux Date: Thu, 21 Mar 2024 19:52:54 -0700 Subject: [PATCH 2/8] Update node --- vsts/pipelines/PlatformBinaries/node.yml | 182 +++++++++++------------ 1 file changed, 89 insertions(+), 93 deletions(-) diff --git a/vsts/pipelines/PlatformBinaries/node.yml b/vsts/pipelines/PlatformBinaries/node.yml index 906b086d40..172cb39b14 100644 --- a/vsts/pipelines/PlatformBinaries/node.yml +++ b/vsts/pipelines/PlatformBinaries/node.yml @@ -1,95 +1,3 @@ -variables: - - group: Oryx - -parameters: -- name: destinationStorageAccountName - displayName: Destination Storage Account Name - type: string - default: oryxsdksstaging - -stages: -- stage: Build - jobs: - - job: Node_Bookworm - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'nodejs' - debianFlavor: 'bookworm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Node_Bullseye - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'nodejs' - debianFlavor: 'bullseye' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Node_Buster - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'nodejs' - debianFlavor: 'buster' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Node_Stretch - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'nodejs' - debianFlavor: 'stretch' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Node_Ubuntu - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'nodejs' - debianFlavor: 'focal-scm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - -- stage: Release - dependsOn: Build - jobs: - - job: Publish_Platform_Binaries - timeoutInMinutes: 250 - displayName: Publish to Azure Blob Storage - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesReleaseTemplate.yml - parameters: - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - trigger: batch: true branches: @@ -100,4 +8,92 @@ trigger: - /* include: - platforms/nodejs - - vsts/PlatformBinaries/node.yml \ No newline at end of file + - vsts/PlatformBinaries/node.yml + +# The `resources` specify the location and version of the 1ES PT. +resources: + repositories: + - repository: 1esPipelines + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release + +variables: + - group: Oryx + +extends: + # The pipeline extends the 1ES PT which will inject different SDL and compliance tasks. + # For non-production pipelines, use "Unofficial" as defined below. + # For productions pipelines, use "Official". + template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines + parameters: + # Update the pool with your team's 1ES hosted pool. + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant # Name of the image in your pool. If not specified, first image of the pool is used + os: linux # OS of the image. Allowed values: windows, linux, macOS + + # - name: destinationStorageAccountName + # displayName: Destination Storage Account Name + # type: string + # default: oryxsdksstaging + + stages: + - stage: Build + jobs: + - job: Node_Bookworm + timeoutInMinutes: 250 + steps: + - template: ../templates/_platformBinariesTemplate.yml + parameters: + platformName: 'nodejs' + debianFlavor: 'bookworm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + + - job: Node_Bullseye + timeoutInMinutes: 250 + steps: + - template: ../templates/_platformBinariesTemplate.yml + parameters: + platformName: 'nodejs' + debianFlavor: 'bullseye' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + + - job: Node_Buster + timeoutInMinutes: 250 + steps: + - template: ../templates/_platformBinariesTemplate.yml + parameters: + platformName: 'nodejs' + debianFlavor: 'buster' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + + - job: Node_Stretch + timeoutInMinutes: 250 + steps: + - template: ../templates/_platformBinariesTemplate.yml + parameters: + platformName: 'nodejs' + debianFlavor: 'stretch' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + + - job: Node_Ubuntu + timeoutInMinutes: 250 + pool: + steps: + - template: ../templates/_platformBinariesTemplate.yml + parameters: + platformName: 'nodejs' + debianFlavor: 'focal-scm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + + - stage: Release + dependsOn: Build + jobs: + - job: Publish_Platform_Binaries + timeoutInMinutes: 250 + displayName: Publish to Azure Blob Storage + steps: + - template: ../templates/_platformBinariesReleaseTemplate.yml + parameters: + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' \ No newline at end of file From 44b12adadc6436c31e33e9a145234d87ab569cb4 Mon Sep 17 00:00:00 2001 From: Dan Vouaux Date: Thu, 21 Mar 2024 20:09:46 -0700 Subject: [PATCH 3/8] Update node --- vsts/pipelines/baseImages/dotnetcore.yml | 99 ++-- vsts/pipelines/baseImages/node.yml | 95 +-- vsts/pipelines/baseImages/php-fpm.yml | 80 +-- vsts/pipelines/baseImages/php.yml | 80 +-- vsts/pipelines/ci.yml | 556 +++++++++--------- vsts/pipelines/templates/_buildTemplate.yml | 83 +-- vsts/pipelines/templates/_builderTemplate.yml | 29 +- .../templates/_buildimageBasesJobTemplate.yml | 131 ++--- .../templates/_integrationJobTemplate.yml | 26 +- .../_releaseBaseImagesStepTemplate.yml | 19 +- .../templates/_releaseJobTemplate.yml | 30 +- .../templates/_releaseStepTemplate.yml | 58 +- vsts/pipelines/templates/_securityChecks.yml | 43 -- vsts/pipelines/templates/_setReleaseTag.yml | 1 - vsts/pipelines/templates/_signBinary.yml | 39 +- .../_dotnetcoreIntegrationJobTemplate.yml | 94 +-- .../_golangIntegrationJobTemplate.yml | 74 +-- .../_nodeIntegrationJobTemplate.yml | 90 +-- .../_phpIntegrationJobTemplate.yml | 82 +-- .../_pythonIntegrationJobTemplate.yml | 94 +-- 20 files changed, 800 insertions(+), 1003 deletions(-) diff --git a/vsts/pipelines/baseImages/dotnetcore.yml b/vsts/pipelines/baseImages/dotnetcore.yml index 8ed0e6415e..fa23b571d3 100644 --- a/vsts/pipelines/baseImages/dotnetcore.yml +++ b/vsts/pipelines/baseImages/dotnetcore.yml @@ -8,47 +8,60 @@ variables: value: true - name: Packaging.EnableSBOMSigning value: true - -jobs: -- template: ../templates/_buildimageBasesJobTemplate.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - displayName: Build DotNetCore runtime buster base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: dotnetcore - imageDebianFlavor: buster - artifactsFileName: dotnetcore-runtimeimage-bases-buster.txt - jobName: Build_DotNetCore_BaseImage_Buster - -- template: ../templates/_buildimageBasesJobTemplate.yml - parameters: - displayName: Build DotNetCore runtime bullseye base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: dotnetcore - imageDebianFlavor: bullseye - artifactsFileName: dotnetcore-runtimeimage-bases-bullseye.txt - jobName: Build_DotNetCore_BaseImage_Bullseye - -- template: ../templates/_buildimageBasesJobTemplate.yml - parameters: - displayName: Build DotNetCore runtime bookworm base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: dotnetcore - imageDebianFlavor: bookworm - artifactsFileName: dotnetcore-runtimeimage-bases-bookworm.txt - jobName: Build_DotNetCore_BaseImage_Bookworm - -- job: Release_DotNetCoreRuntimeBaseImage - dependsOn: - - Build_DotNetCore_BaseImage_Buster - - Build_DotNetCore_BaseImage_Bullseye - - Build_DotNetCore_BaseImage_Bookworm - displayName: Push images to MCR - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_releaseBaseImagesStepTemplate.yml - parameters: - baseImageName: 'dotnetcore' \ No newline at end of file + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling-BulkMigrated + stages: + - stage: stage + jobs: + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build DotNetCore runtime buster base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: dotnetcore + imageDebianFlavor: buster + artifactsFileName: dotnetcore-runtimeimage-bases-buster.txt + jobName: Build_DotNetCore_BaseImage_Buster + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build DotNetCore runtime bullseye base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: dotnetcore + imageDebianFlavor: bullseye + artifactsFileName: dotnetcore-runtimeimage-bases-bullseye.txt + jobName: Build_DotNetCore_BaseImage_Bullseye + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build DotNetCore runtime bookworm base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: dotnetcore + imageDebianFlavor: bookworm + artifactsFileName: dotnetcore-runtimeimage-bases-bookworm.txt + jobName: Build_DotNetCore_BaseImage_Bookworm + - job: Release_DotNetCoreRuntimeBaseImage + dependsOn: + - Build_DotNetCore_BaseImage_Buster + - Build_DotNetCore_BaseImage_Bullseye + - Build_DotNetCore_BaseImage_Bookworm + displayName: Push images to MCR + timeoutInMinutes: 250 + steps: + - template: /vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml@self + parameters: + baseImageName: 'dotnetcore' \ No newline at end of file diff --git a/vsts/pipelines/baseImages/node.yml b/vsts/pipelines/baseImages/node.yml index 4a75cb0211..14a7dcd722 100644 --- a/vsts/pipelines/baseImages/node.yml +++ b/vsts/pipelines/baseImages/node.yml @@ -8,45 +8,58 @@ variables: value: true - name: Packaging.EnableSBOMSigning value: true - -jobs: -- template: ../templates/_buildimageBasesJobTemplate.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - displayName: Build Node runtime buster based images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: node - imageDebianFlavor: buster - artifactsFileName: node-runtimeimage-bases-buster.txt - jobName: Build_Buster_BaseImages - -- template: ../templates/_buildimageBasesJobTemplate.yml - parameters: - displayName: Build Node runtime bullseye base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: node - imageDebianFlavor: bullseye - artifactsFileName: node-runtimeimage-bases-bullseye.txt - jobName: Build_Bullseye_BaseImages - -- template: ../templates/_buildimageBasesJobTemplate.yml - parameters: - displayName: Build Node runtime bookworm base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: node - imageDebianFlavor: bookworm - artifactsFileName: node-runtimeimage-bases-bookworm.txt - jobName: Build_Bookworm_BaseImages - -- job: Release_NodeRuntimeBaseImage - dependsOn: - - Build_Buster_BaseImages - displayName: Push images to MCR - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_releaseBaseImagesStepTemplate.yml - parameters: - baseImageName: 'node' + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling-BulkMigrated + stages: + - stage: stage + jobs: + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build Node runtime buster based images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: node + imageDebianFlavor: buster + artifactsFileName: node-runtimeimage-bases-buster.txt + jobName: Build_Buster_BaseImages + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build Node runtime bullseye base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: node + imageDebianFlavor: bullseye + artifactsFileName: node-runtimeimage-bases-bullseye.txt + jobName: Build_Bullseye_BaseImages + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build Node runtime bookworm base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: node + imageDebianFlavor: bookworm + artifactsFileName: node-runtimeimage-bases-bookworm.txt + jobName: Build_Bookworm_BaseImages + - job: Release_NodeRuntimeBaseImage + dependsOn: + - Build_Buster_BaseImages + displayName: Push images to MCR + timeoutInMinutes: 250 + steps: + - template: /vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml@self + parameters: + baseImageName: 'node' \ No newline at end of file diff --git a/vsts/pipelines/baseImages/php-fpm.yml b/vsts/pipelines/baseImages/php-fpm.yml index 631b1bc090..b57bd7f722 100644 --- a/vsts/pipelines/baseImages/php-fpm.yml +++ b/vsts/pipelines/baseImages/php-fpm.yml @@ -8,37 +8,51 @@ variables: value: true - name: Packaging.EnableSBOMSigning value: true - -jobs: -- template: ../templates/_buildimageBasesJobTemplate.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - displayName: Build php buster runtime base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: php-fpm - imageDebianFlavor: buster - artifactsFileName: php-fpm-runtimeimage-bases-buster.txt - jobName: Build_PHP_FPM_Buster_Base - -- template: ../templates/_buildimageBasesJobTemplate.yml - parameters: - displayName: Build php bullseye runtime base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: php-fpm - imageDebianFlavor: bullseye - artifactsFileName: php-fpm-runtimeimage-bases-bullseye.txt - jobName: Build_PHP_Fpm_Bullseye_Base - -- job: Release_PhpRuntimeBaseImage - dependsOn: - - Build_Php_Fpm_Buster_Base - - Build_PHP_Fpm_Bullseye_Base - displayName: Push images to MCR - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_releaseBaseImagesStepTemplate.yml - parameters: - baseImageName: 'php-fpm' + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling-BulkMigrated + stages: + - stage: stage + jobs: + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build php buster runtime base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: php-fpm + imageDebianFlavor: buster + artifactsFileName: php-fpm-runtimeimage-bases-buster.txt + jobName: Build_PHP_FPM_Buster_Base + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build php bullseye runtime base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: php-fpm + imageDebianFlavor: bullseye + artifactsFileName: php-fpm-runtimeimage-bases-bullseye.txt + jobName: Build_PHP_Fpm_Bullseye_Base + - job: Release_PhpRuntimeBaseImage + dependsOn: + - Build_Php_Fpm_Buster_Base + - Build_PHP_Fpm_Bullseye_Base + displayName: Push images to MCR + timeoutInMinutes: 250 + steps: + - template: /vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml@self + parameters: + baseImageName: 'php-fpm' \ No newline at end of file diff --git a/vsts/pipelines/baseImages/php.yml b/vsts/pipelines/baseImages/php.yml index 6f290860cd..0964c12f4a 100644 --- a/vsts/pipelines/baseImages/php.yml +++ b/vsts/pipelines/baseImages/php.yml @@ -8,37 +8,51 @@ variables: value: true - name: Packaging.EnableSBOMSigning value: true - -jobs: -- template: ../templates/_buildimageBasesJobTemplate.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - displayName: Build php runtime buster base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: php - imageDebianFlavor: buster - artifactsFileName: php-runtimeimage-bases-buster.txt - jobName: Build_Buster_BaseImages - -- template: ../templates/_buildimageBasesJobTemplate.yml - parameters: - displayName: Build php runtime bullseye base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: php - imageDebianFlavor: bullseye - artifactsFileName: php-runtimeimage-bases-bullseye.txt - jobName: Build_Bullseye_BaseImages - -- job: Release_PhpRuntimeBaseImage - dependsOn: - - Build_Buster_BaseImages - - Build_Bullseye_BaseImages - displayName: Push images to MCR - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_releaseBaseImagesStepTemplate.yml - parameters: - baseImageName: 'php' + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling-BulkMigrated + stages: + - stage: stage + jobs: + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build php runtime buster base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: php + imageDebianFlavor: buster + artifactsFileName: php-runtimeimage-bases-buster.txt + jobName: Build_Buster_BaseImages + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build php runtime bullseye base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: php + imageDebianFlavor: bullseye + artifactsFileName: php-runtimeimage-bases-bullseye.txt + jobName: Build_Bullseye_BaseImages + - job: Release_PhpRuntimeBaseImage + dependsOn: + - Build_Buster_BaseImages + - Build_Bullseye_BaseImages + displayName: Push images to MCR + timeoutInMinutes: 250 + steps: + - template: /vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml@self + parameters: + baseImageName: 'php' \ No newline at end of file diff --git a/vsts/pipelines/ci.yml b/vsts/pipelines/ci.yml index 424a168125..8971135162 100644 --- a/vsts/pipelines/ci.yml +++ b/vsts/pipelines/ci.yml @@ -1,305 +1,305 @@ parameters: - - name: storageAccountUrl - displayName: SDK storage account URL for production images and testing - type: string - default: https://oryx-cdn.microsoft.io - values: - - https://oryx-cdn.microsoft.io - - name: buildImages - type: object - default: - - - key: Latest - value: latest - - - key: LtsVersions - value: ltsversions - - - key: Jamstack - value: jamstack - - - key: GithubActions - value: githubactions - - - key: VsoFocal - value: vso-focal - - - key: VsoBullseye - value: vso-bullseye - - - key: Full - value: full - - - key: Cli - value: cli-stretch - - - key: CliBuster - value: cli-buster - - - key: CliBullseye - value: cli-bullseye - - - key: CliBuilderBullseye - value: cli-builder-bullseye - - - key: Buildpack - value: buildpack - +- name: storageAccountUrl + displayName: SDK storage account URL for production images and testing + type: string + default: https://oryx-cdn.microsoft.io + values: + - https://oryx-cdn.microsoft.io +- name: buildImages + type: object + default: + - key: Latest + value: latest + - key: LtsVersions + value: ltsversions + - key: Jamstack + value: jamstack + - key: GithubActions + value: githubactions + - key: VsoFocal + value: vso-focal + - key: VsoBullseye + value: vso-bullseye + - key: Full + value: full + - key: Cli + value: cli-stretch + - key: CliBuster + value: cli-buster + - key: CliBullseye + value: cli-bullseye + - key: CliBuilderBullseye + value: cli-builder-bullseye + - key: Buildpack + value: buildpack resources: -- repo: self - + repositories: + - repository: MicroBuildTemplate + type: git + name: 1ESPipelineTemplates/MicroBuildTemplate + ref: refs/tags/release variables: group: Oryx Packaging.EnableSBOMSigning: true - -stages: - - stage: CreateReleaseTag - jobs: - - job: CreateReleaseTag - pool: +trigger: none +extends: + template: azure-pipelines/MicroBuild.1ES.Official.yml@MicroBuildTemplate + parameters: + sdl: + sourceAnalysisPool: name: AzurePipelines-EO - demands: + image: AzurePipelinesWindows2022compliantGPT + os: windows + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + customBuildTags: + - ES365AIMigrationTooling-BulkMigrated + stages: + - stage: CreateReleaseTag + jobs: + - job: CreateReleaseTag + pool: + name: AzurePipelines-EO + demands: + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + variables: + skipComponentGovernanceDetection: true + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish artifact file having the release tag name' + targetPath: $(Build.SourcesDirectory)/artifacts/releaseTag.txt + artifactName: releaseTag + steps: + - checkout: self + clean: true + - task: ShellScript@2 + inputs: + scriptPath: ./vsts/scripts/createReleaseTag.sh + displayName: 'Create release tag' + - script: | + set -ex + sourcesArtifactsDir="$(Build.SourcesDirectory)/artifacts" + mkdir -p "$sourcesArtifactsDir" + echo "$(RELEASE_TAG_NAME)" > "$sourcesArtifactsDir/releaseTag.txt" + displayName: 'Write release tag name to an artifact file' + - stage: Build + displayName: Build Stage + jobs: + - job: Job_Security + displayName: Security + condition: succeeded() + pool: + name: Azure Pipelines + vmImage: windows-2022 + steps: + - template: /vsts/pipelines/templates/_securityChecks.yml@self + - job: Job_SignBinaries + displayName: Sign Oryx Binaries + pool: + name: VSEngSS-MicroBuild2022-1ES + demands: + - msbuild + - visualstudio + variables: + SignType: 'test' + skipComponentGovernanceDetection: true + templateContext: + mb: + signing: + enabled: true + signType: '$(setSignTypeVariable.SignType)' + outputs: + - output: pipelineArtifact + displayName: 'Publish Pipeline Artifact' + condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) + artifactName: 'signed_binaries' + targetPath: '$(Build.ArtifactStagingDirectory)' + steps: + - task: DownloadPipelineArtifact@2 + displayName: 'Download artifact file having release tag name' + inputs: + targetPath: $(Build.SourcesDirectory)/artifacts/releaseTag + artifactName: 'releaseTag' + - powershell: | + $file = "$env:BUILD_SOURCESDIRECTORY\artifacts\releaseTag\releaseTag.txt" + if (Test-Path $file) { + $tagName = [IO.File]::ReadAllText($file) + Write-Host "Content is $tagName" + echo "##vso[task.setvariable variable=RELEASE_TAG_NAME;]$tagName" + } + displayName: 'Set release tag name as environment variable' + - template: /vsts/pipelines/templates/_signBinary.yml@self + - ${{ each buildImage in parameters.buildImages }}: + - job: Job_BuildImage_${{ buildImage.key }} + displayName: 'Build & Test ${{ buildImage.key }} Build image' + condition: succeeded() + timeoutInMinutes: 480 + pool: + name: AzurePipelines-EO + demands: + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + variables: + SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] + skipComponentGovernanceDetection: true + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish Artifact: drop' + condition: true + steps: + - script: | + echo "##vso[task.setvariable variable=BuildBuildImages;]true" + echo "##vso[task.setvariable variable=TestBuildImages;]true" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestRuntimeImages;]false" + echo "##vso[task.setvariable variable=PushBuildImages;]true" + echo "##vso[task.setvariable variable=PushRuntimeImages;]false" + echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]true" + echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" + if [[ "${{ buildImage.value }}" =~ "cli-builder" ]]; then + echo "##vso[task.setvariable variable=PushBuilderImages;]true" + fi + displayName: 'Set variables' + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self + parameters: + imageType: ${{ buildImage.value }} + - job: Job_BuilderImages + displayName: Build Builder Images + pool: + name: AzurePipelines-EO + demands: - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - variables: - skipComponentGovernanceDetection: true - steps: - - checkout: self - clean: true - - - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - - task: ShellScript@2 - inputs: - scriptPath: ./vsts/scripts/createReleaseTag.sh - displayName: 'Create release tag' - - script: | - set -ex - sourcesArtifactsDir="$(Build.SourcesDirectory)/artifacts" - mkdir -p "$sourcesArtifactsDir" - echo "$(RELEASE_TAG_NAME)" > "$sourcesArtifactsDir/releaseTag.txt" - displayName: 'Write release tag name to an artifact file' - - task: PublishPipelineArtifact@1 - displayName: 'Publish artifact file having the release tag name' - inputs: - targetPath: $(Build.SourcesDirectory)/artifacts/releaseTag.txt - artifactName: releaseTag - - - stage: Build - displayName: Build Stage - jobs: - - job: Job_Security - displayName: Security - condition: succeeded() - pool: - name: Azure Pipelines - vmImage: windows-2022 - steps: - - template: templates/_securityChecks.yml - - - job: Job_SignBinaries - displayName: Sign Oryx Binaries - pool: - name: VSEngSS-MicroBuild2022-1ES - demands: - - msbuild - - visualstudio - variables: - SignType: 'test' - skipComponentGovernanceDetection: true - steps: - - task: DownloadPipelineArtifact@2 - displayName: 'Download artifact file having release tag name' - inputs: - targetPath: $(Build.SourcesDirectory)/artifacts/releaseTag - artifactName: 'releaseTag' - - powershell: | - $file = "$env:BUILD_SOURCESDIRECTORY\artifacts\releaseTag\releaseTag.txt" - if (Test-Path $file) { - $tagName = [IO.File]::ReadAllText($file) - Write-Host "Content is $tagName" - echo "##vso[task.setvariable variable=RELEASE_TAG_NAME;]$tagName" - } - displayName: 'Set release tag name as environment variable' - - template: templates/_signBinary.yml - - # Job loop for BuildImages - - ${{ each buildImage in parameters.buildImages }}: - - job: Job_BuildImage_${{ buildImage.key }} - displayName: 'Build & Test ${{ buildImage.key }} Build image' - #dependsOn: Job_SignBinaries + timeoutInMinutes: 480 + dependsOn: Job_BuildImage_CliBuilderBullseye + steps: + - template: /vsts/pipelines/templates/_builderTemplate.yml@self + - job: Job_Buster_RuntimeImages + displayName: Build and Test Buster Runtime Images + dependsOn: Job_SignBinaries condition: succeeded() timeoutInMinutes: 480 pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: - SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] # map in the signtype variable + SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] skipComponentGovernanceDetection: true - + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish Artifact: drop' + condition: true steps: - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]true" - echo "##vso[task.setvariable variable=TestBuildImages;]true" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestRuntimeImages;]false" - echo "##vso[task.setvariable variable=PushBuildImages;]true" - echo "##vso[task.setvariable variable=PushRuntimeImages;]false" + echo "##vso[task.setvariable variable=BuildBuildImages;]false" + echo "##vso[task.setvariable variable=TestBuildImages;]false" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]true" + echo "##vso[task.setvariable variable=TestRuntimeImages;]true" + echo "##vso[task.setvariable variable=PushRuntimeImages;]true" + echo "##vso[task.setvariable variable=PushBuildImages;]false" echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]true" echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - if [[ "${{ buildImage.value }}" =~ "cli-builder" ]]; then - echo "##vso[task.setvariable variable=PushBuilderImages;]true" - fi displayName: 'Set variables' - - - template: templates/_setReleaseTag.yml - - - template: templates/_buildTemplate.yml + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self parameters: - imageType: ${{ buildImage.value }} - - - job: Job_BuilderImages - displayName: Build Builder Images - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - timeoutInMinutes: 480 - steps: - - template: templates/_builderTemplate.yml - dependsOn: Job_BuildImage_CliBuilderBullseye - - - job: Job_Buster_RuntimeImages - displayName: Build and Test Buster Runtime Images - dependsOn: Job_SignBinaries - condition: succeeded() - timeoutInMinutes: 480 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - variables: - SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] # map in the signtype variable - skipComponentGovernanceDetection: true - - steps: - - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]false" - echo "##vso[task.setvariable variable=TestBuildImages;]false" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]true" - echo "##vso[task.setvariable variable=TestRuntimeImages;]true" - echo "##vso[task.setvariable variable=PushRuntimeImages;]true" - echo "##vso[task.setvariable variable=PushBuildImages;]false" - echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]true" - echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - displayName: 'Set variables' - - - template: templates/_setReleaseTag.yml - - - template: templates/_buildTemplate.yml - parameters: imageType: buster - - - job: Job_Bullseye_RuntimeImages - displayName: Build and Test Bullseye Runtime Images - dependsOn: Job_SignBinaries - condition: succeeded() - timeoutInMinutes: 480 - pool: - name: AzurePipelines-EO - demands: + - job: Job_Bullseye_RuntimeImages + displayName: Build and Test Bullseye Runtime Images + dependsOn: Job_SignBinaries + condition: succeeded() + timeoutInMinutes: 480 + pool: + name: AzurePipelines-EO + demands: - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - variables: - SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] # map in the signtype variable - skipComponentGovernanceDetection: true - - steps: - - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]false" - echo "##vso[task.setvariable variable=TestBuildImages;]false" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]true" - echo "##vso[task.setvariable variable=TestRuntimeImages;]true" - echo "##vso[task.setvariable variable=PushRuntimeImages;]true" - echo "##vso[task.setvariable variable=PushBuildImages;]false" - echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]true" - echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - displayName: 'Set variables' - - - template: templates/_setReleaseTag.yml - - - template: templates/_buildTemplate.yml - parameters: + variables: + SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] + skipComponentGovernanceDetection: true + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish Artifact: drop' + condition: true + steps: + - script: | + echo "##vso[task.setvariable variable=BuildBuildImages;]false" + echo "##vso[task.setvariable variable=TestBuildImages;]false" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]true" + echo "##vso[task.setvariable variable=TestRuntimeImages;]true" + echo "##vso[task.setvariable variable=PushRuntimeImages;]true" + echo "##vso[task.setvariable variable=PushBuildImages;]false" + echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]true" + echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" + displayName: 'Set variables' + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self + parameters: imageType: bullseye - - - job: Job_Bookworm_RuntimeImages - displayName: Build and Test Bookworm Runtime Images - dependsOn: Job_SignBinaries - condition: succeeded() - timeoutInMinutes: 480 - pool: - name: AzurePipelines-EO - demands: + - job: Job_Bookworm_RuntimeImages + displayName: Build and Test Bookworm Runtime Images + dependsOn: Job_SignBinaries + condition: succeeded() + timeoutInMinutes: 480 + pool: + name: AzurePipelines-EO + demands: - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - variables: - SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] # map in the signtype variable - skipComponentGovernanceDetection: true - - steps: - - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]false" - echo "##vso[task.setvariable variable=TestBuildImages;]false" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]true" - echo "##vso[task.setvariable variable=TestRuntimeImages;]true" - echo "##vso[task.setvariable variable=PushRuntimeImages;]true" - echo "##vso[task.setvariable variable=PushBuildImages;]false" - echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]true" - echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - displayName: 'Set variables' - - - template: templates/_setReleaseTag.yml - - - template: templates/_buildTemplate.yml - parameters: + variables: + SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] + skipComponentGovernanceDetection: true + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish Artifact: drop' + condition: true + steps: + - script: | + echo "##vso[task.setvariable variable=BuildBuildImages;]false" + echo "##vso[task.setvariable variable=TestBuildImages;]false" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]true" + echo "##vso[task.setvariable variable=TestRuntimeImages;]true" + echo "##vso[task.setvariable variable=PushRuntimeImages;]true" + echo "##vso[task.setvariable variable=PushBuildImages;]false" + echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]true" + echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" + displayName: 'Set variables' + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self + parameters: imageType: bookworm - - - template: templates/_integrationJobTemplate.yml - parameters: + - template: /vsts/pipelines/templates/_integrationJobTemplate.yml@self + parameters: storageAccountUrl: ${{ parameters.storageAccountUrl }} - - - job: Job_ProductionStorageAccountTest - displayName: Test Production Storage Account - pool: - name: AzurePipelines-EO - demands: + - job: Job_ProductionStorageAccountTest + displayName: Test Production Storage Account + pool: + name: AzurePipelines-EO + demands: - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - variables: - skipComponentGovernanceDetection: true - steps: - - task: UseDotNet@2 - displayName: 'Use .NET Core sdk 7.x' - inputs: - version: 7.0.306 - - - task: ShellScript@2 - displayName: 'Test production storage account' - env: - ORYX_TEST_SDK_STORAGE_URL: ${{ parameters.storageAccountUrl }} - inputs: - scriptPath: ./build/testIntegration.sh - args: StorageAccountTests=Prod - - - stage: Release - displayName: Release Stage - dependsOn: Build - condition: > - and(succeeded(), or(eq(variables['Build.SourceBranch'], 'refs/heads/main'), - startsWith(variables['Build.SourceBranch'],'refs/heads/patch/'), - startsWith(variables['Build.SourceBranch'],'refs/heads/exp/'))) - - jobs: - - template: templates/_releaseJobTemplate.yml - -trigger: none \ No newline at end of file + variables: + skipComponentGovernanceDetection: true + steps: + - task: UseDotNet@2 + displayName: 'Use .NET Core sdk 7.x' + inputs: + version: 7.0.306 + - task: ShellScript@2 + displayName: 'Test production storage account' + env: + ORYX_TEST_SDK_STORAGE_URL: ${{ parameters.storageAccountUrl }} + inputs: + scriptPath: ./build/testIntegration.sh + args: StorageAccountTests=Prod + - stage: Release + displayName: Release Stage + dependsOn: Build + condition: > + and(succeeded(), or(eq(variables['Build.SourceBranch'], 'refs/heads/main'), startsWith(variables['Build.SourceBranch'],'refs/heads/patch/'), startsWith(variables['Build.SourceBranch'],'refs/heads/exp/'))) + jobs: + - template: /vsts/pipelines/templates/_releaseJobTemplate.yml@self \ No newline at end of file diff --git a/vsts/pipelines/templates/_buildTemplate.yml b/vsts/pipelines/templates/_buildTemplate.yml index 043bda343b..f98cc5a60f 100644 --- a/vsts/pipelines/templates/_buildTemplate.yml +++ b/vsts/pipelines/templates/_buildTemplate.yml @@ -3,7 +3,6 @@ parameters: acrName: oryxdevmcr.azurecr.io imageName: oryxdevmcr.azurecr.io/public/oryx imageType: null - steps: - script: | if [ "$(BuildBuildImages)" != "true" ] && [ "$(BuildRuntimeImages)" != "true" ] && [ "$(TestIntegration)" != "true" ] @@ -13,7 +12,6 @@ steps: exit 1 fi displayName: 'Validate pipeline run' - - script: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc @@ -22,10 +20,8 @@ steps: docker images && docker system prune -fa && docker images && echo displayName: 'clean docker images' condition: or(eq(variables['TestBuildImages'], 'true'), eq(variables['TestRuntimeImages'], 'true')) - - checkout: self clean: true - - task: DownloadPipelineArtifact@0 displayName: 'Download Pipeline Artifact' inputs: @@ -33,55 +29,38 @@ steps: artifactName: 'signed_binaries' targetPath: '$(Build.SourcesDirectory)' condition: > - and(succeeded(), - or(in(variables['SIGNTYPE'], 'real', 'Real'), in(variables['SignType'], 'real', 'Real')), - or(startsWith(variables['Build.SourceBranch'], 'refs/heads/main'), - startsWith(variables['Build.SourceBranch'],'refs/heads/patch/'), - startsWith(variables['Build.SourceBranch'],'refs/heads/exp/'))) - + and(succeeded(), or(in(variables['SIGNTYPE'], 'real', 'Real'), in(variables['SignType'], 'real', 'Real')), or(startsWith(variables['Build.SourceBranch'], 'refs/heads/main'), startsWith(variables['Build.SourceBranch'],'refs/heads/patch/'), startsWith(variables['Build.SourceBranch'],'refs/heads/exp/'))) - task: UseDotNet@2 displayName: 'Use .NET Core sdk 7.x' inputs: version: 7.0.306 - - script: | dotnet --version && dotnet msbuild -version && echo displayName: 'Print dotnet and msbuild version' - - task: ShellScript@2 displayName: 'Build Oryx.sln' inputs: scriptPath: ./build/buildSln.sh args: Oryx.sln - -- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - task: Docker@1 displayName: Container registry login inputs: command: login azureSubscriptionEndpoint: ${{ parameters.ascName }} azureContainerRegistry: ${{ parameters.acrName }} - - script: | docker images && docker system prune -fa && df -h && echo displayName: 'Free up space for oryx layers' - - task: ShellScript@2 displayName: 'Test build script generator' inputs: scriptPath: ./build/testBuildScriptGenerator.sh condition: and(succeeded(), eq(variables['TestBuildImages'], 'true')) - - task: ShellScript@2 displayName: 'Test startup script generators' inputs: scriptPath: ./build/testStartupScriptGenerators.sh condition: and(succeeded(), eq(variables['TestRuntimeImages'], 'true')) - - task: ShellScript@2 displayName: 'Build build images' env: @@ -90,7 +69,6 @@ steps: scriptPath: ./build/buildBuildImages.sh args: -t ${{ parameters.imageType }} -s $(storageAccountUrl) condition: and(succeeded(), eq(variables['BuildBuildImages'], 'true')) - - task: ShellScript@2 displayName: 'Build runtime images' env: @@ -99,24 +77,20 @@ steps: scriptPath: ./build/buildRunTimeImages.sh args: -s $(storageAccountUrl) ${{ parameters.imageType }} condition: and(succeeded(), eq(variables['BuildRuntimeImages'], 'true')) - - - script: | docker images && docker system prune -f && df -h && echo displayName: 'clean docker unknown layers' - - script: | docker -v - echo "Installing Docker CE version 24.0.5................" + echo "Installing Docker CE version 24.0.5." curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt update sudo apt-get install docker-ce=5:24.0.5~3-0~ubuntu-focal docker-ce-cli=5:24.0.5~3-0~ubuntu-focal containerd.io - echo "After installing ................" + echo "After installing ." docker -v displayName: 'Install Docker 24.0.5' condition: true - - task: ShellScript@2 displayName: 'Test build images' env: @@ -126,7 +100,6 @@ steps: scriptPath: ./build/testBuildImages.sh args: skipBuildingImages ${{ parameters.imageName }} $(Build.DefinitionName).$(RELEASE_TAG_NAME) ${{ parameters.imageType }} condition: and(succeeded(), eq(variables['TestBuildImages'], 'true')) - - task: ShellScript@2 displayName: 'Test runtime images' env: @@ -136,13 +109,11 @@ steps: scriptPath: ./build/testRunTimeImages.sh args: skipBuildingImages ${{ parameters.imageName }} $(Build.DefinitionName).$(RELEASE_TAG_NAME) category=runtime-${{ parameters.imageType }} condition: and(succeeded(), eq(variables['TestRuntimeImages'], 'true')) - - task: DownloadBuildArtifacts@0 displayName: 'Download Build Artifacts' inputs: artifactName: drop condition: and(succeeded(), eq(variables['TestIntegration'], 'true')) - - task: Shellpp@0 displayName: 'Pull and Retag recently built oryx build and runtime images' inputs: @@ -150,14 +121,12 @@ steps: scriptPath: ./vsts/scripts/pullAndTag.sh args: $(System.ArtifactsDirectory)/drop/images/build-images-acr.txt condition: and(succeeded(), eq(variables['TestIntegration'], 'true')) - - task: Shellpp@0 displayName: 'Build a build image for tests' inputs: type: FilePath scriptPath: ./build/buildTestBuildImages.sh condition: and(succeeded(), eq(variables['TestIntegration'], 'true')) - - task: ShellScript@2 displayName: 'Test integration' inputs: @@ -171,7 +140,6 @@ steps: ORYX_TEST_SDK_STORAGE_URL: $(storageAccountUrl) ORYX_SDK_STORAGE_ACCOUNT_ACCESS_TOKEN: $(ORYX-SDK-STAGING-PRIVATE-SAS-TOKEN) condition: and(succeeded(), eq(variables['TestIntegration'], 'true')) - - task: CopyFiles@2 displayName: 'Copy source projects output to artifacts folder' inputs: @@ -182,7 +150,6 @@ steps: overWrite: true flattenFolders: true condition: true - - task: CopyFiles@2 displayName: 'Copy artifacts from source repo to agent artifacts folder' inputs: @@ -191,77 +158,47 @@ steps: targetFolder: $(Build.ArtifactStagingDirectory) overWrite: true condition: true - -- task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: Generate Software Bill of Materials (SBOM) - inputs: - BuildDropPath: '$(Build.ArtifactStagingDirectory)' - AdditionalComponentDetectorArgs: '--DirectoryExclusionList **/SampleApps/**' - - task: PublishTestResults@2 inputs: testRunner: 'xUnit' testResultsFiles: '$(Build.ArtifactStagingDirectory)/testResults/*.xml' mergeTestResults: true condition: true - -- task: Docker@1 +- task: 1ES.PushContainerImage@1 displayName: 'Push build images to ACR' inputs: - azureSubscriptionEndpoint: ${{ parameters.ascName }} - azureContainerRegistry: ${{ parameters.acrName }} - command: 'Push an image' - pushMultipleImages: true - imageNamesPath: '$(Build.ArtifactStagingDirectory)/images/build-images-acr.txt' - includeLatestTag: false - enforceDockerNamingConvention: false - condition: and(succeeded(), or(eq(variables['PushBuildImages'], 'true'), eq(variables['PushBuilderImages'], 'true')), eq(variables['BuildBuildImages'], 'true')) - -- task: Docker@1 + image: ${{ parameters.acrName }}/${{ parameters.ascName }} + remoteImage: ${{ parameters.acrName }}/${{ parameters.ascName }}:${{ parameters.acrName }} +- task: 1ES.PushContainerImage@1 displayName: 'Push runtime images to ACR' inputs: - azureSubscriptionEndpoint: ${{ parameters.ascName }} - azureContainerRegistry: ${{ parameters.acrName }} - command: 'Push an image' - pushMultipleImages: true - imageNamesPath: '$(Build.ArtifactStagingDirectory)/images/runtime-images-acr.${{ parameters.imageType }}.txt' - includeLatestTag: false - enforceDockerNamingConvention: false + image: ${{ parameters.acrName }}/${{ parameters.acrName }}:${{ parameters.imageType }} + remoteImage: ${{ parameters.acrName }}/${{ parameters.acrName }}:${{ parameters.imageType }} condition: and(succeeded(), eq(variables['PushRuntimeImages'], 'true'), eq(variables['BuildRuntimeImages'], 'true')) - - task: ShellScript@2 displayName: 'Clean up Docker containers and images' inputs: scriptPath: ./vsts/scripts/cleanDocker.sh condition: or(eq(variables['TestBuildImages'], 'true'), eq(variables['TestRuntimeImages'], 'true'), eq(variables['TestIntegration'], 'true')) - - task: ShellScript@2 displayName: 'Clean up Docker mounted directories' inputs: scriptPath: ./vsts/scripts/removeDockerArtifacts.sh condition: or(eq(variables['TestBuildImages'], 'true'), eq(variables['TestRuntimeImages'], 'true'), eq(variables['TestIntegration'], 'true')) - - script: | docker images && docker system prune -fa && df -h && docker images && echo displayName: 'clean docker images and stopped containers' - - task: ShellScript@2 displayName: 'Generate release notes' inputs: scriptPath: ./vsts/scripts/generateReleaseNotes.sh condition: and(succeeded(), eq(variables['PushBuildImages'], 'true'), eq(variables['BuildBuildImages'], 'true')) - - task: ArchiveFiles@2 displayName: 'Archive docker files and scripts for Oryx build and runtime images' inputs: rootFolderOrFile: images archiveFile: '$(Build.ArtifactStagingDirectory)/images/dockerFiles.zip' condition: true - -- task: PublishBuildArtifacts@1 - displayName: 'Publish Artifact: drop' - condition: true - - task: mspremier.PostBuildCleanup.PostBuildCleanup-task.PostBuildCleanup@3 displayName: 'Clean Agent Directories' - condition: true + condition: true \ No newline at end of file diff --git a/vsts/pipelines/templates/_builderTemplate.yml b/vsts/pipelines/templates/_builderTemplate.yml index ced672617e..b5841ce2e9 100644 --- a/vsts/pipelines/templates/_builderTemplate.yml +++ b/vsts/pipelines/templates/_builderTemplate.yml @@ -1,32 +1,27 @@ parameters: ascName: oryx-automation-service-principal acrName: oryxdevmcr.azurecr.io - steps: - script: | curl -sSL "https://github.com/buildpacks/pack/releases/download/v0.28.0/pack-v0.28.0-linux.tgz" | tar -C /usr/local/bin/ --no-same-owner -xzv pack displayName: 'Install Pack CLI' condition: true - - task: Docker@1 displayName: Container registry login inputs: command: login azureSubscriptionEndpoint: ${{ parameters.ascName }} azureContainerRegistry: ${{ parameters.acrName }} - - task: ShellScript@2 displayName: 'Build base builder images' inputs: scriptPath: ./builders/base/buildBaseBuilder.sh args: -f ${{ parameters.acrName }} -r "public/oryx/builder" -v $(Build.DefinitionName).$(Build.BuildNumber) - - task: ShellScript@2 displayName: 'Build container apps builder images' inputs: scriptPath: ./builders/container-apps/buildCappsBuilder.sh args: -f ${{ parameters.acrName }} -r "public/oryx/builder" -t "capps-$(Build.DefinitionName).$(Build.BuildNumber)" -b "${{ parameters.acrName }}/public/oryx/builder:$(Build.DefinitionName).$(Build.BuildNumber)" - - task: CopyFiles@2 displayName: 'Copy artifacts from source repo to agent artifacts folder' inputs: @@ -34,25 +29,13 @@ steps: contents: '**/*.*' targetFolder: $(Build.ArtifactStagingDirectory) overWrite: true - -- task: Docker@1 +- task: 1ES.PushContainerImage@1 displayName: 'Push base build images to ACR' inputs: - azureSubscriptionEndpoint: ${{ parameters.ascName }} - azureContainerRegistry: ${{ parameters.acrName }} - command: 'Push an image' - pushMultipleImages: true - imageNamesPath: '$(Build.ArtifactStagingDirectory)/images/builder-images-acr.txt' - includeLatestTag: false - enforceDockerNamingConvention: false - -- task: Docker@1 + image: ${{ parameters.acrName }}/${{ parameters.acrName }}:$(Build.BuildNumber) + remoteImage: ${{ parameters.acrName }}/${{ parameters.acrName }}:$(Build.BuildNumber) +- task: 1ES.PushContainerImage@1 displayName: 'Push container apps builder images to ACR' inputs: - azureSubscriptionEndpoint: ${{ parameters.ascName }} - azureContainerRegistry: ${{ parameters.acrName }} - command: 'Push an image' - pushMultipleImages: true - imageNamesPath: '$(Build.ArtifactStagingDirectory)/images/capps-builder-images-acr.txt' - includeLatestTag: false - enforceDockerNamingConvention: false \ No newline at end of file + image: ${{ parameters.acrName }}/${{ parameters.ascName }}:$(Build.ArtifactStagingDirectory)/images/capps-builder-images-acr.txt + remoteImage: ${{ parameters.acrName }}/${{ parameters.ascName }}:$(Build.ArtifactStagingDirectory)/images/capps-builder-images-acr.txt \ No newline at end of file diff --git a/vsts/pipelines/templates/_buildimageBasesJobTemplate.yml b/vsts/pipelines/templates/_buildimageBasesJobTemplate.yml index f27d7c4986..812bc2ced5 100644 --- a/vsts/pipelines/templates/_buildimageBasesJobTemplate.yml +++ b/vsts/pipelines/templates/_buildimageBasesJobTemplate.yml @@ -1,91 +1,40 @@ -# trigger: none - -# The `resources` specify the location and version of the 1ES PT. -resources: - repositories: - - repository: 1esPipelines - type: git - name: 1ESPipelineTemplates/1ESPipelineTemplates - ref: refs/tags/release - -extends: - # The pipeline extends the 1ES PT which will inject different SDL and compliance tasks. - # For non-production pipelines, use "Unofficial" as defined below. - # For productions pipelines, use "Official". - template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines - parameters: - # Update the pool with your team's 1ES hosted pool. - pool: - name: AzurePipelines-EO - image: AzurePipelinesUbuntu20.04compliant # Name of the image in your pool. If not specified, first image of the pool is used - os: linux # OS of the image. Allowed values: windows, linux, macOS - - stages: - - stage: Stage - jobs: - - job: HostJob - timeoutInMinutes: 250 - # If the pipeline publishes artifacts, use `templateContext` to define the artifacts. - # This will enable 1ES PT to run SDL analysis tools on the artifacts and then upload them. - templateContext: - outputs: - - output: pipelineArtifact - targetPath: $(Build.ArtifactStagingDirectory) - artifactName: buildImageBasesJobArtifact - # Define the steps that the pipeline will run. - # In most cases, copy and paste the steps from the original pipeline. - steps: - - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - - task: ShellScript@2 - displayName: Build images - inputs: - scriptPath: ${{ parameters.scriptPath }} - args: ${{ parameters.imageDir }} ${{ parameters.imageDebianFlavor }} - env: - ORYX_SDK_STORAGE_ACCOUNT_ACCESS_TOKEN: $(ORYX-SDK-STAGING-PRIVATE-SAS-TOKEN) - DOTNET_PRIVATE_STORAGE_ACCOUNT_ACCESS_TOKEN: $(DotnetPrivateStorageAccountAccessToken) - - - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: Generate Software Bill of Materials (SBOM) - inputs: - BuildDropPath: '$(Build.ArtifactStagingDirectory)' - AdditionalComponentDetectorArgs: '--DirectoryExclusionList **/SampleApps/**' - - - task: CopyFiles@2 - displayName: Copy artifacts to staging directory - inputs: - sourceFolder: '$(Build.SourcesDirectory)/artifacts' - contents: '**/*.*' - targetFolder: $(Build.ArtifactStagingDirectory) - overWrite: true - condition: true - - - task: Docker@1 - displayName: Push built base images to dev ACR - inputs: - command: push - azureSubscriptionEndpoint: $(ascName) - azureContainerRegistry: $(acrName) - pushMultipleImages: true - imageNamesPath: '$(Build.ArtifactStagingDirectory)/images/${{ parameters.artifactsFileName }}' - enforceDockerNamingConvention: false - - - task: ShellScript@2 - displayName: 'Clean up Docker containers and images' - inputs: - scriptPath: ./vsts/scripts/cleanDocker.sh - - - task: PublishBuildArtifacts@1 - displayName: Publish build artifacts - inputs: - pathtoPublish: $(Build.ArtifactStagingDirectory) - - - task: ShellScript@2 - displayName: 'Clean up Docker containers and images' - inputs: - scriptPath: ./vsts/scripts/cleanDocker.sh - condition: true \ No newline at end of file +jobs: +- job: ${{ parameters.jobName }} + displayName: ${{ parameters.displayName }} + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - task: ShellScript@2 + displayName: Build images + inputs: + scriptPath: ${{ parameters.scriptPath }} + args: ${{ parameters.imageDir }} ${{ parameters.imageDebianFlavor }} + env: + ORYX_SDK_STORAGE_ACCOUNT_ACCESS_TOKEN: $(ORYX-SDK-STAGING-PRIVATE-SAS-TOKEN) + DOTNET_PRIVATE_STORAGE_ACCOUNT_ACCESS_TOKEN: $(DotnetPrivateStorageAccountAccessToken) + - task: CopyFiles@2 + displayName: Copy artifacts to staging directory + inputs: + sourceFolder: '$(Build.SourcesDirectory)/artifacts' + contents: '**/*.*' + targetFolder: $(Build.ArtifactStagingDirectory) + overWrite: true + condition: true + - task: 1ES.PushContainerImage@1 + displayName: Push built base images to dev ACR + inputs: + image: '$(Build.ArtifactStagingDirectory)/images/${{ parameters.artifactsFileName }}' + remoteImage: $(acrname)/$(Build.ArtifactStagingDirectory)/images/${{ parameters.artifactsFileName }} + - task: ShellScript@2 + displayName: 'Clean up Docker containers and images' + inputs: + scriptPath: ./vsts/scripts/cleanDocker.sh + - task: ShellScript@2 + displayName: 'Clean up Docker containers and images' + inputs: + scriptPath: ./vsts/scripts/cleanDocker.sh + condition: true \ No newline at end of file diff --git a/vsts/pipelines/templates/_integrationJobTemplate.yml b/vsts/pipelines/templates/_integrationJobTemplate.yml index f27e8d9dad..07ff95bfe5 100644 --- a/vsts/pipelines/templates/_integrationJobTemplate.yml +++ b/vsts/pipelines/templates/_integrationJobTemplate.yml @@ -1,30 +1,20 @@ parameters: - - name: storageAccountUrl - type: string - default: https://oryxsdksstaging.blob.core.windows.net - +- name: storageAccountUrl + type: string + default: https://oryxsdksstaging.blob.core.windows.net jobs: -# Python integration tests -- template: integrationTests/_pythonIntegrationJobTemplate.yml +- template: /vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml@self parameters: storageAccountUrl: ${{ parameters.storageAccountUrl }} - -# DotNetCore integration tests -- template: integrationTests/_dotnetcoreIntegrationJobTemplate.yml +- template: /vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml@self parameters: storageAccountUrl: ${{ parameters.storageAccountUrl }} - -# NodeJS integration tests -- template: integrationTests/_nodeIntegrationJobTemplate.yml +- template: /vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml@self parameters: storageAccountUrl: ${{ parameters.storageAccountUrl }} - -# Golang integration tests -- template: integrationTests/_golangIntegrationJobTemplate.yml +- template: /vsts/pipelines/templates/integrationTests/_golangIntegrationJobTemplate.yml@self parameters: storageAccountUrl: ${{ parameters.storageAccountUrl }} - -# PHP integration tests -- template: integrationTests/_phpIntegrationJobTemplate.yml +- template: /vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml@self parameters: storageAccountUrl: ${{ parameters.storageAccountUrl }} \ No newline at end of file diff --git a/vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml b/vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml index 0e5110ca06..af1163ed03 100644 --- a/vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml +++ b/vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml @@ -4,64 +4,49 @@ parameters: acrProdName: oryxmcr acrPmeProdName: oryxprodmcr acrPmeProdSrvConnection: Oryx-PME-ACR-Production - baseImageName: '' # defaults + baseImageName: '' baseImageRepository: public/oryx/base - steps: - checkout: self clean: true - -- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - task: Docker@1 displayName: Container registry login inputs: command: login azureSubscriptionEndpoint: ${{ parameters.ascName }} azureContainerRegistry: ${{ parameters.acrDevName }}.azurecr.io - - task: DownloadBuildArtifacts@0 displayName: 'Download Artifacts for release' inputs: artifactName: drop - - task: CopyFiles@2 displayName: 'Copy Files to: $(Build.ArtifactStagingDirectory)' inputs: SourceFolder: '$(System.ArtifactsDirectory)' TargetFolder: '$(Build.ArtifactStagingDirectory)' - - task: Shellpp@0 displayName: 'Pull and create release tags for PME staging ACR' inputs: type: FilePath scriptPath: ./vsts/scripts/tagBaseImagesForRelease.sh args: '${{ parameters.baseImageName }} ${{ parameters.acrPmeProdName }}' - - task: Docker@2 displayName: Login to production PME ACR inputs: command: login containerRegistry: ${{ parameters.acrPmeProdSrvConnection }} - -- script: echo base image is ${{ parameters.baseImageName }} and repository is ${{ parameters.baseImageRepository }} - +- script: echo base image is ${{ parameters.baseImageName }} and repository is ${{ parameters.baseImageRepository }} - task: Shellpp@0 displayName: 'Push images to PME staging ACR' inputs: type: FilePath scriptPath: ./vsts/scripts/pushBaseImagesToRegistry.sh args: '$(Build.ArtifactStagingDirectory)/drop/images/${{ parameters.baseImageName }}/${{ parameters.acrPmeProdName }}' - - task: Docker@2 displayName: Logout from PME ACR inputs: command: logout containerRegistry: ${{ parameters.acrPmeProdSrvConnection }} - - task: ShellScript@2 displayName: 'Clean up Docker containers and images' inputs: diff --git a/vsts/pipelines/templates/_releaseJobTemplate.yml b/vsts/pipelines/templates/_releaseJobTemplate.yml index 4064b0cd6e..39b0528908 100644 --- a/vsts/pipelines/templates/_releaseJobTemplate.yml +++ b/vsts/pipelines/templates/_releaseJobTemplate.yml @@ -4,7 +4,7 @@ jobs: pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: skipComponentGovernanceDetection: true timeoutInMinutes: 300 @@ -13,15 +13,13 @@ jobs: echo "##vso[task.setvariable variable=ReleaseBuildImages;]true" echo "##vso[task.setvariable variable=ReleaseRuntimeImages;]false" displayName: 'Set variables' - - - template: _releaseStepTemplate.yml - + - template: /vsts/pipelines/templates/_releaseStepTemplate.yml@self - job: Release_RuntimeImages displayName: Push Runtime Images to MCR pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: skipComponentGovernanceDetection: true timeoutInMinutes: 400 @@ -30,35 +28,25 @@ jobs: echo "##vso[task.setvariable variable=ReleaseBuildImages;]false" echo "##vso[task.setvariable variable=ReleaseRuntimeImages;]true" displayName: 'Set variables' - - - template: _releaseStepTemplate.yml - + - template: /vsts/pipelines/templates/_releaseStepTemplate.yml@self - job: Release_GitHub displayName: Create GitHub release - dependsOn: - - Release_BuildImages - - Release_RuntimeImages + dependsOn: + - Release_BuildImages + - Release_RuntimeImages pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: skipComponentGovernanceDetection: true - steps: - task: DownloadPipelineArtifact@2 displayName: 'Download Oryx binaries to publish to release' inputs: artifactName: 'signed_binaries' path: $(Build.SourcesDirectory)/artifacts - - - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - - template: _setReleaseTag.yml - + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self - task: GitHubRelease@0 displayName: 'GitHub release (create)' inputs: diff --git a/vsts/pipelines/templates/_releaseStepTemplate.yml b/vsts/pipelines/templates/_releaseStepTemplate.yml index 8cd0545dde..cc7f489f2e 100644 --- a/vsts/pipelines/templates/_releaseStepTemplate.yml +++ b/vsts/pipelines/templates/_releaseStepTemplate.yml @@ -5,14 +5,7 @@ parameters: acrPmeProdName: oryxprodmcr acrPmeProdSrvConnection: Oryx-PME-ACR-Production prodImageName: oryxmcr.azurecr.io/public/oryx - steps: - -- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - script: | if [ "$(ReleaseBuildImages)" != "true" ] && [ "$(ReleaseRuntimeImages)" != "true" ] then @@ -21,19 +14,17 @@ steps: exit 1 fi displayName: 'Validate release pipeline run' - - script: | docker -v - echo "Installing Docker CE version 24.0.5................" + echo "Installing Docker CE version 24.0.5." curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt update sudo apt-get install docker-ce=5:24.0.5~3-0~ubuntu-focal docker-ce-cli=5:24.0.5~3-0~ubuntu-focal containerd.io - echo "After installing ................" + echo "After installing ." docker -v displayName: 'Install Docker 24.0.5' condition: true - - script: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc @@ -41,104 +32,83 @@ steps: sudo rm -rf "$AGENT_TOOLSDIRECTORY" docker images && docker system prune -fa && docker images && echo displayName: 'clean docker images' - - script: | - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg - echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null - sudo apt update - sudo apt-get install docker-ce=5:24.0.5~3-0~ubuntu-focal docker-ce-cli=5:24.0.5~3-0~ubuntu-focal containerd.io - docker -v + curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg + echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + sudo apt update + sudo apt-get install docker-ce=5:24.0.5~3-0~ubuntu-focal docker-ce-cli=5:24.0.5~3-0~ubuntu-focal containerd.io + docker -v displayName: 'Install Docker 24.0.5' - - checkout: self clean: true - - task: Docker@1 displayName: Container registry login inputs: command: login azureSubscriptionEndpoint: ${{ parameters.ascName }} azureContainerRegistry: ${{ parameters.acrDevName }} - - task: DownloadBuildArtifacts@0 displayName: 'Download Artifacts for release' inputs: artifactName: drop - - task: CopyFiles@2 displayName: 'Copy Files to: $(Build.ArtifactStagingDirectory)' inputs: SourceFolder: '$(System.ArtifactsDirectory)' TargetFolder: '$(Build.ArtifactStagingDirectory)' - -- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - -- template: _setReleaseTag.yml - +- template: /vsts/pipelines/templates/_setReleaseTag.yml@self - task: Shellpp@0 displayName: 'Pull and create release tags for build images' inputs: type: FilePath scriptPath: ./vsts/scripts/tagBuildImagesForRelease.sh - args: + args: '' condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) - - task: Shellpp@0 displayName: 'Pull and create release tags for runtime images' inputs: type: FilePath scriptPath: ./vsts/scripts/tagRunTimeImagesForRelease.sh condition: and(succeeded(), eq(variables['ReleaseRuntimeImages'], 'true')) - - task: Shellpp@0 displayName: 'Pull and create release tags for buildpack images' inputs: type: FilePath scriptPath: ./vsts/scripts/tagBuildpacksImagesForRelease.sh condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) - - task: Shellpp@0 displayName: 'Pull and create release tags for CLI images' inputs: type: FilePath scriptPath: ./vsts/scripts/tagCliImagesForRelease.sh condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) - - task: Shellpp@0 displayName: 'Pull and create release tags for Builder images' inputs: type: FilePath scriptPath: ./vsts/scripts/tagBuilderImagesForRelease.sh condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) - - task: UseDotNet@2 displayName: 'Use .NET Core sdk 7.x' inputs: version: 7.0.306 - - task: ShellScript@2 displayName: 'Test runtime images for pme staging registry' inputs: scriptPath: ./build/testRunTimeImages.sh args: skipBuildingImages ${{ parameters.acrPmeProdName }}.azurecr.io/public/oryx $(RELEASE_TAG_NAME) Category=Release condition: and(succeeded(), eq(variables['ReleaseRuntimeImages'], 'true')) - - task: Docker@1 displayName: Dev Container registry logout inputs: command: logout azureSubscriptionEndpoint: ${{ parameters.ascName }} azureContainerRegistry: ${{ parameters.acrDevName }} - - task: Docker@2 displayName: Login to PME ACR - inputs: + inputs: command: login containerRegistry: ${{ parameters.acrPmeProdSrvConnection }} - - task: Shellpp@0 displayName: 'Push build images to PME staging ACR' inputs: @@ -146,7 +116,6 @@ steps: scriptPath: ./vsts/scripts/pushImagesToRegistry.sh args: '$(Build.ArtifactStagingDirectory)/drop/images/${{ parameters.acrPmeProdName }}-build-images-mcr.txt' condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) - - task: Shellpp@0 displayName: 'Push build-pack images to PME staging ACR' inputs: @@ -154,7 +123,6 @@ steps: scriptPath: ./vsts/scripts/pushImagesToRegistry.sh args: '$(Build.ArtifactStagingDirectory)/drop/images/${{ parameters.acrPmeProdName }}-buildpack-images-mcr.txt' condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) - - task: Shellpp@0 displayName: 'Push CLI image to PME staging ACR' inputs: @@ -162,7 +130,6 @@ steps: scriptPath: ./vsts/scripts/pushImagesToRegistry.sh args: '$(Build.ArtifactStagingDirectory)/drop/images/${{ parameters.acrPmeProdName }}-cli-images-mcr.txt' condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) - - task: Shellpp@0 displayName: 'Push builder images to PME staging ACR' inputs: @@ -170,7 +137,6 @@ steps: scriptPath: ./vsts/scripts/pushImagesToRegistry.sh args: '$(Build.ArtifactStagingDirectory)/drop/images/${{ parameters.acrPmeProdName }}-builder-images-mcr.txt' condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) - - task: Shellpp@0 displayName: 'Push runtime images to PME staging ACR' inputs: @@ -178,13 +144,11 @@ steps: scriptPath: ./vsts/scripts/pushImagesToRegistry.sh args: '$(Build.ArtifactStagingDirectory)/drop/images/${{ parameters.acrPmeProdName }}-runtime-images-mcr.txt' condition: and(succeeded(), eq(variables['ReleaseRuntimeImages'], 'true')) - - task: Docker@2 displayName: Logout from PME ACR - inputs: + inputs: command: logout containerRegistry: '${{ parameters.acrPmeProdSrvConnection }}' - - task: ShellScript@2 displayName: 'Clean up Docker containers and images' inputs: diff --git a/vsts/pipelines/templates/_securityChecks.yml b/vsts/pipelines/templates/_securityChecks.yml index e5ab02583a..1f9d7e63d9 100644 --- a/vsts/pipelines/templates/_securityChecks.yml +++ b/vsts/pipelines/templates/_securityChecks.yml @@ -1,38 +1,21 @@ steps: - checkout: self clean: true - -- task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@1 - displayName: 'Run PoliCheck' - inputs: - targetType: F - condition: always() - -- task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2 - displayName: 'Run CredScan' - inputs: - debugMode: false - condition: always() - - task: NuGetToolInstaller@1 inputs: versionSpec: 5.8.x - - task: UseDotNet@2 displayName: 'Use .NET Core sdk 7.x' inputs: version: 7.0.306 - - script: | dotnet --version && dotnet msbuild -version && echo displayName: 'Print dotnet and msbuild version' - - task: NuGetCommand@2 displayName: 'Run "nuget restore" on Oryx solution' inputs: command: 'restore' restoreSolution: '$(Build.SourcesDirectory)\Oryx.sln' - - task: VSBuild@1 displayName: 'Build the Oryx solution' inputs: @@ -40,37 +23,11 @@ steps: configuration: 'debug' createLogFile: true logFileVerbosity: diagnostic - - task: PowerShell@2 displayName: 'Wait 30 seconds after building solution' inputs: targetType: 'inline' script: 'Start-Sleep -Seconds 30' - -- task: securedevelopmentteam.vss-secure-development-tools.build-task-roslynanalyzers.RoslynAnalyzers@2 - displayName: 'Run Roslyn Analyzers' - condition: always() - -- task: securedevelopmentteam.vss-secure-development-tools.build-task-binskim.BinSkim@3 - displayName: 'Run BinSkim ' - inputs: - arguments: 'analyze Microsoft.Oryx*.dll --recurse --output $(Build.BinariesDirectory)\binskim.sarif --verbose' - condition: always() - -- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - -- task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@1 - displayName: 'Post Analysis' - inputs: - BinSkim: true - CredScan: true - PoliCheck: true - RoslynAnalyzers: true - continueOnError: false - - task: AntiMalware@3 displayName: 'Run Antimalware Scan' inputs: diff --git a/vsts/pipelines/templates/_setReleaseTag.yml b/vsts/pipelines/templates/_setReleaseTag.yml index e08e805b14..91b71548c2 100644 --- a/vsts/pipelines/templates/_setReleaseTag.yml +++ b/vsts/pipelines/templates/_setReleaseTag.yml @@ -4,7 +4,6 @@ steps: inputs: targetPath: $(Build.SourcesDirectory)/artifacts/releaseTag artifactName: 'releaseTag' - - script: | set -e file="$(Build.SourcesDirectory)/artifacts/releaseTag/releaseTag.txt" diff --git a/vsts/pipelines/templates/_signBinary.yml b/vsts/pipelines/templates/_signBinary.yml index bd27bef72e..f9d054900d 100644 --- a/vsts/pipelines/templates/_signBinary.yml +++ b/vsts/pipelines/templates/_signBinary.yml @@ -1,41 +1,25 @@ steps: -- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - powershell: | - Write-Host "##vso[task.setvariable variable=SignType;isOutput=true]real" + Write-Host "##vso[task.setvariable variable=SignType;isOutput=true]real" name: setSignTypeVariable displayName: 'Set sign binary variable' condition: > - and(in(variables['Build.Reason'], 'Schedule', 'Manual'), eq(variables['Build.DefinitionName'], 'Oryx-CI'), - or( - startsWith(variables['Build.SourceBranch'], 'refs/heads/main'), - startsWith(variables['Build.SourceBranch'], 'refs/heads/patch/'), - startsWith(variables['Build.SourceBranch'],'refs/heads/exp/' ))) - + and(in(variables['Build.Reason'], 'Schedule', 'Manual'), eq(variables['Build.DefinitionName'], 'Oryx-CI'), or( + startsWith(variables['Build.SourceBranch'], 'refs/heads/main'), + startsWith(variables['Build.SourceBranch'], 'refs/heads/patch/'), + startsWith(variables['Build.SourceBranch'],'refs/heads/exp/' ))) - script: | echo $(setSignTypeVariable.SignType) name: SignType - - task: NuGetToolInstaller@0 displayName: 'Use NuGet 4.6.2' inputs: versionSpec: 4.6.2 condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - -- task: ms-vseng.MicroBuildTasks.30666190-6959-11e5-9f96-f56098202fef.MicroBuildSigningPlugin@1 - displayName: 'Install Signing Plugin' - inputs: - signType: '$(setSignTypeVariable.SignType)' - condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - - task: UseDotNet@2 displayName: 'Use .NET Core sdk 7.x' inputs: version: 7.0.306 - - powershell: | Write-Host "Setting up git_commit and build_number as env variable" $env:GIT_COMMIT=$(git rev-parse HEAD) @@ -44,7 +28,6 @@ steps: dotnet publish -r linux-x64 -c Release src\BuildServer\BuildServer.csproj displayName: 'dotnet publish and after setting git_commit and build_number as env variable' condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - - task: VSBuild@1 displayName: 'Sign Oryx Binaries' inputs: @@ -52,7 +35,6 @@ steps: msbuildArgs: '/t:SignFiles /p:RuntimeIdentifier=linux-x64 /p:MicroBuild_SigningEnabled=true' configuration: '$(BuildConfiguration)' condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - - task: VSBuild@1 displayName: 'Sign Oryx Build Server Binaries' inputs: @@ -60,7 +42,6 @@ steps: msbuildArgs: '/t:SignFiles /p:RuntimeIdentifier=linux-x64 /p:MicroBuild_SigningEnabled=true' configuration: '$(BuildConfiguration)' condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - - task: ArchiveFiles@2 displayName: 'Create compressed file of Oryx binaries' inputs: @@ -72,7 +53,6 @@ steps: replaceExistingArchive: true verbose: true condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - - task: ArchiveFiles@2 displayName: 'Create compressed file of Oryx Build Server binaries' inputs: @@ -84,7 +64,6 @@ steps: replaceExistingArchive: true verbose: true condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - - task: CopyFiles@2 displayName: 'Copy Files to: $(Build.ArtifactStagingDirectory)/binaries' inputs: @@ -93,7 +72,6 @@ steps: TargetFolder: '$(Build.ArtifactStagingDirectory)/binaries' CleanTargetFolder: true condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - - task: CopyFiles@2 displayName: 'Copy BuildServer Files to: $(Build.ArtifactStagingDirectory)/binaries' inputs: @@ -101,11 +79,4 @@ steps: Contents: '**\*' TargetFolder: '$(Build.ArtifactStagingDirectory)/binaries' CleanTargetFolder: false - condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) - -- task: PublishPipelineArtifact@0 - displayName: 'Publish Pipeline Artifact' - inputs: - artifactName: 'signed_binaries' - targetPath: '$(Build.ArtifactStagingDirectory)' condition: and(succeeded(), eq(variables['setSignTypeVariable.SignType'], 'real')) \ No newline at end of file diff --git a/vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml index 8ebf62a5f1..d0e64f1128 100644 --- a/vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml @@ -1,36 +1,35 @@ parameters: - - name: storageAccountUrl - type: string - default: https://oryxsdksstaging.blob.core.windows.net - - name: testMappings - type: object - default: - - category: '3.0' - buildTag: 'debian-stretch' - - category: '3.1' - buildTag: 'debian-stretch' - - category: '3.1' - buildTag: 'github-actions-debian-stretch' - - category: '5.0' - buildTag: 'debian-stretch' - - category: '5.0' - buildTag: 'github-actions-debian-stretch' - - category: '6.0' - buildTag: 'debian-stretch' - - category: '6.0' - buildTag: 'github-actions-debian-stretch' - - category: '7.0' - buildTag: 'github-actions-debian-buster' - - category: '8.0' - buildTag: 'github-actions-debian-bookworm' - - category: 'dynamic' - buildTag: 'debian-stretch' - - category: 'dynamic' - buildTag: 'github-actions-debian-stretch' - +- name: storageAccountUrl + type: string + default: https://oryxsdksstaging.blob.core.windows.net +- name: testMappings + type: object + default: + - category: '3.0' + buildTag: 'debian-stretch' + - category: '3.1' + buildTag: 'debian-stretch' + - category: '3.1' + buildTag: 'github-actions-debian-stretch' + - category: '5.0' + buildTag: 'debian-stretch' + - category: '5.0' + buildTag: 'github-actions-debian-stretch' + - category: '6.0' + buildTag: 'debian-stretch' + - category: '6.0' + buildTag: 'github-actions-debian-stretch' + - category: '7.0' + buildTag: 'github-actions-debian-buster' + - category: '8.0' + buildTag: 'github-actions-debian-bookworm' + - category: 'dynamic' + buildTag: 'debian-stretch' + - category: 'dynamic' + buildTag: 'github-actions-debian-stretch' jobs: - ${{ each mapping in parameters.testMappings }}: - - job: + - job: '' displayName: 'Run .NET Core ${{ mapping.category }} Integration Tests using build image tag ${{ mapping.buildTag }}' dependsOn: - Job_BuildImage_Latest @@ -41,22 +40,27 @@ jobs: pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: skipComponentGovernanceDetection: true timeoutInMinutes: 300 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish Artifact: drop' + condition: true steps: - - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]false" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestBuildImages;]false" - echo "##vso[task.setvariable variable=TestRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=dotnetcore-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" - echo "##vso[task.setvariable variable=TestIntegration;]true" - echo "##vso[task.setvariable variable=PushBuildImages;]false" - echo "##vso[task.setvariable variable=PushRuntimeImages;]false" - echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" - echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - displayName: 'Set variables' - - template: ../_setReleaseTag.yml - - template: ../_buildTemplate.yml \ No newline at end of file + - script: | + echo "##vso[task.setvariable variable=BuildBuildImages;]false" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestBuildImages;]false" + echo "##vso[task.setvariable variable=TestRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=dotnetcore-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" + echo "##vso[task.setvariable variable=TestIntegration;]true" + echo "##vso[task.setvariable variable=PushBuildImages;]false" + echo "##vso[task.setvariable variable=PushRuntimeImages;]false" + echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" + echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" + displayName: 'Set variables' + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self \ No newline at end of file diff --git a/vsts/pipelines/templates/integrationTests/_golangIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_golangIntegrationJobTemplate.yml index 2c620f7126..ad0487c996 100644 --- a/vsts/pipelines/templates/integrationTests/_golangIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_golangIntegrationJobTemplate.yml @@ -1,26 +1,25 @@ parameters: - - name: storageAccountUrl - type: string - default: https://oryxsdksstaging.blob.core.windows.net - - name: testMappings - type: object - default: - - category: '1.17' - buildTag: 'full-debian-buster' - - category: '1.17' - buildTag: 'full-debian-bullseye' - - category: '1.18' - buildTag: 'full-debian-buster' - - category: '1.18' - buildTag: 'full-debian-bullseye' - - category: '1.19' - buildTag: 'full-debian-buster' - - category: '1.19' - buildTag: 'full-debian-bullseye' - +- name: storageAccountUrl + type: string + default: https://oryxsdksstaging.blob.core.windows.net +- name: testMappings + type: object + default: + - category: '1.17' + buildTag: 'full-debian-buster' + - category: '1.17' + buildTag: 'full-debian-bullseye' + - category: '1.18' + buildTag: 'full-debian-buster' + - category: '1.18' + buildTag: 'full-debian-bullseye' + - category: '1.19' + buildTag: 'full-debian-buster' + - category: '1.19' + buildTag: 'full-debian-bullseye' jobs: - ${{ each mapping in parameters.testMappings }}: - - job: + - job: '' displayName: 'Run Golang ${{ mapping.category }} Integration Tests using build image tag ${{ mapping.buildTag }}' dependsOn: - Job_BuildImage_Full @@ -30,22 +29,27 @@ jobs: pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: skipComponentGovernanceDetection: true timeoutInMinutes: 300 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish Artifact: drop' + condition: true steps: - - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]false" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestBuildImages;]false" - echo "##vso[task.setvariable variable=TestRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=golang-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" - echo "##vso[task.setvariable variable=TestIntegration;]true" - echo "##vso[task.setvariable variable=PushBuildImages;]false" - echo "##vso[task.setvariable variable=PushRuntimeImages;]false" - echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" - echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - displayName: 'Set variables' - - template: ../_setReleaseTag.yml - - template: ../_buildTemplate.yml \ No newline at end of file + - script: | + echo "##vso[task.setvariable variable=BuildBuildImages;]false" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestBuildImages;]false" + echo "##vso[task.setvariable variable=TestRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=golang-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" + echo "##vso[task.setvariable variable=TestIntegration;]true" + echo "##vso[task.setvariable variable=PushBuildImages;]false" + echo "##vso[task.setvariable variable=PushRuntimeImages;]false" + echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" + echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" + displayName: 'Set variables' + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self \ No newline at end of file diff --git a/vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml index b69b6af5e2..85fe0d9e69 100644 --- a/vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml @@ -1,34 +1,33 @@ parameters: - - name: storageAccountUrl - type: string - default: https://oryxsdksstaging.blob.core.windows.net - - name: testMappings - type: object - default: - - category: '14-stretch-1' - buildTag: 'debian-stretch' - - category: '14-stretch-2' - buildTag: 'debian-stretch' - - category: '14-stretch-3' - buildTag: 'debian-stretch' - - category: '14-stretch-4' - buildTag: 'debian-stretch' - - category: '14-gh-buster' - buildTag: 'github-actions-debian-buster' - - category: '16' - buildTag: 'debian-stretch' - - category: '16-nuxt' - buildTag: 'debian-stretch' - - category: '18' - buildTag: 'github-actions-debian-bullseye' - - category: '20' - buildTag: 'github-actions-debian-bookworm' - - category: '20-bullseye' - buildTag: 'github-actions-debian-bullseye' - +- name: storageAccountUrl + type: string + default: https://oryxsdksstaging.blob.core.windows.net +- name: testMappings + type: object + default: + - category: '14-stretch-1' + buildTag: 'debian-stretch' + - category: '14-stretch-2' + buildTag: 'debian-stretch' + - category: '14-stretch-3' + buildTag: 'debian-stretch' + - category: '14-stretch-4' + buildTag: 'debian-stretch' + - category: '14-gh-buster' + buildTag: 'github-actions-debian-buster' + - category: '16' + buildTag: 'debian-stretch' + - category: '16-nuxt' + buildTag: 'debian-stretch' + - category: '18' + buildTag: 'github-actions-debian-bullseye' + - category: '20' + buildTag: 'github-actions-debian-bookworm' + - category: '20-bullseye' + buildTag: 'github-actions-debian-bullseye' jobs: - ${{ each mapping in parameters.testMappings }}: - - job: + - job: '' displayName: 'Run Node ${{ mapping.category }} Integration Tests using build image tag ${{ mapping.buildTag }}' dependsOn: - Job_BuildImage_Latest @@ -39,22 +38,27 @@ jobs: pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: skipComponentGovernanceDetection: true timeoutInMinutes: 300 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish Artifact: drop' + condition: true steps: - - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]false" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestBuildImages;]false" - echo "##vso[task.setvariable variable=TestRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=node-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" - echo "##vso[task.setvariable variable=TestIntegration;]true" - echo "##vso[task.setvariable variable=PushBuildImages;]false" - echo "##vso[task.setvariable variable=PushRuntimeImages;]false" - echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" - echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - displayName: 'Set variables' - - template: ../_setReleaseTag.yml - - template: ../_buildTemplate.yml \ No newline at end of file + - script: | + echo "##vso[task.setvariable variable=BuildBuildImages;]false" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestBuildImages;]false" + echo "##vso[task.setvariable variable=TestRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=node-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" + echo "##vso[task.setvariable variable=TestIntegration;]true" + echo "##vso[task.setvariable variable=PushBuildImages;]false" + echo "##vso[task.setvariable variable=PushRuntimeImages;]false" + echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" + echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" + displayName: 'Set variables' + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self \ No newline at end of file diff --git a/vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml index 8289a9eda8..da02f7f986 100644 --- a/vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml @@ -1,30 +1,29 @@ parameters: - - name: storageAccountUrl - type: string - default: https://oryxsdksstaging.blob.core.windows.net - - name: testMappings - type: object - default: - - category: '7.4' - buildTag: 'debian-stretch' - - category: '7.4' - buildTag: 'github-actions-debian-buster' - - category: '8.0' - buildTag: 'debian-stretch' - - category: '8.0' - buildTag: 'github-actions-debian-buster' - - category: '8.1' - buildTag: 'debian-stretch' - - category: '8.1' - buildTag: 'github-actions-debian-buster' - - category: '8.2' - buildTag: 'debian-stretch' - - category: '8.2' - buildTag: 'github-actions-debian-buster' - +- name: storageAccountUrl + type: string + default: https://oryxsdksstaging.blob.core.windows.net +- name: testMappings + type: object + default: + - category: '7.4' + buildTag: 'debian-stretch' + - category: '7.4' + buildTag: 'github-actions-debian-buster' + - category: '8.0' + buildTag: 'debian-stretch' + - category: '8.0' + buildTag: 'github-actions-debian-buster' + - category: '8.1' + buildTag: 'debian-stretch' + - category: '8.1' + buildTag: 'github-actions-debian-buster' + - category: '8.2' + buildTag: 'debian-stretch' + - category: '8.2' + buildTag: 'github-actions-debian-buster' jobs: - ${{ each mapping in parameters.testMappings }}: - - job: + - job: '' displayName: 'Run PHP ${{ mapping.category }} Integration Tests using build image tag ${{ mapping.buildTag }}' dependsOn: - Job_BuildImage_Latest @@ -35,22 +34,27 @@ jobs: pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: skipComponentGovernanceDetection: true timeoutInMinutes: 300 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish Artifact: drop' + condition: true steps: - - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]false" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestBuildImages;]false" - echo "##vso[task.setvariable variable=TestRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=php-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" - echo "##vso[task.setvariable variable=TestIntegration;]true" - echo "##vso[task.setvariable variable=PushBuildImages;]false" - echo "##vso[task.setvariable variable=PushRuntimeImages;]false" - echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" - echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - displayName: 'Set variables' - - template: ../_setReleaseTag.yml - - template: ../_buildTemplate.yml \ No newline at end of file + - script: | + echo "##vso[task.setvariable variable=BuildBuildImages;]false" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestBuildImages;]false" + echo "##vso[task.setvariable variable=TestRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=php-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" + echo "##vso[task.setvariable variable=TestIntegration;]true" + echo "##vso[task.setvariable variable=PushBuildImages;]false" + echo "##vso[task.setvariable variable=PushRuntimeImages;]false" + echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" + echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" + displayName: 'Set variables' + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self \ No newline at end of file diff --git a/vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml index 19a76fc930..31854b7680 100644 --- a/vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml @@ -1,36 +1,35 @@ parameters: - - name: storageAccountUrl - type: string - default: https://oryxsdksstaging.blob.core.windows.net - - name: testMappings - type: object - default: - - category: '3.7' - buildTag: 'debian-stretch' - - category: '3.7' - buildTag: 'github-actions-debian-bullseye' - - category: '3.8' - buildTag: 'debian-stretch' - - category: '3.8' - buildTag: 'github-actions-debian-bullseye' - - category: '3.9' - buildTag: 'debian-stretch' - - category: '3.9' - buildTag: 'github-actions-debian-buster' - - category: '3.10' - buildTag: 'github-actions-debian-bullseye' - - category: '3.11' - buildTag: 'github-actions-debian-bullseye' - - category: '3.11' - buildTag: 'github-actions-debian-bookworm' - - category: '3.12' - buildTag: 'github-actions-debian-bullseye' - - category: '3.12' - buildTag: 'github-actions-debian-bookworm' - +- name: storageAccountUrl + type: string + default: https://oryxsdksstaging.blob.core.windows.net +- name: testMappings + type: object + default: + - category: '3.7' + buildTag: 'debian-stretch' + - category: '3.7' + buildTag: 'github-actions-debian-bullseye' + - category: '3.8' + buildTag: 'debian-stretch' + - category: '3.8' + buildTag: 'github-actions-debian-bullseye' + - category: '3.9' + buildTag: 'debian-stretch' + - category: '3.9' + buildTag: 'github-actions-debian-buster' + - category: '3.10' + buildTag: 'github-actions-debian-bullseye' + - category: '3.11' + buildTag: 'github-actions-debian-bullseye' + - category: '3.11' + buildTag: 'github-actions-debian-bookworm' + - category: '3.12' + buildTag: 'github-actions-debian-bullseye' + - category: '3.12' + buildTag: 'github-actions-debian-bookworm' jobs: - ${{ each mapping in parameters.testMappings }}: - - job: + - job: '' displayName: 'Run Python ${{ mapping.category }} Integration Tests using build image tag ${{ mapping.buildTag }}' dependsOn: - Job_BuildImage_Latest @@ -41,22 +40,27 @@ jobs: pool: name: AzurePipelines-EO demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant + - ImageOverride -equals AzurePipelinesUbuntu20.04compliant variables: skipComponentGovernanceDetection: true timeoutInMinutes: 300 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish Artifact: drop' + condition: true steps: - - script: | - echo "##vso[task.setvariable variable=BuildBuildImages;]false" - echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestBuildImages;]false" - echo "##vso[task.setvariable variable=TestRuntimeImages;]false" - echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=python-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" - echo "##vso[task.setvariable variable=TestIntegration;]true" - echo "##vso[task.setvariable variable=PushBuildImages;]false" - echo "##vso[task.setvariable variable=PushRuntimeImages;]false" - echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" - echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" - displayName: 'Set variables' - - template: ../_setReleaseTag.yml - - template: ../_buildTemplate.yml \ No newline at end of file + - script: | + echo "##vso[task.setvariable variable=BuildBuildImages;]false" + echo "##vso[task.setvariable variable=BuildRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestBuildImages;]false" + echo "##vso[task.setvariable variable=TestRuntimeImages;]false" + echo "##vso[task.setvariable variable=TestIntegrationCaseFilter;]category=python-${{ mapping.category }}&build-image=${{ mapping.buildTag }}" + echo "##vso[task.setvariable variable=TestIntegration;]true" + echo "##vso[task.setvariable variable=PushBuildImages;]false" + echo "##vso[task.setvariable variable=PushRuntimeImages;]false" + echo "##vso[task.setvariable variable=EmbedBuildContextInImages;]false" + echo "##vso[task.setvariable variable=storageAccountUrl;]${{ parameters.storageAccountUrl }}" + displayName: 'Set variables' + - template: /vsts/pipelines/templates/_setReleaseTag.yml@self + - template: /vsts/pipelines/templates/_buildTemplate.yml@self \ No newline at end of file From dd5aee03e162344f0988371d88b5f9e73fd9d131 Mon Sep 17 00:00:00 2001 From: Dan Vouaux Date: Thu, 21 Mar 2024 22:40:47 -0700 Subject: [PATCH 4/8] Remove empty pipelineArtifact --- vsts/pipelines/ci.yml | 20 ------------------- .../_dotnetcoreIntegrationJobTemplate.yml | 5 ----- .../_golangIntegrationJobTemplate.yml | 5 ----- .../_nodeIntegrationJobTemplate.yml | 5 ----- .../_phpIntegrationJobTemplate.yml | 5 ----- .../_pythonIntegrationJobTemplate.yml | 5 ----- 6 files changed, 45 deletions(-) diff --git a/vsts/pipelines/ci.yml b/vsts/pipelines/ci.yml index 8971135162..e38196b52c 100644 --- a/vsts/pipelines/ci.yml +++ b/vsts/pipelines/ci.yml @@ -144,11 +144,6 @@ extends: variables: SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] skipComponentGovernanceDetection: true - templateContext: - outputs: - - output: pipelineArtifact - displayName: 'Publish Artifact: drop' - condition: true steps: - script: | echo "##vso[task.setvariable variable=BuildBuildImages;]true" @@ -189,11 +184,6 @@ extends: variables: SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] skipComponentGovernanceDetection: true - templateContext: - outputs: - - output: pipelineArtifact - displayName: 'Publish Artifact: drop' - condition: true steps: - script: | echo "##vso[task.setvariable variable=BuildBuildImages;]false" @@ -221,11 +211,6 @@ extends: variables: SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] skipComponentGovernanceDetection: true - templateContext: - outputs: - - output: pipelineArtifact - displayName: 'Publish Artifact: drop' - condition: true steps: - script: | echo "##vso[task.setvariable variable=BuildBuildImages;]false" @@ -253,11 +238,6 @@ extends: variables: SignType: $[ dependencies.Job_SignBinaries.outputs['setSignTypeVariable.SignType'] ] skipComponentGovernanceDetection: true - templateContext: - outputs: - - output: pipelineArtifact - displayName: 'Publish Artifact: drop' - condition: true steps: - script: | echo "##vso[task.setvariable variable=BuildBuildImages;]false" diff --git a/vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml index d0e64f1128..bac8bae086 100644 --- a/vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml @@ -44,11 +44,6 @@ jobs: variables: skipComponentGovernanceDetection: true timeoutInMinutes: 300 - templateContext: - outputs: - - output: pipelineArtifact - displayName: 'Publish Artifact: drop' - condition: true steps: - script: | echo "##vso[task.setvariable variable=BuildBuildImages;]false" diff --git a/vsts/pipelines/templates/integrationTests/_golangIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_golangIntegrationJobTemplate.yml index ad0487c996..36443745c1 100644 --- a/vsts/pipelines/templates/integrationTests/_golangIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_golangIntegrationJobTemplate.yml @@ -33,11 +33,6 @@ jobs: variables: skipComponentGovernanceDetection: true timeoutInMinutes: 300 - templateContext: - outputs: - - output: pipelineArtifact - displayName: 'Publish Artifact: drop' - condition: true steps: - script: | echo "##vso[task.setvariable variable=BuildBuildImages;]false" diff --git a/vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml index 85fe0d9e69..b509dce703 100644 --- a/vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml @@ -42,11 +42,6 @@ jobs: variables: skipComponentGovernanceDetection: true timeoutInMinutes: 300 - templateContext: - outputs: - - output: pipelineArtifact - displayName: 'Publish Artifact: drop' - condition: true steps: - script: | echo "##vso[task.setvariable variable=BuildBuildImages;]false" diff --git a/vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml index da02f7f986..6595764357 100644 --- a/vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml @@ -38,11 +38,6 @@ jobs: variables: skipComponentGovernanceDetection: true timeoutInMinutes: 300 - templateContext: - outputs: - - output: pipelineArtifact - displayName: 'Publish Artifact: drop' - condition: true steps: - script: | echo "##vso[task.setvariable variable=BuildBuildImages;]false" diff --git a/vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml index 31854b7680..0c19a3ccec 100644 --- a/vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml @@ -44,11 +44,6 @@ jobs: variables: skipComponentGovernanceDetection: true timeoutInMinutes: 300 - templateContext: - outputs: - - output: pipelineArtifact - displayName: 'Publish Artifact: drop' - condition: true steps: - script: | echo "##vso[task.setvariable variable=BuildBuildImages;]false" From 0f12b535789d98af4b95b42323ddc218c4dfd41a Mon Sep 17 00:00:00 2001 From: Dan Vouaux Date: Thu, 21 Mar 2024 22:51:44 -0700 Subject: [PATCH 5/8] Convert Oryx-PlatformBinary-Php --- vsts/pipelines/PlatformBinaries/php.yml | 191 ++++++++++-------- .../_platformBinariesReleaseTemplate.yml | 11 - .../templates/_platformBinariesTemplate.yml | 23 +-- 3 files changed, 108 insertions(+), 117 deletions(-) diff --git a/vsts/pipelines/PlatformBinaries/php.yml b/vsts/pipelines/PlatformBinaries/php.yml index 290d45beec..b6d58465b9 100644 --- a/vsts/pipelines/PlatformBinaries/php.yml +++ b/vsts/pipelines/PlatformBinaries/php.yml @@ -1,95 +1,10 @@ variables: - - group: Oryx - +- group: Oryx parameters: - name: destinationStorageAccountName displayName: Destination Storage Account Name type: string default: oryxsdksstaging - -stages: -- stage: Build - jobs: - - job: Php_Bookworm_SDK - timeoutInMinutes: 1440 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'php' - debianFlavor: 'bookworm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Php_Bullseye_SDK - timeoutInMinutes: 1440 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'php' - debianFlavor: 'bullseye' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Php_Stretch_SDK - timeoutInMinutes: 1440 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'php' - debianFlavor: 'stretch' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Php_Buster_SDK - timeoutInMinutes: 1440 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'php' - debianFlavor: 'buster' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Php_Ubuntu_SDK - timeoutInMinutes: 1440 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'php' - debianFlavor: 'focal-scm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - -- stage: Release - dependsOn: Build - jobs: - - job: Publish_Platform_Binaries - timeoutInMinutes: 250 - displayName: Publish to Azure Blob Storage - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesReleaseTemplate.yml - parameters: - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - trigger: batch: true branches: @@ -100,4 +15,106 @@ trigger: - /* include: - platforms/php - - vsts/PlatformBinaries/php.yml \ No newline at end of file + - vsts/PlatformBinaries/php.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: Build + jobs: + - job: Php_Bookworm_SDK + timeoutInMinutes: 1440 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'php' + debianFlavor: 'bookworm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Php_Bullseye_SDK + timeoutInMinutes: 1440 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'php' + debianFlavor: 'bullseye' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Php_Stretch_SDK + timeoutInMinutes: 1440 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'php' + debianFlavor: 'stretch' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Php_Buster_SDK + timeoutInMinutes: 1440 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'php' + debianFlavor: 'buster' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Php_Ubuntu_SDK + timeoutInMinutes: 1440 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'php' + debianFlavor: 'focal-scm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - stage: Release + dependsOn: Build + jobs: + - job: Publish_Platform_Binaries + timeoutInMinutes: 250 + displayName: Publish to Azure Blob Storage + steps: + - template: /vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml@self + parameters: + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' \ No newline at end of file diff --git a/vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml b/vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml index df85c79267..461a771033 100644 --- a/vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml +++ b/vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml @@ -1,21 +1,12 @@ parameters: destinationSdkStorageAccountName: 'oryxsdksstaging' - steps: - - checkout: self clean: true - - task: DownloadBuildArtifacts@0 displayName: 'Download Artifacts' inputs: artifactName: drop - -- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - task: ShellScript@2 displayName: Upload files to Azure Storage env: @@ -27,12 +18,10 @@ steps: inputs: scriptPath: ./vsts/scripts/publishFilesToAzureStorage.sh args: ${{ parameters.destinationSdkStorageAccountName }} - - task: UseDotNet@2 displayName: 'Use .NET Core SDK 7.x' inputs: version: 7.0.306 - - task: ShellScript@2 displayName: 'Test Dev storage account' env: diff --git a/vsts/pipelines/templates/_platformBinariesTemplate.yml b/vsts/pipelines/templates/_platformBinariesTemplate.yml index 4ae719caff..294e83bf79 100644 --- a/vsts/pipelines/templates/_platformBinariesTemplate.yml +++ b/vsts/pipelines/templates/_platformBinariesTemplate.yml @@ -1,22 +1,14 @@ parameters: - platformName: '' - debianFlavor: '' - destinationSdkStorageAccountName: '' - + platformName: '' + debianFlavor: '' + destinationSdkStorageAccountName: '' steps: - checkout: self clean: true - -- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection - OSS Compliance' - inputs: - ignoreDirectories: '$(Build.SourcesDirectory)/tests' - - task: UseDotNet@2 displayName: 'Use .NET Core sdk 7.x' inputs: version: 7.0.306 - - task: ShellScript@2 displayName: 'Building platform binaries' env: @@ -25,7 +17,6 @@ steps: inputs: scriptPath: ./build/buildPlatformBinaries.sh args: ${{ parameters.platformName }} ${{ parameters.debianFlavor }} https://${{ parameters.destinationSdkStorageAccountName }}.blob.core.windows.net - - task: CopyFiles@2 displayName: 'Copy artifacts from source repo to agent artifacts folder' inputs: @@ -33,10 +24,4 @@ steps: contents: '**/*.*' targetFolder: $(Build.ArtifactStagingDirectory) overWrite: true - condition: true - -- task: PublishBuildArtifacts@1 - displayName: Publish build artifacts - inputs: - pathtoPublish: $(Build.ArtifactStagingDirectory) - condition: true + condition: true \ No newline at end of file From 59e7808dc80a0b1fb32893d70b2996c62a3954f4 Mon Sep 17 00:00:00 2001 From: Dan Vouaux Date: Thu, 21 Mar 2024 23:05:51 -0700 Subject: [PATCH 6/8] Convert more PlatformBinaries --- .../pipelines/PlatformBinaries/dotnetcore.yml | 191 ++++++------ vsts/pipelines/PlatformBinaries/golang.yml | 164 ++++++----- vsts/pipelines/PlatformBinaries/java.yml | 272 ++++++++++-------- vsts/pipelines/PlatformBinaries/node.yml | 179 +++++++----- vsts/pipelines/PlatformBinaries/python.yml | 191 ++++++------ vsts/pipelines/PlatformBinaries/ruby.yml | 164 ++++++----- 6 files changed, 634 insertions(+), 527 deletions(-) diff --git a/vsts/pipelines/PlatformBinaries/dotnetcore.yml b/vsts/pipelines/PlatformBinaries/dotnetcore.yml index 87e83d0238..c61bf3d570 100644 --- a/vsts/pipelines/PlatformBinaries/dotnetcore.yml +++ b/vsts/pipelines/PlatformBinaries/dotnetcore.yml @@ -1,95 +1,10 @@ variables: - - group: Oryx - +- group: Oryx parameters: - name: destinationStorageAccountName displayName: Destination Storage Account Name type: string default: oryxsdksstaging - -stages: -- stage: Build - jobs: - - job: DotNetCore_Bookworm - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'dotnet' - debianFlavor: 'bookworm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: DotNetCore_Bullseye - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'dotnet' - debianFlavor: 'bullseye' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: DotNetCore_Buster - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'dotnet' - debianFlavor: 'buster' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: DotNetCore_Stretch - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'dotnet' - debianFlavor: 'stretch' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: DotNetCore_Ubuntu - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'dotnet' - debianFlavor: 'focal-scm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - -- stage: Release - dependsOn: Build - jobs: - - job: Publish_Platform_Binaries - timeoutInMinutes: 250 - displayName: Publish to Azure Blob Storage - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesReleaseTemplate.yml - parameters: - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - trigger: batch: true branches: @@ -100,4 +15,106 @@ trigger: - /* include: - platforms/dotnet - - vsts/PlatformBinaries/dotnetcore.yml \ No newline at end of file + - vsts/PlatformBinaries/dotnetcore.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: Build + jobs: + - job: DotNetCore_Bookworm + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'dotnet' + debianFlavor: 'bookworm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: DotNetCore_Bullseye + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'dotnet' + debianFlavor: 'bullseye' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: DotNetCore_Buster + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'dotnet' + debianFlavor: 'buster' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: DotNetCore_Stretch + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'dotnet' + debianFlavor: 'stretch' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: DotNetCore_Ubuntu + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'dotnet' + debianFlavor: 'focal-scm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - stage: Release + dependsOn: Build + jobs: + - job: Publish_Platform_Binaries + timeoutInMinutes: 250 + displayName: Publish to Azure Blob Storage + steps: + - template: /vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml@self + parameters: + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' \ No newline at end of file diff --git a/vsts/pipelines/PlatformBinaries/golang.yml b/vsts/pipelines/PlatformBinaries/golang.yml index 4fc974d8a4..4fc2046c69 100644 --- a/vsts/pipelines/PlatformBinaries/golang.yml +++ b/vsts/pipelines/PlatformBinaries/golang.yml @@ -1,82 +1,10 @@ variables: - - group: Oryx - +- group: Oryx parameters: - name: destinationStorageAccountName displayName: Destination Storage Account Name type: string default: oryxsdksstaging - -stages: -- stage: Build - jobs: - - job: Golang_Bullseye - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'golang' - debianFlavor: 'bullseye' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Golang_Buster - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'golang' - debianFlavor: 'buster' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Golang_Stretch - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'golang' - debianFlavor: 'stretch' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Golang_Ubuntu - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'golang' - debianFlavor: 'focal-scm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - -- stage: Release - dependsOn: Build - jobs: - - job: Publish_Platform_Binaries - timeoutInMinutes: 250 - displayName: Publish to Azure Blob Storage - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesReleaseTemplate.yml - parameters: - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - trigger: batch: true branches: @@ -87,4 +15,92 @@ trigger: - /* include: - platforms/golang - - vsts/PlatformBinaries/golang.yml \ No newline at end of file + - vsts/PlatformBinaries/golang.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: Build + jobs: + - job: Golang_Bullseye + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'golang' + debianFlavor: 'bullseye' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Golang_Buster + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'golang' + debianFlavor: 'buster' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Golang_Stretch + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'golang' + debianFlavor: 'stretch' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Golang_Ubuntu + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'golang' + debianFlavor: 'focal-scm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - stage: Release + dependsOn: Build + jobs: + - job: Publish_Platform_Binaries + timeoutInMinutes: 250 + displayName: Publish to Azure Blob Storage + steps: + - template: /vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml@self + parameters: + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' \ No newline at end of file diff --git a/vsts/pipelines/PlatformBinaries/java.yml b/vsts/pipelines/PlatformBinaries/java.yml index 01c262e715..cd6513896b 100644 --- a/vsts/pipelines/PlatformBinaries/java.yml +++ b/vsts/pipelines/PlatformBinaries/java.yml @@ -1,134 +1,10 @@ variables: - - group: Oryx - +- group: Oryx parameters: - name: destinationStorageAccountName displayName: Destination Storage Account Name type: string default: oryxsdksstaging - -stages: -- stage: Build - jobs: - - job: Java_Bullseye - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'java' - debianFlavor: 'bullseye' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Java_Buster - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'java' - debianFlavor: 'buster' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Java_Stretch - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'java' - debianFlavor: 'stretch' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Java_Ubuntu - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'java' - debianFlavor: 'focal-scm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Maven_Bullseye - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'maven' - debianFlavor: 'bullseye' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Maven_Buster - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'maven' - debianFlavor: 'buster' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Maven_Stretch - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'maven' - debianFlavor: 'stretch' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Maven_Ubuntu - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'maven' - debianFlavor: 'focal-scm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - -- stage: Release - dependsOn: Build - jobs: - - job: Publish_Platform_Binaries - timeoutInMinutes: 250 - displayName: Publish to Azure Blob Storage - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesReleaseTemplate.yml - parameters: - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - trigger: batch: true branches: @@ -139,4 +15,148 @@ trigger: - /* include: - platforms/java - - vsts/PlatformBinaries/java.yml \ No newline at end of file + - vsts/PlatformBinaries/java.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: Build + jobs: + - job: Java_Bullseye + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'java' + debianFlavor: 'bullseye' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Java_Buster + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'java' + debianFlavor: 'buster' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Java_Stretch + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'java' + debianFlavor: 'stretch' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Java_Ubuntu + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'java' + debianFlavor: 'focal-scm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Maven_Bullseye + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'maven' + debianFlavor: 'bullseye' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Maven_Buster + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'maven' + debianFlavor: 'buster' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Maven_Stretch + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'maven' + debianFlavor: 'stretch' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Maven_Ubuntu + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'maven' + debianFlavor: 'focal-scm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - stage: Release + dependsOn: Build + jobs: + - job: Publish_Platform_Binaries + timeoutInMinutes: 250 + displayName: Publish to Azure Blob Storage + steps: + - template: /vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml@self + parameters: + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' \ No newline at end of file diff --git a/vsts/pipelines/PlatformBinaries/node.yml b/vsts/pipelines/PlatformBinaries/node.yml index 172cb39b14..cc9ec7f03a 100644 --- a/vsts/pipelines/PlatformBinaries/node.yml +++ b/vsts/pipelines/PlatformBinaries/node.yml @@ -1,3 +1,10 @@ +variables: +- group: Oryx +parameters: +- name: destinationStorageAccountName + displayName: Destination Storage Account Name + type: string + default: oryxsdksstaging trigger: batch: true branches: @@ -9,91 +16,105 @@ trigger: include: - platforms/nodejs - vsts/PlatformBinaries/node.yml - -# The `resources` specify the location and version of the 1ES PT. resources: repositories: - - repository: 1esPipelines + - repository: 1ESPipelineTemplates type: git name: 1ESPipelineTemplates/1ESPipelineTemplates ref: refs/tags/release - -variables: - - group: Oryx - extends: - # The pipeline extends the 1ES PT which will inject different SDL and compliance tasks. - # For non-production pipelines, use "Unofficial" as defined below. - # For productions pipelines, use "Official". - template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - # Update the pool with your team's 1ES hosted pool. pool: name: AzurePipelines-EO - image: AzurePipelinesUbuntu20.04compliant # Name of the image in your pool. If not specified, first image of the pool is used - os: linux # OS of the image. Allowed values: windows, linux, macOS - - # - name: destinationStorageAccountName - # displayName: Destination Storage Account Name - # type: string - # default: oryxsdksstaging - - stages: - - stage: Build - jobs: - - job: Node_Bookworm - timeoutInMinutes: 250 - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'nodejs' - debianFlavor: 'bookworm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Node_Bullseye - timeoutInMinutes: 250 - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'nodejs' - debianFlavor: 'bullseye' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Node_Buster - timeoutInMinutes: 250 - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'nodejs' - debianFlavor: 'buster' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Node_Stretch - timeoutInMinutes: 250 - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'nodejs' - debianFlavor: 'stretch' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Node_Ubuntu - timeoutInMinutes: 250 - pool: - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'nodejs' - debianFlavor: 'focal-scm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - stage: Release - dependsOn: Build - jobs: - - job: Publish_Platform_Binaries - timeoutInMinutes: 250 - displayName: Publish to Azure Blob Storage - steps: - - template: ../templates/_platformBinariesReleaseTemplate.yml - parameters: - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' \ No newline at end of file + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: Build + jobs: + - job: Node_Bookworm + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'nodejs' + debianFlavor: 'bookworm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Node_Bullseye + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'nodejs' + debianFlavor: 'bullseye' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Node_Buster + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'nodejs' + debianFlavor: 'buster' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Node_Stretch + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'nodejs' + debianFlavor: 'stretch' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Node_Ubuntu + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'nodejs' + debianFlavor: 'focal-scm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - stage: Release + dependsOn: Build + jobs: + - job: Publish_Platform_Binaries + timeoutInMinutes: 250 + displayName: Publish to Azure Blob Storage + steps: + - template: /vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml@self + parameters: + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' \ No newline at end of file diff --git a/vsts/pipelines/PlatformBinaries/python.yml b/vsts/pipelines/PlatformBinaries/python.yml index 48378035cf..38cfa613b1 100644 --- a/vsts/pipelines/PlatformBinaries/python.yml +++ b/vsts/pipelines/PlatformBinaries/python.yml @@ -1,95 +1,10 @@ variables: - - group: Oryx - +- group: Oryx parameters: - name: destinationStorageAccountName displayName: Destination Storage Account Name type: string default: oryxsdksstaging - -stages: -- stage: Build - jobs: - - job: Python_Bookworm_SDK - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'python' - debianFlavor: 'bookworm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Python_Bullseye_SDK - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'python' - debianFlavor: 'bullseye' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Python_Buster_SDK - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'python' - debianFlavor: 'buster' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Python_Stretch_SDK - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'python' - debianFlavor: 'stretch' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Python_Ubuntu_SDK - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'python' - debianFlavor: 'focal-scm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - -- stage: Release - dependsOn: Build - jobs: - - job: Publish_Platform_Binaries - timeoutInMinutes: 250 - displayName: Publish to Azure Blob Storage - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesReleaseTemplate.yml - parameters: - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - trigger: batch: true branches: @@ -100,4 +15,106 @@ trigger: - /* include: - platforms/python - - vsts/PlatformBinaries/python.yml \ No newline at end of file + - vsts/PlatformBinaries/python.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: Build + jobs: + - job: Python_Bookworm_SDK + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'python' + debianFlavor: 'bookworm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Python_Bullseye_SDK + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'python' + debianFlavor: 'bullseye' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Python_Buster_SDK + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'python' + debianFlavor: 'buster' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Python_Stretch_SDK + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'python' + debianFlavor: 'stretch' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Python_Ubuntu_SDK + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'python' + debianFlavor: 'focal-scm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - stage: Release + dependsOn: Build + jobs: + - job: Publish_Platform_Binaries + timeoutInMinutes: 250 + displayName: Publish to Azure Blob Storage + steps: + - template: /vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml@self + parameters: + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' \ No newline at end of file diff --git a/vsts/pipelines/PlatformBinaries/ruby.yml b/vsts/pipelines/PlatformBinaries/ruby.yml index 8405f9d8bb..3c16e028cd 100644 --- a/vsts/pipelines/PlatformBinaries/ruby.yml +++ b/vsts/pipelines/PlatformBinaries/ruby.yml @@ -1,82 +1,10 @@ variables: - - group: Oryx - +- group: Oryx parameters: - name: destinationStorageAccountName displayName: Destination Storage Account Name type: string default: oryxsdksstaging - -stages: -- stage: Build - jobs: - - job: Ruby_Bullseye - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'ruby' - debianFlavor: 'bullseye' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Ruby_Buster - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'ruby' - debianFlavor: 'buster' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Ruby_Stretch - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'ruby' - debianFlavor: 'stretch' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - - - job: Ruby_Ubuntu - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesTemplate.yml - parameters: - platformName: 'ruby' - debianFlavor: 'focal-scm' - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - -- stage: Release - dependsOn: Build - jobs: - - job: Publish_Platform_Binaries - timeoutInMinutes: 250 - displayName: Publish to Azure Blob Storage - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_platformBinariesReleaseTemplate.yml - parameters: - destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' - trigger: batch: true branches: @@ -87,4 +15,92 @@ trigger: - /* include: - platforms/ruby - - vsts/PlatformBinaries/ruby.yml \ No newline at end of file + - vsts/PlatformBinaries/ruby.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: Build + jobs: + - job: Ruby_Bullseye + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'ruby' + debianFlavor: 'bullseye' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Ruby_Buster + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'ruby' + debianFlavor: 'buster' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Ruby_Stretch + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'ruby' + debianFlavor: 'stretch' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - job: Ruby_Ubuntu + timeoutInMinutes: 250 + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish build artifacts' + condition: true + targetPath: $(Build.ArtifactStagingDirectory) + steps: + - template: /vsts/pipelines/templates/_platformBinariesTemplate.yml@self + parameters: + platformName: 'ruby' + debianFlavor: 'focal-scm' + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' + - stage: Release + dependsOn: Build + jobs: + - job: Publish_Platform_Binaries + timeoutInMinutes: 250 + displayName: Publish to Azure Blob Storage + steps: + - template: /vsts/pipelines/templates/_platformBinariesReleaseTemplate.yml@self + parameters: + destinationSdkStorageAccountName: '${{ parameters.destinationStorageAccountName }}' \ No newline at end of file From 450be56ea2caf56bfbdbdf5537b295792a767062 Mon Sep 17 00:00:00 2001 From: Dan Vouaux Date: Thu, 21 Mar 2024 23:13:11 -0700 Subject: [PATCH 7/8] Add python base image --- vsts/pipelines/baseImages/python.yml | 80 ++++++++++++++++------------ 1 file changed, 47 insertions(+), 33 deletions(-) diff --git a/vsts/pipelines/baseImages/python.yml b/vsts/pipelines/baseImages/python.yml index c6b377d507..1970265023 100644 --- a/vsts/pipelines/baseImages/python.yml +++ b/vsts/pipelines/baseImages/python.yml @@ -8,37 +8,51 @@ variables: value: true - name: Packaging.EnableSBOMSigning value: true - -jobs: -- template: ../templates/_buildimageBasesJobTemplate.yml +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - displayName: Build python runtime bullseye base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: python - imageDebianFlavor: bullseye - artifactsFileName: python-runtimeimage-bases-bullseye.txt - jobName: Build_Bullseye_BaseImages - -- template: ../templates/_buildimageBasesJobTemplate.yml - parameters: - displayName: Build python runtime bookworm base images - scriptPath: ./build/buildRunTimeImageBases.sh - imageDir: python - imageDebianFlavor: bookworm - artifactsFileName: python-runtimeimage-bases-bookworm.txt - jobName: Build_Bookworm_BaseImages - -- job: Release_PythonRuntimeBaseImage - dependsOn: - - Build_Bullseye_BaseImages - - Build_Bookworm_BaseImages - displayName: Push images to MCR - timeoutInMinutes: 250 - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - steps: - - template: ../templates/_releaseBaseImagesStepTemplate.yml - parameters: - baseImageName: 'python' + pool: + name: AzurePipelines-EO + image: AzurePipelinesUbuntu20.04compliant + os: linux + sdl: + sourceAnalysisPool: + name: AzurePipelines-EO + os: windows + customBuildTags: + - ES365AIMigrationTooling-BulkMigrated + stages: + - stage: stage + jobs: + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build python runtime bullseye base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: python + imageDebianFlavor: bullseye + artifactsFileName: python-runtimeimage-bases-bullseye.txt + jobName: Build_Bullseye_BaseImages + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build python runtime bookworm base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: python + imageDebianFlavor: bookworm + artifactsFileName: python-runtimeimage-bases-bookworm.txt + jobName: Build_Bookworm_BaseImages + - job: Release_PythonRuntimeBaseImage + dependsOn: + - Build_Bullseye_BaseImages + - Build_Bookworm_BaseImages + displayName: Push images to MCR + timeoutInMinutes: 250 + steps: + - template: /vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml@self + parameters: + baseImageName: 'python' \ No newline at end of file From fcca1138153785c360f0b52ea0a6dfa4e6aacfeb Mon Sep 17 00:00:00 2001 From: Dan Vouaux Date: Thu, 21 Mar 2024 23:49:19 -0700 Subject: [PATCH 8/8] Fix merge conflicts --- vsts/pipelines/baseImages/dotnetcore.yml | 2 +- vsts/pipelines/baseImages/node.yml | 2 +- vsts/pipelines/baseImages/php-fpm.yml | 11 ++++- vsts/pipelines/baseImages/php.yml | 11 ++++- vsts/pipelines/baseImages/python.yml | 2 +- vsts/pipelines/ci.yml | 16 ------- vsts/pipelines/templates/_buildTemplate.yml | 2 +- vsts/pipelines/templates/_builderTemplate.yml | 2 +- .../templates/_integrationJobTemplate.yml | 3 -- .../_releaseBaseImagesStepTemplate.yml | 2 +- .../templates/_releaseStepTemplate.yml | 42 +++---------------- .../_dotnetcoreIntegrationJobTemplate.yml | 18 ++------ .../_nodeIntegrationJobTemplate.yml | 12 +----- .../_phpIntegrationJobTemplate.yml | 10 +---- .../_pythonIntegrationJobTemplate.yml | 6 +-- 15 files changed, 39 insertions(+), 102 deletions(-) diff --git a/vsts/pipelines/baseImages/dotnetcore.yml b/vsts/pipelines/baseImages/dotnetcore.yml index fa23b571d3..0695591eed 100644 --- a/vsts/pipelines/baseImages/dotnetcore.yml +++ b/vsts/pipelines/baseImages/dotnetcore.yml @@ -1,7 +1,7 @@ variables: - group: Oryx - name: ascName - value: oryx-automation-service-principal + value: oryx-new-service-connection - name: acrName value: oryxdevmcr.azurecr.io - name: skipComponentGovernanceDetection diff --git a/vsts/pipelines/baseImages/node.yml b/vsts/pipelines/baseImages/node.yml index 14a7dcd722..7e89a2cd0c 100644 --- a/vsts/pipelines/baseImages/node.yml +++ b/vsts/pipelines/baseImages/node.yml @@ -1,7 +1,7 @@ variables: - group: Oryx - name: ascName - value: oryx-automation-service-principal + value: oryx-new-service-connection - name: acrName value: oryxdevmcr.azurecr.io - name: skipComponentGovernanceDetection diff --git a/vsts/pipelines/baseImages/php-fpm.yml b/vsts/pipelines/baseImages/php-fpm.yml index b57bd7f722..b83c80ca9c 100644 --- a/vsts/pipelines/baseImages/php-fpm.yml +++ b/vsts/pipelines/baseImages/php-fpm.yml @@ -1,7 +1,7 @@ variables: - group: Oryx - name: ascName - value: oryx-automation-service-principal + value: oryx-new-service-connection - name: acrName value: oryxdevmcr.azurecr.io - name: skipComponentGovernanceDetection @@ -46,10 +46,19 @@ extends: imageDebianFlavor: bullseye artifactsFileName: php-fpm-runtimeimage-bases-bullseye.txt jobName: Build_PHP_Fpm_Bullseye_Base + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build php bookworm runtime base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: php-fpm + imageDebianFlavor: bookworm + artifactsFileName: php-fpm-runtimeimage-bases-bookworm.txt + jobName: Build_PHP_Fpm_Bookworm_Base - job: Release_PhpRuntimeBaseImage dependsOn: - Build_Php_Fpm_Buster_Base - Build_PHP_Fpm_Bullseye_Base + - Build_PHP_Fpm_Bookworm_Base displayName: Push images to MCR timeoutInMinutes: 250 steps: diff --git a/vsts/pipelines/baseImages/php.yml b/vsts/pipelines/baseImages/php.yml index 0964c12f4a..72f979edee 100644 --- a/vsts/pipelines/baseImages/php.yml +++ b/vsts/pipelines/baseImages/php.yml @@ -1,7 +1,7 @@ variables: - group: Oryx - name: ascName - value: oryx-automation-service-principal + value: oryx-new-service-connection - name: acrName value: oryxdevmcr.azurecr.io - name: skipComponentGovernanceDetection @@ -46,10 +46,19 @@ extends: imageDebianFlavor: bullseye artifactsFileName: php-runtimeimage-bases-bullseye.txt jobName: Build_Bullseye_BaseImages + - template: /vsts/pipelines/templates/_buildimageBasesJobTemplate.yml@self + parameters: + displayName: Build php runtime bookworm base images + scriptPath: ./build/buildRunTimeImageBases.sh + imageDir: php + imageDebianFlavor: bookworm + artifactsFileName: php-runtimeimage-bases-bookworm.txt + jobName: Build_Bookworm_BaseImages - job: Release_PhpRuntimeBaseImage dependsOn: - Build_Buster_BaseImages - Build_Bullseye_BaseImages + - Build_Bookworm_BaseImages displayName: Push images to MCR timeoutInMinutes: 250 steps: diff --git a/vsts/pipelines/baseImages/python.yml b/vsts/pipelines/baseImages/python.yml index 1970265023..86a0b8f73e 100644 --- a/vsts/pipelines/baseImages/python.yml +++ b/vsts/pipelines/baseImages/python.yml @@ -1,7 +1,7 @@ variables: - group: Oryx - name: ascName - value: oryx-automation-service-principal + value: oryx-new-service-connection - name: acrName value: oryxdevmcr.azurecr.io - name: skipComponentGovernanceDetection diff --git a/vsts/pipelines/ci.yml b/vsts/pipelines/ci.yml index e38196b52c..94195443a0 100644 --- a/vsts/pipelines/ci.yml +++ b/vsts/pipelines/ci.yml @@ -10,16 +10,10 @@ parameters: default: - key: Latest value: latest - - key: LtsVersions - value: ltsversions - key: Jamstack value: jamstack - key: GithubActions value: githubactions - - key: VsoFocal - value: vso-focal - - key: VsoBullseye - value: vso-bullseye - key: Full value: full - key: Cli @@ -162,16 +156,6 @@ extends: - template: /vsts/pipelines/templates/_buildTemplate.yml@self parameters: imageType: ${{ buildImage.value }} - - job: Job_BuilderImages - displayName: Build Builder Images - pool: - name: AzurePipelines-EO - demands: - - ImageOverride -equals AzurePipelinesUbuntu20.04compliant - timeoutInMinutes: 480 - dependsOn: Job_BuildImage_CliBuilderBullseye - steps: - - template: /vsts/pipelines/templates/_builderTemplate.yml@self - job: Job_Buster_RuntimeImages displayName: Build and Test Buster Runtime Images dependsOn: Job_SignBinaries diff --git a/vsts/pipelines/templates/_buildTemplate.yml b/vsts/pipelines/templates/_buildTemplate.yml index f98cc5a60f..b6d3ba250a 100644 --- a/vsts/pipelines/templates/_buildTemplate.yml +++ b/vsts/pipelines/templates/_buildTemplate.yml @@ -1,5 +1,5 @@ parameters: - ascName: oryx-automation-service-principal + ascName: oryx-new-service-connection acrName: oryxdevmcr.azurecr.io imageName: oryxdevmcr.azurecr.io/public/oryx imageType: null diff --git a/vsts/pipelines/templates/_builderTemplate.yml b/vsts/pipelines/templates/_builderTemplate.yml index b5841ce2e9..0890946854 100644 --- a/vsts/pipelines/templates/_builderTemplate.yml +++ b/vsts/pipelines/templates/_builderTemplate.yml @@ -1,5 +1,5 @@ parameters: - ascName: oryx-automation-service-principal + ascName: oryx-new-service-connection acrName: oryxdevmcr.azurecr.io steps: - script: | diff --git a/vsts/pipelines/templates/_integrationJobTemplate.yml b/vsts/pipelines/templates/_integrationJobTemplate.yml index 07ff95bfe5..7f14fafcb1 100644 --- a/vsts/pipelines/templates/_integrationJobTemplate.yml +++ b/vsts/pipelines/templates/_integrationJobTemplate.yml @@ -12,9 +12,6 @@ jobs: - template: /vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml@self parameters: storageAccountUrl: ${{ parameters.storageAccountUrl }} -- template: /vsts/pipelines/templates/integrationTests/_golangIntegrationJobTemplate.yml@self - parameters: - storageAccountUrl: ${{ parameters.storageAccountUrl }} - template: /vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml@self parameters: storageAccountUrl: ${{ parameters.storageAccountUrl }} \ No newline at end of file diff --git a/vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml b/vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml index af1163ed03..6f050f5dd6 100644 --- a/vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml +++ b/vsts/pipelines/templates/_releaseBaseImagesStepTemplate.yml @@ -1,5 +1,5 @@ parameters: - ascName: oryx-automation-service-principal + ascName: oryx-new-service-connection acrDevName: oryxdevmcr acrProdName: oryxmcr acrPmeProdName: oryxprodmcr diff --git a/vsts/pipelines/templates/_releaseStepTemplate.yml b/vsts/pipelines/templates/_releaseStepTemplate.yml index cc7f489f2e..671c653163 100644 --- a/vsts/pipelines/templates/_releaseStepTemplate.yml +++ b/vsts/pipelines/templates/_releaseStepTemplate.yml @@ -1,5 +1,5 @@ parameters: - ascName: oryx-automation-service-principal + ascName: oryx-new-service-connection acrDevName: oryxdevmcr.azurecr.io acrProdName: oryxmcr acrPmeProdName: oryxprodmcr @@ -32,6 +32,10 @@ steps: sudo rm -rf "$AGENT_TOOLSDIRECTORY" docker images && docker system prune -fa && docker images && echo displayName: 'clean docker images' +- task: UseDotNet@2 + displayName: 'Use .NET Core sdk 7.x' + inputs: + version: 7.0.306 - script: | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null @@ -70,34 +74,12 @@ steps: type: FilePath scriptPath: ./vsts/scripts/tagRunTimeImagesForRelease.sh condition: and(succeeded(), eq(variables['ReleaseRuntimeImages'], 'true')) -- task: Shellpp@0 - displayName: 'Pull and create release tags for buildpack images' - inputs: - type: FilePath - scriptPath: ./vsts/scripts/tagBuildpacksImagesForRelease.sh - condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) - task: Shellpp@0 displayName: 'Pull and create release tags for CLI images' inputs: type: FilePath scriptPath: ./vsts/scripts/tagCliImagesForRelease.sh condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) -- task: Shellpp@0 - displayName: 'Pull and create release tags for Builder images' - inputs: - type: FilePath - scriptPath: ./vsts/scripts/tagBuilderImagesForRelease.sh - condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) -- task: UseDotNet@2 - displayName: 'Use .NET Core sdk 7.x' - inputs: - version: 7.0.306 -- task: ShellScript@2 - displayName: 'Test runtime images for pme staging registry' - inputs: - scriptPath: ./build/testRunTimeImages.sh - args: skipBuildingImages ${{ parameters.acrPmeProdName }}.azurecr.io/public/oryx $(RELEASE_TAG_NAME) Category=Release - condition: and(succeeded(), eq(variables['ReleaseRuntimeImages'], 'true')) - task: Docker@1 displayName: Dev Container registry logout inputs: @@ -116,13 +98,6 @@ steps: scriptPath: ./vsts/scripts/pushImagesToRegistry.sh args: '$(Build.ArtifactStagingDirectory)/drop/images/${{ parameters.acrPmeProdName }}-build-images-mcr.txt' condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) -- task: Shellpp@0 - displayName: 'Push build-pack images to PME staging ACR' - inputs: - type: FilePath - scriptPath: ./vsts/scripts/pushImagesToRegistry.sh - args: '$(Build.ArtifactStagingDirectory)/drop/images/${{ parameters.acrPmeProdName }}-buildpack-images-mcr.txt' - condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) - task: Shellpp@0 displayName: 'Push CLI image to PME staging ACR' inputs: @@ -130,13 +105,6 @@ steps: scriptPath: ./vsts/scripts/pushImagesToRegistry.sh args: '$(Build.ArtifactStagingDirectory)/drop/images/${{ parameters.acrPmeProdName }}-cli-images-mcr.txt' condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) -- task: Shellpp@0 - displayName: 'Push builder images to PME staging ACR' - inputs: - type: FilePath - scriptPath: ./vsts/scripts/pushImagesToRegistry.sh - args: '$(Build.ArtifactStagingDirectory)/drop/images/${{ parameters.acrPmeProdName }}-builder-images-mcr.txt' - condition: and(succeeded(), eq(variables['ReleaseBuildImages'], 'true')) - task: Shellpp@0 displayName: 'Push runtime images to PME staging ACR' inputs: diff --git a/vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml index bac8bae086..78b2aed23b 100644 --- a/vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_dotnetcoreIntegrationJobTemplate.yml @@ -5,28 +5,18 @@ parameters: - name: testMappings type: object default: - - category: '3.0' - buildTag: 'debian-stretch' - - category: '3.1' - buildTag: 'debian-stretch' - - category: '3.1' - buildTag: 'github-actions-debian-stretch' - - category: '5.0' - buildTag: 'debian-stretch' - - category: '5.0' - buildTag: 'github-actions-debian-stretch' - category: '6.0' - buildTag: 'debian-stretch' + buildTag: 'debian-buster' - category: '6.0' - buildTag: 'github-actions-debian-stretch' + buildTag: 'github-actions-debian-buster' - category: '7.0' buildTag: 'github-actions-debian-buster' - category: '8.0' buildTag: 'github-actions-debian-bookworm' - category: 'dynamic' - buildTag: 'debian-stretch' + buildTag: 'debian-buster' - category: 'dynamic' - buildTag: 'github-actions-debian-stretch' + buildTag: 'github-actions-debian-buster' jobs: - ${{ each mapping in parameters.testMappings }}: - job: '' diff --git a/vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml index b509dce703..d79da61eae 100644 --- a/vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_nodeIntegrationJobTemplate.yml @@ -5,20 +5,10 @@ parameters: - name: testMappings type: object default: - - category: '14-stretch-1' - buildTag: 'debian-stretch' - - category: '14-stretch-2' - buildTag: 'debian-stretch' - - category: '14-stretch-3' - buildTag: 'debian-stretch' - - category: '14-stretch-4' - buildTag: 'debian-stretch' - category: '14-gh-buster' buildTag: 'github-actions-debian-buster' - category: '16' - buildTag: 'debian-stretch' - - category: '16-nuxt' - buildTag: 'debian-stretch' + buildTag: 'debian-buster' - category: '18' buildTag: 'github-actions-debian-bullseye' - category: '20' diff --git a/vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml index 6595764357..871fd35362 100644 --- a/vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_phpIntegrationJobTemplate.yml @@ -5,22 +5,16 @@ parameters: - name: testMappings type: object default: - - category: '7.4' - buildTag: 'debian-stretch' - category: '7.4' buildTag: 'github-actions-debian-buster' - - category: '8.0' - buildTag: 'debian-stretch' - category: '8.0' buildTag: 'github-actions-debian-buster' - - category: '8.1' - buildTag: 'debian-stretch' - category: '8.1' buildTag: 'github-actions-debian-buster' - - category: '8.2' - buildTag: 'debian-stretch' - category: '8.2' buildTag: 'github-actions-debian-buster' + - category: '8.2' + buildTag: 'github-actions-debian-bullseye' jobs: - ${{ each mapping in parameters.testMappings }}: - job: '' diff --git a/vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml b/vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml index 0c19a3ccec..4342f98679 100644 --- a/vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml +++ b/vsts/pipelines/templates/integrationTests/_pythonIntegrationJobTemplate.yml @@ -5,16 +5,12 @@ parameters: - name: testMappings type: object default: - - category: '3.7' - buildTag: 'debian-stretch' - category: '3.7' buildTag: 'github-actions-debian-bullseye' - - category: '3.8' - buildTag: 'debian-stretch' - category: '3.8' buildTag: 'github-actions-debian-bullseye' - category: '3.9' - buildTag: 'debian-stretch' + buildTag: 'debian-buster' - category: '3.9' buildTag: 'github-actions-debian-buster' - category: '3.10'