-
Notifications
You must be signed in to change notification settings - Fork 468
/
Copy pathazure-pipelines-microbuild.yml
137 lines (132 loc) · 4.39 KB
/
azure-pipelines-microbuild.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
parameters:
# Optionally do not publish to TSA. Useful for e.g., verifying fixes before PR.
- name: TSAEnabled
displayName: Publish results to TSA
type: boolean
default: true
# Branches that trigger a build on commit
trigger:
- main
- release/*
- features/*
- 2.9.x
schedules:
- cron: "0 8 23-29 * 0"
displayName: "Monthly smoke test"
branches:
include:
- main
- release/*
exclude:
- ""
always: true # Run even if there have been no source code changes since the last successful scheduled run
batch: false # Do not run the pipeline if the previously scheduled run is in-progress
variables:
- name: TeamName
value: Roslyn
- group: DotNet-Roslyn-SDLValidation-Params
- group: DotNet-Symbol-Server-Pats
- group: DotNet-Versions-Publish
- group: ManagedLanguageSecrets
resources:
repositories:
- repository: MicroBuildTemplate
type: git
name: 1ESPipelineTemplates/MicroBuildTemplate
ref: refs/tags/release
extends:
template: azure-pipelines/MicroBuild.1ES.Official.yml@MicroBuildTemplate
parameters:
sdl:
sourceAnalysisPool:
name: NetCore1ESPool-Svc-Internal
image: 1es-windows-2022
os: windows
policheck:
enabled: true
tsa:
enabled: true
configFile: '$(Build.SourcesDirectory)/eng/TSAConfig.gdntsa'
pool:
name: NetCore1ESPool-Svc-Internal
image: windows.vs2022preview.amd64
os: windows
customBuildTags:
- ES365AIMigrationTooling
stages:
- stage: build
displayName: Build
jobs:
- ${{ if eq(variables['Build.SourceBranch'], 'refs/heads/release/9.0.1xx') }}:
- template: /eng/common/templates-official/job/onelocbuild.yml@self
parameters:
MirrorRepo: roslyn-analyzers
MirrorBranch: release/9.0.1xx
LclSource: lclFilesfromPackage
LclPackageId: 'LCL-JUNO-PROD-ROSANLZR'
- template: /eng/common/templates-official/jobs/jobs.yml@self
parameters:
enableMicrobuild: true
enablePublishBuildArtifacts: true
enablePublishTestResults: true
enablePublishBuildAssets: true
enablePublishUsingPipelines: true
enableTelemetry: true
enableSourceBuild: true
jobs:
- job: Signed_Build
pool:
name: NetCore1ESPool-Internal
demands: ImageOverride -equals windows.vs2022preview.amd64
variables:
- group: Publish-Build-Assets
- name: _BuildConfig
value: Release
- name: _SignType
value: real
steps:
- checkout: self
clean: true
- script: eng\common\CIBuild.cmd -configuration $(_BuildConfig) /p:OfficialBuildId=$(BUILD.BUILDNUMBER) /p:DotNetSignType=$(_SignType) /p:DotnetPublishUsingPipelines=true
displayName: Build and Test
templateContext:
outputs:
# Archive NuGet packages to DevOps.
- output: pipelineArtifact
path: artifacts/packages/$(_BuildConfig)
artifact: Packages
# Archive VSIX packages to DevOps.
- output: pipelineArtifact
path: artifacts/VSSetup/$(_BuildConfig)
artifact: VSIXes
- stage: analysis
displayName: Code analysis
pool:
name: NetCore1ESPool-Internal
demands: ImageOverride -equals windows.vs2022preview.amd64
jobs:
- job: codeql
displayName: CodeQL
timeoutInMinutes: 120
variables:
# CG is handled in the primary CI pipeline
- name: skipComponentGovernanceDetection
value: true
# Force CodeQL enabled so it may be run on any branch
- name: Codeql.Enabled
value: true
# Do not let CodeQL 3000 Extension gate scan frequency
- name: Codeql.Cadence
value: 0
- name: Codeql.TSAEnabled
value: true
steps:
- script: eng\common\cibuild.cmd -configuration Release -prepareMachine /p:Test=false
displayName: Windows Build
- template: eng/common/templates-official/post-build/post-build.yml
parameters:
publishingInfraVersion: 3
enableSymbolValidation: false
enableSigningValidation: false
enableSourceLinkValidation: false
enableNugetValidation: false