From 1563efbe830d56eae50adff4ffd282937a3c57c6 Mon Sep 17 00:00:00 2001
From: andystaples <77818326+andystaples@users.noreply.github.com>
Date: Fri, 31 May 2024 15:04:34 -0700
Subject: [PATCH 1/7] Add code-mirror.yml
---
eng/ci/code-mirror.yml | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
create mode 100644 eng/ci/code-mirror.yml
diff --git a/eng/ci/code-mirror.yml b/eng/ci/code-mirror.yml
new file mode 100644
index 00000000..7c77fe20
--- /dev/null
+++ b/eng/ci/code-mirror.yml
@@ -0,0 +1,21 @@
+trigger:
+ branches:
+ include:
+ # Below branches are examples for Azure/azure-functions-host. Replace with appropriate branches for your repository.
+ # Keep this set limited as appropriate (don't mirror individual user branches).
+ - dev
+ - v4.x/*
+ - v3.x/*
+
+resources:
+ repositories:
+ - repository: eng
+ type: git
+ name: engineering
+ ref: refs/tags/release
+
+variables:
+ - template: ci/variables/cfs.yml@eng
+
+extends:
+ template: ci/code-mirror.yml@eng
\ No newline at end of file
From 33c6b29e64c156a89a30e4d59c6e5f0ca0f5e8d2 Mon Sep 17 00:00:00 2001
From: andystaples <77818326+andystaples@users.noreply.github.com>
Date: Thu, 20 Jun 2024 11:35:30 -0600
Subject: [PATCH 2/7] Convert build pipeline to 1ES (#1061)
- Convert build pipeline to 1ES
- Remove old pipeline
- Changes to build.ps1 for new pipeline
---
azure-pipelines.yml | 127 -------------------------------------
build.ps1 | 33 ++--------
eng/ci/official.yml | 48 ++++++++++++++
eng/ci/public.yml | 45 +++++++++++++
eng/ci/templates/build.yml | 38 +++++++++++
eng/ci/templates/test.yml | 34 ++++++++++
6 files changed, 169 insertions(+), 156 deletions(-)
delete mode 100644 azure-pipelines.yml
create mode 100644 eng/ci/official.yml
create mode 100644 eng/ci/public.yml
create mode 100644 eng/ci/templates/build.yml
create mode 100644 eng/ci/templates/test.yml
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
deleted file mode 100644
index 23de901c..00000000
--- a/azure-pipelines.yml
+++ /dev/null
@@ -1,127 +0,0 @@
-# Starter pipeline
-# Start with a minimal pipeline that you can customize to build and deploy your code.
-# Add steps that build, run tests, deploy, and more:
-# https://aka.ms/yaml
-
-#trigger:
-#- master
-#- dev
-
-strategy:
- matrix:
- linux:
- imageName: 'MMSUbuntu20.04TLS'
- windows:
- imageName: 'MMS2019TLS'
-
-pool:
- name: '1ES-Hosted-AzFunc'
- demands:
- - ImageOverride -equals $(imageName)
-
-variables:
- Configuration: Release
- buildNumber: $[ counter('build', 400) ] # Start higher than our AppVeyor versions. Every build (pr or branch) will increment.
-
-steps:
-- task: AzureKeyVault@2
- inputs:
- azureSubscription: 'Simple Batch(0b894477-1614-4c8d-8a9b-a697a24596b8)'
- KeyVaultName: 'powershell-worker'
- SecretsFilter: '*'
- RunAsPreJob: true
-
-- pwsh: |
- $releaseBranches = @('v4.x/ps7.2', 'v4.x/ps7.0', 'v3.x/ps7', 'v3.x/ps6', 'v2.x')
-
- Write-Host "BuildSourceBranch: $($env:BuildSourceBranch)"
- $branchName = $env:BuildSourceBranch.Replace("refs/heads/", "")
- Write-Host "BranchName: $branchName"
-
- $isReleaseBuild = ($releaseBranches -contains $branchName)
- Write-Host "##vso[task.setvariable variable=IsReleaseBuild]$isReleaseBuild"
- Write-Host "IsReleaseBuild: $isReleaseBuild"
- displayName: 'Set IsReleaseBuild variable'
- env:
- BuildSourceBranch: $(Build.SourceBranch)
- condition: eq(variables['UPLOADPACKAGETOPRERELEASEFEED'], 'false')
-
-- pwsh: ./build.ps1 -NoBuild -Bootstrap
- displayName: 'Running ./build.ps1 -NoBuild -Bootstrap'
-
-- pwsh: ./Check-CsprojVulnerabilities.ps1
- displayName: 'Check for security vulnerabilities'
-
-- pwsh: |
- $ErrorActionPreference = "Stop"
-
- $shouldAddSBOM = $null
- if ([string]::IsNullOrEmpty($IsReleaseBuild))
- {
- Write-Host "IsReleaseBuild is null or empty. Setting shouldAddSBOM to false"
- $shouldAddSBOM = $false
- }
- else
- {
- Write-Host "IsReleaseBuild: $IsReleaseBuild"
- $shouldAddSBOM = ($IsReleaseBuild -eq "true")
- }
-
- Write-Host "shouldAddSBOM: $shouldAddSBOM"
-
- ./build.ps1 -Clean -Configuration Release -BuildNumber "$(buildNumber)" -AddSBOM:$shouldAddSBOM -SBOMUtilSASUrl "$(SBOMUtilSASUrl)"
- displayName: 'Build worker code'
-
-- pwsh: ./build.ps1 -NoBuild -Test
- displayName: 'Running UnitTest'
-
-- pwsh: ./test/E2E/Start-E2ETest.ps1
- env:
- AzureWebJobsStorage: $(AzureWebJobsStorage)
- AzureWebJobsCosmosDBConnectionString: $(AzureWebJobsCosmosDBConnectionString)
- AzureWebJobsServiceBus: $(AzureWebJobsServiceBus)
- AzureWebJobsEventHubSender: $(AzureWebJobsEventHubSender)
- FUNCTIONS_WORKER_RUNTIME : "powershell"
- displayName: 'Running E2ETest'
-
-- task: PublishTestResults@2
- inputs:
- testResultsFormat: 'VSTest'
- testResultsFiles: '**/*.trx'
- failTaskOnFailedTests: true
- condition: succeededOrFailed()
- displayName: 'Publish tests results'
-
-- task: CopyFiles@2
- inputs:
- SourceFolder: '$(System.DefaultWorkingDirectory)/package'
- Contents: '**/*.nupkg'
- TargetFolder: '$(Build.ArtifactStagingDirectory)'
- displayName: 'Copy package to artifacts directory'
-
-- task: NuGetCommand@2
- condition: and(ne(variables['Build.Reason'], 'PullRequest'), eq(variables['IsReleaseBuild'], 'true'), eq(variables['UPLOADPACKAGETOPRERELEASEFEED'], 'false'))
- inputs:
- command: 'push'
- packagesToPush: '$(Build.ArtifactStagingDirectory)/**/*.nupkg;!$(Build.ArtifactStagingDirectory)/**/*.symbols.nupkg'
- nuGetFeedType: 'internal'
- publishVstsFeed: 'e6a70c92-4128-439f-8012-382fe78d6396/c0493cce-bc63-4e11-9fc9-e7c45291f151'
- allowPackageConflicts: true
- displayName: 'Push NuGet package'
-
-- task: NuGetCommand@2
- condition: eq(variables['UPLOADPACKAGETOPRERELEASEFEED'], 'true')
- inputs:
- command: 'push'
- packagesToPush: '$(Build.ArtifactStagingDirectory)/**/*.nupkg;!$(Build.ArtifactStagingDirectory)/**/*.symbols.nupkg'
- nuGetFeedType: 'internal'
- publishVstsFeed: 'e6a70c92-4128-439f-8012-382fe78d6396/f37f760c-aebd-443e-9714-ce725cd427df'
- allowPackageConflicts: true
- displayName: 'Push NuGet package to the AzureFunctionsPreRelease feed'
-
-- task: PublishBuildArtifacts@1
- inputs:
- PathtoPublish: '$(Build.ArtifactStagingDirectory)'
- ArtifactName: 'drop'
- publishLocation: 'Container'
- displayName: 'Publish build artifacts'
diff --git a/build.ps1 b/build.ps1
index 39fb107f..82d09d6f 100644
--- a/build.ps1
+++ b/build.ps1
@@ -28,13 +28,7 @@ param(
$Configuration = "Debug",
[string]
- $BuildNumber = '0',
-
- [switch]
- $AddSBOM,
-
- [string]
- $SBOMUtilSASUrl
+ $BuildNumber = '0'
)
#Requires -Version 6.0
@@ -68,6 +62,7 @@ function Get-FunctionsCoreToolsDir {
}
}
+<<<<<<< HEAD
function Install-SBOMUtil
{
if ([string]::IsNullOrEmpty($SBOMUtilSASUrl))
@@ -97,6 +92,8 @@ function Install-SBOMUtil
return $manifestToolPath
}
+=======
+>>>>>>> f0a96f5 (Convert build pipeline to 1ES (#1061))
function Deploy-PowerShellWorker {
$ErrorActionPreference = 'Stop'
@@ -170,28 +167,6 @@ if (!$NoBuild.IsPresent) {
dotnet publish -c $Configuration "/p:BuildNumber=$BuildNumber" $PSScriptRoot
- if ($AddSBOM)
- {
- # Install manifest tool
- $manifestTool = Install-SBOMUtil
- Write-Log "manifestTool: $manifestTool "
-
- # Generate manifest
- $buildPath = "$PSScriptRoot/src/bin/$Configuration/$TargetFramework/publish"
- $telemetryFilePath = Join-Path $PSScriptRoot ((New-Guid).Guid + ".json")
- $packageName = "Microsoft.Azure.Functions.PowerShellWorker.nuspec"
-
- # Delete the manifest folder if it exists
- $manifestFolderPath = Join-Path $buildPath "_manifest"
- if (Test-Path $manifestFolderPath)
- {
- Remove-Item $manifestFolderPath -Recurse -Force -ErrorAction Ignore
- }
-
- Write-Log "Running: dotnet $manifestTool generate -BuildDropPath $buildPath -BuildComponentPath $buildPath -Verbosity Information -t $telemetryFilePath"
- & { dotnet $manifestTool generate -BuildDropPath $buildPath -BuildComponentPath $buildPath -Verbosity Information -t $telemetryFilePath -PackageName $packageName }
- }
-
dotnet pack -c $Configuration "/p:BuildNumber=$BuildNumber" "$PSScriptRoot/package"
}
diff --git a/eng/ci/official.yml b/eng/ci/official.yml
new file mode 100644
index 00000000..4ff1b052
--- /dev/null
+++ b/eng/ci/official.yml
@@ -0,0 +1,48 @@
+trigger:
+ batch: true
+ branches:
+ include:
+ - v4.x/*
+ - v3.x/*
+
+# CI only, does not trigger on PRs.
+pr: none
+
+resources:
+ repositories:
+ - repository: 1es
+ type: git
+ name: 1ESPipelineTemplates/1ESPipelineTemplates
+ ref: refs/tags/release
+
+variables:
+ Configuration: Release
+ buildNumber: $[ counter('build', 4000) ] # Start higher than the versions from the previous pipeline. Every build (pr or branch) will increment.
+
+extends:
+ template: v1/1ES.Official.PipelineTemplate.yml@1es
+ parameters:
+ pool:
+ name: 1es-pool-azfunc
+ image: 1es-windows-2022
+ os: windows
+
+ stages:
+ - stage: WindowsUnitTests
+ dependsOn: []
+ jobs:
+ - template: /eng/ci/templates/test.yml@self
+
+ - stage: LinuxUnitTests
+ dependsOn: []
+ jobs:
+ - template: /eng/ci/templates/test.yml@self
+ pool:
+ name: 1es-pool-azfunc
+ image: 1es-ubuntu-22.04
+ os: linux
+
+ - stage: Build
+ dependsOn: [WindowsUnitTests, LinuxUnitTests]
+ jobs:
+ - template: /eng/ci/templates/build.yml@self
diff --git a/eng/ci/public.yml b/eng/ci/public.yml
new file mode 100644
index 00000000..726f8db0
--- /dev/null
+++ b/eng/ci/public.yml
@@ -0,0 +1,45 @@
+trigger:
+ batch: true
+ branches:
+ include:
+ - dev
+ - v4.x/*
+ - v3.x/*
+
+# Only run the tests on PR to official branches - do we want to run them on all PRs?
+pr:
+ branches:
+ include:
+ - '*'
+
+resources:
+ repositories:
+ - repository: 1es
+ type: git
+ name: 1ESPipelineTemplates/1ESPipelineTemplates
+ ref: refs/tags/release
+
+extends:
+ template: v1/1ES.Unofficial.PipelineTemplate.yml
+ parameters:
+ pool:
+ name: 1es-pool-azfunc-public
+ image: 1es-windows-2022
+ os: windows
+
+ stages:
+ - stage: WindowsUnitTests
+ dependsOn: []
+ jobs:
+ - template: /eng/ci/templates/test.yml@self
+ pool:
+ name: 1es-pool-azfunc-public
+
+ - stage: LinuxUnitTests
+ dependsOn: []
+ jobs:
+ - template: /eng/ci/templates/test.yml@self
+ pool:
+ name: 1es-pool-azfunc-public
+ image: 1es-ubuntu-22.04
+ os: linux
diff --git a/eng/ci/templates/build.yml b/eng/ci/templates/build.yml
new file mode 100644
index 00000000..f40e066a
--- /dev/null
+++ b/eng/ci/templates/build.yml
@@ -0,0 +1,38 @@
+jobs:
+ - job:
+ templateContext:
+ outputs:
+ - output: nuget
+ packagesToPush: "$(Build.ArtifactStagingDirectory)/*.nupkg"
+ packageParentPath: "$(Build.ArtifactStagingDirectory)"
+ nuGetFeedType: internal
+ publishVstsFeed: "e6a70c92-4128-439f-8012-382fe78d6396/c0493cce-bc63-4e11-9fc9-e7c45291f151"
+ sbomPackageName: "Azure Functions PowerShell Worker"
+ sbomBuildComponentPath: "$(Build.SourcesDirectory)"
+ allowPackageConflicts: true
+ # - output: nuget
+ # condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/dev'), eq(variables['UPLOADPACKAGETOPRERELEASEFEED'], true))
+ # packagesToPush: '$(Build.ArtifactStagingDirectory)/*.nupkg'
+ # packageParentPath: '$(Build.ArtifactStagingDirectory)'
+ # nuGetFeedType: 'internal'
+ # publishVstsFeed: 'e6a70c92-4128-439f-8012-382fe78d6396/f37f760c-aebd-443e-9714-ce725cd427df' # AzureFunctionsPreRelease feed
+ # allowPackageConflicts: true
+ steps:
+ - pwsh: ./build.ps1 -NoBuild -Bootstrap
+ displayName: "Running ./build.ps1 -NoBuild -Bootstrap"
+
+ - pwsh: |
+ $ErrorActionPreference = "Stop"
+
+ ./build.ps1 -Clean -Configuration Release -BuildNumber "$(buildNumber)"
+ displayName: "Build worker code"
+
+ - task: CopyFiles@2
+ inputs:
+ SourceFolder: "$(System.DefaultWorkingDirectory)/package"
+ Contents: |
+ **/*.nuspec
+ **/*.nupkg
+ TargetFolder: "$(Build.ArtifactStagingDirectory)"
+ flattenFolders: true
+ displayName: "Copy package to artifacts directory"
diff --git a/eng/ci/templates/test.yml b/eng/ci/templates/test.yml
new file mode 100644
index 00000000..07a36ebf
--- /dev/null
+++ b/eng/ci/templates/test.yml
@@ -0,0 +1,34 @@
+jobs:
+ - job: UnitTests
+ steps:
+ - pwsh: ./build.ps1 -NoBuild -Bootstrap
+ displayName: "Running ./build.ps1 -NoBuild -Bootstrap"
+
+ - pwsh: ./Check-CsprojVulnerabilities.ps1
+ displayName: "Check for security vulnerabilities"
+
+ - pwsh: |
+ $ErrorActionPreference = "Stop"
+
+ ./build.ps1 -Clean -Configuration Release -BuildNumber "$(buildNumber)"
+ displayName: "Build worker code"
+
+ - pwsh: ./build.ps1 -NoBuild -Test
+ displayName: "Running UnitTest"
+
+ # - pwsh: ./test/E2E/Start-E2ETest.ps1
+ # env:
+ # AzureWebJobsStorage: $(AzureWebJobsStorage)
+ # AzureWebJobsCosmosDBConnectionString: $(AzureWebJobsCosmosDBConnectionString)
+ # AzureWebJobsServiceBus: $(AzureWebJobsServiceBus)
+ # AzureWebJobsEventHubSender: $(AzureWebJobsEventHubSender)
+ # FUNCTIONS_WORKER_RUNTIME: "powershell"
+ # displayName: "Running E2ETest"
+
+ - task: PublishTestResults@2
+ inputs:
+ testResultsFormat: "VSTest"
+ testResultsFiles: "**/*.trx"
+ failTaskOnFailedTests: true
+ condition: succeededOrFailed()
+ displayName: "Publish tests results"
From 4a7f12d143ce1650b0a3bd11d503ea8035dca17b Mon Sep 17 00:00:00 2001
From: andystaples <77818326+andystaples@users.noreply.github.com>
Date: Thu, 20 Jun 2024 15:08:07 -0600
Subject: [PATCH 3/7] Fix public pipeline (#1069)
---
eng/ci/public.yml | 4 ++--
eng/ci/templates/test.yml | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/eng/ci/public.yml b/eng/ci/public.yml
index 726f8db0..e26de4ad 100644
--- a/eng/ci/public.yml
+++ b/eng/ci/public.yml
@@ -6,7 +6,7 @@ trigger:
- v4.x/*
- v3.x/*
-# Only run the tests on PR to official branches - do we want to run them on all PRs?
+# Run this pipeline on all PRs
pr:
branches:
include:
@@ -16,7 +16,7 @@ resources:
repositories:
- repository: 1es
type: git
- name: 1ESPipelineTemplates/1ESPipelineTemplates
+ name: 1ESPipelineTemplates/1ESPipelineTemplates@1es
ref: refs/tags/release
extends:
diff --git a/eng/ci/templates/test.yml b/eng/ci/templates/test.yml
index 07a36ebf..7e4d9e09 100644
--- a/eng/ci/templates/test.yml
+++ b/eng/ci/templates/test.yml
@@ -10,7 +10,7 @@ jobs:
- pwsh: |
$ErrorActionPreference = "Stop"
- ./build.ps1 -Clean -Configuration Release -BuildNumber "$(buildNumber)"
+ ./build.ps1 -Clean -Configuration Release
displayName: "Build worker code"
- pwsh: ./build.ps1 -NoBuild -Test
From c1f8b1d64bf9473547d75f1ebfbc6ba529a5f7a9 Mon Sep 17 00:00:00 2001
From: andystaples <77818326+andystaples@users.noreply.github.com>
Date: Thu, 20 Jun 2024 15:27:04 -0600
Subject: [PATCH 4/7] Move pipeline suffix to correct line (#1070)
---
eng/ci/public.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/eng/ci/public.yml b/eng/ci/public.yml
index e26de4ad..6e207620 100644
--- a/eng/ci/public.yml
+++ b/eng/ci/public.yml
@@ -20,7 +20,7 @@ resources:
ref: refs/tags/release
extends:
- template: v1/1ES.Unofficial.PipelineTemplate.yml
+ template: v1/1ES.Unofficial.PipelineTemplate.yml@1es
parameters:
pool:
name: 1es-pool-azfunc-public
From e52866137648d53c240360ca6a3de677c10cf9b7 Mon Sep 17 00:00:00 2001
From: andystaples <77818326+andystaples@users.noreply.github.com>
Date: Fri, 21 Jun 2024 11:39:47 -0600
Subject: [PATCH 5/7] Remove suffix from resources (#1073)
* Remove suffix from resources
* Fix PR trigger logic
---
eng/ci/public.yml | 10 +---------
1 file changed, 1 insertion(+), 9 deletions(-)
diff --git a/eng/ci/public.yml b/eng/ci/public.yml
index 6e207620..df070eed 100644
--- a/eng/ci/public.yml
+++ b/eng/ci/public.yml
@@ -3,20 +3,12 @@ trigger:
branches:
include:
- dev
- - v4.x/*
- - v3.x/*
-
-# Run this pipeline on all PRs
-pr:
- branches:
- include:
- - '*'
resources:
repositories:
- repository: 1es
type: git
- name: 1ESPipelineTemplates/1ESPipelineTemplates@1es
+ name: 1ESPipelineTemplates/1ESPipelineTemplates
ref: refs/tags/release
extends:
From 48b7f06bcd6afae88c3e8a4c49c61ae05922bb60 Mon Sep 17 00:00:00 2001
From: andystaples <77818326+andystaples@users.noreply.github.com>
Date: Fri, 21 Jun 2024 11:59:34 -0600
Subject: [PATCH 6/7] Remove NuGet Config (#1074)
---
NuGet.config | 8 --------
1 file changed, 8 deletions(-)
delete mode 100644 NuGet.config
diff --git a/NuGet.config b/NuGet.config
deleted file mode 100644
index 4538c7d8..00000000
--- a/NuGet.config
+++ /dev/null
@@ -1,8 +0,0 @@
-
-
-
-
-
-
-
-
From 9d0623c472364558202f7e3ac5af31905142d088 Mon Sep 17 00:00:00 2001
From: Andy Staples
Date: Fri, 21 Jun 2024 15:51:32 -0600
Subject: [PATCH 7/7] Clean up merge comments
---
build.ps1 | 32 --------------------------------
1 file changed, 32 deletions(-)
diff --git a/build.ps1 b/build.ps1
index 82d09d6f..949bd252 100644
--- a/build.ps1
+++ b/build.ps1
@@ -62,38 +62,6 @@ function Get-FunctionsCoreToolsDir {
}
}
-<<<<<<< HEAD
-function Install-SBOMUtil
-{
- if ([string]::IsNullOrEmpty($SBOMUtilSASUrl))
- {
- throw "The `$SBOMUtilSASUrl parameter cannot be null or empty when specifying the `$AddSBOM switch"
- }
-
- $MANIFESTOOLNAME = "ManifestTool"
- Write-Host "Installing $MANIFESTOOLNAME..."
-
- $MANIFESTOOL_DIRECTORY = Join-Path $PSScriptRoot $MANIFESTOOLNAME
- Remove-Item -Recurse -Force $MANIFESTOOL_DIRECTORY -ErrorAction Ignore
-
- Invoke-RestMethod -Uri $SBOMUtilSASUrl -OutFile "$MANIFESTOOL_DIRECTORY.zip"
- Expand-Archive "$MANIFESTOOL_DIRECTORY.zip" -DestinationPath $MANIFESTOOL_DIRECTORY
-
- $dllName = "Microsoft.ManifestTool.dll"
- $manifestToolPath = "$MANIFESTOOL_DIRECTORY/$dllName"
-
- if (-not (Test-Path $manifestToolPath))
- {
- throw "$MANIFESTOOL_DIRECTORY does not contain '$dllName'"
- }
-
- Write-Host 'Done.'
-
- return $manifestToolPath
-}
-
-=======
->>>>>>> f0a96f5 (Convert build pipeline to 1ES (#1061))
function Deploy-PowerShellWorker {
$ErrorActionPreference = 'Stop'