Rebuild pipeline migration to 1 es pipeline (#129089)

* This PR migrates the WinGetSVC rebuild pipeline to 1ES, including changes to the following files:

- rebuild-pipeline.yaml

The winget-pkgs repo was updated with the changes from the winget-pkgs-preprod repo, which had been merged from the pipeline staging process through PR. This manual copying was necessary because the automatic deployment failed for the production pipeline.

[How Validated:]

The changes have been validated against the preprod environment by manually triggering the pipeline and ensuring successful runs.

* Improve consistency of pipeline stage names
This commit updates the pipeline stage names to be more consistent across all pipelines. This change improves the readability of the pipeline code.
This commit is contained in:
Madhusudhan-MSFT
2023-12-06 13:09:10 -08:00
committed by GitHub
parent 410e8ab58b
commit 40b9a022a6
+176 -159
View File
@@ -12,173 +12,190 @@ variables:
Rebuild.EnableContainerBackup: $[coalesce(variables.EnableContainerBackup, 'False')]
Rebuild.ClearContainer: $[coalesce(variables.ClearContainer, 'False')]
jobs:
resources:
repositories:
- repository: 1ESPipelineTemplates
type: git
name: 1ESPipelineTemplates/1ESPipelineTemplates
ref: refs/tags/release
extends:
template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates
parameters:
pool:
name: Azure-Pipelines-1ESPT-ExDShared
image: windows-2022
os: windows
customBuildTags:
- ES365AIMigrationTooling
# Agent phase.
- job: 'Rebuild'
displayName: 'Start Rebuild'
pool:
vmImage: 'windows-latest'
variables:
skipComponentGovernanceDetection: ${{ true }}
runCodesignValidationInjection: ${{ false }}
timeoutInMinutes: 0
steps:
stages:
- stage: WinGetSvc_Rebuild
jobs:
# Agent phase.
- job: 'Rebuild'
displayName: 'Start Rebuild'
variables:
skipComponentGovernanceDetection: ${{ true }}
runCodesignValidationInjection: ${{ false }}
timeoutInMinutes: 0
steps:
# Allow scripts to access the system token.
- checkout: self
persistCredentials: true
clean: true
# Allow scripts to access the system token.
- checkout: self
persistCredentials: true
clean: true
# Downloads all the setup files and its dependencies.
- task: AzureCLI@1
displayName: 'Azure Setup'
inputs:
azureSubscription: '$(WinGet.Subscription)'
scriptLocation: inlineScript
inlineScript: 'az storage blob download-batch -d . --pattern * -s servicewrapper --output none'
env:
AZURE_STORAGE_CONNECTION_STRING: $(ValidationStorageAccountConnectionString)
# Downloads all the setup files and its dependencies.
- task: AzureCLI@1
displayName: 'Azure Setup'
inputs:
azureSubscription: '$(WinGet.Subscription)'
scriptLocation: inlineScript
inlineScript: 'az storage blob download-batch -d . --pattern * -s servicewrapper --output none'
env:
AZURE_STORAGE_CONNECTION_STRING: $(ValidationStorageAccountConnectionString)
# WinGet setup
- script: 'winget_rebuild_setup.cmd'
name: 'wingetsetup'
displayName: 'WinGet Setup'
workingDirectory: scripts
env:
HOST_KEY: $(AzureFunctionHostKey)
SIGN_ENDPOINT: $(AzFuncSignEndpoint)
PUBLISH_ENDPOINT: $(AzFuncRebuildPublishEndpoint)
CLEANUP_ENDPOINT: $(AzFuncRebuildCleanupEndpoint)
RESTSOURCE_REBUILD_ENDPOINT: $(AzFuncRestSourceRebuildEndpoint)
# WinGet setup
- task: CmdLine@2
name: 'wingetsetup'
displayName: 'WinGet Setup'
env:
HOST_KEY: $(AzureFunctionHostKey)
SIGN_ENDPOINT: $(AzFuncSignEndpoint)
PUBLISH_ENDPOINT: $(AzFuncRebuildPublishEndpoint)
CLEANUP_ENDPOINT: $(AzFuncRebuildCleanupEndpoint)
RESTSOURCE_REBUILD_ENDPOINT: $(AzFuncRestSourceRebuildEndpoint)
inputs:
script: 'winget_rebuild_setup.cmd'
workingDirectory: scripts
- task: CmdLine@2
displayName: 'Validate Manifests'
inputs:
script: 'WinGetSvcWrapper.exe rebuild --operationId %BUILD_BUILDNUMBER%'
failOnStderr: true
condition: succeeded()
env:
ValidationConnectionString: $(ValidationStorageAccountConnectionString)
ExecutionEnvironment: $(ExecutionEnvironment)
PackagePublisher: $(PackagePublisher)
SYSTEM_ACCESSTOKEN: $(System.AccessToken)
DIApplicationInsightKey: $(DIApplicationInsightKey)
WinGet:AppConfig:Primary: $(AppConfigPrimary)
WinGet:AppConfig:Secondary: $(AppConfigSecondary)
DevOpsOrganization: $(DevOpsOrganization)
DevOpsProjectName: $(DevOpsProjectName)
DevOpsPublishPipelineDefinitionId: $(DevOpsPublishPipelineDefinitionId)
- task: CmdLine@2
displayName: 'Validate Manifests'
inputs:
script: 'WinGetSvcWrapper.exe rebuild --operationId %BUILD_BUILDNUMBER%'
failOnStderr: true
condition: succeeded()
env:
ValidationConnectionString: $(ValidationStorageAccountConnectionString)
ExecutionEnvironment: $(ExecutionEnvironment)
PackagePublisher: $(PackagePublisher)
SYSTEM_ACCESSTOKEN: $(System.AccessToken)
DIApplicationInsightKey: $(DIApplicationInsightKey)
WinGet:AppConfig:Primary: $(AppConfigPrimary)
WinGet:AppConfig:Secondary: $(AppConfigSecondary)
DevOpsOrganization: $(DevOpsOrganization)
DevOpsProjectName: $(DevOpsProjectName)
DevOpsPublishPipelineDefinitionId: $(DevOpsPublishPipelineDefinitionId)
# Agentless phase. Depends on previous job.
- job: 'SignPackage'
pool: server
timeoutInMinutes: 1500
displayName: 'Sign package'
dependsOn:
- 'Rebuild'
variables:
HostKeySecret: $[ dependencies.Rebuild.outputs['wingetsetup.hostkey']]
SignEndpointSecret: $[ dependencies.Rebuild.outputs['wingetsetup.signEndpoint']]
steps:
# Agentless phase. Depends on previous job.
- job: 'SignPackage'
pool: server
timeoutInMinutes: 1500
displayName: 'Sign package'
dependsOn:
- 'Rebuild'
variables:
HostKeySecret: $[ dependencies.Rebuild.outputs['wingetsetup.hostkey']]
SignEndpointSecret: $[ dependencies.Rebuild.outputs['wingetsetup.signEndpoint']]
steps:
# Sign package.
- task: AzureFunction@1
displayName: 'Signing package'
inputs:
function: '$(SignEndpointSecret)'
key: '$(HostKeySecret)'
body: |
{
"operationId": "$(Build.BuildNumber)",
"BuildId": "$(Build.BuildId)",
"PlanUrl": "$(system.CollectionUri)",
"HubName": "$(system.HostType)",
"pipelineType": "RebuildPipeline",
"ProjectId": "$(system.TeamProjectId)",
"PlanId": "$(system.PlanId)",
"JobId": "$(system.JobId)",
"TimelineId": "$(system.TimelineId)",
"TaskInstanceId": "$(system.TaskInstanceId)",
"AuthToken": "$(system.AccessToken)"
}
waitForCompletion: "true"
# Sign package.
- task: AzureFunction@1
displayName: 'Signing package'
inputs:
function: '$(SignEndpointSecret)'
key: '$(HostKeySecret)'
body: |
{
"operationId": "$(Build.BuildNumber)",
"BuildId": "$(Build.BuildId)",
"PlanUrl": "$(system.CollectionUri)",
"HubName": "$(system.HostType)",
"pipelineType": "RebuildPipeline",
"ProjectId": "$(system.TeamProjectId)",
"PlanId": "$(system.PlanId)",
"JobId": "$(system.JobId)",
"TimelineId": "$(system.TimelineId)",
"TaskInstanceId": "$(system.TaskInstanceId)",
"AuthToken": "$(system.AccessToken)"
}
waitForCompletion: "true"
# Agentless phase. Depends on previous job.
- job: 'Publish'
pool: server
timeoutInMinutes: 1500
displayName: 'Publish'
dependsOn:
- 'Rebuild'
- 'SignPackage'
variables:
HostKeySecret: $[ dependencies.Rebuild.outputs['wingetsetup.hostkey']]
PublishEndpointSecret: $[ dependencies.Rebuild.outputs['wingetsetup.publishEndpoint']]
steps:
# Agentless phase. Depends on previous job.
- job: 'Publish'
pool: server
timeoutInMinutes: 1500
displayName: 'Publish'
dependsOn:
- 'Rebuild'
- 'SignPackage'
variables:
HostKeySecret: $[ dependencies.Rebuild.outputs['wingetsetup.hostkey']]
PublishEndpointSecret: $[ dependencies.Rebuild.outputs['wingetsetup.publishEndpoint']]
steps:
# Rebuild Publish.
- task: AzureFunction@1
displayName: 'Publish'
inputs:
function: '$(PublishEndpointSecret)'
key: '$(HostKeySecret)'
body: |
{
"operationId": "$(Build.BuildNumber)",
"BuildId": "$(Build.BuildId)",
"PlanUrl": "$(system.CollectionUri)",
"HubName": "$(system.HostType)",
"pipelineType": "RebuildPipeline",
"ProjectId": "$(system.TeamProjectId)",
"PlanId": "$(system.PlanId)",
"JobId": "$(system.JobId)",
"TimelineId": "$(system.TimelineId)",
"TaskInstanceId": "$(system.TaskInstanceId)",
"AuthToken": "$(system.AccessToken)",
"ContainerName": "$(CacheContainerName)",
"CommitTablePartitionKey": "$(CommitTablePartitionKey)",
"CommitTableRowKey": "$(CommitTableRowKey)",
"EnableContainerBackup": "$(Rebuild.EnableContainerBackup)",
"SkipManifestIndexUpdate": "$(Rebuild.SkipManifestIndexUpdate)",
"ClearContainer": "$(Rebuild.ClearContainer)",
}
waitForCompletion: "true"
# Rebuild Publish.
- task: AzureFunction@1
displayName: 'Publish'
inputs:
function: '$(PublishEndpointSecret)'
key: '$(HostKeySecret)'
body: |
{
"operationId": "$(Build.BuildNumber)",
"BuildId": "$(Build.BuildId)",
"PlanUrl": "$(system.CollectionUri)",
"HubName": "$(system.HostType)",
"pipelineType": "RebuildPipeline",
"ProjectId": "$(system.TeamProjectId)",
"PlanId": "$(system.PlanId)",
"JobId": "$(system.JobId)",
"TimelineId": "$(system.TimelineId)",
"TaskInstanceId": "$(system.TaskInstanceId)",
"AuthToken": "$(system.AccessToken)",
"ContainerName": "$(CacheContainerName)",
"CommitTablePartitionKey": "$(CommitTablePartitionKey)",
"CommitTableRowKey": "$(CommitTableRowKey)",
"EnableContainerBackup": "$(Rebuild.EnableContainerBackup)",
"SkipManifestIndexUpdate": "$(Rebuild.SkipManifestIndexUpdate)",
"ClearContainer": "$(Rebuild.ClearContainer)",
}
waitForCompletion: "true"
# Agentless phase. Depends on previous job.
- job: 'Cleanup'
pool: server
timeoutInMinutes: 1500
displayName: 'Cleanup'
dependsOn:
- 'Rebuild'
- 'SignPackage'
- 'Publish'
condition: and(succeededOrFailed(), ne(variables['Rebuild.SkipPausePublishPipeline'], 'True'))
variables:
HostKeySecret: $[ dependencies.Rebuild.outputs['wingetsetup.hostkey']]
CleanupEndpointSecret: $[ dependencies.Rebuild.outputs['wingetsetup.cleanupEndpoint']]
steps:
# Agentless phase. Depends on previous job.
- job: 'Cleanup'
pool: server
timeoutInMinutes: 1500
displayName: 'Cleanup'
dependsOn:
- 'Rebuild'
- 'SignPackage'
- 'Publish'
condition: and(succeededOrFailed(), ne(variables['Rebuild.SkipPausePublishPipeline'], 'True'))
variables:
HostKeySecret: $[ dependencies.Rebuild.outputs['wingetsetup.hostkey']]
CleanupEndpointSecret: $[ dependencies.Rebuild.outputs['wingetsetup.cleanupEndpoint']]
steps:
# Rebuild cleanup.
- task: AzureFunction@1
displayName: 'Cleanup'
inputs:
function: '$(CleanupEndpointSecret)'
key: '$(HostKeySecret)'
body: |
{
"operationId": "$(Build.BuildNumber)",
"BuildId": "$(Build.BuildId)",
"PlanUrl": "$(system.CollectionUri)",
"HubName": "$(system.HostType)",
"pipelineType": "RebuildPipeline",
"ProjectId": "$(system.TeamProjectId)",
"PlanId": "$(system.PlanId)",
"JobId": "$(system.JobId)",
"TimelineId": "$(system.TimelineId)",
"TaskInstanceId": "$(system.TaskInstanceId)",
"AuthToken": "$(system.AccessToken)",
}
waitForCompletion: "true"
# Rebuild cleanup.
- task: AzureFunction@1
displayName: 'Cleanup'
inputs:
function: '$(CleanupEndpointSecret)'
key: '$(HostKeySecret)'
body: |
{
"operationId": "$(Build.BuildNumber)",
"BuildId": "$(Build.BuildId)",
"PlanUrl": "$(system.CollectionUri)",
"HubName": "$(system.HostType)",
"pipelineType": "RebuildPipeline",
"ProjectId": "$(system.TeamProjectId)",
"PlanId": "$(system.PlanId)",
"JobId": "$(system.JobId)",
"TimelineId": "$(system.TimelineId)",
"TaskInstanceId": "$(system.TaskInstanceId)",
"AuthToken": "$(system.AccessToken)",
}
waitForCompletion: "true"