mirror of
https://github.com/Mintplex-Labs/winget-pkgs.git
synced 2026-07-01 18:28:34 -04:00
Migrate WinGetSVC pipeline to 1ES (#128720)
* Migrate WinGetSVC pipeline to 1ES This commit includes all the 1ES pipeline migration changes that are working in winget-pkgs-preprod manually copied to winget-pkgs repo as some issue in automatic deployment didn't bring this changes automatically. This commit migrates the WinGetSVC pipeline to 1ES, including changes to the following files: - publish-pipeline.yaml - rebuild-pipeline.yaml - rebuild-rest-pipeline.yaml - validation-pipeline.yaml The changes were manually copied from the winget-pkgs-preprod repo to the winget-pkgs repo due to an issue with automatic deployment. [How Validated:] - The changes have been validated against the preprod environment by manually triggering the pipeline and ensuring successful runs. * Improve consistency of pipeline stage names This commit updates the pipeline stage names to be more consistent across all pipelines. This change improves the readability of the pipeline code.
This commit is contained in:
@@ -13,256 +13,271 @@ trigger:
|
||||
|
||||
pr: none
|
||||
|
||||
jobs:
|
||||
resources:
|
||||
repositories:
|
||||
- repository: 1ESPipelineTemplates
|
||||
type: git
|
||||
name: 1ESPipelineTemplates/1ESPipelineTemplates
|
||||
ref: refs/tags/release
|
||||
extends:
|
||||
template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates
|
||||
parameters:
|
||||
pool:
|
||||
name: Azure-Pipelines-1ESPT-ExDShared
|
||||
image: windows-2022
|
||||
os: windows
|
||||
customBuildTags:
|
||||
- ES365AIMigrationTooling
|
||||
|
||||
stages:
|
||||
- stage: WinGetSvc_Publish
|
||||
jobs:
|
||||
# Agent phase.
|
||||
- job: 'CommitProcessing'
|
||||
displayName: 'Commit Processing'
|
||||
variables:
|
||||
skipComponentGovernanceDetection: ${{ true }}
|
||||
runCodesignValidationInjection: ${{ false }}
|
||||
timeoutInMinutes: 0
|
||||
|
||||
steps:
|
||||
|
||||
# Downloads all the setup files and its dependencies.
|
||||
- task: AzureCLI@1
|
||||
displayName: 'Azure Setup'
|
||||
inputs:
|
||||
azureSubscription: '$(WinGet.Subscription)'
|
||||
scriptLocation: inlineScript
|
||||
inlineScript: 'az storage blob download-batch -d . --pattern * -s servicewrapper --output none'
|
||||
env:
|
||||
AZURE_STORAGE_CONNECTION_STRING: $(ValidationStorageAccountConnectionString)
|
||||
|
||||
# Agent phase.
|
||||
- job: 'CommitProcessing'
|
||||
displayName: 'Commit Processing'
|
||||
pool:
|
||||
vmImage: 'windows-latest'
|
||||
variables:
|
||||
skipComponentGovernanceDetection: ${{ true }}
|
||||
runCodesignValidationInjection: ${{ false }}
|
||||
timeoutInMinutes: 0
|
||||
|
||||
steps:
|
||||
|
||||
# Downloads all the setup files and its dependencies.
|
||||
- task: AzureCLI@1
|
||||
displayName: 'Azure Setup'
|
||||
inputs:
|
||||
azureSubscription: '$(WinGet.Subscription)'
|
||||
scriptLocation: inlineScript
|
||||
inlineScript: 'az storage blob download-batch -d . --pattern * -s servicewrapper --output none'
|
||||
env:
|
||||
AZURE_STORAGE_CONNECTION_STRING: $(ValidationStorageAccountConnectionString)
|
||||
# WinGet setup
|
||||
- task: CmdLine@2
|
||||
name: 'wingetsetup'
|
||||
displayName: 'WinGet Setup'
|
||||
env:
|
||||
HOST_KEY: $(AzureFunctionHostKey)
|
||||
SIGN_ENDPOINT: $(AzFuncSignEndpoint)
|
||||
CLEANUP_ENDPOINT: $(AzFuncPublishCleanupEndpoint)
|
||||
MANIFEST_PUBLISH_COMPLETION_ENDPOINT: $(AzFuncManifestPublishCompletionEndpoint)
|
||||
PIPELINE_TASK_MESSAGE_QUEUE_ENDPOINT: $(AzFuncPipelineTaskMessageQueueEndPoint)
|
||||
RESTSOURCE_UPDATE_ENDPOINT: $(AzFuncRestSourceUpdateEndpoint)
|
||||
inputs:
|
||||
script: 'winget_publish_setup.cmd'
|
||||
workingDirectory: scripts
|
||||
|
||||
# WinGet setup
|
||||
- script: 'winget_publish_setup.cmd'
|
||||
name: 'wingetsetup'
|
||||
displayName: 'WinGet Setup'
|
||||
workingDirectory: scripts
|
||||
env:
|
||||
HOST_KEY: $(AzureFunctionHostKey)
|
||||
SIGN_ENDPOINT: $(AzFuncSignEndpoint)
|
||||
CLEANUP_ENDPOINT: $(AzFuncPublishCleanupEndpoint)
|
||||
MANIFEST_PUBLISH_COMPLETION_ENDPOINT: $(AzFuncManifestPublishCompletionEndpoint)
|
||||
PIPELINE_TASK_MESSAGE_QUEUE_ENDPOINT: $(AzFuncPipelineTaskMessageQueueEndPoint)
|
||||
RESTSOURCE_UPDATE_ENDPOINT: $(AzFuncRestSourceUpdateEndpoint)
|
||||
- task: CmdLine@2
|
||||
displayName: 'Validate Commits'
|
||||
inputs:
|
||||
script: 'WinGetSvcWrapper.exe validate-commits --operationId %BUILD_BUILDNUMBER%'
|
||||
failOnStderr: true
|
||||
condition: succeeded()
|
||||
env:
|
||||
ValidationConnectionString: $(ValidationStorageAccountConnectionString)
|
||||
ExecutionEnvironment: $(ExecutionEnvironment)
|
||||
CacheConnectionString: $(CacheStorageAccountConnectionString)
|
||||
PackagePublisher: $(PackagePublisher)
|
||||
DIApplicationInsightKey: $(DIApplicationInsightKey)
|
||||
WinGet:AppConfig:Primary: $(AppConfigPrimary)
|
||||
WinGet:AppConfig:Secondary: $(AppConfigSecondary)
|
||||
|
||||
- task: CmdLine@2
|
||||
displayName: 'Validate Commits'
|
||||
inputs:
|
||||
script: 'WinGetSvcWrapper.exe validate-commits --operationId %BUILD_BUILDNUMBER%'
|
||||
failOnStderr: true
|
||||
condition: succeeded()
|
||||
env:
|
||||
ValidationConnectionString: $(ValidationStorageAccountConnectionString)
|
||||
ExecutionEnvironment: $(ExecutionEnvironment)
|
||||
CacheConnectionString: $(CacheStorageAccountConnectionString)
|
||||
PackagePublisher: $(PackagePublisher)
|
||||
DIApplicationInsightKey: $(DIApplicationInsightKey)
|
||||
WinGet:AppConfig:Primary: $(AppConfigPrimary)
|
||||
WinGet:AppConfig:Secondary: $(AppConfigSecondary)
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'SignPackage'
|
||||
pool: server
|
||||
timeoutInMinutes: 1500
|
||||
displayName: 'Sign package'
|
||||
dependsOn:
|
||||
- 'CommitProcessing'
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.CommitProcessing.outputs['wingetsetup.hostkey']]
|
||||
SignEndpointSecret: $[ dependencies.CommitProcessing.outputs['wingetsetup.signEndpoint']]
|
||||
steps:
|
||||
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'SignPackage'
|
||||
pool: server
|
||||
timeoutInMinutes: 1500
|
||||
displayName: 'Sign package'
|
||||
dependsOn:
|
||||
- 'CommitProcessing'
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.CommitProcessing.outputs['wingetsetup.hostkey']]
|
||||
SignEndpointSecret: $[ dependencies.CommitProcessing.outputs['wingetsetup.signEndpoint']]
|
||||
steps:
|
||||
# Sign package.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Signing package'
|
||||
inputs:
|
||||
function: '$(SignEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "CommitPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
|
||||
# Sign package.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Signing package'
|
||||
inputs:
|
||||
function: '$(SignEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "CommitPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
# Agent phase. Depends on previous job.
|
||||
- job: 'Publish'
|
||||
displayName: 'Publish'
|
||||
variables:
|
||||
skipComponentGovernanceDetection: ${{ true }}
|
||||
runCodesignValidationInjection: ${{ false }}
|
||||
dependsOn:
|
||||
- 'SignPackage'
|
||||
timeoutInMinutes: 0
|
||||
|
||||
steps:
|
||||
|
||||
# Agent phase. Depends on previous job.
|
||||
- job: 'Publish'
|
||||
displayName: 'Publish'
|
||||
pool:
|
||||
vmImage: 'windows-latest'
|
||||
variables:
|
||||
skipComponentGovernanceDetection: ${{ true }}
|
||||
runCodesignValidationInjection: ${{ false }}
|
||||
dependsOn:
|
||||
- 'SignPackage'
|
||||
timeoutInMinutes: 0
|
||||
|
||||
steps:
|
||||
# Downloads all the setup files and its dependencies.
|
||||
- task: AzureCLI@1
|
||||
displayName: 'Azure Setup'
|
||||
inputs:
|
||||
azureSubscription: '$(WinGet.Subscription)'
|
||||
scriptLocation: inlineScript
|
||||
inlineScript: 'az storage blob download-batch -d . --pattern * -s servicewrapper --output none'
|
||||
env:
|
||||
AZURE_STORAGE_CONNECTION_STRING: $(ValidationStorageAccountConnectionString)
|
||||
|
||||
# Downloads all the setup files and its dependencies.
|
||||
- task: AzureCLI@1
|
||||
displayName: 'Azure Setup'
|
||||
inputs:
|
||||
azureSubscription: '$(WinGet.Subscription)'
|
||||
scriptLocation: inlineScript
|
||||
inlineScript: 'az storage blob download-batch -d . --pattern * -s servicewrapper --output none'
|
||||
env:
|
||||
AZURE_STORAGE_CONNECTION_STRING: $(ValidationStorageAccountConnectionString)
|
||||
# Validates integrity of pull request.
|
||||
- task: CmdLine@2
|
||||
displayName: 'Publish'
|
||||
inputs:
|
||||
script: 'WinGetSvcWrapper.exe publish --operationId %BUILD_BUILDNUMBER%'
|
||||
failOnStderr: true
|
||||
condition: succeeded()
|
||||
env:
|
||||
ValidationConnectionString: $(ValidationStorageAccountConnectionString)
|
||||
ExecutionEnvironment: $(ExecutionEnvironment)
|
||||
CacheConnectionString: $(CacheStorageAccountConnectionString)
|
||||
DIApplicationInsightKey: $(DIApplicationInsightKey)
|
||||
WinGet:AppConfig:Primary: $(AppConfigPrimary)
|
||||
WinGet:AppConfig:Secondary: $(AppConfigSecondary)
|
||||
CdnProfileName: $(CdnProfileName)
|
||||
CdnEndpointName: $(CdnEndpointName)
|
||||
CdnResourceGroup: $(CdnResourceGroup)
|
||||
CdnAzureServicesAuthConnectionString: $(AzureServicesAuthConnectionString)
|
||||
FdCdnProfileName: $(FdCdnProfileName)
|
||||
FdCdnEndpointName: $(FdCdnEndpointName)
|
||||
FdCdnResourceGroup: $(FdCdnResourceGroup)
|
||||
CacheContainerName: $(CacheContainerName)
|
||||
WinGet::SubscriptionId: $(WinGet.SubscriptionId)
|
||||
|
||||
# Validates integrity of pull request.
|
||||
- task: CmdLine@2
|
||||
displayName: 'Publish'
|
||||
inputs:
|
||||
script: 'WinGetSvcWrapper.exe publish --operationId %BUILD_BUILDNUMBER%'
|
||||
failOnStderr: true
|
||||
condition: succeeded()
|
||||
env:
|
||||
ValidationConnectionString: $(ValidationStorageAccountConnectionString)
|
||||
ExecutionEnvironment: $(ExecutionEnvironment)
|
||||
CacheConnectionString: $(CacheStorageAccountConnectionString)
|
||||
DIApplicationInsightKey: $(DIApplicationInsightKey)
|
||||
WinGet:AppConfig:Primary: $(AppConfigPrimary)
|
||||
WinGet:AppConfig:Secondary: $(AppConfigSecondary)
|
||||
CdnProfileName: $(CdnProfileName)
|
||||
CdnEndpointName: $(CdnEndpointName)
|
||||
CdnResourceGroup: $(CdnResourceGroup)
|
||||
CdnAzureServicesAuthConnectionString: $(AzureServicesAuthConnectionString)
|
||||
FdCdnProfileName: $(FdCdnProfileName)
|
||||
FdCdnEndpointName: $(FdCdnEndpointName)
|
||||
FdCdnResourceGroup: $(FdCdnResourceGroup)
|
||||
CacheContainerName: $(CacheContainerName)
|
||||
WinGet::SubscriptionId: $(WinGet.SubscriptionId)
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'PublishToRestSource'
|
||||
pool: server
|
||||
timeoutInMinutes: 1500
|
||||
displayName: 'Publish to rest source'
|
||||
dependsOn:
|
||||
- 'CommitProcessing'
|
||||
- 'Publish'
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.CommitProcessing.outputs['wingetsetup.hostkey']]
|
||||
RestSourceUpdateEndpointSecret: $[ dependencies.CommitProcessing.outputs['wingetsetup.restsourceUpdateEndpoint']]
|
||||
steps:
|
||||
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'PublishToRestSource'
|
||||
pool: server
|
||||
timeoutInMinutes: 1500
|
||||
displayName: 'Publish to rest source'
|
||||
dependsOn:
|
||||
- 'CommitProcessing'
|
||||
- 'Publish'
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.CommitProcessing.outputs['wingetsetup.hostkey']]
|
||||
RestSourceUpdateEndpointSecret: $[ dependencies.CommitProcessing.outputs['wingetsetup.restsourceUpdateEndpoint']]
|
||||
steps:
|
||||
# Publish updates to rest source
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Publishing to rest source'
|
||||
inputs:
|
||||
function: '$(RestSourceUpdateEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "CommitPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
|
||||
# Publish updates to rest source
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Publishing to rest source'
|
||||
inputs:
|
||||
function: '$(RestSourceUpdateEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "CommitPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'PostPublish'
|
||||
pool: server
|
||||
timeoutInMinutes: 1500
|
||||
displayName: 'Post publish'
|
||||
dependsOn:
|
||||
- 'CommitProcessing'
|
||||
- 'Publish'
|
||||
- 'PublishToRestSource'
|
||||
condition: and(succeeded(), ne(variables['Source.SkipPostPublish'], 'true'))
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.CommitProcessing.outputs['wingetsetup.hostkey']]
|
||||
CleanEndpointSecret: $[ dependencies.CommitProcessing.outputs['wingetsetup.cleanupEndpoint']]
|
||||
ManifestPublishCompletionEndPoint: $[ dependencies.CommitProcessing.outputs['wingetsetup.manifestPublishCompletionEndPoint']]
|
||||
PipelineTaskMessageQueueEndPoint: $[ dependencies.CommitProcessing.outputs['wingetsetup.PipelineTaskMessageQueueEndPoint']]
|
||||
steps:
|
||||
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'PostPublish'
|
||||
pool: server
|
||||
timeoutInMinutes: 1500
|
||||
displayName: 'Post publish'
|
||||
dependsOn:
|
||||
- 'CommitProcessing'
|
||||
- 'Publish'
|
||||
- 'PublishToRestSource'
|
||||
condition: and(succeeded(), ne(variables['Source.SkipPostPublish'], 'true'))
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.CommitProcessing.outputs['wingetsetup.hostkey']]
|
||||
CleanEndpointSecret: $[ dependencies.CommitProcessing.outputs['wingetsetup.cleanupEndpoint']]
|
||||
ManifestPublishCompletionEndPoint: $[ dependencies.CommitProcessing.outputs['wingetsetup.manifestPublishCompletionEndPoint']]
|
||||
PipelineTaskMessageQueueEndPoint: $[ dependencies.CommitProcessing.outputs['wingetsetup.PipelineTaskMessageQueueEndPoint']]
|
||||
steps:
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Waiver Commit'
|
||||
inputs:
|
||||
function: '$(PipelineTaskMessageQueueEndPoint)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "CommitPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)",
|
||||
"BuildRepositoryId": "$(build.repository.id)",
|
||||
"TaskIdentifier": "WaiverCommit"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Waiver Commit'
|
||||
inputs:
|
||||
function: '$(PipelineTaskMessageQueueEndPoint)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "CommitPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)",
|
||||
"BuildRepositoryId": "$(build.repository.id)",
|
||||
"TaskIdentifier": "WaiverCommit"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Pull Request Notification'
|
||||
inputs:
|
||||
function: '$(ManifestPublishCompletionEndPoint)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "CommitPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)",
|
||||
"BuildRepositoryId": "$(build.repository.id)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Pull Request Notification'
|
||||
inputs:
|
||||
function: '$(ManifestPublishCompletionEndPoint)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "CommitPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)",
|
||||
"BuildRepositoryId": "$(build.repository.id)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
|
||||
# Close issues.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Cleanup Issues'
|
||||
inputs:
|
||||
function: '$(CleanEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "CommitPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)",
|
||||
"BuildRepositoryId": "$(build.repository.id)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
# Close issues.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Cleanup Issues'
|
||||
inputs:
|
||||
function: '$(CleanEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "CommitPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)",
|
||||
"BuildRepositoryId": "$(build.repository.id)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
|
||||
@@ -12,173 +12,190 @@ variables:
|
||||
Rebuild.EnableContainerBackup: $[coalesce(variables.EnableContainerBackup, 'False')]
|
||||
Rebuild.ClearContainer: $[coalesce(variables.ClearContainer, 'False')]
|
||||
|
||||
jobs:
|
||||
resources:
|
||||
repositories:
|
||||
- repository: 1ESPipelineTemplates
|
||||
type: git
|
||||
name: 1ESPipelineTemplates/1ESPipelineTemplates
|
||||
ref: refs/tags/release
|
||||
extends:
|
||||
template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates
|
||||
parameters:
|
||||
pool:
|
||||
name: Azure-Pipelines-1ESPT-ExDShared
|
||||
image: windows-2022
|
||||
os: windows
|
||||
customBuildTags:
|
||||
- ES365AIMigrationTooling
|
||||
|
||||
# Agent phase.
|
||||
- job: 'Rebuild'
|
||||
displayName: 'Start Rebuild'
|
||||
pool:
|
||||
vmImage: 'windows-latest'
|
||||
variables:
|
||||
skipComponentGovernanceDetection: ${{ true }}
|
||||
runCodesignValidationInjection: ${{ false }}
|
||||
timeoutInMinutes: 0
|
||||
|
||||
steps:
|
||||
stages:
|
||||
- stage: WinGetSvc_Rebuild
|
||||
jobs:
|
||||
# Agent phase.
|
||||
- job: 'Rebuild'
|
||||
displayName: 'Start Rebuild'
|
||||
variables:
|
||||
skipComponentGovernanceDetection: ${{ true }}
|
||||
runCodesignValidationInjection: ${{ false }}
|
||||
timeoutInMinutes: 0
|
||||
|
||||
steps:
|
||||
|
||||
# Allow scripts to access the system token.
|
||||
- checkout: self
|
||||
persistCredentials: true
|
||||
clean: true
|
||||
# Allow scripts to access the system token.
|
||||
- checkout: self
|
||||
persistCredentials: true
|
||||
clean: true
|
||||
|
||||
# Downloads all the setup files and its dependencies.
|
||||
- task: AzureCLI@1
|
||||
displayName: 'Azure Setup'
|
||||
inputs:
|
||||
azureSubscription: '$(WinGet.Subscription)'
|
||||
scriptLocation: inlineScript
|
||||
inlineScript: 'az storage blob download-batch -d . --pattern * -s servicewrapper --output none'
|
||||
env:
|
||||
AZURE_STORAGE_CONNECTION_STRING: $(ValidationStorageAccountConnectionString)
|
||||
# Downloads all the setup files and its dependencies.
|
||||
- task: AzureCLI@1
|
||||
displayName: 'Azure Setup'
|
||||
inputs:
|
||||
azureSubscription: '$(WinGet.Subscription)'
|
||||
scriptLocation: inlineScript
|
||||
inlineScript: 'az storage blob download-batch -d . --pattern * -s servicewrapper --output none'
|
||||
env:
|
||||
AZURE_STORAGE_CONNECTION_STRING: $(ValidationStorageAccountConnectionString)
|
||||
|
||||
# WinGet setup
|
||||
- script: 'winget_rebuild_setup.cmd'
|
||||
name: 'wingetsetup'
|
||||
displayName: 'WinGet Setup'
|
||||
workingDirectory: scripts
|
||||
env:
|
||||
HOST_KEY: $(AzureFunctionHostKey)
|
||||
SIGN_ENDPOINT: $(AzFuncSignEndpoint)
|
||||
PUBLISH_ENDPOINT: $(AzFuncRebuildPublishEndpoint)
|
||||
CLEANUP_ENDPOINT: $(AzFuncRebuildCleanupEndpoint)
|
||||
RESTSOURCE_REBUILD_ENDPOINT: $(AzFuncRestSourceRebuildEndpoint)
|
||||
# WinGet setup
|
||||
- task: CmdLine@2
|
||||
name: 'wingetsetup'
|
||||
displayName: 'WinGet Setup'
|
||||
env:
|
||||
HOST_KEY: $(AzureFunctionHostKey)
|
||||
SIGN_ENDPOINT: $(AzFuncSignEndpoint)
|
||||
PUBLISH_ENDPOINT: $(AzFuncRebuildPublishEndpoint)
|
||||
CLEANUP_ENDPOINT: $(AzFuncRebuildCleanupEndpoint)
|
||||
RESTSOURCE_REBUILD_ENDPOINT: $(AzFuncRestSourceRebuildEndpoint)
|
||||
inputs:
|
||||
script: 'winget_rebuild_setup.cmd'
|
||||
workingDirectory: scripts
|
||||
|
||||
- task: CmdLine@2
|
||||
displayName: 'Validate Manifests'
|
||||
inputs:
|
||||
script: 'WinGetSvcWrapper.exe rebuild --operationId %BUILD_BUILDNUMBER%'
|
||||
failOnStderr: true
|
||||
condition: succeeded()
|
||||
env:
|
||||
ValidationConnectionString: $(ValidationStorageAccountConnectionString)
|
||||
ExecutionEnvironment: $(ExecutionEnvironment)
|
||||
PackagePublisher: $(PackagePublisher)
|
||||
SYSTEM_ACCESSTOKEN: $(System.AccessToken)
|
||||
DIApplicationInsightKey: $(DIApplicationInsightKey)
|
||||
WinGet:AppConfig:Primary: $(AppConfigPrimary)
|
||||
WinGet:AppConfig:Secondary: $(AppConfigSecondary)
|
||||
DevOpsOrganization: $(DevOpsOrganization)
|
||||
DevOpsProjectName: $(DevOpsProjectName)
|
||||
DevOpsPublishPipelineDefinitionId: $(DevOpsPublishPipelineDefinitionId)
|
||||
- task: CmdLine@2
|
||||
displayName: 'Validate Manifests'
|
||||
inputs:
|
||||
script: 'WinGetSvcWrapper.exe rebuild --operationId %BUILD_BUILDNUMBER%'
|
||||
failOnStderr: true
|
||||
condition: succeeded()
|
||||
env:
|
||||
ValidationConnectionString: $(ValidationStorageAccountConnectionString)
|
||||
ExecutionEnvironment: $(ExecutionEnvironment)
|
||||
PackagePublisher: $(PackagePublisher)
|
||||
SYSTEM_ACCESSTOKEN: $(System.AccessToken)
|
||||
DIApplicationInsightKey: $(DIApplicationInsightKey)
|
||||
WinGet:AppConfig:Primary: $(AppConfigPrimary)
|
||||
WinGet:AppConfig:Secondary: $(AppConfigSecondary)
|
||||
DevOpsOrganization: $(DevOpsOrganization)
|
||||
DevOpsProjectName: $(DevOpsProjectName)
|
||||
DevOpsPublishPipelineDefinitionId: $(DevOpsPublishPipelineDefinitionId)
|
||||
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'SignPackage'
|
||||
pool: server
|
||||
timeoutInMinutes: 1500
|
||||
displayName: 'Sign package'
|
||||
dependsOn:
|
||||
- 'Rebuild'
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.Rebuild.outputs['wingetsetup.hostkey']]
|
||||
SignEndpointSecret: $[ dependencies.Rebuild.outputs['wingetsetup.signEndpoint']]
|
||||
steps:
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'SignPackage'
|
||||
pool: server
|
||||
timeoutInMinutes: 1500
|
||||
displayName: 'Sign package'
|
||||
dependsOn:
|
||||
- 'Rebuild'
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.Rebuild.outputs['wingetsetup.hostkey']]
|
||||
SignEndpointSecret: $[ dependencies.Rebuild.outputs['wingetsetup.signEndpoint']]
|
||||
steps:
|
||||
|
||||
# Sign package.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Signing package'
|
||||
inputs:
|
||||
function: '$(SignEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "RebuildPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
# Sign package.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Signing package'
|
||||
inputs:
|
||||
function: '$(SignEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "RebuildPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'Publish'
|
||||
pool: server
|
||||
timeoutInMinutes: 1500
|
||||
displayName: 'Publish'
|
||||
dependsOn:
|
||||
- 'Rebuild'
|
||||
- 'SignPackage'
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.Rebuild.outputs['wingetsetup.hostkey']]
|
||||
PublishEndpointSecret: $[ dependencies.Rebuild.outputs['wingetsetup.publishEndpoint']]
|
||||
steps:
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'Publish'
|
||||
pool: server
|
||||
timeoutInMinutes: 1500
|
||||
displayName: 'Publish'
|
||||
dependsOn:
|
||||
- 'Rebuild'
|
||||
- 'SignPackage'
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.Rebuild.outputs['wingetsetup.hostkey']]
|
||||
PublishEndpointSecret: $[ dependencies.Rebuild.outputs['wingetsetup.publishEndpoint']]
|
||||
steps:
|
||||
|
||||
# Rebuild Publish.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Publish'
|
||||
inputs:
|
||||
function: '$(PublishEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "RebuildPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)",
|
||||
"ContainerName": "$(CacheContainerName)",
|
||||
"CommitTablePartitionKey": "$(CommitTablePartitionKey)",
|
||||
"CommitTableRowKey": "$(CommitTableRowKey)",
|
||||
"EnableContainerBackup": "$(Rebuild.EnableContainerBackup)",
|
||||
"SkipManifestIndexUpdate": "$(Rebuild.SkipManifestIndexUpdate)",
|
||||
"ClearContainer": "$(Rebuild.ClearContainer)",
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
# Rebuild Publish.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Publish'
|
||||
inputs:
|
||||
function: '$(PublishEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "RebuildPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)",
|
||||
"ContainerName": "$(CacheContainerName)",
|
||||
"CommitTablePartitionKey": "$(CommitTablePartitionKey)",
|
||||
"CommitTableRowKey": "$(CommitTableRowKey)",
|
||||
"EnableContainerBackup": "$(Rebuild.EnableContainerBackup)",
|
||||
"SkipManifestIndexUpdate": "$(Rebuild.SkipManifestIndexUpdate)",
|
||||
"ClearContainer": "$(Rebuild.ClearContainer)",
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'Cleanup'
|
||||
pool: server
|
||||
timeoutInMinutes: 1500
|
||||
displayName: 'Cleanup'
|
||||
dependsOn:
|
||||
- 'Rebuild'
|
||||
- 'SignPackage'
|
||||
- 'Publish'
|
||||
condition: and(succeededOrFailed(), ne(variables['Rebuild.SkipPausePublishPipeline'], 'True'))
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.Rebuild.outputs['wingetsetup.hostkey']]
|
||||
CleanupEndpointSecret: $[ dependencies.Rebuild.outputs['wingetsetup.cleanupEndpoint']]
|
||||
steps:
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'Cleanup'
|
||||
pool: server
|
||||
timeoutInMinutes: 1500
|
||||
displayName: 'Cleanup'
|
||||
dependsOn:
|
||||
- 'Rebuild'
|
||||
- 'SignPackage'
|
||||
- 'Publish'
|
||||
condition: and(succeededOrFailed(), ne(variables['Rebuild.SkipPausePublishPipeline'], 'True'))
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.Rebuild.outputs['wingetsetup.hostkey']]
|
||||
CleanupEndpointSecret: $[ dependencies.Rebuild.outputs['wingetsetup.cleanupEndpoint']]
|
||||
steps:
|
||||
|
||||
# Rebuild cleanup.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Cleanup'
|
||||
inputs:
|
||||
function: '$(CleanupEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "RebuildPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)",
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
# Rebuild cleanup.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Cleanup'
|
||||
inputs:
|
||||
function: '$(CleanupEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "RebuildPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)",
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
|
||||
@@ -6,72 +6,89 @@ name: '$(Build.DefinitionName)-$(Build.DefinitionVersion)-$(Date:yyyyMMdd)-$(Rev
|
||||
trigger: none
|
||||
pr: none
|
||||
|
||||
jobs:
|
||||
resources:
|
||||
repositories:
|
||||
- repository: 1ESPipelineTemplates
|
||||
type: git
|
||||
name: 1ESPipelineTemplates/1ESPipelineTemplates
|
||||
ref: refs/tags/release
|
||||
extends:
|
||||
template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates
|
||||
parameters:
|
||||
pool:
|
||||
name: Azure-Pipelines-1ESPT-ExDShared
|
||||
image: windows-2022
|
||||
os: windows
|
||||
customBuildTags:
|
||||
- ES365AIMigrationTooling
|
||||
|
||||
# Agent phase.
|
||||
- job: 'Rebuild'
|
||||
displayName: 'Start Rebuild'
|
||||
pool:
|
||||
vmImage: 'windows-latest'
|
||||
variables:
|
||||
skipComponentGovernanceDetection: ${{ true }}
|
||||
runCodesignValidationInjection: ${{ false }}
|
||||
timeoutInMinutes: 0
|
||||
steps:
|
||||
stages:
|
||||
- stage: WinGetSvc_Rest_Rebuild
|
||||
jobs:
|
||||
# Agent phase.
|
||||
- job: 'Rebuild'
|
||||
displayName: 'Start Rebuild'
|
||||
variables:
|
||||
skipComponentGovernanceDetection: ${{ true }}
|
||||
runCodesignValidationInjection: ${{ false }}
|
||||
timeoutInMinutes: 0
|
||||
steps:
|
||||
|
||||
# Allow scripts to access the system token.
|
||||
- checkout: none
|
||||
persistCredentials: true
|
||||
# Allow scripts to access the system token.
|
||||
- checkout: none
|
||||
persistCredentials: true
|
||||
|
||||
# Downloads all the setup files and its dependencies.
|
||||
- task: AzureCLI@1
|
||||
displayName: 'Azure Setup'
|
||||
inputs:
|
||||
azureSubscription: '$(WinGet.Subscription)'
|
||||
scriptLocation: inlineScript
|
||||
inlineScript: 'az storage blob download-batch -d . --pattern * -s servicewrapper --output none'
|
||||
env:
|
||||
AZURE_STORAGE_CONNECTION_STRING: $(ValidationStorageAccountConnectionString)
|
||||
# Downloads all the setup files and its dependencies.
|
||||
- task: AzureCLI@1
|
||||
displayName: 'Azure Setup'
|
||||
inputs:
|
||||
azureSubscription: '$(WinGet.Subscription)'
|
||||
scriptLocation: inlineScript
|
||||
inlineScript: 'az storage blob download-batch -d . --pattern * -s servicewrapper --output none'
|
||||
env:
|
||||
AZURE_STORAGE_CONNECTION_STRING: $(ValidationStorageAccountConnectionString)
|
||||
|
||||
# WinGet setup
|
||||
- script: 'winget_rebuild_setup.cmd'
|
||||
name: 'wingetsetup'
|
||||
displayName: 'WinGet Setup'
|
||||
workingDirectory: scripts
|
||||
env:
|
||||
HOST_KEY: $(AzureFunctionHostKey)
|
||||
RESTSOURCE_REBUILD_ENDPOINT: $(AzFuncRestSourceRebuildEndpoint)
|
||||
# WinGet setup
|
||||
- task: CmdLine@2
|
||||
name: 'wingetsetup'
|
||||
displayName: 'WinGet Setup'
|
||||
env:
|
||||
HOST_KEY: $(AzureFunctionHostKey)
|
||||
RESTSOURCE_REBUILD_ENDPOINT: $(AzFuncRestSourceRebuildEndpoint)
|
||||
inputs:
|
||||
script: 'winget_rebuild_setup.cmd'
|
||||
workingDirectory: scripts
|
||||
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'PublishToRestSource'
|
||||
pool: server
|
||||
timeoutInMinutes: 1500
|
||||
displayName: 'Publish to rest source'
|
||||
dependsOn:
|
||||
- 'Rebuild'
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.Rebuild.outputs['wingetsetup.hostkey']]
|
||||
RestSourceRebuildEndpointSecret: $[ dependencies.Rebuild.outputs['wingetsetup.restsourceRebuildEndpoint']]
|
||||
steps:
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'PublishToRestSource'
|
||||
pool: server
|
||||
timeoutInMinutes: 1500
|
||||
displayName: 'Publish to rest source'
|
||||
dependsOn:
|
||||
- 'Rebuild'
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.Rebuild.outputs['wingetsetup.hostkey']]
|
||||
RestSourceRebuildEndpointSecret: $[ dependencies.Rebuild.outputs['wingetsetup.restsourceRebuildEndpoint']]
|
||||
steps:
|
||||
|
||||
# Rebuild Rest source.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Publish to rest source'
|
||||
inputs:
|
||||
function: '$(RestSourceRebuildEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "RebuildPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
# Rebuild Rest source.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Publish to rest source'
|
||||
inputs:
|
||||
function: '$(RestSourceRebuildEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"pipelineType": "RebuildPipeline",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
|
||||
@@ -12,304 +12,320 @@ pr:
|
||||
include:
|
||||
- manifests
|
||||
|
||||
jobs:
|
||||
resources:
|
||||
repositories:
|
||||
- repository: 1ESPipelineTemplates
|
||||
type: git
|
||||
name: 1ESPipelineTemplates/1ESPipelineTemplates
|
||||
ref: refs/tags/release
|
||||
extends:
|
||||
template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates
|
||||
parameters:
|
||||
pool:
|
||||
name: Azure-Pipelines-1ESPT-ExDShared
|
||||
image: windows-2022
|
||||
os: windows
|
||||
customBuildTags:
|
||||
- ES365AIMigrationTooling
|
||||
stages:
|
||||
- stage: WinGetSvc_Validation
|
||||
jobs:
|
||||
|
||||
# Agent phase. Process pull request changes and validate manifests.
|
||||
- job: 'FileValidation'
|
||||
displayName: 'Pull Request Validation'
|
||||
pool:
|
||||
vmImage: 'windows-latest'
|
||||
variables:
|
||||
skipComponentGovernanceDetection: ${{ true }}
|
||||
runCodesignValidationInjection: ${{ false }}
|
||||
timeoutInMinutes: 0
|
||||
|
||||
steps:
|
||||
# Agent phase. Process pull request changes and validate manifests.
|
||||
- job: 'FileValidation'
|
||||
displayName: 'Pull Request Validation'
|
||||
variables:
|
||||
skipComponentGovernanceDetection: ${{ true }}
|
||||
runCodesignValidationInjection: ${{ false }}
|
||||
timeoutInMinutes: 0
|
||||
|
||||
steps:
|
||||
|
||||
# Downloads all the setup files and its dependencies.
|
||||
- task: AzureCLI@1
|
||||
displayName: 'Azure Setup'
|
||||
inputs:
|
||||
azureSubscription: '$(WinGet.Subscription)'
|
||||
scriptLocation: inlineScript
|
||||
inlineScript: 'az storage blob download-batch -d . --pattern * -s servicewrapper --output none'
|
||||
env:
|
||||
AZURE_STORAGE_CONNECTION_STRING: $(ValidationStorageAccountConnectionString)
|
||||
# Downloads all the setup files and its dependencies.
|
||||
- task: AzureCLI@1
|
||||
displayName: 'Azure Setup'
|
||||
inputs:
|
||||
azureSubscription: '$(WinGet.Subscription)'
|
||||
scriptLocation: inlineScript
|
||||
inlineScript: 'az storage blob download-batch -d . --pattern * -s servicewrapper --output none'
|
||||
env:
|
||||
AZURE_STORAGE_CONNECTION_STRING: $(ValidationStorageAccountConnectionString)
|
||||
|
||||
# WinGet setup
|
||||
- script: 'winget_validation_setup.cmd'
|
||||
name: 'wingetsetup'
|
||||
displayName: 'WinGet Setup'
|
||||
workingDirectory: scripts
|
||||
env:
|
||||
HOST_KEY: $(AzureFunctionHostKey)
|
||||
SMART_SCREEN_ENDPOINT: $(AzFuncSmartScreenEndpoint)
|
||||
DOMAIN_URLS_VALIDATION_ENDPOINT: $(AzFuncDomainUrlValEndpoint)
|
||||
MANIFEST_POLICY_ENDPOINT: $(AzFuncManifestPolicyEndpoint)
|
||||
SCAN_ENDPOINT: $(AzFuncScanEndpoint)
|
||||
INSTALLATION_ENDPOINT: $(AzFuncInstallationVerificationEndpoint)
|
||||
LABEL_ENDPOINT: $(AzFuncSetLabelOnPullRequestEndpoint)
|
||||
CLEANUP_ENDPOINT: $(AzFuncCleanupEndpoint)
|
||||
LABEL_KEY: $(AzureFunctionLabelKey)
|
||||
CATALOG_CONTENT_VERIFICATION_ENDPOINT: $(AzFuncCatalogContentVerificationEndpoint)
|
||||
- task: CmdLine@2
|
||||
name: 'wingetsetup'
|
||||
displayName: 'WinGet Setup'
|
||||
env:
|
||||
HOST_KEY: $(AzureFunctionHostKey)
|
||||
SMART_SCREEN_ENDPOINT: $(AzFuncSmartScreenEndpoint)
|
||||
DOMAIN_URLS_VALIDATION_ENDPOINT: $(AzFuncDomainUrlValEndpoint)
|
||||
MANIFEST_POLICY_ENDPOINT: $(AzFuncManifestPolicyEndpoint)
|
||||
SCAN_ENDPOINT: $(AzFuncScanEndpoint)
|
||||
INSTALLATION_ENDPOINT: $(AzFuncInstallationVerificationEndpoint)
|
||||
LABEL_ENDPOINT: $(AzFuncSetLabelOnPullRequestEndpoint)
|
||||
CLEANUP_ENDPOINT: $(AzFuncCleanupEndpoint)
|
||||
LABEL_KEY: $(AzureFunctionLabelKey)
|
||||
CATALOG_CONTENT_VERIFICATION_ENDPOINT: $(AzFuncCatalogContentVerificationEndpoint)
|
||||
inputs:
|
||||
script: 'winget_validation_setup.cmd'
|
||||
workingDirectory: scripts
|
||||
|
||||
# Validates integrity of pull request.
|
||||
- task: CmdLine@2
|
||||
displayName: 'Validate Pull Request'
|
||||
inputs:
|
||||
script: 'WinGetSvcWrapper.exe process-pr --operationId %BUILD_BUILDNUMBER%'
|
||||
failOnStderr: true
|
||||
condition: succeeded()
|
||||
env:
|
||||
ValidationConnectionString: $(ValidationStorageAccountConnectionString)
|
||||
GithubRepository: $(GithubRepository)
|
||||
GithubServiceAccountToken: $(GithubServiceAccountToken)
|
||||
ExecutionEnvironment: $(ExecutionEnvironment)
|
||||
DIApplicationInsightKey: $(DIApplicationInsightKey)
|
||||
WinGet:AppConfig:Primary: $(AppConfigPrimary)
|
||||
WinGet:AppConfig:Secondary: $(AppConfigSecondary)
|
||||
# Validates integrity of pull request.
|
||||
- task: CmdLine@2
|
||||
displayName: 'Validate Pull Request'
|
||||
inputs:
|
||||
script: 'WinGetSvcWrapper.exe process-pr --operationId %BUILD_BUILDNUMBER%'
|
||||
failOnStderr: true
|
||||
condition: succeeded()
|
||||
env:
|
||||
ValidationConnectionString: $(ValidationStorageAccountConnectionString)
|
||||
GithubRepository: $(GithubRepository)
|
||||
GithubServiceAccountToken: $(GithubServiceAccountToken)
|
||||
ExecutionEnvironment: $(ExecutionEnvironment)
|
||||
DIApplicationInsightKey: $(DIApplicationInsightKey)
|
||||
WinGet:AppConfig:Primary: $(AppConfigPrimary)
|
||||
WinGet:AppConfig:Secondary: $(AppConfigSecondary)
|
||||
|
||||
# Validates manifest integrity.
|
||||
- task: CmdLine@2
|
||||
displayName: 'Validate Manifest'
|
||||
inputs:
|
||||
script: 'WinGetSvcWrapper.exe validate-manifests --operationId %BUILD_BUILDNUMBER%'
|
||||
failOnStderr: true
|
||||
condition: succeeded()
|
||||
env:
|
||||
ValidationConnectionString: $(ValidationStorageAccountConnectionString)
|
||||
CacheConnectionString: $(CacheStorageAccountConnectionString)
|
||||
DIApplicationInsightKey: $(DIApplicationInsightKey)
|
||||
WinGet:AppConfig:Primary: $(AppConfigPrimary)
|
||||
WinGet:AppConfig:Secondary: $(AppConfigSecondary)
|
||||
# Validates manifest integrity.
|
||||
- task: CmdLine@2
|
||||
displayName: 'Validate Manifest'
|
||||
inputs:
|
||||
script: 'WinGetSvcWrapper.exe validate-manifests --operationId %BUILD_BUILDNUMBER%'
|
||||
failOnStderr: true
|
||||
condition: succeeded()
|
||||
env:
|
||||
ValidationConnectionString: $(ValidationStorageAccountConnectionString)
|
||||
CacheConnectionString: $(CacheStorageAccountConnectionString)
|
||||
DIApplicationInsightKey: $(DIApplicationInsightKey)
|
||||
WinGet:AppConfig:Primary: $(AppConfigPrimary)
|
||||
WinGet:AppConfig:Secondary: $(AppConfigSecondary)
|
||||
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'ContentValidation'
|
||||
pool: server
|
||||
displayName: 'Manifest Content Validation'
|
||||
timeoutInMinutes: 1500
|
||||
dependsOn:
|
||||
- 'FileValidation'
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.FileValidation.outputs['wingetsetup.hostkey']]
|
||||
SmartScreenEndpointSecret: $[ dependencies.FileValidation.outputs['wingetsetup.smartScreenEndpoint']]
|
||||
DomainUrlValidationEndpointSecret: $[ dependencies.FileValidation.outputs['wingetsetup.domainUrlValidationEndpoint']]
|
||||
ManiestPolicyEndpointSecret: $[ dependencies.FileValidation.outputs['wingetsetup.manifestPolicyEndpoint']]
|
||||
steps:
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'ContentValidation'
|
||||
pool: server
|
||||
displayName: 'Manifest Content Validation'
|
||||
timeoutInMinutes: 1500
|
||||
dependsOn:
|
||||
- 'FileValidation'
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.FileValidation.outputs['wingetsetup.hostkey']]
|
||||
SmartScreenEndpointSecret: $[ dependencies.FileValidation.outputs['wingetsetup.smartScreenEndpoint']]
|
||||
DomainUrlValidationEndpointSecret: $[ dependencies.FileValidation.outputs['wingetsetup.domainUrlValidationEndpoint']]
|
||||
ManiestPolicyEndpointSecret: $[ dependencies.FileValidation.outputs['wingetsetup.manifestPolicyEndpoint']]
|
||||
steps:
|
||||
|
||||
# Scans all the urls from manifest contents.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'URLs Validation'
|
||||
inputs:
|
||||
function: '$(SmartScreenEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
# Scans all the urls from manifest contents.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'URLs Validation'
|
||||
inputs:
|
||||
function: '$(SmartScreenEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
|
||||
# Domain url validations.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'URL Domain validation'
|
||||
inputs:
|
||||
function: '$(DomainUrlValidationEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
# Domain url validations.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'URL Domain validation'
|
||||
inputs:
|
||||
function: '$(DomainUrlValidationEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
|
||||
# Manifest policy checks.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Manifest Policy Validation'
|
||||
inputs:
|
||||
function: '$(ManiestPolicyEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
# Manifest policy checks.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Manifest Policy Validation'
|
||||
inputs:
|
||||
function: '$(ManiestPolicyEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'InstallerValidation'
|
||||
pool: server
|
||||
displayName: 'Installer Validation'
|
||||
timeoutInMinutes: 1500
|
||||
dependsOn:
|
||||
- 'FileValidation'
|
||||
- 'ContentValidation'
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.FileValidation.outputs['wingetsetup.hostkey']]
|
||||
ScanEndpointSecret: $[ dependencies.FileValidation.outputs['wingetsetup.scanEndpoint']]
|
||||
InstallationEndpointSecret: $[ dependencies.FileValidation.outputs['wingetsetup.installationEndpoint']]
|
||||
steps:
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'InstallerValidation'
|
||||
pool: server
|
||||
displayName: 'Installer Validation'
|
||||
timeoutInMinutes: 1500
|
||||
dependsOn:
|
||||
- 'FileValidation'
|
||||
- 'ContentValidation'
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.FileValidation.outputs['wingetsetup.hostkey']]
|
||||
ScanEndpointSecret: $[ dependencies.FileValidation.outputs['wingetsetup.scanEndpoint']]
|
||||
InstallationEndpointSecret: $[ dependencies.FileValidation.outputs['wingetsetup.installationEndpoint']]
|
||||
steps:
|
||||
|
||||
# Scan installers in manifests.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Installers Scan'
|
||||
inputs:
|
||||
function: '$(ScanEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
# Scan installers in manifests.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Installers Scan'
|
||||
inputs:
|
||||
function: '$(ScanEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
|
||||
# Validates installation.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Installation Validation'
|
||||
inputs:
|
||||
function: '$(InstallationEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
# Validates installation.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Installation Validation'
|
||||
inputs:
|
||||
function: '$(InstallationEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'CatalogContentVerification'
|
||||
pool: server
|
||||
displayName: 'Catalog Content Verification'
|
||||
timeoutInMinutes: 1500
|
||||
dependsOn:
|
||||
- 'FileValidation'
|
||||
- 'ContentValidation'
|
||||
- 'InstallerValidation'
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.FileValidation.outputs['wingetsetup.hostkey']]
|
||||
CatalogContentVerificationEndpointSecret: $[ dependencies.FileValidation.outputs['wingetsetup.catalogContentVerificationEndpoint']]
|
||||
steps:
|
||||
# Agentless phase. Depends on previous job.
|
||||
- job: 'CatalogContentVerification'
|
||||
pool: server
|
||||
displayName: 'Catalog Content Verification'
|
||||
timeoutInMinutes: 1500
|
||||
dependsOn:
|
||||
- 'FileValidation'
|
||||
- 'ContentValidation'
|
||||
- 'InstallerValidation'
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.FileValidation.outputs['wingetsetup.hostkey']]
|
||||
CatalogContentVerificationEndpointSecret: $[ dependencies.FileValidation.outputs['wingetsetup.catalogContentVerificationEndpoint']]
|
||||
steps:
|
||||
|
||||
# Catalog content verification
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Catalog Content Verification'
|
||||
inputs:
|
||||
function: '$(CatalogContentVerificationEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
# Catalog content verification
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Catalog Content Verification'
|
||||
inputs:
|
||||
function: '$(CatalogContentVerificationEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
|
||||
# Agentless phase. Runs even if previous jobs failed.
|
||||
- job: 'postvalidation'
|
||||
pool: server
|
||||
displayName: 'Post Validation'
|
||||
dependsOn:
|
||||
- 'FileValidation'
|
||||
- 'ContentValidation'
|
||||
- 'InstallerValidation'
|
||||
- 'CatalogContentVerification'
|
||||
condition: succeededOrFailed()
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.FileValidation.outputs['wingetsetup.hostkey']]
|
||||
LabelKeySecret : $[ dependencies.FileValidation.outputs['wingetsetup.labelkey']]
|
||||
LabelEndpointSecret: $[ dependencies.FileValidation.outputs['wingetsetup.labelEndpoint']]
|
||||
RepositoryId: $[ dependencies.FileValidation.outputs['wingetsetup.repoId']]
|
||||
CleanupEndpointSecret: $[ dependencies.filevalidation.outputs['wingetsetup.cleanupEndpoint']]
|
||||
steps:
|
||||
# Agentless phase. Runs even if previous jobs failed.
|
||||
- job: 'postvalidation'
|
||||
pool: server
|
||||
displayName: 'Post Validation'
|
||||
dependsOn:
|
||||
- 'FileValidation'
|
||||
- 'ContentValidation'
|
||||
- 'InstallerValidation'
|
||||
- 'CatalogContentVerification'
|
||||
condition: succeededOrFailed()
|
||||
variables:
|
||||
HostKeySecret: $[ dependencies.FileValidation.outputs['wingetsetup.hostkey']]
|
||||
LabelKeySecret : $[ dependencies.FileValidation.outputs['wingetsetup.labelkey']]
|
||||
LabelEndpointSecret: $[ dependencies.FileValidation.outputs['wingetsetup.labelEndpoint']]
|
||||
RepositoryId: $[ dependencies.FileValidation.outputs['wingetsetup.repoId']]
|
||||
CleanupEndpointSecret: $[ dependencies.filevalidation.outputs['wingetsetup.cleanupEndpoint']]
|
||||
steps:
|
||||
|
||||
# Set label in GitHub PullRequest.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Set Label'
|
||||
condition: eq(variables['WinGet.RepositoryType'], 'GitHub')
|
||||
inputs:
|
||||
function: '$(LabelEndpointSecret)'
|
||||
key: '$(LabelKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)",
|
||||
"BuildRepositoryId": "$(RepositoryId)",
|
||||
"PullRequestNumber": "$(System.PullRequest.PullRequestNumber)",
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
# Set label in GitHub PullRequest.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Set Label'
|
||||
condition: eq(variables['WinGet.RepositoryType'], 'GitHub')
|
||||
inputs:
|
||||
function: '$(LabelEndpointSecret)'
|
||||
key: '$(LabelKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)",
|
||||
"BuildRepositoryId": "$(RepositoryId)",
|
||||
"PullRequestNumber": "$(System.PullRequest.PullRequestNumber)",
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
|
||||
# Cleanup resources.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Validation cleanup'
|
||||
inputs:
|
||||
function: '$(CleanupEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
# Cleanup resources.
|
||||
- task: AzureFunction@1
|
||||
displayName: 'Validation cleanup'
|
||||
inputs:
|
||||
function: '$(CleanupEndpointSecret)'
|
||||
key: '$(HostKeySecret)'
|
||||
body: |
|
||||
{
|
||||
"operationId": "$(Build.BuildNumber)",
|
||||
"PlanUrl": "$(system.CollectionUri)",
|
||||
"BuildId": "$(Build.BuildId)",
|
||||
"HubName": "$(system.HostType)",
|
||||
"ProjectId": "$(system.TeamProjectId)",
|
||||
"PlanId": "$(system.PlanId)",
|
||||
"JobId": "$(system.JobId)",
|
||||
"TimelineId": "$(system.TimelineId)",
|
||||
"TaskInstanceId": "$(system.TaskInstanceId)",
|
||||
"AuthToken": "$(system.AccessToken)"
|
||||
}
|
||||
waitForCompletion: "true"
|
||||
Reference in New Issue
Block a user