-
Notifications
You must be signed in to change notification settings - Fork 431
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add SBOM manifest to generated artifacts #2869
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
michaelpeng36
changed the title
Initial changes to add SBOM manifest to generated artifacts
Add SBOM manifest to generated artifacts
Dec 9, 2021
Francisco-Gamino
requested changes
Dec 14, 2021
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for sending this out! It looks great overall. I left a few comments.
soninaren
reviewed
Dec 14, 2021
Francisco-Gamino
approved these changes
Dec 14, 2021
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A couple of minor comments. Otherwise, LGTM.
michaelpeng36
requested review from
alrod,
amamounelsayed and
vrdmr
as code owners
December 14, 2021 23:20
/azp run |
Azure Pipelines successfully started running 1 pipeline(s). |
….com/Azure/azure-functions-core-tools into michaelpeng/add-sbom-generation-task
michaelpeng36
added a commit
that referenced
this pull request
Dec 16, 2021
* Initial changes to add SBOM manifest to generated artifacts * Added .nuspec file for packing with manifests * Add SBOM generation for release builds * Add reference to .nuspec file * Made generateMsiFiles.ps1 script cleaner * Remove AddSBOM variable * Addressing some comments * Uncommented key steps in the pipeline and adjusted branch name comparison * Addressing further comments * Removed from the pipeline * Removed Write-Log from pipelineUtilities.psm1 * Altered installation location of dotnet * Add variable that can override SBOM generation in non-SBOM scenarios * Ensure parsing boolean environmental variables is done properly * Add [ref] for parsing boolean environmental variables * Moved condition for generating .msi files to azure-pipelines.yml * Ensure parsing of boolean environmental variable is done correctly * Added debugging statement * Removed debugging statement and fixed build command logic * Fixed condition determining build command * Ensure conditions for a full release simulation match * Correct artifacts path location * Altered the pool and vmImage
4 tasks
michaelpeng36
added a commit
that referenced
this pull request
Dec 17, 2021
* Add SBOM manifest to generated artifacts (#2869) * Initial changes to add SBOM manifest to generated artifacts * Added .nuspec file for packing with manifests * Add SBOM generation for release builds * Add reference to .nuspec file * Made generateMsiFiles.ps1 script cleaner * Remove AddSBOM variable * Addressing some comments * Uncommented key steps in the pipeline and adjusted branch name comparison * Addressing further comments * Removed from the pipeline * Removed Write-Log from pipelineUtilities.psm1 * Altered installation location of dotnet * Add variable that can override SBOM generation in non-SBOM scenarios * Ensure parsing boolean environmental variables is done properly * Add [ref] for parsing boolean environmental variables * Moved condition for generating .msi files to azure-pipelines.yml * Ensure parsing of boolean environmental variable is done correctly * Added debugging statement * Removed debugging statement and fixed build command logic * Fixed condition determining build command * Ensure conditions for a full release simulation match * Correct artifacts path location * Altered the pool and vmImage * Slight modifications for V3 * Change version name in .nuspec file to be V3 instead of V4 * Update target framework in Settings.cs
michaelpeng36
added a commit
that referenced
this pull request
Dec 17, 2021
* Add SBOM manifest to generated artifacts (#2869) * Initial changes to add SBOM manifest to generated artifacts * Added .nuspec file for packing with manifests * Add SBOM generation for release builds * Add reference to .nuspec file * Made generateMsiFiles.ps1 script cleaner * Remove AddSBOM variable * Addressing some comments * Uncommented key steps in the pipeline and adjusted branch name comparison * Addressing further comments * Removed from the pipeline * Removed Write-Log from pipelineUtilities.psm1 * Altered installation location of dotnet * Add variable that can override SBOM generation in non-SBOM scenarios * Ensure parsing boolean environmental variables is done properly * Add [ref] for parsing boolean environmental variables * Moved condition for generating .msi files to azure-pipelines.yml * Ensure parsing of boolean environmental variable is done correctly * Added debugging statement * Removed debugging statement and fixed build command logic * Fixed condition determining build command * Ensure conditions for a full release simulation match * Correct artifacts path location * Altered the pool and vmImage * Slight modifications for V3 * Change version name in .nuspec file to be V3 instead of V4 * Update target framework in Settings.cs
michaelpeng36
added a commit
that referenced
this pull request
Dec 17, 2021
* Add SBOM Generation to V3 (#2879) * Add SBOM manifest to generated artifacts (#2869) * Initial changes to add SBOM manifest to generated artifacts * Added .nuspec file for packing with manifests * Add SBOM generation for release builds * Add reference to .nuspec file * Made generateMsiFiles.ps1 script cleaner * Remove AddSBOM variable * Addressing some comments * Uncommented key steps in the pipeline and adjusted branch name comparison * Addressing further comments * Removed from the pipeline * Removed Write-Log from pipelineUtilities.psm1 * Altered installation location of dotnet * Add variable that can override SBOM generation in non-SBOM scenarios * Ensure parsing boolean environmental variables is done properly * Add [ref] for parsing boolean environmental variables * Moved condition for generating .msi files to azure-pipelines.yml * Ensure parsing of boolean environmental variable is done correctly * Added debugging statement * Removed debugging statement and fixed build command logic * Fixed condition determining build command * Ensure conditions for a full release simulation match * Correct artifacts path location * Altered the pool and vmImage * Slight modifications for V3 * Change version name in .nuspec file to be V3 instead of V4 * Update target framework in Settings.cs * Changed the target framework to netcoreapp 2.2 * Altered spacing on azure-pipelines.yml * More altered spacing * Removed IntegrationBuildNumber
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue describing the changes in this PR
Adds SBOM generation for release builds. Other changes include:
pipelineUtilities.psm1
file containing SDK dependencies and functions needed by the build pipelinePull request checklist
release_notes.md