Skip to content

Commit

Permalink
Update eng/common (#597)
Browse files Browse the repository at this point in the history 
* Update eng/common

* Delete eng/<Project>

* Remove CodeQl3000

* Enable public pipeline

* Revert "Enable public pipeline"

This reverts commit 579b464.
  • Loading branch information
@wtgodbe
wtgodbe committed Mar 8, 2024
1 parent 5b8580a commit 730eb03
Show file tree
Hide file tree
Showing 98 changed files with 3,556 additions and 1,631 deletions.
12 changes: 0 additions & 12 deletions .config/tsaoptions.json
View file

This file was deleted.

247 changes: 97 additions & 150 deletions azure-pipelines-public.yml
View file
Original file line number Diff line number Diff line change
@@ -1,22 +1,3 @@
schedules:
- cron: 0 9 * * 1
displayName: "Run CodeQL3000 weekly, Monday at 2:00 AM PDT"
branches:
include:
- main
always: true

parameters:
# Parameter below is ignored in public builds.
#
# Choose whether to run the CodeQL3000 tasks.
# Manual builds align w/ official builds unless this parameter is true.
- name: runCodeQL3000
default: false
displayName: Run CodeQL3000 tasks
type: boolean


variables:
- name: Build.Repository.Clean
value: true
Expand All @@ -39,9 +20,6 @@ variables:
- name: _HelixSource
value: official/aspnet/AspLabs/$(Build.SourceBranch)

- name: runCodeQL3000
value: ${{ and(ne(variables['System.TeamProject'], 'public'), or(eq(variables['Build.Reason'], 'Schedule'), and(eq(variables['Build.Reason'], 'Manual'), eq(parameters.runCodeQL3000, 'true')))) }}

trigger:
- main

Expand All @@ -55,14 +33,14 @@ stages:
- template: /eng/common/templates/jobs/jobs.yml
parameters:
enablePublishBuildArtifacts: true
enablePublishTestResults: ${{ ne(variables.runCodeQL3000, 'true') }}
enablePublishBuildAssets: ${{ ne(variables.runCodeQL3000, 'true') }}
enablePublishTestResults: true
enablePublishBuildAssets: true
enablePublishUsingPipelines: true
helixRepo: aspnet/AspLabs
# Align w/ Maestro++ default channel when generating software bills of materials (SBOMs).
PackageVersion: 6.0.0
# enableMicrobuild can't be read from a user-defined variable (Azure DevOps limitation)
${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest'), ne(variables.runCodeQL3000, 'true')) }}:
${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
enableMicrobuild: true
jobs:
- job: Windows
Expand All @@ -73,28 +51,9 @@ stages:
${{ if ne(variables['System.TeamProject'], 'public') }}:
name: NetCore1ESPool-Internal
demands: ImageOverride -equals windows.vs2019.amd64
${{ if eq(variables.runCodeQL3000, 'true') }}:
# Component governance and SBOM creation are not needed here. Disable what Arcade would inject.
disableComponentGovernance: true
enableSbom: false
variables:
- name: _HelixBuildConfig
value: $(_BuildConfig)
# Rely on task Arcade injects, not auto-injected build step.
- skipComponentGovernanceDetection: true
- ${{ if eq(variables.runCodeQL3000, 'true') }}:
- Codeql.SourceRoot: src
- _AdditionalBuildArgs: /p:Test=false /p:Sign=false /p:Pack=false /p:Publish=false /p:UseSharedCompilation=false
# Security analysis is included in normal runs. Disable its auto-injection.
- skipNugetSecurityAnalysis: true
# Do not let CodeQL3000 Extension gate scan frequency.
- Codeql.Cadence: 0
# Enable CodeQL3000 unconditionally so it may be run on any branch.
- Codeql.Enabled: true
# CodeQL3000 needs this plumbed along as a variable to enable TSA.
- Codeql.TSAEnabled: ${{ eq(variables['Build.Reason'], 'Schedule') }}
# Default expects tsaoptions.json under SourceRoot.
- Codeql.TSAOptionsPath: '$(Build.SourcesDirectory)/.config/tsaoptions.json'
strategy:
matrix:
${{ if in(variables['Build.Reason'], 'PullRequest') }}:
Expand Down Expand Up @@ -127,40 +86,29 @@ stages:
inputs:
command: custom
arguments: 'locals all -clear'
- ${{ if eq(variables.runCodeQL3000, 'true') }}:
- task: CodeQL3000Init@0
displayName: CodeQL Initialize
- script: "echo ##vso[build.addbuildtag]CodeQL3000"
displayName: 'Set CI CodeQL3000 tag'
condition: ne(variables.CODEQL_DIST,'')
- script: eng\common\cibuild.cmd
-configuration $(_BuildConfig)
-prepareMachine
$(_BuildArgs)
$(_AdditionalBuildArgs)
name: Build
displayName: Build
condition: succeeded()
- ${{ if eq(variables.runCodeQL3000, 'true') }}:
- task: CodeQL3000Finalize@0
displayName: CodeQL Finalize
- ${{ else }}:
- task: PublishTestResults@2
displayName: Publish xUnit Test Results
condition: always()
continueOnError: true
inputs:
testRunner: xunit
testResultsFiles: 'artifacts/TestResults/$(_BuildConfig)/*.xml'
- task: PublishBuildArtifacts@1
displayName: Publish Packages
condition: and(eq(variables['system.pullrequest.isfork'], false), eq(variables['_BuildConfig'], 'Release'))
continueOnError: true
inputs:
artifactName: Packages_$(Agent.Os)_$(Agent.JobName)
parallel: true
pathtoPublish: '$(Build.SourcesDirectory)/artifacts/packages/$(_BuildConfig)'
publishLocation: Container
- task: PublishTestResults@2
displayName: Publish xUnit Test Results
condition: always()
continueOnError: true
inputs:
testRunner: xunit
testResultsFiles: 'artifacts/TestResults/$(_BuildConfig)/*.xml'
- task: PublishBuildArtifacts@1
displayName: Publish Packages
condition: and(eq(variables['system.pullrequest.isfork'], false), eq(variables['_BuildConfig'], 'Release'))
continueOnError: true
inputs:
artifactName: Packages_$(Agent.Os)_$(Agent.JobName)
parallel: true
pathtoPublish: '$(Build.SourcesDirectory)/artifacts/packages/$(_BuildConfig)'
publishLocation: Container
- task: PublishBuildArtifacts@1
displayName: Publish Logs
condition: always()
Expand All @@ -171,87 +119,86 @@ stages:
pathtoPublish: '$(Build.SourcesDirectory)/artifacts/log/$(_BuildConfig)'
publishLocation: Container

- ${{ if ne(variables.runCodeQL3000, 'true') }}:
- job: macOS
pool:
vmImage: macOS-11
strategy:
matrix:
debug:
_BuildConfig: Debug
release:
_BuildConfig: Release
variables:
- name: _HelixBuildConfig
value: $(_BuildConfig)
steps:
- checkout: self
clean: true
- task: NodeTool@0
inputs:
versionSpec: '16.x'
- script: eng/common/cibuild.sh
--configuration $(_BuildConfig)
--prepareMachine
name: Build
displayName: Build
condition: succeeded()
- task: PublishTestResults@2
displayName: Publish xUnit Test Results
condition: always()
continueOnError: true
inputs:
testRunner: xunit
testResultsFiles: 'artifacts/TestResults/$(_BuildConfig)/*.xml'
- task: PublishBuildArtifacts@1
displayName: Publish Logs
condition: always()
continueOnError: true
inputs:
artifactName: Logs_$(Agent.Os)_$(Agent.JobName)
parallel: true
pathtoPublish: '$(Build.SourcesDirectory)/artifacts/log/$(_BuildConfig)'
publishLocation: Container
- job: macOS
pool:
vmImage: macOS-11
strategy:
matrix:
debug:
_BuildConfig: Debug
release:
_BuildConfig: Release
variables:
- name: _HelixBuildConfig
value: $(_BuildConfig)
steps:
- checkout: self
clean: true
- task: NodeTool@0
inputs:
versionSpec: '16.x'
- script: eng/common/cibuild.sh
--configuration $(_BuildConfig)
--prepareMachine
name: Build
displayName: Build
condition: succeeded()
- task: PublishTestResults@2
displayName: Publish xUnit Test Results
condition: always()
continueOnError: true
inputs:
testRunner: xunit
testResultsFiles: 'artifacts/TestResults/$(_BuildConfig)/*.xml'
- task: PublishBuildArtifacts@1
displayName: Publish Logs
condition: always()
continueOnError: true
inputs:
artifactName: Logs_$(Agent.Os)_$(Agent.JobName)
parallel: true
pathtoPublish: '$(Build.SourcesDirectory)/artifacts/log/$(_BuildConfig)'
publishLocation: Container

- job: Linux
pool:
vmImage: ubuntu-20.04
strategy:
matrix:
debug:
_BuildConfig: Debug
release:
_BuildConfig: Release
variables:
- name: _HelixBuildConfig
value: $(_BuildConfig)
steps:
- checkout: self
clean: true
- script: eng/common/cibuild.sh
--configuration $(_BuildConfig)
--prepareMachine
name: Build
displayName: Build
condition: succeeded()
- task: PublishTestResults@2
displayName: Publish xUnit Test Results
condition: always()
continueOnError: true
inputs:
testRunner: xunit
testResultsFiles: 'artifacts/TestResults/$(_BuildConfig)/*.xml'
- task: PublishBuildArtifacts@1
displayName: Publish Logs
condition: always()
continueOnError: true
inputs:
artifactName: Logs_$(Agent.Os)_$(Agent.JobName)
parallel: true
pathtoPublish: '$(Build.SourcesDirectory)/artifacts/log/$(_BuildConfig)'
publishLocation: Container
- job: Linux
pool:
vmImage: ubuntu-20.04
strategy:
matrix:
debug:
_BuildConfig: Debug
release:
_BuildConfig: Release
variables:
- name: _HelixBuildConfig
value: $(_BuildConfig)
steps:
- checkout: self
clean: true
- script: eng/common/cibuild.sh
--configuration $(_BuildConfig)
--prepareMachine
name: Build
displayName: Build
condition: succeeded()
- task: PublishTestResults@2
displayName: Publish xUnit Test Results
condition: always()
continueOnError: true
inputs:
testRunner: xunit
testResultsFiles: 'artifacts/TestResults/$(_BuildConfig)/*.xml'
- task: PublishBuildArtifacts@1
displayName: Publish Logs
condition: always()
continueOnError: true
inputs:
artifactName: Logs_$(Agent.Os)_$(Agent.JobName)
parallel: true
pathtoPublish: '$(Build.SourcesDirectory)/artifacts/log/$(_BuildConfig)'
publishLocation: Container

- ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest'), ne(variables.runCodeQL3000, 'true')) }}:
- ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
- template: eng\common\templates\post-build\post-build.yml
parameters:
publishingInfraVersion: 3
Expand Down

0 comments on commit 730eb03

Please sign in to comment.