From 710636d9f4e5ab3aeac86c8a26376cfe1c9ad6dc Mon Sep 17 00:00:00 2001
From: Michael Yanni <miyanni@microsoft.com>
Date: Tue, 14 Oct 2025 14:01:18 -0700
Subject: [PATCH 1/3] Changed networkIsolationPolicy to Preferred.

---
 eng/pipelines/official.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/eng/pipelines/official.yml b/eng/pipelines/official.yml
index 42c96f3bc..fbac11dca 100644
--- a/eng/pipelines/official.yml
+++ b/eng/pipelines/official.yml
@@ -162,6 +162,10 @@ resources:
 extends:
   template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines
   parameters:
+    settings:
+      # Default is 'Preferred,CFSClean' which blocks NuGet.org for publishing.
+      # Docs: https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-build/cloudbuild/security/1espt-network-isolation
+      networkIsolationPolicy: Preferred
     sdl:
       # Docs: https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/1es-pipeline-templates/features/sdlanalysis/sourceanalysisstage#my-pipeline-uses-multiple-repositories-how-to-ensure-that-sdl-sources-stage-is-injected-for-all-the-repositories
       sourceRepositoriesToScan:

From f6c1bedfb9488c02fda3ad1c4cbe339cf5da1c98 Mon Sep 17 00:00:00 2001
From: Michael Yanni <miyanni@microsoft.com>
Date: Tue, 14 Oct 2025 15:06:34 -0700
Subject: [PATCH 2/3] Added comment for release job type.

---
 eng/pipelines/official.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/eng/pipelines/official.yml b/eng/pipelines/official.yml
index fbac11dca..383a378eb 100644
--- a/eng/pipelines/official.yml
+++ b/eng/pipelines/official.yml
@@ -229,6 +229,7 @@ extends:
             image: 1es-windows-2022
             os: windows
           templateContext:
+            # Docs: https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/1es-pipeline-templates/features/releasepipelines/overview
             type: releaseJob
             isProduction: true
           strategy:

From e94bbc2991e5b465c5eee6cd99257c3e1197ff5b Mon Sep 17 00:00:00 2001
From: Michael Yanni <miyanni@microsoft.com>
Date: Tue, 14 Oct 2025 15:44:29 -0700
Subject: [PATCH 3/3] Accidentally set this to Preferred (and the branch name)
 instead of Permissive.

---
 eng/pipelines/official.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/eng/pipelines/official.yml b/eng/pipelines/official.yml
index 383a378eb..d621f9644 100644
--- a/eng/pipelines/official.yml
+++ b/eng/pipelines/official.yml
@@ -163,9 +163,9 @@ extends:
   template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines
   parameters:
     settings:
-      # Default is 'Preferred,CFSClean' which blocks NuGet.org for publishing.
+      # Default is 'Permissive,CFSClean' which blocks NuGet.org for publishing.
       # Docs: https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-build/cloudbuild/security/1espt-network-isolation
-      networkIsolationPolicy: Preferred
+      networkIsolationPolicy: Permissive
     sdl:
       # Docs: https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/1es-pipeline-templates/features/sdlanalysis/sourceanalysisstage#my-pipeline-uses-multiple-repositories-how-to-ensure-that-sdl-sources-stage-is-injected-for-all-the-repositories
       sourceRepositoriesToScan: