diff --git a/.github/workflows/verify-links.yml b/.github/workflows/verify-links.yml new file mode 100644 index 0000000000..ae95068830 --- /dev/null +++ b/.github/workflows/verify-links.yml @@ -0,0 +1,72 @@ +name: Verify Links + +on: + pull_request: + branches: + - main + - release/* + - hotfix/* + check_run: + types: + - completed + workflow_dispatch: + +permissions: + contents: read + +jobs: + verify-links: + name: Verify Links + if: >- + github.event_name == 'pull_request' || + ( + github.event_name == 'check_run' && + github.event.check_run.check_suite.app.name == 'Azure Pipelines' && + ( + (github.repository == 'Azure/azure-sdk-for-net' && contains(github.event.check_run.name, 'Compliance')) || + (github.repository == 'Azure/azure-sdk-for-python' && contains(github.event.check_run.name, 'Analyze')) || + (github.repository == 'Azure/azure-sdk-for-java' && contains(github.event.check_run.name, 'Analyze')) || + (github.repository == 'Azure/azure-sdk-for-js' && contains(github.event.check_run.name, 'Analyze')) || + (github.repository == 'Azure/azure-sdk-for-c' && contains(github.event.check_run.name, 'GenerateReleaseArtifacts')) || + (github.repository == 'Azure/azure-sdk-for-cpp' && contains(github.event.check_run.name, 'GenerateReleaseArtifacts')) || + (github.repository == 'Azure/azure-sdk-for-go' && contains(github.event.check_run.name, 'Analyze')) || + (github.repository == 'Azure/azure-sdk-for-ios' && contains(github.event.check_run.name, 'Analyze')) || + (github.repository == 'microsoft/mcp' && contains(github.event.check_run.name, 'Analyze')) + ) + ) + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha || github.event.check_run.head_sha || github.sha }} + fetch-depth: 0 + + - name: Link verification check + shell: pwsh + env: + SYSTEM_PULLREQUEST_TARGETBRANCH: ${{ github.base_ref }} + SYSTEM_PULLREQUEST_SOURCECOMMITID: ${{ github.event.pull_request.head.sha }} + run: | + $urls = & ./eng/common/scripts/get-markdown-files-from-changed-files.ps1 + if (-not $urls -or $urls.Count -eq 0) { + Write-Host "No changed markdown files; nothing to verify." + exit 0 + } + + $sourceRepoUri = '${{ github.event.pull_request.head.repo.html_url }}' + $defaultBranch = '${{ github.event.repository.default_branch }}' + $branchReplaceRegex = "^($sourceRepoUri(?:\.git)?/(?:blob|tree)/)$defaultBranch(/.*)$" + + ./eng/common/scripts/Verify-Links.ps1 ` + -urls $urls ` + -rootUrl "file://$env:GITHUB_WORKSPACE/" ` + -recursive:$false ` + -ignoreLinksFile "$env:GITHUB_WORKSPACE/eng/ignore-links.txt" ` + -branchReplaceRegex $branchReplaceRegex ` + -branchReplacementName '${{ github.event.pull_request.head.sha }}' ` + -checkLinkGuidance:$true ` + -localBuildRepoName '${{ github.repository }}' ` + -localBuildRepoPath $env:GITHUB_WORKSPACE ` + -inputCacheFile "https://azuresdkartifacts.blob.core.windows.net/verify-links-cache/verify-links-cache.txt" ` + -allowRelativeLinksFile "$env:GITHUB_WORKSPACE/eng/common/scripts/allow-relative-links.txt" diff --git a/eng/pipelines/templates/1es-redirect.yml b/eng/pipelines/templates/1es-redirect.yml index 755f8d4d95..246ab7cff3 100644 --- a/eng/pipelines/templates/1es-redirect.yml +++ b/eng/pipelines/templates/1es-redirect.yml @@ -24,7 +24,7 @@ extends: parameters: settings: skipBuildTagsForGitHubPullRequests: true - networkIsolationPolicy: Permissive + networkIsolationPolicy: Permissive, CFSClean # only enable autoBaseline for the internal build of rust-core on main branch ${{ if parameters.AutoBaseline }}: featureFlags: diff --git a/eng/pipelines/templates/jobs/analyze.yml b/eng/pipelines/templates/jobs/analyze.yml index 21e73db5fe..0fcb13a917 100644 --- a/eng/pipelines/templates/jobs/analyze.yml +++ b/eng/pipelines/templates/jobs/analyze.yml @@ -34,14 +34,6 @@ jobs: - template: /eng/common/pipelines/templates/steps/check-spelling.yml - - template: /eng/common/pipelines/templates/steps/verify-links.yml - parameters: - Condition: succeededOrFailed() - Directory: "" - CheckLinkGuidance: $true - ${{ if eq(variables['Build.Reason'], 'PullRequest') }}: - Urls: (eng/common/scripts/get-markdown-files-from-changed-files.ps1) - - pwsh: | # Verify that the package README.md files do not contain invalid headers or comment annotations $hasFailures = & "$(Build.SourcesDirectory)/eng/scripts/Process-PackageReadMe.ps1" -Command "validate-all" diff --git a/eng/pipelines/templates/jobs/pypi/pack-pypi.yml b/eng/pipelines/templates/jobs/pypi/pack-pypi.yml index 1133413b3e..37a4e83760 100644 --- a/eng/pipelines/templates/jobs/pypi/pack-pypi.yml +++ b/eng/pipelines/templates/jobs/pypi/pack-pypi.yml @@ -1,6 +1,9 @@ parameters: - name: DependsOn type: object +- name: PypiDevFeed + type: string + default: 'public/azure-sdk-for-python' jobs: - job: PackPyPI @@ -10,6 +13,12 @@ jobs: steps: - checkout: self + - task: PipAuthenticate@1 + displayName: Authenticate to Dev feed for pip + inputs: + artifactFeeds: ${{ parameters.PypiDevFeed }} + onlyAddExtraIndex: false + - task: UsePythonVersion@0 displayName: Use Python 3.12 inputs: