1ES CI pipeline

.azure-pipelines/1es-entra-powershell-ci-build.yml

@@ -0,0 +1,80 @@
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License.
+name: $(BuildDefinitionName)_$(SourceBranchName)_$(Date:yyyyMMdd)$(Rev:.r)
+trigger:
+  branches:
+    include:
+      - main
+pr: none
+# variables:
+#   WindowsContainerImage: 'onebranch.azurecr.io/windows/ltsc2022/vse2022:latest'
+parameters:
+  - name: Pack
+    type: boolean
+    default: true
+  - name: Sign
+    type: boolean
+    default: true
+resources:
+  repositories:
+    - repository: 1ESPipelineTemplates
+      type: git
+      name: 1ESPipelineTemplates/1ESPipelineTemplates
+      ref: refs/heads/main
+
+extends:
+  template: v1/1ES.Unofficial.PipelineTemplate.yml@1ESPipelineTemplates
+  parameters:
+    pool:
+      name: MSSecurity-1ES-Build-Agents-Pool
+      image: MSSecurity-1ES-Windows-2022
+      os: windows
+    sdl:
+      sourceAnalysisPool:
+        name: MSSecurity-1ES-Build-Agents-Pool
+        image: MSSecurity-1ES-Windows-2022
+        os: windows
+    # featureFlags:
+    #   WindowsHostVersion: 1ESWindows2022
+    stages:
+    - stage: build
+      jobs:
+      - job: EntraPowerShellCIBuild
+        displayName: Entra PowerShell CI Build
+        timeoutInMinutes: 840
+        # variables:
+        #   ob_outputDirectory: '$(Build.SourcesDirectory)/out'
+        templateContext:
+          outputs:
+          - output: pipelineArtifact
+            targetPath: $(System.DefaultWorkingDirectory)/Samples
+            artifactName: entraPS
+        steps:
+          - template: .azure-pipelines/common-templates/install-tools.yml@self
+          - template: .azure-pipelines/common-templates/security-pre-checks.yml@self
+
+          - template: .azure-pipelines/generation-templates/generate_adapter-migrate-1es.yml@self
+            parameters:
+              Sign: ${{ parameters.Sign }}
+
+          - ${{ if and(eq(parameters.Pack, true), eq(parameters.Sign, true)) }}:
+              - template: .azure-pipelines/common-templates/esrp/codesign-nuget-migrate.yml@self
+                parameters:
+                  FolderPath: "$(Build.ArtifactStagingDirectory)"
+                  Pattern: "Microsoft.Graph.Entra.*.nupkg"
+              - task: 1ES.PublishBuildArtifacts@1
+                displayName: Publish Module Artifacts
+                inputs:
+                  PathtoPublish: $(Build.ArtifactStagingDirectory)
+                  ArtifactName: drop
+              - task: 1ES.PublishNuget@1
+                displayName: Publish NuGet to preview feed
+                inputs:
+                  useDotNetTask: false
+                  packagesToPush: $(Build.ArtifactStagingDirectory)/**/Microsoft.Graph.Entra.*.nupkg
+                  packageParentPath: '$(Build.ArtifactStagingDirectory)'
+                  publishVstsFeed: $(PROJECT_NAME)/$(PREVIEW_FEED_NAME)
+                  nuGetFeedType: internal
+                  allowPackageConflicts: true
+
+          - template: .azure-pipelines/common-templates/security-post-checks.yml@self

.azure-pipelines/generation-templates/generate_adapter-migrate-1es.yml

@@ -0,0 +1,223 @@
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License.
+# https://aka.ms/yaml
+
+parameters:
+  - name: Sign
+    type: boolean
+    default: false
+
+steps:
+- task: powershell@2
+  displayName: 'Show current PowerShell version information'
+  inputs:
+    targetType: inline
+    script: 'echo $PSVersionTable'
+    pwsh: false
+- task: powershell@2
+  displayName: 'Set maximum function count'
+  inputs:
+    targetType: inline
+    script: '$MaximumFunctionCount=32768'
+    pwsh: false
+- task: powershell@2
+  displayName: 'Install Dependencies Entra'
+  inputs:
+    targetType: inline
+    script: |
+      ./build/Install-Dependencies.ps1 -ModuleName Entra -Verbose      
+    pwsh: false
+- task: powershell@2
+  displayName: 'Install PlatyPS'
+  inputs:
+    targetType: inline
+    script: Install-Module PlatyPS -scope currentuser -Force
+    pwsh: false
+- task: powershell@2
+  displayName: 'Create Module Help Files Entra'
+  inputs:
+    targetType: inline
+    script: |
+      Import-Module PlatyPS
+      . ./build/common-functions.ps1
+      Create-ModuleHelp -Module Entra
+    pwsh: false
+- task: powershell@2
+  displayName: 'Build Entra'
+  inputs:
+    targetType: inline
+    script: ./build/Create-CompatModule.ps1 -Module Entra -Verbose
+    pwsh: false
+- ${{ if eq(parameters.Sign, true) }}:
+  - template: ../common-templates/esrp/codesign-migrate.yml
+    parameters:
+      FolderPath: "bin"
+      Pattern: "*.psm1, *.psd1, *.format.ps1xml, *.ps1"
+  - task: PowerShell@2
+    displayName: "Validate Authenticode Signature"
+    inputs:
+      targetType: "inline"
+      pwsh: true
+      script: |
+        $ModulePsd1 = "bin/Microsoft.Graph.Entra.psd1"
+        $ModulePsm1 = "bin/Microsoft.Graph.Entra.psm1"
+        ($ModulePsd1 | Get-AuthenticodeSignature).Status | Should -Be "Valid"
+        ($ModulePsm1 | Get-AuthenticodeSignature).Status | Should -Be "Valid"
+- task: powershell@2
+  displayName: 'Create Module Files Entra'
+  inputs:
+    targetType: inline
+    script: |
+      . ./build/common-functions.ps1
+      Create-ModuleFolder
+    pwsh: false
+- task: 1ES.PublishBuildArtifacts@1
+  displayName: 'Publish Module Files EntraBeta'
+  inputs:
+    PathtoPublish: 'bin'
+    ArtifactName: 'Module Files'
+- task: powershell@2
+  displayName: 'Register Local Gallery'
+  inputs:
+    targetType: inline
+    script: |
+      . ./build/common-functions.ps1
+      Register-LocalGallery -Path $(Build.ArtifactStagingDirectory)
+    pwsh: false    
+- task: powershell@2
+  displayName: 'Publish to Local Gallery Entra'
+  inputs:
+    targetType: inline
+    script: ./build/Publish-LocalCompatModule.ps1 -Install
+    pwsh: false
+- task: 1ES.PublishBuildArtifacts@1
+  displayName: 'Publish Module Nuget File Entra'
+  inputs:
+    PathtoPublish: '$(Build.ArtifactStagingDirectory)'
+    ArtifactName: 'Module Nuget'
+- task: powershell@2
+  displayName: 'Remove Build Folders'
+  inputs:
+    targetType: inline
+    script: |
+      . ./build/common-functions.ps1
+      Remove-BuildDirectories
+    pwsh: false
+- task: powershell@2
+  displayName: 'Install Dependencies EntraBeta'
+  inputs:
+    targetType: inline
+    script: |      
+      ./build/Install-Dependencies.ps1 -ModuleName EntraBeta -Verbose
+    pwsh: false
+- task: powershell@2
+  displayName: 'Create Module Help Files EntraBeta'
+  inputs:
+    targetType: inline
+    script: |
+      Import-Module PlatyPS
+      . ./build/common-functions.ps1
+      Create-ModuleHelp -Module EntraBeta
+    pwsh: false
+- task: powershell@2
+  displayName: 'Build EntraBeta'
+  inputs:
+    targetType: inline
+    script: |
+      $MaximumFunctionCount=32768
+      ./build/Create-CompatModule.ps1 -Module EntraBeta -Verbose
+    pwsh: false
+- ${{ if eq(parameters.Sign, true) }}:
+  - template: ../common-templates/esrp/codesign-migrate.yml
+    parameters:
+      FolderPath: "bin"
+      Pattern: "*.psm1, *.psd1, *.format.ps1xml, *.ps1"
+  - task: PowerShell@2
+    displayName: "Validate Authenticode Signature"
+    inputs:
+      targetType: "inline"
+      pwsh: true
+      script: |
+        $ModulePsd1 = "bin/Microsoft.Graph.Entra.Beta.psd1"
+        $ModulePsm1 = "bin/Microsoft.Graph.Entra.Beta.psm1"
+        ($ModulePsd1 | Get-AuthenticodeSignature).Status | Should -Be "Valid"
+        ($ModulePsm1 | Get-AuthenticodeSignature).Status | Should -Be "Valid"
+- task: powershell@2
+  displayName: 'Create Module Files EntraBeta'
+  inputs:
+    targetType: inline
+    script: |
+      . ./build/common-functions.ps1
+      Create-ModuleFolder
+    pwsh: false
+- task: 1ES.PublishBuildArtifacts@1
+  displayName: 'Publish Module Files EntraBeta'
+  inputs:
+    PathtoPublish: 'bin'
+    ArtifactName: 'Module Files'
+- task: powershell@2
+  displayName: 'Publish to Local Gallery EntraBeta'
+  inputs:
+    targetType: inline
+    script: ./build/Publish-LocalCompatModule.ps1 -Install
+    pwsh: false
+- task: 1ES.PublishBuildArtifacts@1
+  displayName: 'Publish Module Nuget File EntraBeta'
+  inputs:
+    PathtoPublish: '$(Build.ArtifactStagingDirectory)'
+    ArtifactName: 'Module Nuget'
+- task: powershell@2
+  displayName: 'Remove Build Folders'
+  inputs:
+    targetType: inline
+    script: |
+      . ./build/common-functions.ps1
+      Remove-BuildDirectories
+    pwsh: false
+- task: powershell@2
+  displayName: 'Install Pester'
+  inputs:
+    targetType: inline
+    script: Install-Module Pester -scope currentuser -SkipPublisherCheck -Force
+    pwsh: false
+- task: powershell@2
+  displayName: 'Run tests Entra'
+  inputs:
+    targetType: inline
+    pwsh: true
+    script: |
+      cd test/module/entra
+      Invoke-Pester -OutputFile "./test/results/pester-test-results-ad.xml" -OutputFormat NUnitXml
+- task: PublishTestResults@2
+  inputs:
+    testResultsFormat: NUnit
+    testResultsFiles: "./test/results/pester-test-results-ad.xml"
+    failTaskOnFailedTests: true
+- task: powershell@2
+  displayName: 'Run tests EntraBeta'  
+  inputs:
+    targetType: inline
+    pwsh: true
+    script: |
+      cd test/module/entrabeta
+      Invoke-Pester -OutputFile "./test/results/pester-test-results-preview.xml" -OutputFormat NUnitXml
+- task: PublishTestResults@2
+  inputs:
+    testResultsFormat: NUnit
+    testResultsFiles: "./test/results/pester-test-results-preview.xml"
+    failTaskOnFailedTests: true    
+- task: powershell@2
+  displayName: 'Remove Local Gallery'
+  inputs:
+    targetType: inline
+    script: |
+      . ./build/common-functions.ps1
+      Unregister-LocalGallery
+    pwsh: false
+- task: PSScriptAnalyzer@1
+  displayName: 'Run PSScriptAnalyzer'
+  inputs:
+    Path: '$(Build.SourcesDirectory)'
+    Settings: required
+    IgnorePattern: .gdn
+    Recurse: true