Merge branch 'main' into darc-main-6165edfb-dded-45cd-907f-8ca5bdb0cf6c

xamarin · Jun 20, 2024 · 10d99e8 · 10d99e8
2 parents 890f85b + 35690fc
commit 10d99e8
Show file tree

Hide file tree

Showing 5 changed files with 159 additions and 32 deletions.
diff --git a/tools/devops/automation/scripts/VSTS.Tests.ps1 b/tools/devops/automation/scripts/VSTS.Tests.ps1
@@ -211,11 +211,19 @@ Describe 'New-BuildConfiguration' {
             $buildConfiguration = New-BuildConfiguration -AddTags $false
 
             $buildConfiguration | ConvertTo-Json | Should -Be "{
-  ""BuildReason"": ""BUILD_REASON"",
-  ""BuildSourceBranchName"": ""BUILD_SOURCEBRANCHNAME"",
-  ""BuildSourceBranch"": ""BUILD_SOURCEBRANCH"",
-  ""BuildId"": ""BUILD_BUILDID"",
   ""DOTNET_PLATFORMS"": ""iOS tvOS"",
+  ""PARENT_BUILD_BUILD_BUILDID"": ""BUILD_BUILDID"",
+  ""PARENT_BUILD_BUILD_BUILDNUMBER"": null,
+  ""PARENT_BUILD_BUILD_BUILDURI"": null,
+  ""PARENT_BUILD_BUILD_BINARIESDIRECTORY"": null,
+  ""PARENT_BUILD_BUILD_DEFINITIONNAME"": null,
+  ""PARENT_BUILD_BUILD_REASON"": ""BUILD_REASON"",
+  ""PARENT_BUILD_BUILD_REPOSITORY_ID"": null,
+  ""PARENT_BUILD_BUILD_REPOSITORY_NAME"": null,
+  ""PARENT_BUILD_BUILD_REPOSITORY_PROVIDER"": null,
+  ""PARENT_BUILD_BUILD_REPOSITORY_URI"": null,
+  ""PARENT_BUILD_BUILD_SOURCEBRANCH"": ""BUILD_SOURCEBRANCH"",
+  ""PARENT_BUILD_BUILD_SOURCEBRANCHNAME"": ""BUILD_SOURCEBRANCHNAME"",
   ""INCLUDE_DOTNET_IOS"": null,
   ""IOS_NUGET_VERSION_NO_METADATA"": null,
   ""IOS_NUGET_SDK_NAME"": ""iOSNuGetSdkName"",
@@ -230,8 +238,7 @@ Describe 'New-BuildConfiguration' {
   ""tvos-arm64_NUGET_RUNTIME_NAME"": null,
   ""Commit"": ""BUILD_SOURCEVERSION"",
   ""Tags"": [
-    ""ciBuild"",
-    ""BUILD_SOURCEBRANCHNAME""
+    ""ciBuild""
   ]
 }"
         }
@@ -247,11 +254,19 @@ Describe 'New-BuildConfiguration' {
 
             # Write-Host $buildConfiguration
             $buildConfiguration | Should -Be "{
-  ""BuildReason"": ""BUILD_REASON"",
-  ""BuildSourceBranchName"": ""BUILD_SOURCEBRANCHNAME"",
-  ""BuildSourceBranch"": ""BUILD_SOURCEBRANCH"",
-  ""BuildId"": ""BUILD_BUILDID"",
   ""DOTNET_PLATFORMS"": ""iOS tvOS"",
+  ""PARENT_BUILD_BUILD_BUILDID"": ""BUILD_BUILDID"",
+  ""PARENT_BUILD_BUILD_BUILDNUMBER"": null,
+  ""PARENT_BUILD_BUILD_BUILDURI"": null,
+  ""PARENT_BUILD_BUILD_BINARIESDIRECTORY"": null,
+  ""PARENT_BUILD_BUILD_DEFINITIONNAME"": null,
+  ""PARENT_BUILD_BUILD_REASON"": ""BUILD_REASON"",
+  ""PARENT_BUILD_BUILD_REPOSITORY_ID"": null,
+  ""PARENT_BUILD_BUILD_REPOSITORY_NAME"": null,
+  ""PARENT_BUILD_BUILD_REPOSITORY_PROVIDER"": null,
+  ""PARENT_BUILD_BUILD_REPOSITORY_URI"": null,
+  ""PARENT_BUILD_BUILD_SOURCEBRANCH"": ""BUILD_SOURCEBRANCH"",
+  ""PARENT_BUILD_BUILD_SOURCEBRANCHNAME"": ""BUILD_SOURCEBRANCHNAME"",
   ""INCLUDE_DOTNET_IOS"": null,
   ""IOS_NUGET_VERSION_NO_METADATA"": null,
   ""IOS_NUGET_SDK_NAME"": ""iOSNuGetSdkName"",
@@ -266,8 +281,7 @@ Describe 'New-BuildConfiguration' {
   ""tvos-arm64_NUGET_RUNTIME_NAME"": null,
   ""Commit"": ""BUILD_SOURCEVERSION"",
   ""Tags"": [
-    ""ciBuild"",
-    ""BUILD_SOURCEBRANCHNAME""
+    ""ciBuild""
   ]
 }
 "
@@ -279,22 +293,34 @@ Describe 'Import-BuildConfiguration' {
     Context 'import' {
         It 'gets the right values' {
             $config = "{
-  ""BuildReason"": ""BUILD_REASON"",
-  ""BuildSourceBranchName"": ""BUILD_SOURCEBRANCHNAME"",
-  ""BuildSourceBranch"": ""BUILD_SOURCEBRANCH"",
-  ""BuildId"": ""BUILD_BUILDID"",
   ""DOTNET_PLATFORMS"": ""iOS tvOS"",
+  ""PARENT_BUILD_BUILD_BUILDID"": ""BUILD_BUILDID"",
+  ""PARENT_BUILD_BUILD_BUILDNUMBER"": null,
+  ""PARENT_BUILD_BUILD_BUILDURI"": null,
+  ""PARENT_BUILD_BUILD_BINARIESDIRECTORY"": null,
+  ""PARENT_BUILD_BUILD_DEFINITIONNAME"": null,
+  ""PARENT_BUILD_BUILD_REASON"": ""BUILD_REASON"",
+  ""PARENT_BUILD_BUILD_REPOSITORY_ID"": null,
+  ""PARENT_BUILD_BUILD_REPOSITORY_NAME"": null,
+  ""PARENT_BUILD_BUILD_REPOSITORY_PROVIDER"": null,
+  ""PARENT_BUILD_BUILD_REPOSITORY_URI"": null,
+  ""PARENT_BUILD_BUILD_SOURCEBRANCH"": ""BUILD_SOURCEBRANCH"",
+  ""PARENT_BUILD_BUILD_SOURCEBRANCHNAME"": ""BUILD_SOURCEBRANCHNAME"",
   ""INCLUDE_DOTNET_IOS"": null,
-  ""INCLUDE_DOTNET_TVOS"": ""true"",
-  ""DOTNET_IOS_RUNTIME_IDENTIFIERS"": ""ios-arm64"",
-  ""DOTNET_TVOS_RUNTIME_IDENTIFIERS"": ""tvos-arm64"",
+  ""IOS_NUGET_VERSION_NO_METADATA"": null,
   ""IOS_NUGET_SDK_NAME"": ""iOSNuGetSdkName"",
-  ""TVOS_NUGET_REF_NAME"": ""tvOSNuGetRefName"",
+  ""IOS_NUGET_REF_NAME"": null,
+  ""DOTNET_IOS_RUNTIME_IDENTIFIERS"": ""ios-arm64"",
   ""ios-arm64_NUGET_RUNTIME_NAME"": ""iOSNuGetRuntimeName"",
+  ""INCLUDE_DOTNET_TVOS"": ""true"",
+  ""TVOS_NUGET_VERSION_NO_METADATA"": null,
+  ""TVOS_NUGET_SDK_NAME"": null,
+  ""TVOS_NUGET_REF_NAME"": ""tvOSNuGetRefName"",
+  ""DOTNET_TVOS_RUNTIME_IDENTIFIERS"": ""tvos-arm64"",
+  ""tvos-arm64_NUGET_RUNTIME_NAME"": null,
   ""Commit"": ""BUILD_SOURCEVERSION"",
   ""Tags"": [
-    ""ciBuild"",
-    ""BUILD_SOURCEBRANCHNAME""
+    ""ciBuild""
   ]
 }"
 

diff --git a/tools/devops/automation/scripts/VSTS.psm1 b/tools/devops/automation/scripts/VSTS.psm1
@@ -253,6 +253,32 @@ class BuildConfiguration {
           throw [System.InvalidOperationException]::new("Failed to load configuration file $configFile")
         }
 
+        $defaultBuildVariables = @(
+            "BUILD_BUILDID",
+            "BUILD_BUILDNUMBER",
+            "BUILD_BUILDURI",
+            "BUILD_BINARIESDIRECTORY",
+            "BUILD_DEFINITIONNAME",
+            "BUILD_REASON",
+            "BUILD_REPOSITORY_ID",
+            "BUILD_REPOSITORY_NAME",
+            "BUILD_REPOSITORY_PROVIDER",
+            "BUILD_REPOSITORY_URI",
+            "BUILD_SOURCEBRANCH",
+            "BUILD_SOURCEBRANCHNAME"
+        )
+
+        # load the variable name from the parent
+        foreach ($buildVariable in $defaultBuildVariables) {
+            $variableName = "PARENT_BUILD_$buildVariable"
+            $variableValue = $config.$variableName
+            if ($variableValue) {
+                Write-Host "##vso[task.setvariable variable=$variableName;isOutput=true]$variableValue"
+            } else {
+                Write-Debug "Ignoring variable $variableName"
+            }
+        }
+
         $dotnetPlatforms = $config.DOTNET_PLATFORMS.Split(' ', [StringSplitOptions]::RemoveEmptyEntries)
         Write-Host "##vso[task.setvariable variable=DOTNET_PLATFORMS;isOutput=true]$dotnetPlatforms"
         foreach ($platform in $dotnetPlatforms) {
@@ -287,17 +313,64 @@ class BuildConfiguration {
         return $config
     }
 
+    [PSCustomObject] Update([string] $configKey, [string] $configValue, [string] $configFile) {
+        if (-not (Test-Path -Path $configFile -PathType Leaf)) {
+          throw [System.InvalidOperationException]::new("Configuration file $configFile is missing")
+        }
+
+        $config = Get-Content $configFile | ConvertFrom-Json
+
+        if (-not $config) {
+          throw [System.InvalidOperationException]::new("Failed to load configuration file $configFile")
+        }
+
+        $config | Add-Member -NotePropertyName $configKey -NotePropertyValue $configValue
+
+        $jsonConfiguration = $config | ConvertTo-Json
+
+        Write-Host "Build configuration:"
+        Write-Host $jsonConfiguration
+
+        if ($configFile) {
+            Write-Host "Writing configuration to: $configFile"
+            Set-Content -Path $configFile -Value $jsonConfiguration
+        }
+
+        return $config
+    }
+
     [PSCustomObject] Create([bool] $addTags, [string] $configFile) {
         # we are going to use a custom object to store all the configuration of the build, this later
-        # will be uploaded as an artifact so that it can be easily shared with the cascade pipelines
+        # will be uploaded as an artifact so that it can be easily shared with the cascade pipelines, we will
+        # uses a special prefix for the default variable names so that we do not step on the cascading pipeline
+        # settings
+
         $configuration = [PSCustomObject]@{
-          BuildReason = "$Env:BUILD_REASON"
-          BuildSourceBranchName = "$Env:BUILD_SOURCEBRANCHNAME"
-          BuildSourceBranch = "$Env:BUILD_SOURCEBRANCH"
-          BuildId = "$Env:BUILD_BUILDID"
           DOTNET_PLATFORMS = "$Env:CONFIGURE_PLATFORMS_DOTNET_PLATFORMS"
         }
 
+        $defaultBuildVariables = @(
+            "BUILD_BUILDID",
+            "BUILD_BUILDNUMBER",
+            "BUILD_BUILDURI",
+            "BUILD_BINARIESDIRECTORY",
+            "BUILD_DEFINITIONNAME",
+            "BUILD_REASON",
+            "BUILD_REPOSITORY_ID",
+            "BUILD_REPOSITORY_NAME",
+            "BUILD_REPOSITORY_PROVIDER",
+            "BUILD_REPOSITORY_URI",
+            "BUILD_SOURCEBRANCH",
+            "BUILD_SOURCEBRANCHNAME"
+        )
+
+        # loop over the default build enviroments and add them with a prefix to the configuration objects
+        foreach ($buildVariable in $defaultBuildVariables) {
+            $variableName = "PARENT_BUILD_$buildVariable"
+            $variableValue = [Environment]::GetEnvironmentVariable($buildVariable)
+            $configuration | Add-Member -NotePropertyName $variableName -NotePropertyValue $variableValue
+        }
+
         # For each .NET platform we support, add a INCLUDE_DOTNET_<platform> variable specifying whether that platform is enabled or not.
         $dotnetPlatforms = $configuration.DOTNET_PLATFORMS.Split(' ', [StringSplitOptions]::RemoveEmptyEntries)
         foreach ($platform in $dotnetPlatforms) {
@@ -331,7 +404,7 @@ class BuildConfiguration {
 
         # calculate the commit to later share it with the cascade pipelines
         if ($Env:BUILD_REASON -eq "PullRequest") {
-            $changeId = $configuration.BuildSourceBranch.Replace("refs/pull/", "").Replace("/merge", "")
+            $changeId = $configuration.PARENT_BUILD_BUILD_SOURCEBRANCH.Replace("refs/pull/", "").Replace("/merge", "")
         } else {
             $changeId = $Env:BUILD_SOURCEVERSION
         }
@@ -345,12 +418,12 @@ class BuildConfiguration {
             $tags.Add("cronjob")
         }
 
-        if ($configuration.BuildReason -eq "PullRequest" -or (($configuration.BuildReason -eq "Manual") -and ($configuration.BuildSourceBranchName -eq "merge")) ) {
+        if ($configuration.BuildReason -eq "PullRequest" -or (($configuration.BuildReason -eq "Manual") -and ($configuration.PARENT_BUILD_BUILD_SOURCEBRANCH -eq "merge")) ) {
           Write-Host "Configuring build from PR."
           # This is an interesting step, we do know we are dealing with a PR, but we need the PR id to
           # be able to get the labels, the buildSourceBranch follows the pattern: refs/pull/{ChangeId}/merge
           # we could use a regexp but then we would have two problems instead of one
-          $changeId = $configuration.BuildSourceBranch.Replace("refs/pull/", "").Replace("/merge", "")
+          $changeId = $configuration.PARENT_BUILD_BUILD_SOURCEBRANCH.Replace("refs/pull/", "").Replace("/merge", "")
 
           # add a var with the change id, which can be later consumed by some of the old scripts from
           # jenkins
@@ -403,7 +476,7 @@ class BuildConfiguration {
             $tags.Add("ciBuild")
           }
           # set the name of the branch under build
-          $tags.Add("$($configuration.BuildSourceBranchName)")
+          $tags.Add("$($configuration.PARENT_BUILD_BUILD_SOURCEBRANCHNAME)")
           Write-Host "##vso[task.setvariable variable=prBuild;isOutput=true]False"
         }
         # Remove empty entries
@@ -706,11 +779,33 @@ function Import-BuildConfiguration {
     return $buildConfiguration.Import($ConfigFile)
 }
 
+function Edit-BuildConfiguration {
+    param
+    (
+
+        [Parameter(Mandatory)]
+        [string]
+        $ConfigKey,
+
+        [Parameter(Mandatory)]
+        [string]
+        $ConfigValue,
+
+        [Parameter(Mandatory)]
+        [string]
+        $ConfigFile
+    )
+    $buildConfiguration = [BuildConfiguration]::new()
+    return $buildConfiguration.Update($ConfigKey, $ConfigValue, $ConfigFile)
+}
+
+
 # export public functions, other functions are private and should not be used ouside the module.
 Export-ModuleMember -Function Stop-Pipeline
 Export-ModuleMember -Function Set-PipelineResult
 Export-ModuleMember -Function Set-BuildTags
 Export-ModuleMember -Function New-VSTS
 Export-ModuleMember -Function New-BuildConfiguration
 Export-ModuleMember -Function Import-BuildConfiguration
+Export-ModuleMember -Function Edit-BuildConfiguration
 Export-ModuleMember -Function Get-YamlPreview
diff --git a/tools/devops/automation/templates/common/configure.yml b/tools/devops/automation/templates/common/configure.yml
@@ -53,6 +53,7 @@ steps:
 - pwsh: |
     Import-Module $Env:SYSTEM_DEFAULTWORKINGDIRECTORY/xamarin-macios/tools/devops/automation/scripts/MaciosCI.psd1
     $jsonPath = Join-Path -Path "$(Build.ArtifactStagingDirectory)" -ChildPath "configuration.json"
+    Write-Host "##vso[task.setvariable variable=CONFIG_PATH]$jsonPath"
     New-BuildConfiguration -ConfigFile $jsonPath
   env:
     GITHUB_TOKEN: $(GitHub.Token)
@@ -81,6 +82,9 @@ steps:
     Write-Host "$testMatrix"
     $testMatrix = $testMatrix | ConvertFrom-Json | ConvertTo-Json -Compress
     Write-Host "##vso[task.setvariable variable=TEST_MATRIX;isOutput=true]$testMatrix"
+    # update the config file so that we do not recalculate the matrix in other pipelines
+    Edit-BuildConfiguration -ConfigKey TEST_MATRIX -ConfigValue $testMatrix -ConfigFile $Env:CONFIG_PATH
+    #CONFIG_PATH
   name: test_matrix
   displayName: 'Create tests strategy matrix'
   env:
@@ -97,6 +101,7 @@ steps:
       $apiScanMatrix = $apiScanMatrix | ConvertFrom-Json | ConvertTo-Json -Compress
     }
     Write-Host "##vso[task.setvariable variable=APISCAN_MATRIX;isOutput=true]$apiScanMatrix"
+    Edit-BuildConfiguration -ConfigKey APISCAN_MATRIX -ConfigValue $apiScanMatrix -ConfigFile $Env:CONFIG_PATH
   name: apiscan_matrix
   displayName: 'Create APIScan matrix'
 

diff --git a/tools/devops/automation/templates/governance/apiscan.yml b/tools/devops/automation/templates/governance/apiscan.yml
@@ -50,7 +50,7 @@ steps:
     verbosityLevel: standard
     preserveLogsFolder: true
   env:
-    AzureServicesAuthConnectionString: RunAs=App;AppId=$(CLIENT_ID);
+    AzureServicesAuthConnectionString: RunAs=App;AppId=$(CLIENT_ID)
 
 - task: PublishSecurityAnalysisLogs@3
   displayName: Publish Security Analysis Logs

diff --git a/tools/devops/automation/templates/release/vs-insertion-prep.yml b/tools/devops/automation/templates/release/vs-insertion-prep.yml
@@ -53,6 +53,7 @@ stages:
   - template: sign-artifacts/jobs/v2.yml@yaml-templates
     parameters:
       use1ESTemplate: true
+      enabledCredScan: false
       signedArtifactName: '${{ parameters.uploadPrefix }}nuget-signed'
       artifactName: '${{ parameters.uploadPrefix }}not-signed-package'
       signType: Real