diff --git a/build/pipelines/azure-pipelines.ci-internal.yaml b/build/pipelines/azure-pipelines.ci-internal.yaml index dcfbadaa..513c3d3e 100644 --- a/build/pipelines/azure-pipelines.ci-internal.yaml +++ b/build/pipelines/azure-pipelines.ci-internal.yaml @@ -12,47 +12,64 @@ pr: none name: 0.$(Date:yyMM).$(DayOfMonth)$(Rev:rr).0 -jobs: -- template: ./templates/build-single-architecture.yaml - parameters: - isReleaseBuild: true - useReleaseAppxManifest: false - platform: x64 +resources: + repositories: + - repository: 1esPipelines + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release -- template: ./templates/build-single-architecture.yaml +extends: + template: v1/1ES.Unofficial.PipelineTemplate.yml@1esPipelines parameters: - isReleaseBuild: true - useReleaseAppxManifest: false - platform: x86 + pool: + name: EssentialExperiences-windows-2022 + image: MMSWindows2022-Secure + os: windows -- template: ./templates/build-single-architecture.yaml - parameters: - isReleaseBuild: true - useReleaseAppxManifest: false - platform: ARM + stages: + - stage: + jobs: + - template: ./templates/build-single-architecture.yaml + parameters: + isReleaseBuild: true + useReleaseAppxManifest: false + platform: x64 -- template: ./templates/build-single-architecture.yaml - parameters: - isReleaseBuild: true - useReleaseAppxManifest: false - platform: ARM64 + - template: ./templates/build-single-architecture.yaml + parameters: + isReleaseBuild: true + useReleaseAppxManifest: false + platform: x86 -- template: ./templates/run-ui-tests.yaml - parameters: - platform: x64 - runsettingsFileName: CalculatorUITests.ci-internal.runsettings + - template: ./templates/build-single-architecture.yaml + parameters: + isReleaseBuild: true + useReleaseAppxManifest: false + platform: ARM -- template: ./templates/run-ui-tests.yaml - parameters: - platform: x86 - runsettingsFileName: CalculatorUITests.ci-internal.runsettings + - template: ./templates/build-single-architecture.yaml + parameters: + isReleaseBuild: true + useReleaseAppxManifest: false + platform: ARM64 -- template: ./templates/run-unit-tests.yaml - parameters: - platform: x64 + - template: ./templates/run-ui-tests.yaml + parameters: + platform: x64 + runsettingsFileName: CalculatorUITests.ci-internal.runsettings -- template: ./templates/run-unit-tests.yaml - parameters: - platform: x86 + - template: ./templates/run-ui-tests.yaml + parameters: + platform: x86 + runsettingsFileName: CalculatorUITests.ci-internal.runsettings -- template: ./templates/package-msixbundle.yaml + - template: ./templates/run-unit-tests.yaml + parameters: + platform: x64 + + - template: ./templates/run-unit-tests.yaml + parameters: + platform: x86 + + - template: ./templates/package-msixbundle.yaml diff --git a/build/pipelines/azure-pipelines.ci.yaml b/build/pipelines/azure-pipelines.ci.yaml index db8d1849..b3f54f85 100644 --- a/build/pipelines/azure-pipelines.ci.yaml +++ b/build/pipelines/azure-pipelines.ci.yaml @@ -15,46 +15,59 @@ pr: name: 0.$(Date:yyMM).$(DayOfMonth)$(Rev:rr).0 -jobs: -- template: ./templates/build-single-architecture.yaml - parameters: - platform: x64 - isOSSBuild: true +resources: + repositories: + - repository: 1esPipelines + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release -- template: ./templates/build-single-architecture.yaml +extends: + template: v1/1ES.Unofficial.PipelineTemplate.yml@1esPipelines parameters: - platform: x86 - isOSSBuild: true - condition: not(eq(variables['Build.Reason'], 'PullRequest')) + pool: + name: EssentialExperiencesOpenSource-windows-2022 + image: MMSWindows2022-Secure + os: windows -- template: ./templates/build-single-architecture.yaml - parameters: - platform: ARM - isOSSBuild: true - condition: not(eq(variables['Build.Reason'], 'PullRequest')) + stages: + - stage: Calculator + jobs: + - template: ./templates/build-single-architecture.yaml + parameters: + platform: x64 -- template: ./templates/build-single-architecture.yaml - parameters: - platform: ARM64 - isOSSBuild: true - condition: not(eq(variables['Build.Reason'], 'PullRequest')) + - template: ./templates/build-single-architecture.yaml + parameters: + platform: x86 + condition: not(eq(variables['Build.Reason'], 'PullRequest')) -- template: ./templates/run-ui-tests.yaml - parameters: - platform: x64 - isOSSBuild: true - runsettingsFileName: CalculatorUITests.ci.runsettings + - template: ./templates/build-single-architecture.yaml + parameters: + platform: ARM + isOSSBuild: true + condition: not(eq(variables['Build.Reason'], 'PullRequest')) -- template: ./templates/run-unit-tests.yaml - parameters: - platform: x64 - isOSSBuild: true + - template: ./templates/build-single-architecture.yaml + parameters: + platform: ARM64 + isOSSBuild: true + condition: not(eq(variables['Build.Reason'], 'PullRequest')) -- template: ./templates/run-unit-tests.yaml - parameters: - platform: x86 - isOSSBuild: true + - template: ./templates/run-ui-tests.yaml + parameters: + platform: x64 + isOSSBuild: true + runsettingsFileName: CalculatorUITests.ci.runsettings -- template: ./templates/package-msixbundle.yaml - parameters: - isOSSBuild: true + - template: ./templates/run-unit-tests.yaml + parameters: + platform: x64 + + - template: ./templates/run-unit-tests.yaml + parameters: + platform: x86 + + - template: ./templates/package-msixbundle.yaml + parameters: + isOSSBuild: true diff --git a/build/pipelines/azure-pipelines.release.yaml b/build/pipelines/azure-pipelines.release.yaml index 2faec2d2..6f4c5b3b 100644 --- a/build/pipelines/azure-pipelines.release.yaml +++ b/build/pipelines/azure-pipelines.release.yaml @@ -8,63 +8,80 @@ trigger: none pr: none variables: - versionMajor: 11 + versionMajor: 0 # TODO: revert this to 11 before checking in the code versionMinor: 2310 versionBuild: $[counter(format('{0}.{1}.*', variables['versionMajor'], variables['versionMinor']), 0)] versionPatch: 0 name: '$(versionMajor).$(versionMinor).$(versionBuild).$(versionPatch)' -jobs: -- template: ./templates/build-single-architecture.yaml - parameters: - platform: x64 - isReleaseBuild: true - useReleaseAppxmanifest: true +resources: + repositories: + - repository: 1esPipelines + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release -- template: ./templates/build-single-architecture.yaml +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines parameters: - platform: x86 - isReleaseBuild: true - useReleaseAppxmanifest: true - condition: not(eq(variables['Build.Reason'], 'PullRequest')) + pool: + name: EssentialExperiences-windows-2022 + image: MMSWindows2022-Secure + os: windows -- template: ./templates/build-single-architecture.yaml - parameters: - platform: ARM - isReleaseBuild: true - useReleaseAppxmanifest: true - condition: not(eq(variables['Build.Reason'], 'PullRequest')) + stages: + - stage: Calculator + jobs: + - template: ./templates/build-single-architecture.yaml + parameters: + platform: x64 + isReleaseBuild: true + useReleaseAppxmanifest: true -- template: ./templates/build-single-architecture.yaml - parameters: - platform: ARM64 - isReleaseBuild: true - useReleaseAppxmanifest: true - condition: not(eq(variables['Build.Reason'], 'PullRequest')) + - template: ./templates/build-single-architecture.yaml + parameters: + platform: x86 + isReleaseBuild: true + useReleaseAppxmanifest: true + condition: not(eq(variables['Build.Reason'], 'PullRequest')) -- template: ./templates/run-ui-tests.yaml - parameters: - platform: x64 - runsettingsFileName: CalculatorUITests.release.runsettings + - template: ./templates/build-single-architecture.yaml + parameters: + platform: ARM + isReleaseBuild: true + useReleaseAppxmanifest: true + condition: not(eq(variables['Build.Reason'], 'PullRequest')) -- template: ./templates/run-ui-tests.yaml - parameters: - platform: x86 - runsettingsFileName: CalculatorUITests.release.runsettings + - template: ./templates/build-single-architecture.yaml + parameters: + platform: ARM64 + isReleaseBuild: true + useReleaseAppxmanifest: true + condition: not(eq(variables['Build.Reason'], 'PullRequest')) -- template: ./templates/run-unit-tests.yaml - parameters: - platform: x64 + - template: ./templates/run-ui-tests.yaml + parameters: + platform: x64 + runsettingsFileName: CalculatorUITests.release.runsettings -- template: ./templates/run-unit-tests.yaml - parameters: - platform: x86 + - template: ./templates/run-ui-tests.yaml + parameters: + platform: x86 + runsettingsFileName: CalculatorUITests.release.runsettings -- template: ./templates/package-msixbundle.yaml - parameters: - signBundle: true - createStoreBrokerPackages: true + - template: ./templates/run-unit-tests.yaml + parameters: + platform: x64 -- template: ./templates/release-store.yaml -- template: ./templates/release-vpack.yaml + - template: ./templates/run-unit-tests.yaml + parameters: + platform: x86 + + - template: ./templates/package-msixbundle.yaml + parameters: + signBundle: true + createStoreBrokerPackages: true + + - template: ./templates/release-store.yaml + - template: ./templates/release-vpack.yaml diff --git a/build/pipelines/templates/build-single-architecture.yaml b/build/pipelines/templates/build-single-architecture.yaml index ff5be3b4..c0247ae1 100644 --- a/build/pipelines/templates/build-single-architecture.yaml +++ b/build/pipelines/templates/build-single-architecture.yaml @@ -2,7 +2,6 @@ parameters: isReleaseBuild: false - isOSSBuild: false useReleaseAppxManifest: false platform: '' condition: '' @@ -11,11 +10,6 @@ jobs: - job: Build${{ parameters.platform }} displayName: Build ${{ parameters.platform }} condition: ${{ parameters.condition }} - pool: - ${{ if eq(parameters.isOSSBuild, true) }}: - name: EssentialExperiencesOpenSource-windows-2022 - ${{ if eq(parameters.isOSSBuild, false) }}: - name: EssentialExperiences-windows-2022 variables: BuildConfiguration: Release BuildPlatform: ${{ parameters.platform }} @@ -33,14 +27,17 @@ jobs: ManifestFileName: 'Package.appxmanifest' ${{ if eq(parameters.useReleaseAppxManifest, true) }}: ManifestFileName: 'Package.Release.appxmanifest' + templateContext: + outputs: + - output: pipelineArtifact + displayName: Publish drop artifact + targetPath: $(Build.BinariesDirectory) + artifactName: drop + steps: - checkout: self fetchDepth: 1 - - ${{ if eq(parameters.isOSSBuild, true) }}: - - task: nuget-security-analysis@0 - displayName: Secure Supply Chain Analysis - - ${{ if eq(parameters.isReleaseBuild, true) }}: - task: UniversalPackages@0 displayName: Download internals package @@ -78,21 +75,6 @@ jobs: configuration: $(BuildConfiguration) maximumCpuCount: true - - ${{ if eq(parameters.isReleaseBuild, true) }}: - - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: 'Generate Software Bill of Material(SBoM)' - inputs: - BuildDropPath: $(Build.BinariesDirectory)\$(BuildConfiguration)\$(BuildPlatform)\Calculator - PackageName: 'Microsoft.WindowsCalculator' - PackageVersion: $(Build.BuildNumber) - - - task: PublishBuildArtifacts@1 - displayName: Publish drop artifact - inputs: - artifactName: drop - pathToPublish: $(Build.BinariesDirectory) - parallel: true - - ${{ if eq(parameters.isReleaseBuild, true) }}: - task: PublishSymbols@2 displayName: Publish symbols @@ -102,45 +84,7 @@ jobs: symbolServerType: teamServices treatNotIndexedAsWarning: true - - task: CopyFiles@2 - displayName: Copy Files for BinSkim analysis - inputs: - SourceFolder: '$(Build.BinariesDirectory)\$(BuildConfiguration)\$(BuildPlatform)\Calculator\' - # Setting up a folder to store all the binary files that we need BinSkim to scan. - # If we put more things than we produce pdbs for and can index (such as nuget packages that ship without pdbs), binskim will fail. - # Below are ignored files - # - clrcompression.dll - # - WebView2Loader.dll - # - Microsoft.Web.WebView2.Core.dll - Contents: | - **\* - !**\clrcompression.dll - !**\WebView2Loader.dll - !**\Microsoft.Web.WebView2.Core.dll - TargetFolder: '$(Agent.BuildDirectory)\binskim' - CleanTargetFolder: true - OverWrite: true - flattenFolders: false - analyzeTarget: '$(Agent.BuildDirectory)\binskim\*' - - - task: securedevelopmentteam.vss-secure-development-tools.build-task-binskim.BinSkim@3 - displayName: Run BinSkim - inputs: - inputType: Basic - analyzeTarget: '$(Agent.BuildDirectory)\binskim\*' - analyzeVerbose: true - analyzeHashes: true - continueOnError: true - - task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@1 displayName: Run PoliCheck inputs: targetType: F - - - task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@2 - displayName: Publish security analysis logs - - - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: Detect open source components - inputs: - sourceScanPath: $(Agent.BuildDirectory) diff --git a/build/pipelines/templates/package-msixbundle.yaml b/build/pipelines/templates/package-msixbundle.yaml index 0ca7509e..a401281d 100644 --- a/build/pipelines/templates/package-msixbundle.yaml +++ b/build/pipelines/templates/package-msixbundle.yaml @@ -31,6 +31,24 @@ jobs: skipComponentGovernanceDetection: true StoreBrokerMediaRootPath: $(TEMP)\SBMedia StoreBrokerPackagePath: $(Build.ArtifactStagingDirectory)\storeBrokerPayload + templateContext: + outputs: + - ${{ if eq(parameters.signBundle, true) }}: + - output: pipelineArtifact + displayName: Publish MsixBundle artifact + targetPath: $(Build.ArtifactStagingDirectory)\msixBundle + artifactName: msixBundle + - ${{ if eq(parameters.signBundle, false) }}: + - output: pipelineArtifact + displayName: Publish MsixBundleSigned artifact + targetPath: $(Build.ArtifactStagingDirectory)\msixBundle + artifactName: msixBundleSigned + - ${{ if eq(parameters.createStoreBrokerPackages, true) }}: + - output: pipelineArtifact + displayName: Publish StoreBroker Payload artifact + targetPath: $(StoreBrokerPackagePath) + artifactName: storeBrokerPayload + steps: - checkout: self fetchDepth: 1 @@ -74,12 +92,6 @@ jobs: contents: Microsoft.WindowsCalculator_8wekyb3d8bbwe.msixbundle targetFolder: $(Build.ArtifactStagingDirectory)\msixBundle - - task: PublishBuildArtifacts@1 - displayName: Publish MsixBundle artifact - inputs: - artifactName: msixBundle - pathToPublish: $(Build.ArtifactStagingDirectory)\msixBundle - - ${{ if eq(parameters.signBundle, true) }}: - task: EsrpCodeSigning@2 displayName: Send msixbundle to code signing service @@ -114,11 +126,6 @@ jobs: "ToolVersion": "1.0" } ] - - task: PublishBuildArtifacts@1 - displayName: Publish MsixBundleSigned artifact - inputs: - pathtoPublish: $(Build.ArtifactStagingDirectory)\msixBundle - artifactName: msixBundleSigned - ${{ if eq(parameters.createStoreBrokerPackages, true) }}: - powershell: | @@ -152,9 +159,3 @@ jobs: pdpMediaPath: $(StoreBrokerMediaRootPath) outSBPackagePath: $(StoreBrokerPackagePath) outSBName: SBCalculator - - - task: PublishBuildArtifacts@1 - displayName: Publish StoreBroker Payload artifact - inputs: - pathtoPublish: $(StoreBrokerPackagePath) - artifactName: storeBrokerPayload diff --git a/build/pipelines/templates/release-store.yaml b/build/pipelines/templates/release-store.yaml index 551662ca..6001fa9b 100644 --- a/build/pipelines/templates/release-store.yaml +++ b/build/pipelines/templates/release-store.yaml @@ -3,8 +3,6 @@ jobs: - job: ReleaseStore dependsOn: Package - pool: - name: EssentialExperiences-windows-2022 variables: skipComponentGovernanceDetection: true StoreBrokerPackagePath: $(Build.ArtifactStagingDirectory)\storeBrokerPayload diff --git a/build/pipelines/templates/release-vpack.yaml b/build/pipelines/templates/release-vpack.yaml index 2de88a81..9d7a35a4 100644 --- a/build/pipelines/templates/release-vpack.yaml +++ b/build/pipelines/templates/release-vpack.yaml @@ -4,10 +4,15 @@ jobs: - job: ReleaseVPack dependsOn: Package - pool: - name: EssentialExperiences-windows-2022 variables: skipComponentGovernanceDetection: true + templateContext: + outputs: + - output: pipelineArtifact + displayName: Publish vpack\app artifact with vpack manifest + targetPath: $(XES_VPACKMANIFESTDIRECTORY)\$(XES_VPACKMANIFESTNAME) + artifactName: vpackManifest + steps: - checkout: none @@ -34,9 +39,3 @@ jobs: version: $(versionMajor).$(versionMinor).$(versionBuild) owner: paxeeapps provData: true - - - task: PublishBuildArtifacts@1 - displayName: Publish vpack\app artifact with vpack manifest - inputs: - pathtoPublish: $(XES_VPACKMANIFESTDIRECTORY)\$(XES_VPACKMANIFESTNAME) - artifactName: vpackManifest diff --git a/build/pipelines/templates/run-unit-tests.yaml b/build/pipelines/templates/run-unit-tests.yaml index 6411e243..bea59209 100644 --- a/build/pipelines/templates/run-unit-tests.yaml +++ b/build/pipelines/templates/run-unit-tests.yaml @@ -1,7 +1,6 @@ # This template contains jobs to run unit tests. parameters: - isOSSBuild: false platform: '' runsettingsFileName: '' @@ -10,11 +9,6 @@ jobs: displayName: UnitTests ${{ parameters.platform }} dependsOn: Build${{ parameters.platform }} condition: succeeded() - pool: - ${{ if eq(parameters.isOSSBuild, true) }}: - name: EssentialExperiencesOpenSource-windows-2022 - ${{ if eq(parameters.isOSSBuild, false) }}: - name: EssentialExperiences-windows-2022 variables: skipComponentGovernanceDetection: true steps: @@ -36,4 +30,4 @@ jobs: displayName: Run CalculatorUnitTests inputs: testAssemblyVer2: $(Build.ArtifactStagingDirectory)\drop\Release\${{ parameters.platform }}\CalculatorUnitTests\AppPackages\CalculatorUnitTests_Test\CalculatorUnitTests.msix - otherConsoleOptions: /Platform:${{ parameters.platform }} \ No newline at end of file + otherConsoleOptions: /Platform:${{ parameters.platform }}