diff options
author | Shuang Jiang <jiangshuang007@126.com> | 2021-08-27 05:45:47 +0300 |
---|---|---|
committer | Shuang Jiang <jiangshuang007@126.com> | 2021-08-27 05:45:47 +0300 |
commit | dc240a196ee23f99cc831e6276615b906ab3b52d (patch) | |
tree | 244b6ce008b1bbae124125c302f83e976d6149e0 | |
parent | eb27051faaeae0ca5e7a77688d28e666cb40d445 (diff) |
Update azure-pipelines.yml for Azure Pipelines
-rw-r--r-- | azure-pipelines.yml | 151 |
1 files changed, 150 insertions, 1 deletions
diff --git a/azure-pipelines.yml b/azure-pipelines.yml index d010d597..930cc07b 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -76,10 +76,159 @@ stages: AllTools: false CredScan: true BinSkim: true - ToolLogsNotFoundAction: 'Standard' + ToolLogsNotFoundAction: 'Standard' - task: ComponentGovernanceComponentDetection@0 inputs: scanType: 'Register' verbosity: 'Verbose' alertWarningLevel: 'High' + +- stage: Build + dependsOn: SDLCheck + jobs: + - job: Build + pool: + vmImage: 'macos-latest' + + steps: + - task: NuGetToolInstaller@1 + displayName: Install NuGet Tool + + - task: Bash@3 + displayName: Run Unit and Integration Tests + inputs: + targetType: 'inline' + script: 'make prepare all check CONFIGURATION=$(buildConfiguration)' + + - task: EsrpCodeSigning@1 + displayName: Sign executable and dll files + condition: and(succeeded(), ne(variables['Build.Reason'], 'PullRequest')) + inputs: + ConnectedServiceName: 'CodeSigning-APEX' + FolderPath: '$(mdocPath)' + UseMinimatch: true + signConfigType: inlineSignParams + SessionTimeout: '60' + MaxConcurrency: '100' + MaxRetryAttempts: '5' + Pattern: | + *.dll + *.exe + inlineOperation: | + [ + { + "KeyCode": "CP-230012", + "OperationSetCode": "SigntoolSign", + "parameters": [ + { + "parameterName": "OpusName", + "parameterValue": "Microsoft" + }, + { + "parameterName": "OpusInfo", + "parameterValue": "http://www.microsoft.com" + }, + { + "parameterName": "PageHash", + "parameterValue": "/NPH" + }, + { + "parameterName": "TimeStamp", + "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256" + }, + { + "parameterName": "FileDigest", + "parameterValue": "/fd \"SHA256\"" + } + ], + "ToolName": "sign", + "ToolVersion": "1.0" + }, + { + "KeyCode": "CP-230012", + "OperationSetCode": "SigntoolVerify", + "Parameters": [ + { + "parameterName": "VerifyAll", + "parameterValue": "/all" + } + ], + "ToolName": "sign", + "ToolVersion": "1.0" + } + ] + + - task: ArchiveFiles@2 + displayName: Archive mdoc Files + inputs: + rootFolderOrFile: '$(mdocPath)' + includeRootFolder: false + archiveType: 'zip' + archiveFile: '$(Build.ArtifactStagingDirectory)/zips/mdoc-$(Build.BuildNumber).zip' + replaceExistingArchive: true + + - task: PublishBuildArtifacts@1 + displayName: 'Publish mdoc Artifact' + inputs: + PathtoPublish: '$(Build.ArtifactStagingDirectory)/zips' + ArtifactName: 'mdoc.Artifact' + + - task: PowerShell@2 + name: 'mdocVersion' + displayName: 'Checking remote and local version of mdoc' + condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/main')) + inputs: + filePath: 'mdoc/CheckNugetPublish.ps1' + + - task: NuGetCommand@2 + displayName: 'Create a NuGet package for mdoc' + condition: eq(variables['mdocVersion.NeedUpdate'], true) + inputs: + command: 'pack' + packagesToPack: 'mdoc/mdoc.nuspec' + + - task: EsrpCodeSigning@1 + displayName: 'Sign NuGet packages' + condition: eq(variables['mdocVersion.NeedUpdate'], true) + inputs: + ConnectedServiceName: 'CodeSigning-APEX' + FolderPath: '$(Build.ArtifactStagingDirectory)' + Pattern: '*.nupkg' + signConfigType: inlineSignParams + inlineOperation: | + [ + { + "KeyCode" : "CP-401405", + "OperationSetCode" : "NuGetSign", + "Parameters" : [ + { + "parameterName": "TimeStamp", + "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256" + }, + { + "parameterName": "FileDigest", + "parameterValue": "/fd \"SHA256\"" + } + ], + "ToolName" : "sign", + "ToolVersion" : "1.0" + }, + { + "KeyCode" : "CP-401405", + "OperationSetCode" : "NuGetVerify", + "Parameters" : [], + "ToolName" : "sign", + "ToolVersion" : "1.0" + } + ] + SessionTimeout: 20 + + - task: NuGetCommand@2 + displayName: 'Publishing mdoc package to nuget.org' + condition: eq(variables['mdocVersion.NeedUpdate'], true) + inputs: + command: 'push' + packagesToPush: '$(Build.ArtifactStagingDirectory)/**/*.nupkg;!$(Build.ArtifactStagingDirectory)/**/*.symbols.nupkg' + nuGetFeedType: 'external' + publishFeedCredentials: 'mdoc_nuget_org'
\ No newline at end of file |