Skip to content

Commit

Permalink
[1/2] Switch release to official prod version (#396)
Browse files Browse the repository at this point in the history 
* Switch to official prod version

* add comment about rislyn task

* Define artifactsPath variable so we can reuse it at ither places

* mark artifactsPath variable as readonly

* use template path mentioned in 1espt doc
  • Loading branch information
@Haard30
Haard30 authored Jul 17, 2024
1 parent af6358e commit 1457e03
Showing 1 changed file with 47 additions and 31 deletions.
78 changes: 47 additions & 31 deletions .github/workflows/release-azure-pipelines.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,25 +30,28 @@ parameters:

variables:
- name: tags
value: "nonproduction"
value: "production"
readonly: true
- name: pythonVersion
value: 3.10
readonly: true
- name: artifactsPath
value: $(Build.ArtifactStagingDirectory)/azureauth-${{ parameters.version }}
readonly: true

trigger: none

pr: none

resources:
repositories:
- repository: CustomPipelineTemplates
- repository: OfficePipelineTemplates
type: git
name: 1ESPipelineTemplates/OfficePipelineTemplates
ref: refs/tags/release

extends:
template: v1/Office.Unofficial.PipelineTemplate.yml@CustomPipelineTemplates
template: v1/Office.Official.PipelineTemplate.yml@OfficePipelineTemplates
parameters:
pool:
name: Azure-Pipelines-1ESPT-ExDShared
Expand All @@ -59,6 +62,9 @@ extends:
name: Azure-Pipelines-1ESPT-ExDShared
image: windows-latest
os: windows
# This prevents auto-injected Roslyn task from running the build again.
roslyn:
copyLogsOnly: true
stages:
- stage: validate
displayName: Validate
Expand Down Expand Up @@ -110,12 +116,17 @@ extends:
vstsFeed: $(VSTS_FEED_ID)
includeNuGetOrg: false
arguments: --runtime ${{ config.runtime }}
# 1ES PT requires explicit build task for Roslyn analysis. Auto-injected Roslyn task will use build logs from this build.
- task: DotNetCoreCLI@2
displayName: Build projects
inputs:
command: 'build'
projects: '**/*.csproj'
- task: DotNetCoreCLI@2
displayName: Test
inputs:
command: test
arguments: --configuration release --no-restore

arguments: --configuration release --no-restore
- task: DotNetCoreCLI@2
displayName: Build artifacts
env:
Expand Down Expand Up @@ -143,11 +154,11 @@ extends:
inputs:
- input: pipelineArtifact
artifactName: azureauth-${{ parameters.version }}-${{ config.runtime }}
targetPath: $(Build.ArtifactStagingDirectory)/azureauth-${{ parameters.version }}-${{ config.runtime }}
targetPath: $(artifactsPath)-${{ config.runtime }}
outputs:
- output: pipelineArtifact
artifactName: azureauth-${{ parameters.version }}-${{ config.runtime }}-signed
targetPath: $(Build.ArtifactStagingDirectory)/azureauth-${{ parameters.version }}-${{ config.runtime }}-signed
targetPath: $(artifactsPath)-${{ config.runtime }}-signed
steps:
- task: EsrpCodeSigning@5
displayName: Sign artifacts win10-x64
Expand All @@ -159,7 +170,7 @@ extends:
AuthAKVName: $(AZURE_VAULT)
AuthCertName: $(AZURE_VAULT_ESRP_AAD_CERT_NAME)
AuthSignCertName: $(AZURE_VAULT_ESRP_REQ_CERT_NAME)
FolderPath: $(Build.ArtifactStagingDirectory)/azureauth-${{ parameters.version }}-${{ config.runtime }}/AzureAuth
FolderPath: $(artifactsPath)-${{ config.runtime }}/AzureAuth
Pattern: '*.dll,*.exe'
signConfigType: 'inlineSignParams'
inlineOperation: |
Expand Down Expand Up @@ -194,10 +205,10 @@ extends:
displayName: Codesigning - zip artifacts to send to ESRP
condition: startsWith('${{ config.runtime }}', 'osx')
inputs:
rootFolderOrFile: $(Build.ArtifactStagingDirectory)/azureauth-${{ parameters.version }}-${{ config.runtime }}
rootFolderOrFile: $(artifactsPath)-${{ config.runtime }}
includeRootFolder: false
archiveType: zip
archiveFile: $(Build.ArtifactStagingDirectory)/azureauth-${{ parameters.version }}-${{ config.runtime }}.zip
archiveFile: $(artifactsPath)-${{ config.runtime }}.zip
- task: EsrpCodeSigning@5
displayName: Sign artifacts osx
condition: startsWith('${{ config.runtime }}', 'osx')
Expand Down Expand Up @@ -236,8 +247,8 @@ extends:
displayName: Extract signed artifacts osx
condition: startsWith('${{ config.runtime }}', 'osx')
inputs:
archiveFilePatterns: $(Build.ArtifactStagingDirectory)/azureauth-${{ parameters.version }}-${{ config.runtime }}.zip
destinationFolder: $(Build.ArtifactStagingDirectory)/azureauth-${{ parameters.version }}-${{ config.runtime }}
archiveFilePatterns: $(artifactsPath)-${{ config.runtime }}.zip
destinationFolder: $(artifactsPath)-${{ config.runtime }}
cleanDestinationFolder: true
overwriteExistingFiles: true
# We rename the signed artifacts to avoid conflicts with the unsigned pipeline artifacts from the previous stage.
Expand Down Expand Up @@ -265,20 +276,26 @@ extends:
- ${{ each config in parameters.buildConfigs }}:
- input: pipelineArtifact
artifactName: azureauth-${{ parameters.version }}-${{ config.runtime }}-signed
targetPath: $(Build.ArtifactStagingDirectory)/azureauth-${{ parameters.version }}-${{ config.runtime }}-signed
targetPath: $(artifactsPath)-${{ config.runtime }}-signed
outputs:
- ${{ each config in parameters.buildConfigs }}:
- output: pipelineArtifact
artifactName: azureauth-${{ parameters.version }}-${{ config.runtime }}.${{ config.archiveExt }}
targetPath: $(Build.SourcesDirectory)/azureauth-${{ parameters.version }}-${{ config.runtime }}.${{ config.archiveExt }}
- output: pipelineArtifact
artifactName: azureauth-${{ parameters.version }}-packaged
targetPath: $(artifactsPath)-packaged
steps:
- task: PowerShell@2
displayName: Create directory to place packaged artifacts
inputs:
workingDirectory: $(Build.ArtifactStagingDirectory)
targetType: 'inline'
script: |
mkdir azureauth-${{ parameters.version }}-packaged
- task: ArchiveFiles@2
displayName: Create win10-x64 archive
inputs:
rootFolderOrFile: $(Build.ArtifactStagingDirectory)/azureauth-${{ parameters.version }}-win10-x64-signed/AzureAuth
rootFolderOrFile: $(artifactsPath)-win10-x64-signed/AzureAuth
includeRootFolder: false
archiveType: zip
archiveFile: azureauth-${{ parameters.version }}-win10-x64.zip
archiveFile: $(artifactsPath)-packaged/azureauth-${{ parameters.version }}-win10-x64.zip
- task: Bash@3
displayName: Prepare osx-x64 executables
inputs:
Expand All @@ -290,11 +307,11 @@ extends:
- task: ArchiveFiles@2
displayName: Create osx-x64 archive
inputs:
rootFolderOrFile: $(Build.ArtifactStagingDirectory)/azureauth-${{ parameters.version }}-osx-x64-signed/AzureAuth
rootFolderOrFile: $(artifactsPath)-osx-x64-signed/AzureAuth
includeRootFolder: false
archiveType: tar
tarCompression: gz
archiveFile: azureauth-${{ parameters.version }}-osx-x64.tar.gz
archiveFile: $(artifactsPath)-packaged/azureauth-${{ parameters.version }}-osx-x64.tar.gz
- task: Bash@3
displayName: Prepare osx-arm64 executables
inputs:
Expand All @@ -306,11 +323,11 @@ extends:
- task: ArchiveFiles@2
displayName: Create osx-arm64 archive
inputs:
rootFolderOrFile: $(Build.ArtifactStagingDirectory)/azureauth-${{ parameters.version }}-osx-arm64-signed/AzureAuth
rootFolderOrFile: $(artifactsPath)-osx-arm64-signed/AzureAuth
includeRootFolder: false
archiveType: tar
tarCompression: gz
archiveFile: azureauth-${{ parameters.version }}-osx-arm64.tar.gz
archiveFile: $(artifactsPath)-packaged/azureauth-${{ parameters.version }}-osx-arm64.tar.gz

- stage: release
displayName: Release
Expand All @@ -335,10 +352,9 @@ extends:
os: linux
templateContext:
inputs:
- ${{ each config in parameters.buildConfigs }}:
- input: pipelineArtifact
artifactName: azureauth-${{ parameters.version }}-${{ config.runtime }}.${{ config.archiveExt }}
targetPath: $(Build.ArtifactStagingDirectory)/azureauth-${{ parameters.version }}-${{ config.runtime }}.${{ config.archiveExt }}
- input: pipelineArtifact
artifactName: azureauth-${{ parameters.version }}-packaged
targetPath: $(artifactsPath)-packaged
steps:
- task: GitHubRelease@1
displayName: Create AzureAuth GitHub Release
Expand All @@ -350,11 +366,11 @@ extends:
tagSource: 'userSpecifiedTag'
tag: ${{ parameters.version }}
isPrerelease: ${{ parameters.prerelease }}
isDraft: true
isDraft: false
addChangeLog: false
releaseNotesSource: 'inline'
releaseNotesInline: "Release ${{ parameters.version }}. See [`CHANGELOG.md`](https://github.com/AzureAD/microsoft-authentication-cli/blob/${{ parameters.version }}/CHANGELOG.md) for updates."
assets: |
$(Build.ArtifactStagingDirectory)/azureauth-${{ parameters.version }}-win10-x64.zip/azureauth-${{ parameters.version }}-win10-x64.zip
$(Build.ArtifactStagingDirectory)/azureauth-${{ parameters.version }}-osx-x64.tar.gz/azureauth-${{ parameters.version }}-osx-x64.tar.gz
$(Build.ArtifactStagingDirectory)/azureauth-${{ parameters.version }}-osx-arm64.tar.gz/azureauth-${{ parameters.version }}-osx-arm64.tar.gz
$(artifactsPath)-packaged/azureauth-${{ parameters.version }}-win10-x64.zip
$(artifactsPath)-packaged/azureauth-${{ parameters.version }}-osx-x64.tar.gz
$(artifactsPath)-packaged/azureauth-${{ parameters.version }}-osx-arm64.tar.gz

0 comments on commit 1457e03

Please sign in to comment.