From 36d010256035ed3387dd6da763044ad7c21611f1 Mon Sep 17 00:00:00 2001 From: Rainer Sigwald Date: Wed, 8 May 2024 11:52:27 -0500 Subject: [PATCH 1/4] Enable private feed references * Add AzureDevOps-Artifact-Feeds-Pats and use it in PR build legs * Disable 1ES checks on upstream feeds because .NET servicing requires a private cross-account feed. * File diff check only runs within src --- .vsts-dotnet-ci.yml | 44 ++++++++++++++++++++++++++++++++++++++++++++ .vsts-dotnet.yml | 15 +++++++++++++++ eng/build.ps1 | 2 +- 3 files changed, 60 insertions(+), 1 deletion(-) diff --git a/.vsts-dotnet-ci.yml b/.vsts-dotnet-ci.yml index daf200ae88e..92fa4cfc99a 100644 --- a/.vsts-dotnet-ci.yml +++ b/.vsts-dotnet-ci.yml @@ -3,6 +3,15 @@ trigger: - exp/* - vs* +variables: +- group: AzureDevOps-Artifact-Feeds-Pats +- name: cfsNugetWarnLevel + value: warn +- name: nugetMultiFeedWarnLevel + value: none +- name: NugetSecurityAnalysisWarningLevel + value: none + jobs: - job: CheckVersionBumpOnReleaseBranches displayName: "Check Version Bump On Release Branches" @@ -66,6 +75,13 @@ jobs: pool: vmImage: 'windows-2022' steps: + - task: PowerShell@2 + displayName: Setup Private Feeds Credentials + inputs: + filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.ps1 + arguments: -ConfigFile $(Build.SourcesDirectory)/NuGet.config -Password $Env:Token + env: + Token: $(dn-bot-dnceng-artifact-feeds-rw) - task: BatchScript@1 displayName: cibuild_bootstrapped_msbuild.cmd inputs: @@ -137,6 +153,13 @@ jobs: pool: vmImage: 'windows-2022' steps: + - task: PowerShell@2 + displayName: Setup Private Feeds Credentials + inputs: + filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.ps1 + arguments: -ConfigFile $(Build.SourcesDirectory)/NuGet.config -Password $Env:Token + env: + Token: $(dn-bot-dnceng-artifact-feeds-rw) - task: BatchScript@1 displayName: cibuild_bootstrapped_msbuild.cmd inputs: @@ -192,6 +215,13 @@ jobs: name: VSEngSS-MicroBuild2022-1ES demands: agent.os -equals Windows_NT steps: + - task: PowerShell@2 + displayName: Setup Private Feeds Credentials + inputs: + filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.ps1 + arguments: -ConfigFile $(Build.SourcesDirectory)/NuGet.config -Password $Env:Token + env: + Token: $(dn-bot-dnceng-artifact-feeds-rw) - task: BatchScript@1 displayName: cibuild.cmd inputs: @@ -266,6 +296,13 @@ jobs: pool: vmImage: 'ubuntu-latest' steps: + - task: Bash@3 + displayName: Setup Private Feeds Credentials + inputs: + filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.sh + arguments: $(Build.SourcesDirectory)/NuGet.config $Token + env: + Token: $(dn-bot-dnceng-artifact-feeds-rw) - bash: . 'eng/cibuild_bootstrapped_msbuild.sh' --onlyDocChanged $(onlyDocChanged) displayName: CI Build - task: PublishTestResults@2 @@ -323,6 +360,13 @@ jobs: pool: vmImage: 'macOS-latest' steps: + - task: Bash@3 + displayName: Setup Private Feeds Credentials + inputs: + filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.sh + arguments: $(Build.SourcesDirectory)/NuGet.config $Token + env: + Token: $(dn-bot-dnceng-artifact-feeds-rw) - bash: . 'eng/cibuild_bootstrapped_msbuild.sh' --onlyDocChanged $(onlyDocChanged) displayName: CI Build - task: PublishTestResults@2 diff --git a/.vsts-dotnet.yml b/.vsts-dotnet.yml index 26acd42299c..ee5b594f9a9 100644 --- a/.vsts-dotnet.yml +++ b/.vsts-dotnet.yml @@ -38,6 +38,13 @@ variables: - name: Codeql.Enabled value: true - group: DotNet-MSBuild-SDLValidation-Params + - group: AzureDevOps-Artifact-Feeds-Pats + - name: cfsNugetWarnLevel + value: warn + - name: nugetMultiFeedWarnLevel + value: none + - name: NugetSecurityAnalysisWarningLevel + value: none resources: repositories: @@ -110,6 +117,14 @@ extends: - task: NuGetToolInstaller@1 displayName: 'Install NuGet.exe' + - task: PowerShell@2 + displayName: Setup Private Feeds Credentials + inputs: + filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.ps1 + arguments: -ConfigFile $(Build.SourcesDirectory)/NuGet.config -Password $Env:Token + env: + Token: $(dn-bot-dnceng-artifact-feeds-rw) + - task: NuGetCommand@2 displayName: Restore internal tools inputs: diff --git a/eng/build.ps1 b/eng/build.ps1 index eaf7cc577d8..d71fa299fd8 100644 --- a/eng/build.ps1 +++ b/eng/build.ps1 @@ -150,7 +150,7 @@ function Set-OptProfVariables() { function Check-EditedFiles() { # Log VSTS errors for changed lines - git --no-pager diff HEAD --unified=0 --no-color --exit-code | ForEach-Object { "##vso[task.logissue type=error] $_" } + git --no-pager diff HEAD --unified=0 --no-color --exit-code -- src/ | ForEach-Object { "##vso[task.logissue type=error] $_" } if ($LASTEXITCODE -ne 0) { throw "##vso[task.logissue type=error] After building, there are changed files. Please build locally and include these changes in your pull request." } From 935659678f0044c76c23f8fddabf28c89f0f9e58 Mon Sep 17 00:00:00 2001 From: AR-May <67507805+AR-May@users.noreply.github.com> Date: Thu, 11 Jul 2024 14:57:57 +0200 Subject: [PATCH 2/4] Bump version --- eng/Versions.props | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/eng/Versions.props b/eng/Versions.props index 9f9705691ac..7667c6ff3c6 100644 --- a/eng/Versions.props +++ b/eng/Versions.props @@ -2,7 +2,7 @@ - 17.10.7release + 17.10.8release 17.8.3 15.1.0.0 preview From f3a945299b2ef3f29caab842c1ceb88dd627771c Mon Sep 17 00:00:00 2001 From: AR-May <67507805+AR-May@users.noreply.github.com> Date: Fri, 12 Jul 2024 17:18:34 +0200 Subject: [PATCH 3/4] Add condition excluding public PR pipeline --- .vsts-dotnet-ci.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.vsts-dotnet-ci.yml b/.vsts-dotnet-ci.yml index 92fa4cfc99a..2ce0d64a585 100644 --- a/.vsts-dotnet-ci.yml +++ b/.vsts-dotnet-ci.yml @@ -4,7 +4,8 @@ trigger: - vs* variables: -- group: AzureDevOps-Artifact-Feeds-Pats +- ${{ if eq(variables['System.TeamProject'], 'DevDiv') }}: + - group: AzureDevOps-Artifact-Feeds-Pats - name: cfsNugetWarnLevel value: warn - name: nugetMultiFeedWarnLevel From 234e7bcaded054c27c74f85c88a1ff225ec53e7f Mon Sep 17 00:00:00 2001 From: AR-May <67507805+AR-May@users.noreply.github.com> Date: Mon, 15 Jul 2024 16:34:10 +0200 Subject: [PATCH 4/4] Add condition to the task Setup Private Feeds Credentials --- .vsts-dotnet-ci.yml | 75 ++++++++++++++++++++++++--------------------- 1 file changed, 40 insertions(+), 35 deletions(-) diff --git a/.vsts-dotnet-ci.yml b/.vsts-dotnet-ci.yml index 2ce0d64a585..35e433c7596 100644 --- a/.vsts-dotnet-ci.yml +++ b/.vsts-dotnet-ci.yml @@ -76,13 +76,14 @@ jobs: pool: vmImage: 'windows-2022' steps: - - task: PowerShell@2 - displayName: Setup Private Feeds Credentials - inputs: - filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.ps1 - arguments: -ConfigFile $(Build.SourcesDirectory)/NuGet.config -Password $Env:Token - env: - Token: $(dn-bot-dnceng-artifact-feeds-rw) + - ${{ if eq(variables['System.TeamProject'], 'DevDiv') }}: + - task: PowerShell@2 + displayName: Setup Private Feeds Credentials + inputs: + filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.ps1 + arguments: -ConfigFile $(Build.SourcesDirectory)/NuGet.config -Password $Env:Token + env: + Token: $(dn-bot-dnceng-artifact-feeds-rw) - task: BatchScript@1 displayName: cibuild_bootstrapped_msbuild.cmd inputs: @@ -154,13 +155,14 @@ jobs: pool: vmImage: 'windows-2022' steps: - - task: PowerShell@2 - displayName: Setup Private Feeds Credentials - inputs: - filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.ps1 - arguments: -ConfigFile $(Build.SourcesDirectory)/NuGet.config -Password $Env:Token - env: - Token: $(dn-bot-dnceng-artifact-feeds-rw) + - ${{ if eq(variables['System.TeamProject'], 'DevDiv') }}: + - task: PowerShell@2 + displayName: Setup Private Feeds Credentials + inputs: + filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.ps1 + arguments: -ConfigFile $(Build.SourcesDirectory)/NuGet.config -Password $Env:Token + env: + Token: $(dn-bot-dnceng-artifact-feeds-rw) - task: BatchScript@1 displayName: cibuild_bootstrapped_msbuild.cmd inputs: @@ -216,13 +218,14 @@ jobs: name: VSEngSS-MicroBuild2022-1ES demands: agent.os -equals Windows_NT steps: - - task: PowerShell@2 - displayName: Setup Private Feeds Credentials - inputs: - filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.ps1 - arguments: -ConfigFile $(Build.SourcesDirectory)/NuGet.config -Password $Env:Token - env: - Token: $(dn-bot-dnceng-artifact-feeds-rw) + - ${{ if eq(variables['System.TeamProject'], 'DevDiv') }}: + - task: PowerShell@2 + displayName: Setup Private Feeds Credentials + inputs: + filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.ps1 + arguments: -ConfigFile $(Build.SourcesDirectory)/NuGet.config -Password $Env:Token + env: + Token: $(dn-bot-dnceng-artifact-feeds-rw) - task: BatchScript@1 displayName: cibuild.cmd inputs: @@ -297,13 +300,14 @@ jobs: pool: vmImage: 'ubuntu-latest' steps: - - task: Bash@3 - displayName: Setup Private Feeds Credentials - inputs: - filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.sh - arguments: $(Build.SourcesDirectory)/NuGet.config $Token - env: - Token: $(dn-bot-dnceng-artifact-feeds-rw) + - ${{ if eq(variables['System.TeamProject'], 'DevDiv') }}: + - task: Bash@3 + displayName: Setup Private Feeds Credentials + inputs: + filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.sh + arguments: $(Build.SourcesDirectory)/NuGet.config $Token + env: + Token: $(dn-bot-dnceng-artifact-feeds-rw) - bash: . 'eng/cibuild_bootstrapped_msbuild.sh' --onlyDocChanged $(onlyDocChanged) displayName: CI Build - task: PublishTestResults@2 @@ -361,13 +365,14 @@ jobs: pool: vmImage: 'macOS-latest' steps: - - task: Bash@3 - displayName: Setup Private Feeds Credentials - inputs: - filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.sh - arguments: $(Build.SourcesDirectory)/NuGet.config $Token - env: - Token: $(dn-bot-dnceng-artifact-feeds-rw) + - ${{ if eq(variables['System.TeamProject'], 'DevDiv') }}: + - task: Bash@3 + displayName: Setup Private Feeds Credentials + inputs: + filePath: $(Build.SourcesDirectory)/eng/common/SetupNugetSources.sh + arguments: $(Build.SourcesDirectory)/NuGet.config $Token + env: + Token: $(dn-bot-dnceng-artifact-feeds-rw) - bash: . 'eng/cibuild_bootstrapped_msbuild.sh' --onlyDocChanged $(onlyDocChanged) displayName: CI Build - task: PublishTestResults@2