-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathazure-pipelines-1.yml
105 lines (87 loc) · 3.17 KB
/
azure-pipelines-1.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
# ASP.NET Core
# Build and test ASP.NET Core projects targeting .NET Core.
# Add steps that run tests, create a NuGet package, deploy, and more:
# https://docs.microsoft.com/azure/devops/pipelines/languages/dotnet-core
name: $(date:yyyy.MM.dd)$(rev:.r)
trigger: none
pr:
- master
pool:
vmImage: 'ubuntu-latest'
variables:
- group: mend-variables
- name: appName
value: 'pex-connector-aplos'
- name: solution
value: '**/*.sln'
- name: buildPlatform
value: 'Any CPU'
- name: buildconfiguration
value: 'Debug'
- name: dotnetVersion
value: '8.0'
- name: DOTNET_ROLL_FORWARD
value: 'Major' # needed for sonarcloud scanner
steps:
- task: UseDotNet@2
inputs:
packageType: 'sdk'
version: '$(dotnetVersion).x'
- task: SonarCloudPrepare@1
inputs:
SonarCloud: 'SonarCloud - tbaker'
organization: 'pex'
projectKey: '$(appName)'
projectName: '$(appName)'
projectVersion: '$(Build.BuildNumber)'
- script: dotnet build src --configuration $(buildConfiguration)
displayName: 'dotnet build $(buildConfiguration)'
- task: DotNetCoreCLI@2
displayName: 'dotnet test $(buildConfiguration)'
inputs:
command: test
projects: 'tests/**/*.csproj'
arguments: '--configuration $(buildConfiguration)'
- task: NodeTool@0
inputs:
versionSpec: '18.x'
displayName: 'Install node.js'
- script: |
npm install -g @angular/cli
cd src/AplosConnector.Web/ClientApp
NODE_OPTIONS=--openssl-legacy-provider npm install
NODE_OPTIONS=--openssl-legacy-provider npm run build -- --configuration production
displayName: 'npm install and ng build'
- task: SonarCloudAnalyze@1
- task: SonarCloudPublish@1
inputs:
pollingTimeoutSec: '300'
- task: Bash@3
displayName: "Mend"
continueOnError: true
env:
MEND_URL: $(MEND-URL)
MEND_EMAIL: $(MEND-EMAIL)
MEND_USER_KEY: $(MEND-USER-KEY)
MEND_LOG_LEVEL: DEBUG
inputs:
targetType: "inline"
failOnStderr: true
script: |
# https://github.com/mend-toolkit/mend-examples/blob/main/CI-CD/AzureDevOps/Mend%20CLI/AzureDevOps-linux.yaml
# https://curl.se/docs/optionswhen.html
echo Downloading mend cli...
curl https://downloads.mend.io/cli/linux_amd64/mend -sS -o /usr/local/bin/mend && chmod +x /usr/local/bin/mend
# https://docs.mend.io/bundle/integrations/page/configure_the_mend_cli_for_sca.html#Mend-CLI-SCA-parameters
mend dependencies --dir '$(System.DefaultWorkingDirectory)' --scope 'PEX//Marketplace//$(appName)' --non-interactive --update --fail-policy
# https://docs.mend.io/bundle/integrations/page/mend_cli_exit_codes.html
export dep_exit=$?
if [[ "$dep_exit" == "9" ]]; then
echo "##vso[task.logissue type=warning;] 🚨 Dependency scan policy violation."
echo "##vso[task.complete result=SucceededWithIssues;]"
elif [[ "$dep_exit" != "0" ]]; then
echo "##vso[task.logissue type=error;] ⚠️ Dependency scan failed. Exit code $dep_exit https://docs.mend.io/bundle/integrations/page/mend_cli_exit_codes.html"
echo "##vso[task.complete result=SucceededWithIssues;]"
else
echo "✅ No policy violations or failures occurred in dependencies scan"
fi