diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml deleted file mode 100644 index 52876708d..000000000 --- a/.github/workflows/codeql.yaml +++ /dev/null @@ -1,73 +0,0 @@ -name: "CodeQL" - -on: - push: - branches: [ "master" ] - pull_request: - branches: [ "master" ] - schedule: - - cron: '21 22 * * 2' - -jobs: - analyze: - name: Analyze - # Runner size impacts CodeQL analysis time. To learn more, please see: - # - https://gh.io/recommended-hardware-resources-for-running-codeql - # - https://gh.io/supported-runners-and-hardware-resources - # - https://gh.io/using-larger-runners - # Consider using larger runners for possible analysis time improvements. - runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} - timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }} - permissions: - # required for all workflows - security-events: write - - # only required for workflows in private repositories - actions: read - contents: read - - strategy: - fail-fast: false - matrix: - language: [ 'javascript-typescript' ] - # CodeQL supports [ 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' ] - # Use only 'java-kotlin' to analyze code written in Java, Kotlin or both - # Use only 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both - # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - - # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs - # queries: security-extended,security-and-quality - - - # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v3 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun - - # If the Autobuild fails above, remove it and uncomment the following three lines. - # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. - - # - run: | - # echo "Run, Build Application using script" - # ./location_of_script_within_repo/buildscript.sh - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 - with: - category: "/language:${{matrix.language}}" diff --git a/ado-codeql.yml b/ado-codeql.yml deleted file mode 100644 index 13afea714..000000000 --- a/ado-codeql.yml +++ /dev/null @@ -1,163 +0,0 @@ -jobs: - - job: "Javascript_AND_Powershell_CodeQL_Reporting" - variables: - ApplicationInsightAgentVersion: 3.4.16 - Codeql.Enabled: true - Codeql.Language: javascript, powershell - Codeql.Cadence: 0 - - pool: - name: '1ES-Hosted-AzFunc' - demands: - - ImageOverride -equals MMS2019TLS - - steps: - - checkout: self - - task: CodeQL3000Init@0 - inputs: - Enabled: true - Language: javascript, powershell - Cadence: 0 - # ExcludePathPatterns: $(Build.SourcesDirectory)\tests - - - task: CodeQL3000Finalize@0 - condition: always() - - - job: "Java_CodeQL_Reporting" - variables: - ApplicationInsightAgentVersion: 3.4.16 - Codeql.Enabled: true - Codeql.Language: java - Codeql.Cadence: 0 - - pool: - name: '1ES-Hosted-AzFunc' - demands: - - ImageOverride -equals MMS2022TLS - - steps: - - checkout: self - - task: CodeQL3000Init@0 - inputs: - Enabled: true - Language: java - Cadence: 0 - # ExcludePathPatterns: $(Build.SourcesDirectory)\tests - - # Build tasks needed for java - - bash: | - echo $BuildFolderPath - cd $BuildFolderPath - mvn clean package - mvn azure-functions:package - displayName: 'Build project for java language' - env: - BuildFolderPath: '$(Build.Repository.LocalPath)\tests\e2e\java8' - - - task: CodeQL3000Finalize@0 - condition: always() - - - job: "Csharp_CodeQL_Reporting" - variables: - ApplicationInsightAgentVersion: 3.4.16 - Codeql.Enabled: true - Codeql.Language: csharp - Codeql.Cadence: 0 - - pool: - name: '1ES-Hosted-AzFunc' - demands: - - ImageOverride -equals MMS2022TLS - - steps: - - checkout: self - - task: CodeQL3000Init@0 - inputs: - Enabled: true - Language: csharp - Cadence: 0 - # ExcludePathPatterns: $(Build.SourcesDirectory)\tests - - # Build task needed for csharp - # CodeQL WILL NOT WORK for compiled languages if there are no build tasks here - - task: UseDotNet@2 - displayName: 'Use .NET Core sdk' - inputs: - packageType: sdk - version: 3.1.x - installationPath: $(Agent.ToolsDirectory)\dotnet - - - pwsh: | - echo $env:BuildFolderPath - cd $env:BuildFolderPath - dotnet --version - dotnet build - displayName: 'Build project for csharp language' - env: - BuildFolderPath: '$(Build.Repository.LocalPath)\tests\e2e\dotnet3' - - - task: CodeQL3000Finalize@0 - condition: always() - - - - job: "Python_CodeQL_Reporting" - variables: - ApplicationInsightAgentVersion: 3.4.16 - BuildFolderPath: '$(Build.Repository.LocalPath)\tests\e2e\python3' - Codeql.Enabled: true - Codeql.Language: python - Codeql.Cadence: 0 - - pool: - name: '1ES-Hosted-AzFunc' - demands: - - ImageOverride -equals MMS2022TLS - - steps: - - checkout: self - - task: CodeQL3000Init@0 - inputs: - Enabled: true - Language: python - Cadence: 0 - # ExcludePathPatterns: $(Build.SourcesDirectory)\tests - - # Build task needed for python - # CodeQL WILL NOT WORK for compiled languages if there are no build tasks here - - task: UsePythonVersion@0 - inputs: - versionSpec: '3.7' - - - bash: | - echo $BuildFolderPy37Path - pushd $BuildFolderPy37Path - python --version - python -m pip install --upgrade pip - pip install -r requirements.txt --target=".python_packages/lib/site-packages" - popd - - cd $BuildFolderPath - python --version - # Add your build commands here - - displayName: 'Build project for python language' - env: - BuildFolderPy37Path: '$(Build.Repository.LocalPath)\tests\e2e\python37' - - - task: UsePythonVersion@0 - inputs: - versionSpec: '3.10' - - - bash: | - echo $BuildFolderPy310Path - pushd $BuildFolderPy310Path - python --version - python -m pip install --upgrade pip - pip install -r requirements.txt --target=".python_packages/lib/site-packages" - popd - displayName: 'Build project for python 3.10' - env: - BuildFolderPy310Path: '$(Build.Repository.LocalPath)\tests\e2e\python310' - - - task: CodeQL3000Finalize@0 - condition: always() \ No newline at end of file diff --git a/eng/ci/official-build.yml b/eng/ci/official-build.yml new file mode 100644 index 000000000..a7139a102 --- /dev/null +++ b/eng/ci/official-build.yml @@ -0,0 +1,49 @@ +schedules: +- cron: "30 22 * * 2" + displayName: Nightly Build + branches: + include: + - master + always: true + +trigger: + batch: true + branches: + include: + - master + - releases/* + +pr: none + +resources: + repositories: + - repository: 1es + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release + - repository: eng + type: git + name: engineering + ref: refs/tags/release + +variables: + - template: ci/variables/build.yml@eng + - template: ci/variables/cfs.yml@eng + +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1es + parameters: + pool: + name: 1es-pool-azfunc + image: 1es-windows-2022 + os: windows + + sdl: + codeql: + runSourceLanguagesInSourceAnalysis: true + + stages: + - stage: Build + + jobs: + - template: /eng/ci/templates/jobs/build.yml@self \ No newline at end of file diff --git a/eng/ci/public-build.yml b/eng/ci/public-build.yml new file mode 100644 index 000000000..97a2d15af --- /dev/null +++ b/eng/ci/public-build.yml @@ -0,0 +1,47 @@ +schedules: +- cron: "30 22 * * 2" + displayName: Nightly Build + branches: + include: + - master + always: true + +trigger: + batch: true + branches: + include: + - master + +pr: + branches: + include: + - master + +resources: + repositories: + - repository: 1es + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release + +extends: + template: v1/1ES.Unofficial.PipelineTemplate.yml@1es + parameters: + pool: + name: 1es-pool-azfunc-public + image: 1es-windows-2022 + os: windows + + sdl: + codeql: + compiled: + enabled: true + runSourceLanguagesInSourceAnalysis: true + + stages: + - stage: Build + + jobs: + - template: /eng/ci/templates/jobs/build.yml@self + parameters: + pool: '1es-pool-azfunc-public' \ No newline at end of file diff --git a/eng/ci/templates/jobs/build.yml b/eng/ci/templates/jobs/build.yml new file mode 100644 index 000000000..3b80a60cd --- /dev/null +++ b/eng/ci/templates/jobs/build.yml @@ -0,0 +1,53 @@ +parameters: +- name: pool + type: string + default: '1es-pool-azfunc' + +jobs: + - job: Build + displayName: 'Build' + + pool: + name: ${{ parameters.pool }} + image: 1es-ubuntu-22.04 + os: linux + + variables: + NODE_VERSION: '20.x' + + steps: + - checkout: self + + - task: UseNode@1 + inputs: + version: ${{ variables.NODE_VERSION }} + displayName: 'Setup Node' + + - task: Npm@1 + inputs: + command: 'install' + displayName: 'Install dependencies' + + - task: Npm@1 + inputs: + command: 'custom' + customCommand: 'run build' + displayName: 'Build' + + - bash: | + cd ./tests/e2e/java8 + mvn clean package + mvn azure-functions:package + displayName: 'Build project for java language' + + - task: UseDotNet@2 + displayName: 'Use .NET Core sdk' + inputs: + packageType: sdk + version: 3.1.x + + - pwsh: | + cd ./tests/e2e/dotnet3 + dotnet --version + dotnet build + displayName: 'Build project for csharp language' \ No newline at end of file