From bccd6dab23e050867dea283007ac4287addf7258 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 2 Aug 2024 14:48:09 -0700 Subject: [PATCH 01/49] Use MicroBuild template --- azure-pipelines/1esmain.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azure-pipelines/1esmain.yml b/azure-pipelines/1esmain.yml index 95ea88ba1c..fb9a658663 100644 --- a/azure-pipelines/1esmain.yml +++ b/azure-pipelines/1esmain.yml @@ -12,11 +12,11 @@ resources: repositories: - repository: 1esPipelines type: git - name: 1ESPipelineTemplates/1ESPipelineTemplates + name: 1ESPipelineTemplates/MicroBuildTemplate ref: refs/tags/release extends: - template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines + template: azure-pipelines/MicroBuild.1ES.Official.yml@1esPipelines parameters: sdl: credscan: From 7596666f46b2f8d556770b5f372e2740f82d753a Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 2 Aug 2024 15:29:35 -0700 Subject: [PATCH 02/49] Add teamname --- azure-pipelines/1esmain.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/azure-pipelines/1esmain.yml b/azure-pipelines/1esmain.yml index fb9a658663..41bd193ab1 100644 --- a/azure-pipelines/1esmain.yml +++ b/azure-pipelines/1esmain.yml @@ -18,6 +18,7 @@ resources: extends: template: azure-pipelines/MicroBuild.1ES.Official.yml@1esPipelines parameters: + TeamName: "AzureTools" sdl: credscan: suppressionsFile: $(Build.SourcesDirectory)\.azure-pipelines\compliance\CredScanSuppressions.json From 2de1b58624612e8a9e354d2d6926d731d10ab438 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 2 Aug 2024 15:30:54 -0700 Subject: [PATCH 03/49] undo --- azure-pipelines/1esmain.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/azure-pipelines/1esmain.yml b/azure-pipelines/1esmain.yml index 41bd193ab1..fb9a658663 100644 --- a/azure-pipelines/1esmain.yml +++ b/azure-pipelines/1esmain.yml @@ -18,7 +18,6 @@ resources: extends: template: azure-pipelines/MicroBuild.1ES.Official.yml@1esPipelines parameters: - TeamName: "AzureTools" sdl: credscan: suppressionsFile: $(Build.SourcesDirectory)\.azure-pipelines\compliance\CredScanSuppressions.json From 34f87e7587ce9a339755f80ffa0419e4083f26be Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 2 Aug 2024 16:10:00 -0700 Subject: [PATCH 04/49] Add TeamName variable --- azure-pipelines/1esmain.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/azure-pipelines/1esmain.yml b/azure-pipelines/1esmain.yml index fb9a658663..0270ea90f3 100644 --- a/azure-pipelines/1esmain.yml +++ b/azure-pipelines/1esmain.yml @@ -1,3 +1,8 @@ +variables: + # Required by MicroBuild template + - name: TeamName + value: "Azure Tools for VS Code" + parameters: # Set this to `true` to use workflow identity federation with ADO service connections # to authenticate this pipeline to run tests that require logging into Azure From c597cb234b1cdb0f0aeb146d2a07505442f3a399 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 2 Aug 2024 16:11:56 -0700 Subject: [PATCH 05/49] remove team name --- azure-pipelines/1esmain.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/azure-pipelines/1esmain.yml b/azure-pipelines/1esmain.yml index 0270ea90f3..fb9a658663 100644 --- a/azure-pipelines/1esmain.yml +++ b/azure-pipelines/1esmain.yml @@ -1,8 +1,3 @@ -variables: - # Required by MicroBuild template - - name: TeamName - value: "Azure Tools for VS Code" - parameters: # Set this to `true` to use workflow identity federation with ADO service connections # to authenticate this pipeline to run tests that require logging into Azure From 8a4c1ddd4d84a1dc981a692c386e0e9cc4a9a925 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Tue, 6 Aug 2024 08:58:29 -0500 Subject: [PATCH 06/49] Add sign step --- azure-pipelines/templates/1espackage.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index bb0f1e6bee..dd97c639c7 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -7,6 +7,12 @@ steps: workingDir: $(working_directory) condition: succeeded() + # Cert 4014052 aka VSCodePublisher cert + - script: | + dotnet $MBSIGN_APPFOLDER/ddsignfiles.dll /file:$(Build.SourcesDirectory)/extension.vsix /certs:4014052 + displayName: Sign VSIX + # condition: and(succeeded(), eq(variables['SigningType'], 'Real')) + - task: CopyFiles@2 displayName: "\U0001F449 Copy packages and vsix to staging directory" inputs: From 9df3746ec4fc753463a3d578e8df6192c5517689 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Tue, 6 Aug 2024 09:08:59 -0500 Subject: [PATCH 07/49] Add install signing plugin task --- azure-pipelines/templates/1espackage.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index dd97c639c7..2304160ed6 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -7,6 +7,14 @@ steps: workingDir: $(working_directory) condition: succeeded() + - task: MicroBuildSigningPlugin@4 + displayName: 'Install Signing Plugin' + inputs: + signType: 'Real' + azureSubscription: 'MicroBuild Signing Task (DevDiv)' + env: + SYSTEM_ACCESSTOKEN: $(System.AccessToken) + # Cert 4014052 aka VSCodePublisher cert - script: | dotnet $MBSIGN_APPFOLDER/ddsignfiles.dll /file:$(Build.SourcesDirectory)/extension.vsix /certs:4014052 From 5e2b357e6f296a4b281904cb986f8040fdd5fd3c Mon Sep 17 00:00:00 2001 From: alexweininger Date: Tue, 6 Aug 2024 09:24:46 -0500 Subject: [PATCH 08/49] enable mb signing toolset --- azure-pipelines/1esstages.yml | 5 +++++ azure-pipelines/templates/1espackage.yml | 14 +++++++------- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/azure-pipelines/1esstages.yml b/azure-pipelines/1esstages.yml index 8f9aa51ea1..92f9bda735 100644 --- a/azure-pipelines/1esstages.yml +++ b/azure-pipelines/1esstages.yml @@ -14,6 +14,11 @@ stages: - ${{ each job in parameters.jobs }}: - job: ${{ job.name }} templateContext: + mb: # Enable the MicroBuild Signing toolset + signing: + enabled: true + signType: real # options are 'real' & 'test' + zipSources: false outputs: - output: pipelineArtifact targetPath: $(build.artifactstagingdirectory)/build/${{ job.name }} diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index 2304160ed6..a655309588 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -7,13 +7,13 @@ steps: workingDir: $(working_directory) condition: succeeded() - - task: MicroBuildSigningPlugin@4 - displayName: 'Install Signing Plugin' - inputs: - signType: 'Real' - azureSubscription: 'MicroBuild Signing Task (DevDiv)' - env: - SYSTEM_ACCESSTOKEN: $(System.AccessToken) + # - task: MicroBuildSigningPlugin@4 + # displayName: 'Install Signing Plugin' + # inputs: + # signType: 'Real' + # azureSubscription: 'MicroBuild Signing Task (DevDiv)' + # env: + # SYSTEM_ACCESSTOKEN: $(System.AccessToken) # Cert 4014052 aka VSCodePublisher cert - script: | From e40af3e270e81e8b926ae4b5f0336d50c75b454c Mon Sep 17 00:00:00 2001 From: alexweininger Date: Tue, 6 Aug 2024 09:57:20 -0500 Subject: [PATCH 09/49] Remove other sign step --- azure-pipelines/templates/1espackage.yml | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index a655309588..bb0f1e6bee 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -7,20 +7,6 @@ steps: workingDir: $(working_directory) condition: succeeded() - # - task: MicroBuildSigningPlugin@4 - # displayName: 'Install Signing Plugin' - # inputs: - # signType: 'Real' - # azureSubscription: 'MicroBuild Signing Task (DevDiv)' - # env: - # SYSTEM_ACCESSTOKEN: $(System.AccessToken) - - # Cert 4014052 aka VSCodePublisher cert - - script: | - dotnet $MBSIGN_APPFOLDER/ddsignfiles.dll /file:$(Build.SourcesDirectory)/extension.vsix /certs:4014052 - displayName: Sign VSIX - # condition: and(succeeded(), eq(variables['SigningType'], 'Real')) - - task: CopyFiles@2 displayName: "\U0001F449 Copy packages and vsix to staging directory" inputs: From 81b5767e42ecc0e989ff4324d0e4a9e8192adab8 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Tue, 6 Aug 2024 10:54:45 -0500 Subject: [PATCH 10/49] edit --- azure-pipelines/templates/1espackage.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index bb0f1e6bee..4ef6d8062e 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -7,11 +7,25 @@ steps: workingDir: $(working_directory) condition: succeeded() + - script: npx @vscode/vsce@latest generate-manifest -i $(Build.SourcesDirectory)/extension.vsix -o $(Build.SourcesDirectory)/extension.manifest + displayName: 'Generate extension manifest' + + - script: cp $(Build.SourcesDirectory)/extension.manifest $(Build.SourcesDirectory)/extension.signature.p7s + displayName: 'Prepare manifest for signing' + + - script: cp $(Build.SourcesDirectory)/extension.manifest $(Build.SourcesDirectory)/extension.signature.p7s + displayName: 'Prepare manifest for signing' + + - script: node $(Build.SourcesDirectory)/build/sign.js + displayName: 'Sign extension manifest' + - task: CopyFiles@2 displayName: "\U0001F449 Copy packages and vsix to staging directory" inputs: Contents: | **/*.vsix + **/*.manifest + **/*.p7s **/*.tar.gz **/*.tgz TargetFolder: "$(build.artifactstagingdirectory)/build/$(artifact_name)" From 2e0ab5d8c5577d7998981c1adac7a4a2cd1e90e0 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Tue, 6 Aug 2024 11:06:23 -0500 Subject: [PATCH 11/49] use copy instead of cp --- azure-pipelines/templates/1espackage.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index 4ef6d8062e..95ef215e26 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -10,10 +10,7 @@ steps: - script: npx @vscode/vsce@latest generate-manifest -i $(Build.SourcesDirectory)/extension.vsix -o $(Build.SourcesDirectory)/extension.manifest displayName: 'Generate extension manifest' - - script: cp $(Build.SourcesDirectory)/extension.manifest $(Build.SourcesDirectory)/extension.signature.p7s - displayName: 'Prepare manifest for signing' - - - script: cp $(Build.SourcesDirectory)/extension.manifest $(Build.SourcesDirectory)/extension.signature.p7s + - script: copy $(Build.SourcesDirectory)/extension.manifest $(Build.SourcesDirectory)/extension.signature.p7s displayName: 'Prepare manifest for signing' - script: node $(Build.SourcesDirectory)/build/sign.js From 19a0d4083f6c9ba5cf123d715bdb76290a4b2739 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Tue, 6 Aug 2024 11:22:06 -0500 Subject: [PATCH 12/49] slash --- azure-pipelines/templates/1espackage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index 95ef215e26..2cfd1dc9e5 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -10,7 +10,7 @@ steps: - script: npx @vscode/vsce@latest generate-manifest -i $(Build.SourcesDirectory)/extension.vsix -o $(Build.SourcesDirectory)/extension.manifest displayName: 'Generate extension manifest' - - script: copy $(Build.SourcesDirectory)/extension.manifest $(Build.SourcesDirectory)/extension.signature.p7s + - script: copy $(Build.SourcesDirectory)\extension.manifest $(Build.SourcesDirectory)\extension.signature.p7s displayName: 'Prepare manifest for signing' - script: node $(Build.SourcesDirectory)/build/sign.js From 795f24c338d4ad6ab62d4c6d6509790360c25c81 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Thu, 22 Aug 2024 09:55:42 -0400 Subject: [PATCH 13/49] Use repo name for vsix --- azure-pipelines/templates/1espackage.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index 2cfd1dc9e5..ed6ccfa33d 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -1,3 +1,7 @@ +variables: +- name: vsixName + value: $(Build.Repository.Name).vsix + steps: - task: Npm@1 displayName: "\U0001F449 Package" @@ -7,7 +11,7 @@ steps: workingDir: $(working_directory) condition: succeeded() - - script: npx @vscode/vsce@latest generate-manifest -i $(Build.SourcesDirectory)/extension.vsix -o $(Build.SourcesDirectory)/extension.manifest + - script: npx @vscode/vsce@latest generate-manifest -i $(variables.vsixName) -o $(Build.SourcesDirectory)/extension.manifest displayName: 'Generate extension manifest' - script: copy $(Build.SourcesDirectory)\extension.manifest $(Build.SourcesDirectory)\extension.signature.p7s From 3dc2d69d95d5f89a88e6d1a94f864ad56f39936b Mon Sep 17 00:00:00 2001 From: alexweininger Date: Thu, 22 Aug 2024 09:56:31 -0400 Subject: [PATCH 14/49] Fixup --- azure-pipelines/templates/1espackage.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index ed6ccfa33d..e6e38980e1 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -1,7 +1,3 @@ -variables: -- name: vsixName - value: $(Build.Repository.Name).vsix - steps: - task: Npm@1 displayName: "\U0001F449 Package" @@ -11,7 +7,7 @@ steps: workingDir: $(working_directory) condition: succeeded() - - script: npx @vscode/vsce@latest generate-manifest -i $(variables.vsixName) -o $(Build.SourcesDirectory)/extension.manifest + - script: npx @vscode/vsce@latest generate-manifest -i $(Build.Repository.Name).vsix -o $(Build.SourcesDirectory)/extension.manifest displayName: 'Generate extension manifest' - script: copy $(Build.SourcesDirectory)\extension.manifest $(Build.SourcesDirectory)\extension.signature.p7s From d23efaa7530a6de436b0c8ac36583f60325854a5 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Thu, 22 Aug 2024 10:22:00 -0400 Subject: [PATCH 15/49] Get version from package.json --- azure-pipelines/templates/1espackage.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index e6e38980e1..84486f43b1 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -7,7 +7,11 @@ steps: workingDir: $(working_directory) condition: succeeded() - - script: npx @vscode/vsce@latest generate-manifest -i $(Build.Repository.Name).vsix -o $(Build.SourcesDirectory)/extension.manifest + # get version from package json and store it in a variable to use later + - script: echo "##vso[task.setvariable variable=version;]$(node -p \"require('./package.json').version\")" + displayName: 'Set version variable' + + - script: npx @vscode/vsce@latest generate-manifest -i $(Build.Repository.Name)-$(version).vsix -o $(Build.SourcesDirectory)/extension.manifest displayName: 'Generate extension manifest' - script: copy $(Build.SourcesDirectory)\extension.manifest $(Build.SourcesDirectory)\extension.signature.p7s From 03c7f2aea7afc7d7098196a2d3de141f60142eb4 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Thu, 22 Aug 2024 11:12:55 -0400 Subject: [PATCH 16/49] fixup --- azure-pipelines/templates/1espackage.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index 84486f43b1..68e5d66107 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -7,9 +7,9 @@ steps: workingDir: $(working_directory) condition: succeeded() - # get version from package json and store it in a variable to use later - - script: echo "##vso[task.setvariable variable=version;]$(node -p \"require('./package.json').version\")" - displayName: 'Set version variable' + - pwsh: Write-Output "##vso[task.setvariable variable=version;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).version)" + name: package + displayName: Get version from package.json - script: npx @vscode/vsce@latest generate-manifest -i $(Build.Repository.Name)-$(version).vsix -o $(Build.SourcesDirectory)/extension.manifest displayName: 'Generate extension manifest' @@ -30,4 +30,4 @@ steps: **/*.tar.gz **/*.tgz TargetFolder: "$(build.artifactstagingdirectory)/build/$(artifact_name)" - condition: and(succeeded(), ne(variables['System.PullRequest.IsFork'], 'True')) + condition: and(succeeded(), ne(variables['System.PullRequest.IsFork'], 'True')) \ No newline at end of file From bf14fadca0808e4e2f76113e8518fb1dee1a4c88 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Thu, 22 Aug 2024 11:19:46 -0400 Subject: [PATCH 17/49] Fixup --- azure-pipelines/templates/1espackage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index 68e5d66107..bfe6444594 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -11,7 +11,7 @@ steps: name: package displayName: Get version from package.json - - script: npx @vscode/vsce@latest generate-manifest -i $(Build.Repository.Name)-$(version).vsix -o $(Build.SourcesDirectory)/extension.manifest + - script: npx @vscode/vsce@latest generate-manifest -i $(Build.Repository.Name)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest displayName: 'Generate extension manifest' - script: copy $(Build.SourcesDirectory)\extension.manifest $(Build.SourcesDirectory)\extension.signature.p7s From 8443c9fb155ebc0633f8fcb59fc2a62921e55b5b Mon Sep 17 00:00:00 2001 From: alexweininger Date: Thu, 22 Aug 2024 11:36:10 -0400 Subject: [PATCH 18/49] Fixup --- azure-pipelines/templates/1espackage.yml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index bfe6444594..2afbea74a8 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -7,11 +7,20 @@ steps: workingDir: $(working_directory) condition: succeeded() + - pwsh: | + $repoName = "$(Build.Repository.Name)" + # Assuming the repo name is in the format 'owner/repoName' + $repoNameOnly = $repoName -split '/' | Select-Object -Last 1 + # Set the pipeline variable + Write-Output "##vso[task.setvariable variable=name;]$repoNameOnly" + displayName: 'Extract and Set Repository Name' + name: repo + - pwsh: Write-Output "##vso[task.setvariable variable=version;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).version)" name: package displayName: Get version from package.json - - script: npx @vscode/vsce@latest generate-manifest -i $(Build.Repository.Name)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest + - script: npx @vscode/vsce@latest generate-manifest -i $(repo.name)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest displayName: 'Generate extension manifest' - script: copy $(Build.SourcesDirectory)\extension.manifest $(Build.SourcesDirectory)\extension.signature.p7s From 13174decc3f79293651ad3f60d2f3dc7410700ab Mon Sep 17 00:00:00 2001 From: alexweininger Date: Thu, 22 Aug 2024 11:46:42 -0400 Subject: [PATCH 19/49] Fixup --- azure-pipelines/templates/1espackage.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index 2afbea74a8..66c17ef415 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -12,15 +12,14 @@ steps: # Assuming the repo name is in the format 'owner/repoName' $repoNameOnly = $repoName -split '/' | Select-Object -Last 1 # Set the pipeline variable - Write-Output "##vso[task.setvariable variable=name;]$repoNameOnly" + Write-Output "##vso[task.setvariable variable=repoName;]$repoNameOnly" displayName: 'Extract and Set Repository Name' - name: repo - pwsh: Write-Output "##vso[task.setvariable variable=version;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).version)" name: package displayName: Get version from package.json - - script: npx @vscode/vsce@latest generate-manifest -i $(repo.name)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest + - script: npx @vscode/vsce@latest generate-manifest -i $(repoName)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest displayName: 'Generate extension manifest' - script: copy $(Build.SourcesDirectory)\extension.manifest $(Build.SourcesDirectory)\extension.signature.p7s From 86d5d90dad3f2b014ff3a027b36ca417fd44a4ee Mon Sep 17 00:00:00 2001 From: alexweininger Date: Thu, 22 Aug 2024 14:03:30 -0400 Subject: [PATCH 20/49] Upload package.json as build artifact --- azure-pipelines/templates/1espackage.yml | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index 66c17ef415..b537307979 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -7,17 +7,13 @@ steps: workingDir: $(working_directory) condition: succeeded() - - pwsh: | - $repoName = "$(Build.Repository.Name)" - # Assuming the repo name is in the format 'owner/repoName' - $repoNameOnly = $repoName -split '/' | Select-Object -Last 1 - # Set the pipeline variable - Write-Output "##vso[task.setvariable variable=repoName;]$repoNameOnly" - displayName: 'Extract and Set Repository Name' + - pwsh: Write-Output "##vso[task.setvariable variable=version;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).name)" + name: name + displayName: Get extension name from package.json - pwsh: Write-Output "##vso[task.setvariable variable=version;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).version)" name: package - displayName: Get version from package.json + displayName: Get extension version from package.json - script: npx @vscode/vsce@latest generate-manifest -i $(repoName)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest displayName: 'Generate extension manifest' @@ -37,5 +33,6 @@ steps: **/*.p7s **/*.tar.gz **/*.tgz + package.json TargetFolder: "$(build.artifactstagingdirectory)/build/$(artifact_name)" condition: and(succeeded(), ne(variables['System.PullRequest.IsFork'], 'True')) \ No newline at end of file From b9d88798c8ea6064e9bedf5336dce24ed78bffab Mon Sep 17 00:00:00 2001 From: alexweininger Date: Thu, 22 Aug 2024 14:12:58 -0400 Subject: [PATCH 21/49] Fixup --- azure-pipelines/templates/1espackage.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index b537307979..f4a77089fb 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -7,15 +7,15 @@ steps: workingDir: $(working_directory) condition: succeeded() - - pwsh: Write-Output "##vso[task.setvariable variable=version;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).name)" - name: name - displayName: Get extension name from package.json + - pwsh: Write-Output "##vso[task.setvariable variable=name;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).name)" + name: repo + displayName: Get extension from package.json - pwsh: Write-Output "##vso[task.setvariable variable=version;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).version)" name: package displayName: Get extension version from package.json - - script: npx @vscode/vsce@latest generate-manifest -i $(repoName)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest + - script: npx @vscode/vsce@latest generate-manifest -i $(package.name)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest displayName: 'Generate extension manifest' - script: copy $(Build.SourcesDirectory)\extension.manifest $(Build.SourcesDirectory)\extension.signature.p7s @@ -33,6 +33,5 @@ steps: **/*.p7s **/*.tar.gz **/*.tgz - package.json TargetFolder: "$(build.artifactstagingdirectory)/build/$(artifact_name)" condition: and(succeeded(), ne(variables['System.PullRequest.IsFork'], 'True')) \ No newline at end of file From 77b8c454cf00e994332a7446e6d0acc45f7dd2dd Mon Sep 17 00:00:00 2001 From: alexweininger Date: Thu, 22 Aug 2024 14:16:05 -0400 Subject: [PATCH 22/49] Upload package.json --- azure-pipelines/templates/1espackage.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index f4a77089fb..eaf1fa9170 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -33,5 +33,6 @@ steps: **/*.p7s **/*.tar.gz **/*.tgz + package.json TargetFolder: "$(build.artifactstagingdirectory)/build/$(artifact_name)" condition: and(succeeded(), ne(variables['System.PullRequest.IsFork'], 'True')) \ No newline at end of file From 8c98d05308644adc2487ab6eca1b20706280d428 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Thu, 22 Aug 2024 14:20:37 -0400 Subject: [PATCH 23/49] Fixup --- azure-pipelines/templates/1espackage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index eaf1fa9170..16eea54fb0 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -15,7 +15,7 @@ steps: name: package displayName: Get extension version from package.json - - script: npx @vscode/vsce@latest generate-manifest -i $(package.name)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest + - script: npx @vscode/vsce@latest generate-manifest -i $(repo.name)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest displayName: 'Generate extension manifest' - script: copy $(Build.SourcesDirectory)\extension.manifest $(Build.SourcesDirectory)\extension.signature.p7s From 94fca886e9c813737579be157337e087d20af4d2 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Thu, 22 Aug 2024 14:23:32 -0400 Subject: [PATCH 24/49] Make it even stronger --- azure-pipelines/templates/1espackage.yml | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index 16eea54fb0..fc07c70d83 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -7,15 +7,13 @@ steps: workingDir: $(working_directory) condition: succeeded() - - pwsh: Write-Output "##vso[task.setvariable variable=name;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).name)" - name: repo - displayName: Get extension from package.json - - - pwsh: Write-Output "##vso[task.setvariable variable=version;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).version)" + - pwsh: | + Write-Output "##vso[task.setvariable variable=name;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).name)" + Write-Output "##vso[task.setvariable variable=version;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).version)" name: package - displayName: Get extension version from package.json + displayName: Get extension info package.json - - script: npx @vscode/vsce@latest generate-manifest -i $(repo.name)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest + - script: npx @vscode/vsce@latest generate-manifest -i $(package.name)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest displayName: 'Generate extension manifest' - script: copy $(Build.SourcesDirectory)\extension.manifest $(Build.SourcesDirectory)\extension.signature.p7s From 0659bed488cadd14b7eff0df087bc108f254c149 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Thu, 22 Aug 2024 15:22:19 -0400 Subject: [PATCH 25/49] Fixes --- azure-pipelines/templates/1espackage.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index fc07c70d83..0b300e0efe 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -11,16 +11,16 @@ steps: Write-Output "##vso[task.setvariable variable=name;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).name)" Write-Output "##vso[task.setvariable variable=version;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).version)" name: package - displayName: Get extension info package.json + displayName: "\U0001F449 Get extension info from package.json" - script: npx @vscode/vsce@latest generate-manifest -i $(package.name)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest - displayName: 'Generate extension manifest' + displayName: "\U0001F449 Generate extension manifest" - script: copy $(Build.SourcesDirectory)\extension.manifest $(Build.SourcesDirectory)\extension.signature.p7s - displayName: 'Prepare manifest for signing' + displayName: "\U0001F449 Prepare manifest for signing" - script: node $(Build.SourcesDirectory)/build/sign.js - displayName: 'Sign extension manifest' + displayName: "\U0001F449 Sign extension manifest" - task: CopyFiles@2 displayName: "\U0001F449 Copy packages and vsix to staging directory" @@ -29,8 +29,8 @@ steps: **/*.vsix **/*.manifest **/*.p7s + package.json **/*.tar.gz **/*.tgz - package.json TargetFolder: "$(build.artifactstagingdirectory)/build/$(artifact_name)" condition: and(succeeded(), ne(variables['System.PullRequest.IsFork'], 'True')) \ No newline at end of file From 2b677158b34213b2f0614df72cb41a73a98ec5ce Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 10:26:45 -0400 Subject: [PATCH 26/49] work --- azure-pipelines/release-extension.yml | 109 +++++++++++++++++++++++ azure-pipelines/templates/1espackage.yml | 8 +- 2 files changed, 115 insertions(+), 2 deletions(-) create mode 100644 azure-pipelines/release-extension.yml diff --git a/azure-pipelines/release-extension.yml b/azure-pipelines/release-extension.yml new file mode 100644 index 0000000000..3915f74339 --- /dev/null +++ b/azure-pipelines/release-extension.yml @@ -0,0 +1,109 @@ +parameters: + - name: PipelineID + displayName: PipelineID of the Build Pipeline to download artifacts from for publishing + type: string + - name: RunID + displayName: RunID of the Build Pipeline to download artifacts from for publishing + type: number + +# `resources` specifies the location of templates to pick up, use it to get 1ES templates +resources: + repositories: + - repository: MicroBuildTemplate + type: git + name: MicroBuildTemplates/MicroBuildTemplates + ref: refs/heads/release + +extends: + template: azure-pipelines/1ES.Official.Publish.yml@MicroBuildTemplate + parameters: + sdl: + credscan: + suppressionsFile: $(Build.SourcesDirectory)\.azure-pipelines\compliance\CredScanSuppressions.json + sourceAnalysisPool: + name: AzurePipelines-EO + image: 1ESPT-Windows2022 + # codeql: + # enabled: true # TODO: would like to enable only on scheduled builds but CodeQL cannot currently be disabled per https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/codeql/1es-codeql + pool: + name: AzurePipelines-EO # Name of your hosted pool + image: 1ESPT-Ubuntu20.04 # Name of the image in your pool. If not specified, first image of the pool is used + os: linux # OS of the image. Allowed values: windows, linux, macOS + stages: + - stage: ReleaseStage + jobs: + - job: ReleaseJob + steps: + trigger: none # Only run this pipeline when manually triggered + +resources: + pipelines: + - pipeline: vscode-azurevirtualmachines # identifier to use in pipeline resource variables + source: \Azure Tools\VSCode\Extensions\vscode-azurevirtualmachines # name of the pipeline that produces the artifacts + +steps: + - checkout: none + + - task: DownloadPipelineArtifact@2 + displayName: Download artifacts from Build pipeline + inputs: + source: specific # download from a different run + project: DevDiv + definition: ${{ parameters.PipelineID }} + buildVersionToDownload: specific + runId: ${{ parameters.RunID }} + artifact: Build Root + targetPath: $(System.DefaultWorkingDirectory) + + - script: npm i -g @vscode/vsce + displayName: "Install vsce" + + - script: | + # Find all .vsix files in the working directory + vsixFiles="$(find $(Build.SourcesDirectory) -maxdepth 1 -type f -name '*.vsix')" + + # Count the number of .vsix files + count=$(echo "$vsixFiles" | wc -l) + + # Check if more than one .vsix file is found. We don't want to accidentially release the wrong .vsix. + if [ "$count" -gt 1 ]; then + echo "More than one .vsix file found. There should be only one .vsix present in the build artifacts." + ls + exit 1 + elif [ "$count" -eq 0 ]; then + echo "No .vsix files found. The pipeline will fail." + ls + exit 1 + else + # Set the pipeline variable + vsixFileName=$(basename "$vsixFiles") + echo "##vso[task.setvariable variable=vsixFileName;]$vsixFileName" + echo "Found .vsix file: $vsixFileName" + fi + displayName: "Find and Set .vsix File Variable" + + - task: AzureCLI@2 + displayName: Run vsce verify-pat + inputs: + azureSubscription: AzCodeReleases + scriptType: pscore + scriptLocation: inlineScript + inlineScript: | + vsce verify-pat ms-azuretools --azure-credential + + # requires package.json to be present + # - task: AzureCLI@2 + # displayName: Run vsce publish + # inputs: + # azureSubscription: AzCodeReleases + # scriptType: pscore + # scriptLocation: inlineScript + # inlineScript: | + # $publishArgs = @( + # '--azure-credential' + # '--packagePath' + # '$(vsixFileName)' + # '--manifestPath extension.manifest' + # '--signaturePath extension.signature.p7s' + # ) + # vsce publish -- @publishArgs diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index 0b300e0efe..450f8c07e8 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -25,11 +25,15 @@ steps: - task: CopyFiles@2 displayName: "\U0001F449 Copy packages and vsix to staging directory" inputs: + # Uploading the package.json so we can publish later without cloning the source + # Files related to signing: + # extension.manifest is the signature file + # extension.signature.p7s is the extension manifest generated by vsce Contents: | **/*.vsix - **/*.manifest - **/*.p7s package.json + extension.manifest + extension.signature.p7s **/*.tar.gz **/*.tgz TargetFolder: "$(build.artifactstagingdirectory)/build/$(artifact_name)" From 5c2d846a00a5a63077c9e37bb5def53d626047b0 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 12:17:46 -0400 Subject: [PATCH 27/49] Sign with MSBuild --- azure-pipelines/templates/1espackage.yml | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index 450f8c07e8..20a3b4e909 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -16,11 +16,17 @@ steps: - script: npx @vscode/vsce@latest generate-manifest -i $(package.name)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest displayName: "\U0001F449 Generate extension manifest" - - script: copy $(Build.SourcesDirectory)\extension.manifest $(Build.SourcesDirectory)\extension.signature.p7s - displayName: "\U0001F449 Prepare manifest for signing" + # - script: copy $(Build.SourcesDirectory)\extension.manifest $(Build.SourcesDirectory)\extension.signature.p7s + # displayName: "\U0001F449 Prepare manifest for signing" - - script: node $(Build.SourcesDirectory)/build/sign.js - displayName: "\U0001F449 Sign extension manifest" + - task: DotNetCoreCLI@2 + displayName: Sign with MSBuild + inputs: + command: 'build' + projects: 'SignExtension.signproj' + + # - script: node $(Build.SourcesDirectory)/build/sign.js + # displayName: "\U0001F449 Sign extension manifest" - task: CopyFiles@2 displayName: "\U0001F449 Copy packages and vsix to staging directory" From 0458a7d3a89d5ec4b065157f7922c99ca5ae66af Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 12:50:21 -0400 Subject: [PATCH 28/49] Organize yaml --- azure-pipelines/1esstages.yml | 16 ++++++++++++++++ azure-pipelines/templates/sign.yml | 15 +++++++++++++++ azure-pipelines/templates/stage-artifacts.yml | 17 +++++++++++++++++ 3 files changed, 48 insertions(+) create mode 100644 azure-pipelines/templates/sign.yml create mode 100644 azure-pipelines/templates/stage-artifacts.yml diff --git a/azure-pipelines/1esstages.yml b/azure-pipelines/1esstages.yml index 92f9bda735..d95dcdf6ab 100644 --- a/azure-pipelines/1esstages.yml +++ b/azure-pipelines/1esstages.yml @@ -27,6 +27,22 @@ stages: - template: ./templates/setup.yml - template: ./templates/build.yml - template: ./templates/1espackage.yml + + # Check if the sign.js file exists and set a variable + - script: | + if [ -f "$(Build.SourcesDirectory)/SignExtension.signproj" ]; then + echo "##vso[task.setvariable variable=signprojExists]true" + else + echo "##vso[task.setvariable variable=signprojExists]false" + fi + name: CheckSignFile + displayName: 'Check for sign.js File' + + # Conditionally include the sign.yml template if the SignExtension.signproj file exists + - ${{ if eq(variables['signprojExists'], 'true') }}: + - template: ./templates/sign.yml + + - template: ./templates/stage-artifacts.yml - template: ./templates/test.yml parameters: useAzureFederatedCredentials: ${{ parameters.useAzureFederatedCredentials }} diff --git a/azure-pipelines/templates/sign.yml b/azure-pipelines/templates/sign.yml new file mode 100644 index 0000000000..cc2c8203d8 --- /dev/null +++ b/azure-pipelines/templates/sign.yml @@ -0,0 +1,15 @@ +steps: + - pwsh: | + Write-Output "##vso[task.setvariable variable=name;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).name)" + Write-Output "##vso[task.setvariable variable=version;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).version)" + name: package + displayName: "\U0001F449 Get extension info from package.json" + + - script: npx @vscode/vsce@latest generate-manifest -i $(package.name)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest + displayName: "\U0001F449 Generate extension manifest" + + - task: DotNetCoreCLI@2 + displayName: "\U0001F449 Sign with MSBuild" + inputs: + command: 'build' + projects: 'SignExtension.signproj' \ No newline at end of file diff --git a/azure-pipelines/templates/stage-artifacts.yml b/azure-pipelines/templates/stage-artifacts.yml new file mode 100644 index 0000000000..68c855490a --- /dev/null +++ b/azure-pipelines/templates/stage-artifacts.yml @@ -0,0 +1,17 @@ +steps: + - task: CopyFiles@2 + displayName: "\U0001F449 Copy packages and vsix to staging directory" + inputs: + # Uploading the package.json so we can publish later without cloning the source + # Files related to signing: + # extension.manifest is the signature file + # extension.signature.p7s is the extension manifest generated by vsce + Contents: | + **/*.vsix + package.json + extension.manifest + extension.signature.p7s + **/*.tar.gz + **/*.tgz + TargetFolder: "$(build.artifactstagingdirectory)/build/$(artifact_name)" + condition: and(succeeded(), ne(variables['System.PullRequest.IsFork'], 'True')) \ No newline at end of file From 3456fe21622096532d4c97bb03a9eb8a34e96873 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 12:50:44 -0400 Subject: [PATCH 29/49] Fixup --- azure-pipelines/templates/1espackage.yml | 56 ++++++++++++------------ 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index 20a3b4e909..82eac981bb 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -7,40 +7,40 @@ steps: workingDir: $(working_directory) condition: succeeded() - - pwsh: | - Write-Output "##vso[task.setvariable variable=name;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).name)" - Write-Output "##vso[task.setvariable variable=version;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).version)" - name: package - displayName: "\U0001F449 Get extension info from package.json" + # - pwsh: | + # Write-Output "##vso[task.setvariable variable=name;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).name)" + # Write-Output "##vso[task.setvariable variable=version;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).version)" + # name: package + # displayName: "\U0001F449 Get extension info from package.json" - - script: npx @vscode/vsce@latest generate-manifest -i $(package.name)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest - displayName: "\U0001F449 Generate extension manifest" + # - script: npx @vscode/vsce@latest generate-manifest -i $(package.name)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest + # displayName: "\U0001F449 Generate extension manifest" # - script: copy $(Build.SourcesDirectory)\extension.manifest $(Build.SourcesDirectory)\extension.signature.p7s # displayName: "\U0001F449 Prepare manifest for signing" - - task: DotNetCoreCLI@2 - displayName: Sign with MSBuild - inputs: - command: 'build' - projects: 'SignExtension.signproj' + # - task: DotNetCoreCLI@2 + # displayName: Sign with MSBuild + # inputs: + # command: 'build' + # projects: 'SignExtension.signproj' # - script: node $(Build.SourcesDirectory)/build/sign.js # displayName: "\U0001F449 Sign extension manifest" - - task: CopyFiles@2 - displayName: "\U0001F449 Copy packages and vsix to staging directory" - inputs: - # Uploading the package.json so we can publish later without cloning the source - # Files related to signing: - # extension.manifest is the signature file - # extension.signature.p7s is the extension manifest generated by vsce - Contents: | - **/*.vsix - package.json - extension.manifest - extension.signature.p7s - **/*.tar.gz - **/*.tgz - TargetFolder: "$(build.artifactstagingdirectory)/build/$(artifact_name)" - condition: and(succeeded(), ne(variables['System.PullRequest.IsFork'], 'True')) \ No newline at end of file + # - task: CopyFiles@2 + # displayName: "\U0001F449 Copy packages and vsix to staging directory" + # inputs: + # # Uploading the package.json so we can publish later without cloning the source + # # Files related to signing: + # # extension.manifest is the signature file + # # extension.signature.p7s is the extension manifest generated by vsce + # Contents: | + # **/*.vsix + # package.json + # extension.manifest + # extension.signature.p7s + # **/*.tar.gz + # **/*.tgz + # TargetFolder: "$(build.artifactstagingdirectory)/build/$(artifact_name)" + # condition: and(succeeded(), ne(variables['System.PullRequest.IsFork'], 'True')) \ No newline at end of file From 86d0804f2c5ddb742e244ddcf5be3126ab9213bc Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 12:58:00 -0400 Subject: [PATCH 30/49] use bash --- azure-pipelines/1esstages.yml | 2 +- azure-pipelines/templates/sign.yml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/azure-pipelines/1esstages.yml b/azure-pipelines/1esstages.yml index d95dcdf6ab..f0ab40b82d 100644 --- a/azure-pipelines/1esstages.yml +++ b/azure-pipelines/1esstages.yml @@ -29,7 +29,7 @@ stages: - template: ./templates/1espackage.yml # Check if the sign.js file exists and set a variable - - script: | + - bash: | if [ -f "$(Build.SourcesDirectory)/SignExtension.signproj" ]; then echo "##vso[task.setvariable variable=signprojExists]true" else diff --git a/azure-pipelines/templates/sign.yml b/azure-pipelines/templates/sign.yml index cc2c8203d8..afdb1d7ed4 100644 --- a/azure-pipelines/templates/sign.yml +++ b/azure-pipelines/templates/sign.yml @@ -1,4 +1,5 @@ steps: + # put the extension name and version from the package.json into variables to use later. Variables can be used in later steps as $(package.name) and $(package.version) - pwsh: | Write-Output "##vso[task.setvariable variable=name;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).name)" Write-Output "##vso[task.setvariable variable=version;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).version)" From 50c32948677209a65c2640c7ec1ddadf16f5bbca Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 12:59:30 -0400 Subject: [PATCH 31/49] Use powershell --- azure-pipelines/1esstages.yml | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/azure-pipelines/1esstages.yml b/azure-pipelines/1esstages.yml index f0ab40b82d..21378cbb12 100644 --- a/azure-pipelines/1esstages.yml +++ b/azure-pipelines/1esstages.yml @@ -28,15 +28,16 @@ stages: - template: ./templates/build.yml - template: ./templates/1espackage.yml - # Check if the sign.js file exists and set a variable - - bash: | - if [ -f "$(Build.SourcesDirectory)/SignExtension.signproj" ]; then - echo "##vso[task.setvariable variable=signprojExists]true" - else - echo "##vso[task.setvariable variable=signprojExists]false" - fi + # Check if the SignExtension.signproj file exists and set a variable using PowerShell + - powershell: | + $filePath = "$(Build.SourcesDirectory)\SignExtension.signproj" + if (Test-Path $filePath) { + Write-Output "##vso[task.setvariable variable=signprojExists]true" + } else { + Write-Output "##vso[task.setvariable variable=signprojExists]false" + } name: CheckSignFile - displayName: 'Check for sign.js File' + displayName: 'Check for SignExtension.signproj File' # Conditionally include the sign.yml template if the SignExtension.signproj file exists - ${{ if eq(variables['signprojExists'], 'true') }}: From ba28c81a418be837a60bdf949150cb2b0f9cbe3b Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 13:06:45 -0400 Subject: [PATCH 32/49] Fixup --- azure-pipelines/1esstages.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/azure-pipelines/1esstages.yml b/azure-pipelines/1esstages.yml index 21378cbb12..d05affc82d 100644 --- a/azure-pipelines/1esstages.yml +++ b/azure-pipelines/1esstages.yml @@ -33,8 +33,10 @@ stages: $filePath = "$(Build.SourcesDirectory)\SignExtension.signproj" if (Test-Path $filePath) { Write-Output "##vso[task.setvariable variable=signprojExists]true" + Write-Output "SignExtension.signproj file found. Signing extension." } else { Write-Output "##vso[task.setvariable variable=signprojExists]false" + Write-Output "SignExtension.signproj file not found. Skipping signing." } name: CheckSignFile displayName: 'Check for SignExtension.signproj File' From 3474d7c638e5500c3f6c892eddb4ecbcbbaa90bc Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 13:07:40 -0400 Subject: [PATCH 33/49] Fixup --- azure-pipelines/1esstages.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/azure-pipelines/1esstages.yml b/azure-pipelines/1esstages.yml index d05affc82d..8c8902deca 100644 --- a/azure-pipelines/1esstages.yml +++ b/azure-pipelines/1esstages.yml @@ -31,6 +31,7 @@ stages: # Check if the SignExtension.signproj file exists and set a variable using PowerShell - powershell: | $filePath = "$(Build.SourcesDirectory)\SignExtension.signproj" + dir $(Build.SourcesDirectory) if (Test-Path $filePath) { Write-Output "##vso[task.setvariable variable=signprojExists]true" Write-Output "SignExtension.signproj file found. Signing extension." From 7bc1a93691263c87fc5d73981d43a87108a33152 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 13:19:17 -0400 Subject: [PATCH 34/49] Fixup --- azure-pipelines/1esstages.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/azure-pipelines/1esstages.yml b/azure-pipelines/1esstages.yml index 8c8902deca..a1a63c7350 100644 --- a/azure-pipelines/1esstages.yml +++ b/azure-pipelines/1esstages.yml @@ -39,7 +39,6 @@ stages: Write-Output "##vso[task.setvariable variable=signprojExists]false" Write-Output "SignExtension.signproj file not found. Skipping signing." } - name: CheckSignFile displayName: 'Check for SignExtension.signproj File' # Conditionally include the sign.yml template if the SignExtension.signproj file exists From ef0032cfff0da1204c3e55eab98f7ed2b148c9d4 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 13:27:56 -0400 Subject: [PATCH 35/49] Fixup --- azure-pipelines/1esstages.yml | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/azure-pipelines/1esstages.yml b/azure-pipelines/1esstages.yml index a1a63c7350..a5771bf89a 100644 --- a/azure-pipelines/1esstages.yml +++ b/azure-pipelines/1esstages.yml @@ -25,13 +25,10 @@ stages: artifactName: Build ${{ job.name }} steps: - template: ./templates/setup.yml - - template: ./templates/build.yml - - template: ./templates/1espackage.yml # Check if the SignExtension.signproj file exists and set a variable using PowerShell - powershell: | $filePath = "$(Build.SourcesDirectory)\SignExtension.signproj" - dir $(Build.SourcesDirectory) if (Test-Path $filePath) { Write-Output "##vso[task.setvariable variable=signprojExists]true" Write-Output "SignExtension.signproj file found. Signing extension." @@ -41,6 +38,15 @@ stages: } displayName: 'Check for SignExtension.signproj File' + # Debug: Output the value of signprojExists variable + - script: | + echo "signprojExists value is: $(signprojExists)" + displayName: 'Debug: Output signprojExists Variable' + + - template: ./templates/build.yml + + - template: ./templates/1espackage.yml + # Conditionally include the sign.yml template if the SignExtension.signproj file exists - ${{ if eq(variables['signprojExists'], 'true') }}: - template: ./templates/sign.yml From 91d8744f4ca8fb05e333c576c8d1ccca248ecd30 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 13:36:40 -0400 Subject: [PATCH 36/49] Fixup --- azure-pipelines/1esstages.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/azure-pipelines/1esstages.yml b/azure-pipelines/1esstages.yml index a5771bf89a..a00a9db953 100644 --- a/azure-pipelines/1esstages.yml +++ b/azure-pipelines/1esstages.yml @@ -28,12 +28,12 @@ stages: # Check if the SignExtension.signproj file exists and set a variable using PowerShell - powershell: | - $filePath = "$(Build.SourcesDirectory)\SignExtension.signproj" - if (Test-Path $filePath) { - Write-Output "##vso[task.setvariable variable=signprojExists]true" + $fileExists = Test-Path -Path "$(Build.SourcesDirectory)/SignExtension.signproj" + Write-Output "##vso[task.setvariable variable=signprojExists]$fileExists" + + if ($fileExists) { Write-Output "SignExtension.signproj file found. Signing extension." } else { - Write-Output "##vso[task.setvariable variable=signprojExists]false" Write-Output "SignExtension.signproj file not found. Skipping signing." } displayName: 'Check for SignExtension.signproj File' @@ -48,7 +48,7 @@ stages: - template: ./templates/1espackage.yml # Conditionally include the sign.yml template if the SignExtension.signproj file exists - - ${{ if eq(variables['signprojExists'], 'true') }}: + - ${{ if eq(variables['signprojExists'], True) }}: - template: ./templates/sign.yml - template: ./templates/stage-artifacts.yml From 35a23640c4b893e818118e94226dd693d8883b1e Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 13:43:59 -0400 Subject: [PATCH 37/49] Fixup --- azure-pipelines/1esstages.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/azure-pipelines/1esstages.yml b/azure-pipelines/1esstages.yml index a00a9db953..5c55e47ba8 100644 --- a/azure-pipelines/1esstages.yml +++ b/azure-pipelines/1esstages.yml @@ -47,9 +47,8 @@ stages: - template: ./templates/1espackage.yml - # Conditionally include the sign.yml template if the SignExtension.signproj file exists - - ${{ if eq(variables['signprojExists'], True) }}: - - template: ./templates/sign.yml + - template: ./templates/sign.yml + condition: eq(variables['signprojExists'], True) - template: ./templates/stage-artifacts.yml - template: ./templates/test.yml From f4d1e55779bd1ee9fad9b7e340a652622fe0808e Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 13:46:19 -0400 Subject: [PATCH 38/49] Fixup --- azure-pipelines/1esstages.yml | 22 ---------------------- azure-pipelines/templates/sign.yml | 18 +++++++++++++++++- 2 files changed, 17 insertions(+), 23 deletions(-) diff --git a/azure-pipelines/1esstages.yml b/azure-pipelines/1esstages.yml index 5c55e47ba8..fc33e8fe4f 100644 --- a/azure-pipelines/1esstages.yml +++ b/azure-pipelines/1esstages.yml @@ -25,31 +25,9 @@ stages: artifactName: Build ${{ job.name }} steps: - template: ./templates/setup.yml - - # Check if the SignExtension.signproj file exists and set a variable using PowerShell - - powershell: | - $fileExists = Test-Path -Path "$(Build.SourcesDirectory)/SignExtension.signproj" - Write-Output "##vso[task.setvariable variable=signprojExists]$fileExists" - - if ($fileExists) { - Write-Output "SignExtension.signproj file found. Signing extension." - } else { - Write-Output "SignExtension.signproj file not found. Skipping signing." - } - displayName: 'Check for SignExtension.signproj File' - - # Debug: Output the value of signprojExists variable - - script: | - echo "signprojExists value is: $(signprojExists)" - displayName: 'Debug: Output signprojExists Variable' - - template: ./templates/build.yml - - template: ./templates/1espackage.yml - - template: ./templates/sign.yml - condition: eq(variables['signprojExists'], True) - - template: ./templates/stage-artifacts.yml - template: ./templates/test.yml parameters: diff --git a/azure-pipelines/templates/sign.yml b/azure-pipelines/templates/sign.yml index afdb1d7ed4..3e8ed4d54c 100644 --- a/azure-pipelines/templates/sign.yml +++ b/azure-pipelines/templates/sign.yml @@ -1,16 +1,32 @@ steps: + + # Check if the SignExtension.signproj file exists and set a variable using PowerShell + - powershell: | + $fileExists = Test-Path -Path "$(Build.SourcesDirectory)/SignExtension.signproj" + Write-Output "##vso[task.setvariable variable=signprojExists]$fileExists" + + if ($fileExists) { + Write-Output "SignExtension.signproj file found. Signing extension." + } else { + Write-Output "SignExtension.signproj file not found. Skipping signing." + } + displayName: 'Check for SignExtension.signproj File' + # put the extension name and version from the package.json into variables to use later. Variables can be used in later steps as $(package.name) and $(package.version) - pwsh: | Write-Output "##vso[task.setvariable variable=name;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).name)" Write-Output "##vso[task.setvariable variable=version;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).version)" name: package displayName: "\U0001F449 Get extension info from package.json" + condition: eq(variables['signprojExists'], True) - script: npx @vscode/vsce@latest generate-manifest -i $(package.name)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest displayName: "\U0001F449 Generate extension manifest" + condition: eq(variables['signprojExists'], True) - task: DotNetCoreCLI@2 + condition: eq(variables['signprojExists'], True) displayName: "\U0001F449 Sign with MSBuild" inputs: command: 'build' - projects: 'SignExtension.signproj' \ No newline at end of file + projects: 'SignExtension.signproj' From badb15955b9d910ffb8d5a78a990c1176dd45a58 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 13:59:56 -0400 Subject: [PATCH 39/49] Fixup --- azure-pipelines/templates/sign.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/azure-pipelines/templates/sign.yml b/azure-pipelines/templates/sign.yml index 3e8ed4d54c..22a9321a29 100644 --- a/azure-pipelines/templates/sign.yml +++ b/azure-pipelines/templates/sign.yml @@ -1,6 +1,6 @@ steps: - # Check if the SignExtension.signproj file exists and set a variable using PowerShell + # All other steps in this template will only run if the file exists - powershell: | $fileExists = Test-Path -Path "$(Build.SourcesDirectory)/SignExtension.signproj" Write-Output "##vso[task.setvariable variable=signprojExists]$fileExists" @@ -16,13 +16,13 @@ steps: - pwsh: | Write-Output "##vso[task.setvariable variable=name;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).name)" Write-Output "##vso[task.setvariable variable=version;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).version)" + condition: eq(variables['signprojExists'], True) name: package displayName: "\U0001F449 Get extension info from package.json" - condition: eq(variables['signprojExists'], True) - script: npx @vscode/vsce@latest generate-manifest -i $(package.name)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest - displayName: "\U0001F449 Generate extension manifest" condition: eq(variables['signprojExists'], True) + displayName: "\U0001F449 Generate extension manifest" - task: DotNetCoreCLI@2 condition: eq(variables['signprojExists'], True) From 9de63e9426ff198bb76ef9ed3e3d937a4b8b8aa9 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 14:00:48 -0400 Subject: [PATCH 40/49] Remove --- azure-pipelines/release-extension.yml | 109 -------------------------- 1 file changed, 109 deletions(-) delete mode 100644 azure-pipelines/release-extension.yml diff --git a/azure-pipelines/release-extension.yml b/azure-pipelines/release-extension.yml deleted file mode 100644 index 3915f74339..0000000000 --- a/azure-pipelines/release-extension.yml +++ /dev/null @@ -1,109 +0,0 @@ -parameters: - - name: PipelineID - displayName: PipelineID of the Build Pipeline to download artifacts from for publishing - type: string - - name: RunID - displayName: RunID of the Build Pipeline to download artifacts from for publishing - type: number - -# `resources` specifies the location of templates to pick up, use it to get 1ES templates -resources: - repositories: - - repository: MicroBuildTemplate - type: git - name: MicroBuildTemplates/MicroBuildTemplates - ref: refs/heads/release - -extends: - template: azure-pipelines/1ES.Official.Publish.yml@MicroBuildTemplate - parameters: - sdl: - credscan: - suppressionsFile: $(Build.SourcesDirectory)\.azure-pipelines\compliance\CredScanSuppressions.json - sourceAnalysisPool: - name: AzurePipelines-EO - image: 1ESPT-Windows2022 - # codeql: - # enabled: true # TODO: would like to enable only on scheduled builds but CodeQL cannot currently be disabled per https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/codeql/1es-codeql - pool: - name: AzurePipelines-EO # Name of your hosted pool - image: 1ESPT-Ubuntu20.04 # Name of the image in your pool. If not specified, first image of the pool is used - os: linux # OS of the image. Allowed values: windows, linux, macOS - stages: - - stage: ReleaseStage - jobs: - - job: ReleaseJob - steps: - trigger: none # Only run this pipeline when manually triggered - -resources: - pipelines: - - pipeline: vscode-azurevirtualmachines # identifier to use in pipeline resource variables - source: \Azure Tools\VSCode\Extensions\vscode-azurevirtualmachines # name of the pipeline that produces the artifacts - -steps: - - checkout: none - - - task: DownloadPipelineArtifact@2 - displayName: Download artifacts from Build pipeline - inputs: - source: specific # download from a different run - project: DevDiv - definition: ${{ parameters.PipelineID }} - buildVersionToDownload: specific - runId: ${{ parameters.RunID }} - artifact: Build Root - targetPath: $(System.DefaultWorkingDirectory) - - - script: npm i -g @vscode/vsce - displayName: "Install vsce" - - - script: | - # Find all .vsix files in the working directory - vsixFiles="$(find $(Build.SourcesDirectory) -maxdepth 1 -type f -name '*.vsix')" - - # Count the number of .vsix files - count=$(echo "$vsixFiles" | wc -l) - - # Check if more than one .vsix file is found. We don't want to accidentially release the wrong .vsix. - if [ "$count" -gt 1 ]; then - echo "More than one .vsix file found. There should be only one .vsix present in the build artifacts." - ls - exit 1 - elif [ "$count" -eq 0 ]; then - echo "No .vsix files found. The pipeline will fail." - ls - exit 1 - else - # Set the pipeline variable - vsixFileName=$(basename "$vsixFiles") - echo "##vso[task.setvariable variable=vsixFileName;]$vsixFileName" - echo "Found .vsix file: $vsixFileName" - fi - displayName: "Find and Set .vsix File Variable" - - - task: AzureCLI@2 - displayName: Run vsce verify-pat - inputs: - azureSubscription: AzCodeReleases - scriptType: pscore - scriptLocation: inlineScript - inlineScript: | - vsce verify-pat ms-azuretools --azure-credential - - # requires package.json to be present - # - task: AzureCLI@2 - # displayName: Run vsce publish - # inputs: - # azureSubscription: AzCodeReleases - # scriptType: pscore - # scriptLocation: inlineScript - # inlineScript: | - # $publishArgs = @( - # '--azure-credential' - # '--packagePath' - # '$(vsixFileName)' - # '--manifestPath extension.manifest' - # '--signaturePath extension.signature.p7s' - # ) - # vsce publish -- @publishArgs From 217c108f2ef6848c6bad8ae74c7c86d8b3852d82 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 14:01:18 -0400 Subject: [PATCH 41/49] Remove comments --- azure-pipelines/templates/1espackage.yml | 40 +----------------------- 1 file changed, 1 insertion(+), 39 deletions(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index 82eac981bb..8ccbd85c9d 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -5,42 +5,4 @@ steps: command: custom customCommand: run package workingDir: $(working_directory) - condition: succeeded() - - # - pwsh: | - # Write-Output "##vso[task.setvariable variable=name;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).name)" - # Write-Output "##vso[task.setvariable variable=version;isOutput=true]$((Get-Content -Raw -Path package.json | ConvertFrom-Json).version)" - # name: package - # displayName: "\U0001F449 Get extension info from package.json" - - # - script: npx @vscode/vsce@latest generate-manifest -i $(package.name)-$(package.version).vsix -o $(Build.SourcesDirectory)/extension.manifest - # displayName: "\U0001F449 Generate extension manifest" - - # - script: copy $(Build.SourcesDirectory)\extension.manifest $(Build.SourcesDirectory)\extension.signature.p7s - # displayName: "\U0001F449 Prepare manifest for signing" - - # - task: DotNetCoreCLI@2 - # displayName: Sign with MSBuild - # inputs: - # command: 'build' - # projects: 'SignExtension.signproj' - - # - script: node $(Build.SourcesDirectory)/build/sign.js - # displayName: "\U0001F449 Sign extension manifest" - - # - task: CopyFiles@2 - # displayName: "\U0001F449 Copy packages and vsix to staging directory" - # inputs: - # # Uploading the package.json so we can publish later without cloning the source - # # Files related to signing: - # # extension.manifest is the signature file - # # extension.signature.p7s is the extension manifest generated by vsce - # Contents: | - # **/*.vsix - # package.json - # extension.manifest - # extension.signature.p7s - # **/*.tar.gz - # **/*.tgz - # TargetFolder: "$(build.artifactstagingdirectory)/build/$(artifact_name)" - # condition: and(succeeded(), ne(variables['System.PullRequest.IsFork'], 'True')) \ No newline at end of file + condition: succeeded() \ No newline at end of file From f32608d6905999c57c5e3b07819aa5e515ec09a6 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 14:01:39 -0400 Subject: [PATCH 42/49] Fixup --- azure-pipelines/templates/1espackage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines/templates/1espackage.yml b/azure-pipelines/templates/1espackage.yml index 8ccbd85c9d..39e8505558 100644 --- a/azure-pipelines/templates/1espackage.yml +++ b/azure-pipelines/templates/1espackage.yml @@ -5,4 +5,4 @@ steps: command: custom customCommand: run package workingDir: $(working_directory) - condition: succeeded() \ No newline at end of file + condition: succeeded() From 2041d827238caebe57c18f35a1b7e906a561c2ff Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 14:07:31 -0400 Subject: [PATCH 43/49] Fixup --- azure-pipelines/templates/sign.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines/templates/sign.yml b/azure-pipelines/templates/sign.yml index 22a9321a29..0432c69f0e 100644 --- a/azure-pipelines/templates/sign.yml +++ b/azure-pipelines/templates/sign.yml @@ -10,7 +10,7 @@ steps: } else { Write-Output "SignExtension.signproj file not found. Skipping signing." } - displayName: 'Check for SignExtension.signproj File' + displayName: "\U0001F449 Check for SignExtension.signproj File" # put the extension name and version from the package.json into variables to use later. Variables can be used in later steps as $(package.name) and $(package.version) - pwsh: | From 398bf243ec9210c890d9f141b172e8ab79adedf4 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 14:09:53 -0400 Subject: [PATCH 44/49] Define variable --- azure-pipelines/1esmain.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/azure-pipelines/1esmain.yml b/azure-pipelines/1esmain.yml index fb9a658663..1cf6be4c56 100644 --- a/azure-pipelines/1esmain.yml +++ b/azure-pipelines/1esmain.yml @@ -7,6 +7,11 @@ parameters: type: boolean default: false +variables: + # Required by MicroBuild template + - name: TeamName + value: "Azure Tools for VS Code" + # `resources` specifies the location of templates to pick up, use it to get 1ES templates resources: repositories: From f3276fb13bfbe2a162794d44c427c5a11f36a112 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 14:11:08 -0400 Subject: [PATCH 45/49] Try this --- azure-pipelines/1esmain.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/azure-pipelines/1esmain.yml b/azure-pipelines/1esmain.yml index 1cf6be4c56..caca89809b 100644 --- a/azure-pipelines/1esmain.yml +++ b/azure-pipelines/1esmain.yml @@ -7,11 +7,6 @@ parameters: type: boolean default: false -variables: - # Required by MicroBuild template - - name: TeamName - value: "Azure Tools for VS Code" - # `resources` specifies the location of templates to pick up, use it to get 1ES templates resources: repositories: @@ -37,3 +32,7 @@ extends: - template: ./1esstages.yml parameters: useAzureFederatedCredentials: ${{ parameters.useAzureFederatedCredentials }} + variables: + # Required by MicroBuild template + - name: TeamName + value: "Azure Tools for VS Code" \ No newline at end of file From 57215daeaa88b8bcdeac3d0a0f59531aa3df022b Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 14:12:16 -0400 Subject: [PATCH 46/49] Undo --- azure-pipelines/1esmain.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/azure-pipelines/1esmain.yml b/azure-pipelines/1esmain.yml index caca89809b..486e244749 100644 --- a/azure-pipelines/1esmain.yml +++ b/azure-pipelines/1esmain.yml @@ -31,8 +31,4 @@ extends: # Execute stages from the AzExt stages template - template: ./1esstages.yml parameters: - useAzureFederatedCredentials: ${{ parameters.useAzureFederatedCredentials }} - variables: - # Required by MicroBuild template - - name: TeamName - value: "Azure Tools for VS Code" \ No newline at end of file + useAzureFederatedCredentials: ${{ parameters.useAzureFederatedCredentials }} \ No newline at end of file From 205aa2e3c82ff2f82a1cfe43f13798d74b1bb1e2 Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 14:15:05 -0400 Subject: [PATCH 47/49] Edit readme --- azure-pipelines/README.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/azure-pipelines/README.md b/azure-pipelines/README.md index 6523a5bd18..053f30ad0f 100644 --- a/azure-pipelines/README.md +++ b/azure-pipelines/README.md @@ -44,9 +44,22 @@ resources: ref: main endpoint: GitHub-AzureTools # The service connection to use when accessing this repository +parameters: + - name: enableLongRunningTests + displayName: Enable Long Running Tests + type: boolean + default: true + +variables: + # Required by MicroBuild template + - name: TeamName + value: "Azure Tools for VS Code" + # Use those templates extends: template: azure-pipelines/1esmain.yml@azExtTemplates + parameters: + useAzureFederatedCredentials: ${{ parameters.enableLongRunningTests }} ``` ### (DEPRECATED) Primary pipelines From 68b29a4fd9fc4f8b257a5975a26f9393f965ec9f Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 15:21:43 -0400 Subject: [PATCH 48/49] Try moving csproj --- azure-pipelines/templates/sign.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azure-pipelines/templates/sign.yml b/azure-pipelines/templates/sign.yml index 0432c69f0e..a49bf32b8c 100644 --- a/azure-pipelines/templates/sign.yml +++ b/azure-pipelines/templates/sign.yml @@ -2,7 +2,7 @@ steps: # Check if the SignExtension.signproj file exists and set a variable using PowerShell # All other steps in this template will only run if the file exists - powershell: | - $fileExists = Test-Path -Path "$(Build.SourcesDirectory)/SignExtension.signproj" + $fileExists = Test-Path -Path "$(Build.SourcesDirectory)/.azure-pipelines/SignExtension.signproj" Write-Output "##vso[task.setvariable variable=signprojExists]$fileExists" if ($fileExists) { @@ -29,4 +29,4 @@ steps: displayName: "\U0001F449 Sign with MSBuild" inputs: command: 'build' - projects: 'SignExtension.signproj' + projects: $(Build.SourcesDirectory)/.azure-pipelines/SignExtension.signproj From fa0a985dac8676a755bbdd11622baf27fe558afc Mon Sep 17 00:00:00 2001 From: alexweininger Date: Fri, 23 Aug 2024 15:43:26 -0400 Subject: [PATCH 49/49] Update instructions --- azure-pipelines/README.md | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/azure-pipelines/README.md b/azure-pipelines/README.md index 053f30ad0f..2c8ae39065 100644 --- a/azure-pipelines/README.md +++ b/azure-pipelines/README.md @@ -62,6 +62,40 @@ extends: useAzureFederatedCredentials: ${{ parameters.enableLongRunningTests }} ``` +6. To enable extension signing, add a `SignExtension.signproj` file in the `.azure-pipelines` folder with the following contents: + +```xml + + + + net8.0 + + + + + + VSCodePublisher + + + + + + runtime; build; native; contentfiles; analyzers; buildtransitive + all + + + + + + + + + + + +``` + ### (DEPRECATED) Primary pipelines To use these base pipeline templates: