diff --git a/.azuredevops/BuildAndTest.yml b/.azuredevops/BuildAndTest.yml new file mode 100644 index 00000000..8d708482 --- /dev/null +++ b/.azuredevops/BuildAndTest.yml @@ -0,0 +1,53 @@ +parameters: +- name: buildConfigs + type: object + default: + - pool: + name: Azure-Pipelines-1ESPT-ExDShared + image: windows-latest + os: windows + - pool: + name: Azure-Pipelines-1ESPT-ExDShared + image: ubuntu-latest + os: linux + - pool: + name: Azure Pipelines + image: macOS-latest + os: macOS + +stages: +- stage: build + displayName: Build And Test + jobs: + - ${{ each config in parameters.buildConfigs }}: + - job: build_${{ config.pool.os }} + displayName: Building and Testing on ${{ config.pool.os }} + pool: + name: ${{ config.pool.name }} + image: ${{ config.pool.image }} + os: ${{ config.pool.os }} + steps: + - checkout: self + - task: UseDotNet@2 + displayName: Use .NET Core sdk 8.x + inputs: + version: 8.x + - task: DotNetCoreCLI@2 + displayName: Install dependencies + inputs: + command: restore + feedsToUse: select + vstsFeed: Office + includeNuGetOrg: false + # 1ES PT requires explicit build task for Roslyn analysis. Auto-injected Roslyn task will use build logs from this build. + - task: DotNetCoreCLI@2 + displayName: Build projects + inputs: + command: 'build' + arguments: --no-restore + projects: '**/*.csproj' + - task: DotNetCoreCLI@2 + displayName: Test + inputs: + command: test + arguments: --no-restore --no-build --verbosity normal \ No newline at end of file diff --git a/.azuredevops/ci.yml b/.azuredevops/ci.yml new file mode 100644 index 00000000..6b619b67 --- /dev/null +++ b/.azuredevops/ci.yml @@ -0,0 +1,42 @@ +# This pipeline will be triggered when either main branch is pushed or 2AM on workdays. +variables: + - name: tags + value: "production" + readonly: true + +trigger: + branches: + include: + - main + batch: true + +schedules: +- cron: 0 2 * * 1-5 + branches: + include: + - main + +resources: + repositories: + - repository: CustomPipelineTemplates + type: git + name: 1ESPipelineTemplates/OfficePipelineTemplates + ref: refs/tags/release + +extends: + template: v1/Office.Official.PipelineTemplate.yml@OfficePipelineTemplates + parameters: + pool: + name: Azure-Pipelines-1ESPT-ExDShared + image: ubuntu-latest + os: linux + sdl: + sourceAnalysisPool: + name: Azure-Pipelines-1ESPT-ExDShared + image: windows-latest + os: windows + # This prevents auto-injected Roslyn task from running the build again. + roslyn: + copyLogsOnly: true + stages: + - template: BuildAndTest.yml \ No newline at end of file diff --git a/.azuredevops/pr.yml b/.azuredevops/pr.yml new file mode 100644 index 00000000..3e6595a7 --- /dev/null +++ b/.azuredevops/pr.yml @@ -0,0 +1,32 @@ +pr: +- main + +resources: + repositories: + - repository: OfficePipelineTemplates + type: git + name: 1ESPipelineTemplates/OfficePipelineTemplates + ref: refs/tags/release + +extends: + template: v1/Office.Unofficial.PipelineTemplate.yml@OfficePipelineTemplates + parameters: + pool: + name: Azure-Pipelines-1ESPT-ExDShared + image: ubuntu-latest + os: linux + sdl: + sourceAnalysisPool: + name: Azure-Pipelines-1ESPT-ExDShared + image: windows-latest + os: windows + # This prevents auto-injected Roslyn task from running the build again. + roslyn: + copyLogsOnly: true + codeql: + compiled: + enabled: true + break: true + analyzeInPipeline: true + stages: + - template: BuildAndTest.yml \ No newline at end of file diff --git a/.github/workflows/release-azure-pipelines.yml b/.azuredevops/release.yml similarity index 96% rename from .github/workflows/release-azure-pipelines.yml rename to .azuredevops/release.yml index ccd4ff96..bf6c5bdc 100644 --- a/.github/workflows/release-azure-pipelines.yml +++ b/.azuredevops/release.yml @@ -113,14 +113,12 @@ extends: inputs: command: restore feedsToUse: select - vstsFeed: $(VSTS_FEED_ID) + vstsFeed: Office includeNuGetOrg: false arguments: --runtime ${{ config.runtime }} # 1ES PT requires explicit build task for Roslyn analysis. Auto-injected Roslyn task will use build logs from this build. - task: DotNetCoreCLI@2 displayName: Build projects - env: - ADO_TOKEN: $(System.AccessToken) inputs: command: 'build' projects: '**/*.csproj' @@ -131,8 +129,6 @@ extends: arguments: --configuration release --no-restore - task: DotNetCoreCLI@2 displayName: Build artifacts - env: - ADO_TOKEN: $(System.AccessToken) inputs: command: publish projects: src/AzureAuth/AzureAuth.csproj diff --git a/.github/actions/get-ado-token/action.yml b/.github/actions/get-ado-token/action.yml deleted file mode 100644 index 66e90471..00000000 --- a/.github/actions/get-ado-token/action.yml +++ /dev/null @@ -1,34 +0,0 @@ -name: Get Azure DevOps Access Token -inputs: - client-id: - description: "The client ID of the application calling Azure DevOps" - required: true - tenant-id: - description: "The tenant ID of the application calling Azure DevOps" - required: true - organization: - description: "The Azure DevOps organization to authenticate with" - required: true -outputs: - token: - description: "The access token to authenticate with Azure DevOps" - value: ${{ steps.ADOAuth.outputs.token }} - -runs: - using: "composite" - steps: - - name: OIDC Login with AzPowershell - uses: azure/login@v2 - with: - client-id: ${{ inputs.client-id }} - tenant-id: ${{ inputs.tenant-id }} - allow-no-subscriptions: true - enable-AzPSSession: true - - id: ADOAuth - name: Get ADO Access Token - uses: azure/powershell@v1 - with: - azPSVersion: "latest" - inlineScript: | - $accessToken = (Get-AzAccessToken -ResourceUrl "https://${{inputs.organization}}.visualstudio.com").Token - "token=$accessToken" | Out-File -FilePath $env:GITHUB_OUTPUT -Append \ No newline at end of file diff --git a/.github/workflows/azure-devops-pipelines-cg.yml b/.github/workflows/azure-devops-pipelines-cg.yml deleted file mode 100644 index 8f3dde7a..00000000 --- a/.github/workflows/azure-devops-pipelines-cg.yml +++ /dev/null @@ -1,47 +0,0 @@ -# This pipeline will be triggered when either main branch is pushed or 2AM on workdays. -variables: - - name: tags - value: "production" - readonly: true -trigger: - branches: - include: - - main - batch: True -schedules: -- cron: 0 2 * * 1-5 - branches: - include: - - main -resources: - repositories: - - repository: CustomPipelineTemplates - type: git - name: 1ESPipelineTemplates/OfficePipelineTemplates - ref: refs/tags/release -extends: - template: v1/Office.Official.PipelineTemplate.yml@CustomPipelineTemplates - parameters: - pool: - name: Azure-Pipelines-1ESPT-ExDShared - image: windows-2022 - os: windows - customBuildTags: - - ES365AIMigrationTooling - stages: - - stage: __default - jobs: - - job: ComponentGovernance - displayName: Component Governance - steps: - - task: UseDotNet@2 - inputs: - packageType: 'sdk' - version: '8.x' - - task: DotNetCoreCLI@2 - displayName: dotnet restore - inputs: - command: 'restore' - projects: '**/*.csproj' - feedsToUse: 'config' - nugetConfigPath: 'nuget.config' diff --git a/.github/workflows/dotnet-test.yml b/.github/workflows/dotnet-test.yml deleted file mode 100644 index 683f5c36..00000000 --- a/.github/workflows/dotnet-test.yml +++ /dev/null @@ -1,85 +0,0 @@ -name: Build and Test - -on: - pull_request: - branches: [main] - push: - branches: [main] - -jobs: - test: - runs-on: ${{ matrix.os }} - permissions: - id-token: write - strategy: - matrix: - os: [ubuntu-latest, macos-latest, windows-latest] - fail-fast: false - - steps: - - uses: actions/checkout@v4 - - name: Setup .NET 8 - uses: actions/setup-dotnet@v4 - with: - dotnet-version: 8.0.x - - - name: Get Azure DevOps Access Token - id: getToken - uses: "./.github/actions/get-ado-token" - with: - client-id: ${{ secrets.AZURE_RELEASE_WORKFLOW_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_RELEASE_WORKFLOW_TENANT_ID }} - organization: ${{ secrets.ADO_ORGANIZATION }} - - - name: Restore dependencies - run: dotnet restore - env: - ADO_TOKEN: ${{ steps.getToken.outputs.token }} - - - name: Build - run: dotnet build --no-restore - - - name: Test - run: dotnet test --no-build --verbosity normal - - analyze: - name: Analyze - runs-on: ubuntu-latest - strategy: - fail-fast: false - permissions: - actions: read - contents: read - security-events: write - statuses: write - id-token: write - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Get Azure DevOps Access Token - id: getToken - uses: "./.github/actions/get-ado-token" - with: - client-id: ${{ secrets.AZURE_RELEASE_WORKFLOW_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_RELEASE_WORKFLOW_TENANT_ID }} - organization: ${{ secrets.ADO_ORGANIZATION }} - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: csharp - - # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v3 - env: - ADO_TOKEN: ${{ steps.getToken.outputs.token }} - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 - with: - category: "/language:csharp" diff --git a/nuget.config b/nuget.config index a07be3f5..6338e895 100644 --- a/nuget.config +++ b/nuget.config @@ -2,16 +2,6 @@ - + - - - - - - - - - - \ No newline at end of file