mirror of
https://github.com/ckaczor/azuredatastudio.git
synced 2026-01-13 17:22:15 -05:00
711db9cadc
* Add CodeQL to product build pipeline * Fix parsing error * Remove variable * Remove variables and add to pipeline * Add CodeQL Finalize step
359 lines
14 KiB
YAML
359 lines
14 KiB
YAML
steps:
|
||
- task: NodeTool@0
|
||
inputs:
|
||
versionSpec: "16.x"
|
||
|
||
- task: geeklearningio.gl-vsts-tasks-yarn.yarn-installer-task.YarnInstaller@3
|
||
inputs:
|
||
versionSpec: "1.x"
|
||
|
||
- task: UsePythonVersion@0
|
||
inputs:
|
||
versionSpec: '3.x'
|
||
addToPath: true
|
||
|
||
- task: AzureKeyVault@1
|
||
inputs:
|
||
azureSubscription: 'ClientToolsInfra_670062 (88d5392f-a34f-4769-b405-f597fc533613)'
|
||
KeyVaultName: ado-secrets
|
||
SecretsFilter: 'github-distro-mixin-password,standalone-extensions-uri'
|
||
displayName: 'Azure Key Vault: Get Secrets'
|
||
|
||
- task: DownloadPipelineArtifact@2
|
||
inputs:
|
||
artifact: Compilation
|
||
displayName: Download compilation output
|
||
|
||
- powershell: |
|
||
. build/azure-pipelines/win32/exec.ps1
|
||
$ErrorActionPreference = "Stop"
|
||
exec { tar -xf $(Pipeline.Workspace)/compilation.tar.gz }
|
||
displayName: Extract compilation output
|
||
|
||
- powershell: |
|
||
. build/azure-pipelines/win32/exec.ps1
|
||
$ErrorActionPreference = "Stop"
|
||
"machine github.com`nlogin azuredatastudio`npassword $(github-distro-mixin-password)" | Out-File "$env:USERPROFILE\_netrc" -Encoding ASCII
|
||
|
||
exec { git config user.email "sqltools@service.microsoft.com" }
|
||
exec { git config user.name "AzureDataStudio" }
|
||
exec { git config --global http.postBuffer 524288000 }
|
||
exec { git config --global https.postBuffer 524288000 }
|
||
displayName: Prepare tooling
|
||
|
||
- task: CodeQL3000Init@0
|
||
displayName: CodeQL Initialize
|
||
condition: eq(variables['Codeql.enabled'], 'True')
|
||
|
||
- powershell: |
|
||
git remote add distro "https://github.com/$(VSCODE_MIXIN_REPO).git"
|
||
git fetch distro
|
||
git merge $(node -p "require('./package.json').distro")
|
||
displayName: Merge distro
|
||
|
||
- powershell: |
|
||
. build/azure-pipelines/win32/exec.ps1
|
||
$ErrorActionPreference = "Stop"
|
||
exec { node build/azure-pipelines/common/sql-computeNodeModulesCacheKey.js $(VSCODE_ARCH) > .build/yarnlockhash }
|
||
displayName: Prepare yarn cache key
|
||
|
||
- task: Cache@2
|
||
inputs:
|
||
key: 'nodeModules | $(Agent.OS) | .build/yarnlockhash'
|
||
path: .build/node_modules_cache
|
||
cacheHitVar: NODE_MODULES_RESTORED
|
||
displayName: Restore Cache - Node Modules
|
||
continueOnError: true
|
||
|
||
- powershell: |
|
||
. build/azure-pipelines/win32/exec.ps1
|
||
$ErrorActionPreference = "Stop"
|
||
exec { 7z.exe x .build/node_modules_cache/cache.7z -aos }
|
||
condition: and(succeeded(), eq(variables.NODE_MODULES_RESTORED, 'true'))
|
||
displayName: Extract node_modules archive
|
||
|
||
- powershell: |
|
||
. build/azure-pipelines/win32/exec.ps1
|
||
$ErrorActionPreference = "Stop"
|
||
$env:npm_config_arch="$(VSCODE_ARCH)"
|
||
$env:CHILD_CONCURRENCY="1"
|
||
exec { yarn --frozen-lockfile }
|
||
env:
|
||
GITHUB_TOKEN: $(github-distro-mixin-password)
|
||
condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true'))
|
||
displayName: Install dependencies
|
||
|
||
- powershell: |
|
||
. build/azure-pipelines/win32/exec.ps1
|
||
$ErrorActionPreference = "Stop"
|
||
exec { node build/azure-pipelines/common/listNodeModules.js .build/node_modules_list.txt }
|
||
exec { mkdir -Force .build/node_modules_cache }
|
||
exec { 7z.exe a .build/node_modules_cache/cache.7z -mx3 `@.build/node_modules_list.txt }
|
||
condition: and(succeeded(), ne(variables.NODE_MODULES_RESTORED, 'true'))
|
||
displayName: Create node_modules archive
|
||
|
||
- powershell: |
|
||
. build/azure-pipelines/win32/exec.ps1
|
||
$ErrorActionPreference = "Stop"
|
||
exec { yarn postinstall }
|
||
displayName: Run postinstall scripts
|
||
condition: and(succeeded(), eq(variables.NODE_MODULES_RESTORED, 'true'))
|
||
|
||
- powershell: |
|
||
. build/azure-pipelines/win32/exec.ps1
|
||
$ErrorActionPreference = "Stop"
|
||
exec { node build/azure-pipelines/sql-mixin }
|
||
displayName: Mix in quality
|
||
|
||
- powershell: |
|
||
. build/azure-pipelines/win32/exec.ps1
|
||
$ErrorActionPreference = "Stop"
|
||
exec { yarn gulp "package-rebuild-extensions" }
|
||
exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-min-ci" }
|
||
exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-inno-updater" }
|
||
displayName: Build
|
||
env:
|
||
VSCODE_MIXIN_PASSWORD: $(github-distro-mixin-password)
|
||
|
||
- task: UniversalPackages@0
|
||
displayName: Download SAW Python package
|
||
inputs:
|
||
command: 'download'
|
||
downloadDirectory: '$(agent.builddirectory)\azuredatastudio-win32-x64\resources\app\ads-python'
|
||
feedsToUse: 'internal'
|
||
vstsFeed: '2191dd5f-4aec-491b-ac50-568bbc331c8a'
|
||
vstsFeedPackage: '2e355f03-a97e-499a-949b-f02d62b6160c'
|
||
vstsPackageVersion: '*'
|
||
condition: and(succeeded(), eq(variables['VSCODE_QUALITY'], 'saw'), ne(variables['VSCODE_ARCH'], 'arm64'))
|
||
|
||
- powershell: |
|
||
# Install TSGOps specific extensions
|
||
$ErrorActionPreference = "Stop"
|
||
$tempFilePath = (New-TemporaryFile).FullName
|
||
$zipFilePath = $tempFilePath + ".zip"
|
||
$extensionUri = "$(standalone-extensions-uri)"
|
||
$adsExtensionPath = "$(agent.builddirectory)\azuredatastudio-win32-x64\resources\app\extensions"
|
||
Invoke-WebRequest -Uri $extensionUri -OutFile $tempFilePath
|
||
Move-Item $tempFilePath $zipFilePath
|
||
Expand-Archive $zipFilePath -DestinationPath $adsExtensionPath
|
||
displayName: Install SAW Extensions
|
||
condition: and(succeeded(), eq(variables['VSCODE_QUALITY'], 'saw'), ne(variables['VSCODE_ARCH'], 'arm64'))
|
||
|
||
# - powershell: | @anthonydresser unit tests timeout never existing the node process
|
||
# . build/azure-pipelines/win32/exec.ps1
|
||
# $ErrorActionPreference = "Stop"
|
||
# exec { yarn electron x64 }
|
||
# exec { .\scripts\test.bat --build --coverage --reporter mocha-junit-reporter --tfs "Unit Tests" }
|
||
# displayName: Run core unit tests
|
||
# condition: and(succeeded(), eq(variables['RUN_TESTS'], 'true'))
|
||
|
||
- powershell: |
|
||
# Figure out the full absolute path of the product we just built
|
||
# including the remote server and configure the integration tests
|
||
# to run with these builds instead of running out of sources.
|
||
. build/azure-pipelines/win32/exec.ps1
|
||
$ErrorActionPreference = "Stop"
|
||
$AppRoot = "$(agent.builddirectory)\azuredatastudio-win32-x64"
|
||
$AppProductJson = Get-Content -Raw -Path "$AppRoot\resources\app\product.json" | ConvertFrom-Json
|
||
$AppNameShort = $AppProductJson.nameShort
|
||
# exec { $env:INTEGRATION_TEST_ELECTRON_PATH = "$AppRoot\$AppNameShort.exe"; $env:VSCODE_REMOTE_SERVER_PATH = "$(agent.builddirectory)\azuredatastudio-reh-win32-x64"; .\scripts\test-integration.bat --build --tfs "Integration Tests" }
|
||
displayName: Run core integration tests (x64)
|
||
condition: and(succeeded(), and(eq(variables['RUN_TESTS'], 'true'), ne(variables['VSCODE_ARCH'], 'arm64')))
|
||
|
||
- powershell: |
|
||
# Figure out the full absolute path of the product we just built
|
||
# including the remote server and configure the integration tests
|
||
# to run with these builds instead of running out of sources.
|
||
. build/azure-pipelines/win32/exec.ps1
|
||
$ErrorActionPreference = "Stop"
|
||
$AppRoot = "$(agent.builddirectory)\azuredatastudio-win32-arm64"
|
||
$AppProductJson = Get-Content -Raw -Path "$AppRoot\resources\app\product.json" | ConvertFrom-Json
|
||
$AppNameShort = $AppProductJson.nameShort
|
||
# exec { $env:INTEGRATION_TEST_ELECTRON_PATH = "$AppRoot\$AppNameShort.exe"; $env:VSCODE_REMOTE_SERVER_PATH = "$(agent.builddirectory)\azuredatastudio-reh-win32-x64"; .\scripts\test-integration.bat --build --tfs "Integration Tests" }
|
||
displayName: Run core integration tests (arm64)
|
||
condition: and(succeeded(), and(eq(variables['RUN_TESTS'], 'true'), eq(variables['VSCODE_ARCH'], 'arm64')))
|
||
|
||
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
|
||
displayName: 'Sign out code'
|
||
inputs:
|
||
ConnectedServiceName: 'Code Signing'
|
||
FolderPath: '$(agent.builddirectory)/azuredatastudio-win32-$(VSCODE_ARCH)'
|
||
Pattern: |
|
||
*.exe
|
||
*.node
|
||
!**/node_modules/**/*
|
||
resources/app/node_modules.asar.unpacked/*.dll
|
||
d3dcompiler_47.dll
|
||
vulkan-1.dll
|
||
libGLESv2.dll
|
||
ffmpeg.dll
|
||
libEGL.dll
|
||
Microsoft.SqlTools.Hosting.dll
|
||
Microsoft.SqlTools.ResourceProvider.Core.dll
|
||
Microsoft.SqlTools.ResourceProvider.DefaultImpl.dll
|
||
MicrosoftSqlToolsCredentials.dll
|
||
MicrosoftSqlToolsServiceLayer.dll
|
||
MicrosoftSqlToolsSqlCore.dll
|
||
Newtonsoft.Json.dll,SqlSerializationService.dll
|
||
SqlToolsResourceProviderService.dll
|
||
Microsoft.SqlServer.*.dll
|
||
Microsoft.Data.Tools.Sql.BatchParser.dll
|
||
useMinimatch: true
|
||
signConfigType: inlineSignParams
|
||
inlineOperation: |
|
||
[
|
||
{
|
||
"keyCode": "CP-230012",
|
||
"operationSetCode": "SigntoolSign",
|
||
"parameters": [
|
||
{
|
||
"parameterName": "OpusName",
|
||
"parameterValue": "Azure Data Studio"
|
||
},
|
||
{
|
||
"parameterName": "OpusInfo",
|
||
"parameterValue": "https://github.com/microsoft/azuredatastudio"
|
||
},
|
||
{
|
||
"parameterName": "PageHash",
|
||
"parameterValue": "/NPH"
|
||
},
|
||
{
|
||
"parameterName": "FileDigest",
|
||
"parameterValue": "/fd sha256"
|
||
},
|
||
{
|
||
"parameterName": "TimeStamp",
|
||
"parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
|
||
}
|
||
],
|
||
"toolName": "signtool.exe",
|
||
"toolVersion": "6.2.9304.0"
|
||
},
|
||
{
|
||
"keyCode": "CP-230012",
|
||
"operationSetCode": "SigntoolVerify",
|
||
"parameters": [
|
||
{
|
||
"parameterName": "VerifyAll",
|
||
"parameterValue": "/all"
|
||
}
|
||
],
|
||
"toolName": "signtool.exe",
|
||
"toolVersion": "6.2.9304.0"
|
||
}
|
||
]
|
||
SessionTimeout: 600
|
||
MaxConcurrency: 5
|
||
MaxRetryAttempts: 20
|
||
condition: and(succeeded(), eq(variables['signed'], true))
|
||
|
||
- powershell: |
|
||
. build/azure-pipelines/win32/exec.ps1
|
||
$ErrorActionPreference = "Stop"
|
||
exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-user-setup" }
|
||
exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-system-setup" }
|
||
exec { yarn gulp "vscode-win32-$(VSCODE_ARCH)-archive" }
|
||
displayName: Archive & User & System setup
|
||
|
||
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
|
||
displayName: 'Sign installers'
|
||
inputs:
|
||
ConnectedServiceName: 'Code Signing'
|
||
FolderPath: '.build'
|
||
Pattern: '*.exe'
|
||
signConfigType: inlineSignParams
|
||
inlineOperation: |
|
||
[
|
||
{
|
||
"keyCode": "CP-230012",
|
||
"operationSetCode": "SigntoolSign",
|
||
"parameters": [
|
||
{
|
||
"parameterName": "OpusName",
|
||
"parameterValue": "Azure Data Studio"
|
||
},
|
||
{
|
||
"parameterName": "OpusInfo",
|
||
"parameterValue": "https://github.com/microsoft/azuredatastudio"
|
||
},
|
||
{
|
||
"parameterName": "PageHash",
|
||
"parameterValue": "/NPH"
|
||
},
|
||
{
|
||
"parameterName": "FileDigest",
|
||
"parameterValue": "/fd sha256"
|
||
},
|
||
{
|
||
"parameterName": "TimeStamp",
|
||
"parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
|
||
}
|
||
],
|
||
"toolName": "signtool.exe",
|
||
"toolVersion": "6.2.9304.0"
|
||
},
|
||
{
|
||
"keyCode": "CP-230012",
|
||
"operationSetCode": "SigntoolVerify",
|
||
"parameters": [
|
||
{
|
||
"parameterName": "VerifyAll",
|
||
"parameterValue": "/all"
|
||
}
|
||
],
|
||
"toolName": "signtool.exe",
|
||
"toolVersion": "6.2.9304.0"
|
||
}
|
||
]
|
||
SessionTimeout: 600
|
||
MaxConcurrency: 5
|
||
MaxRetryAttempts: 20
|
||
condition: and(succeeded(), eq(variables['signed'], true))
|
||
|
||
- task: ArchiveFiles@2
|
||
displayName: 'Archive build scripts source'
|
||
inputs:
|
||
rootFolderOrFile: '$(Build.SourcesDirectory)/build'
|
||
archiveType: tar
|
||
archiveFile: '$(Build.BinariesDirectory)/source.tar.gz'
|
||
|
||
- task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
|
||
displayName: 'SBOM Generation Task'
|
||
inputs:
|
||
BuildDropPath: '$(Build.ArtifactStagingDirectory)'
|
||
PackageName: 'Azure Data Studio'
|
||
|
||
- task: PublishBuildArtifacts@1
|
||
displayName: 'Publish Artifact: build scripts source'
|
||
inputs:
|
||
PathtoPublish: '$(Build.BinariesDirectory)/source.tar.gz'
|
||
ArtifactName: source
|
||
|
||
- powershell: |
|
||
. build/azure-pipelines/win32/exec.ps1
|
||
$ErrorActionPreference = "Stop"
|
||
.\build\azure-pipelines\win32\createDrop.ps1
|
||
displayName: Create Drop
|
||
|
||
- task: PublishBuildArtifacts@1
|
||
displayName: 'Publish Artifact: drop'
|
||
|
||
- task: PublishTestResults@2
|
||
displayName: 'Publish Test Results test-results.xml'
|
||
inputs:
|
||
testResultsFiles: 'test-results.xml'
|
||
searchFolder: '$(Build.SourcesDirectory)'
|
||
failTaskOnFailedTests: true
|
||
continueOnError: true
|
||
condition: and(succeededOrFailed(), eq(variables['RUN_UNSTABLE_TESTS'], 'true'))
|
||
|
||
- task: CodeQL3000Finalize@0
|
||
displayName: CodeQL Finalize
|
||
condition: eq(variables['Codeql.enabled'], 'True')
|
||
|
||
- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
|
||
displayName: 'Component Detection'
|
||
inputs:
|
||
failOnAlert: true
|