[Build] Switch the release pipeline to use the 1ES governed template (#29014)

This commit is contained in:
Dustin L. Howett 2023-10-05 18:25:16 -05:00 committed by GitHub
parent 45150067b3
commit 03ad83836d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 7851 additions and 394 deletions

View File

@ -1,8 +1,11 @@
cloudai
bkmeneguello
FWest
gdnbaselines
github
https
obairka
sdl
ssh
ubuntu
unuing

View File

@ -24,7 +24,7 @@ steps:
clean: true
maximumCpuCount: true
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@3
displayName: Sign PowerToysSetupCustomActions DLL
inputs:
ConnectedServiceName: "Terminal/Console/WinAppDriver Team Code Signing Connection"
@ -74,7 +74,7 @@ steps:
scriptName: .pipelines/versionAndSignCheck.ps1
arguments: -targetDir '$(build.sourcesdirectory)\extractedMsi\Binary'
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@3
displayName: Sign MSI
inputs:
ConnectedServiceName: "Terminal/Console/WinAppDriver Team Code Signing Connection"
@ -101,7 +101,7 @@ steps:
inputs:
script: '"C:\Program Files (x86)\WiX Toolset v3.14\bin\insignia.exe" -ib installer\PowerToysSetup\$(BuildPlatform)\$(BuildConfiguration)\${{parameters.buildSubDir}}\${{parameters.installerPrefix}}-${{ parameters.versionNumber }}-$(BuildPlatform).exe -o installer\engine.exe'
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@3
displayName: "ESRP CodeSigning (Engine)"
inputs:
ConnectedServiceName: "Terminal/Console/WinAppDriver Team Code Signing Connection"
@ -137,7 +137,7 @@ steps:
inputs:
script: '"C:\Program Files (x86)\WiX Toolset v3.14\bin\insignia.exe" -ab installer\engine.exe installer\PowerToysSetup\$(BuildPlatform)\$(BuildConfiguration)\${{parameters.buildSubDir}}\${{parameters.installerPrefix}}-${{ parameters.versionNumber }}-$(BuildPlatform).exe -o installer\PowerToysSetup\$(BuildPlatform)\$(BuildConfiguration)\${{parameters.buildSubDir}}\${{parameters.installerPrefix}}-${{ parameters.versionNumber }}-$(BuildPlatform).exe'
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@3
displayName: Sign Bootstrapper
inputs:
ConnectedServiceName: "Terminal/Console/WinAppDriver Team Code Signing Connection"

View File

@ -1,10 +1,13 @@
# This build should never run as CI or against a pull request.
name: $(BuildDefinitionName)_$(date:yyMM).$(date:dd)$(rev:rrr)
trigger: none
pr: none
pool:
name: SHINE-INT-L
demands: ImageOverride -equals SHINE-VS17-Latest
resources:
repositories:
- repository: 1ESPipelineTemplates
type: git
name: 1ESPipelineTemplates/1ESPipelineTemplates
ref: refs/tags/release
parameters:
- name: buildConfigurations
@ -20,429 +23,423 @@ parameters:
type: string
default: '0.0.1'
variables:
IsPipeline: 1 # The installer uses this to detect whether it should pick up localizations
SkipCppCodeAnalysis: 1 # Skip the code analysis to speed up release CI. It runs on PR CI, anyway
IsExperimentationLive: 1 # The build and installer use this to turn on experimentation
extends:
template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates
parameters:
customBuildTags:
- 1ES.PT.ViaStartRight
pool:
name: SHINE-INT-S
image: SHINE-VS17-Latest
os: windows
name: $(BuildDefinitionName)_$(date:yyMM).$(date:dd)$(rev:rrr)
resources:
repositories:
- repository: self
type: git
ref: main
jobs:
- job: Build
strategy:
matrix:
${{ each config in parameters.buildConfigurations }}:
${{ each platform in parameters.buildPlatforms }}:
${{ config }}_${{ platform }}:
BuildConfiguration: ${{ config }}
BuildPlatform: ${{ platform }}
NUGET_RESTORE_MSBUILD_ARGS: /p:Platform=${{ platform }} # Required for nuget to work due to self contained
NODE_OPTIONS: --max_old_space_size=16384
displayName: Build
timeoutInMinutes: 120 # Some of the loc stuff adds quite a bit of time.
cancelTimeoutInMinutes: 1
steps:
- checkout: self
clean: true
submodules: true
persistCredentials: True
stages:
- stage: build
displayName: Build (Complete)
pool:
name: SHINE-INT-L
image: SHINE-VS17-Latest
os: windows
jobs:
- job: Build
strategy:
matrix:
${{ each config in parameters.buildConfigurations }}:
${{ each platform in parameters.buildPlatforms }}:
${{ config }}_${{ platform }}:
BuildConfiguration: ${{ config }}
BuildPlatform: ${{ platform }}
templateContext:
outputs:
- output: pipelineArtifact
artifactName: setup-$(BuildPlatform)
targetPath: $(Build.ArtifactStagingDirectory)
sdl:
baseline:
baselineFile: $(Build.SourcesDirectory)\.pipelines\sdl.gdnbaselines
displayName: Build
timeoutInMinutes: 240 # Some of the 1ES Pipeline stuff and Loc take a very long time
cancelTimeoutInMinutes: 1
variables:
NUGET_RESTORE_MSBUILD_ARGS: /p:Platform=$(BuildPlatform) # Required for nuget to work due to self contained
NODE_OPTIONS: --max_old_space_size=16384
IsPipeline: 1 # The installer uses this to detect whether it should pick up localizations
SkipCppCodeAnalysis: 1 # Skip the code analysis to speed up release CI. It runs on PR CI, anyway
IsExperimentationLive: 1 # The build and installer use this to turn on experimentation
steps:
- checkout: self
clean: true
submodules: true
persistCredentials: True
# Sets versions for all PowerToy created DLLs
- task: PowerShell@1
displayName: Set Versions.Prop
inputs:
scriptName: .pipelines/versionSetting.ps1
arguments: -versionNumber '${{ parameters.versionNumber }}' -DevEnvironment ''
# Sets versions for all PowerToy created DLLs
- task: PowerShell@1
displayName: Set Versions.Prop
inputs:
scriptName: .pipelines/versionSetting.ps1
arguments: -versionNumber '${{ parameters.versionNumber }}' -DevEnvironment ''
# Guardian tool needs 'Microsoft.NETCore.App', version '2.1.0' (x64)
- task: UseDotNet@2
displayName: 'Use .NET Core 2.1 SDK'
inputs:
packageType: sdk
version: '2.1.x'
# ESRP needs 'Microsoft.NETCore.App', version '6.0.0' (x64)
- task: UseDotNet@2
displayName: 'Use .NET 6 SDK'
inputs:
packageType: sdk
version: '6.x'
- task: UseDotNet@2
displayName: 'Use .NET 7 SDK'
inputs:
packageType: sdk
version: '7.x'
- task: UseDotNet@2
displayName: 'Use .NET 7 SDK'
inputs:
packageType: sdk
version: '7.x'
- task: NuGetAuthenticate@1
- task: NuGetToolInstaller@1
displayName: Use NuGet Installer latest
- task: NuGetAuthenticate@1
- task: NuGetToolInstaller@1
displayName: Use NuGet Installer latest
# this will restore the following nugets:
# - main solution
# - Bug report tool
# - Webcam report tool
# - Installer
# - Bootstrapper Installer
- task: PowerShell@2
displayName: Download and install WiX 3.14 development build
inputs:
targetType: filePath
filePath: '$(build.sourcesdirectory)\.pipelines\installWiX.ps1'
# this will restore the following nugets:
# - main solution
# - Bug report tool
# - Webcam report tool
# - Installer
# - Bootstrapper Installer
- task: PowerShell@2
displayName: Download and install WiX 3.14 development build
inputs:
targetType: filePath
filePath: '$(build.sourcesdirectory)\.pipelines\installWiX.ps1'
- task: MicrosoftTDBuild.tdbuild-task.tdbuild-task.TouchdownBuildTask@1
displayName: 'Download Localization Files -- PowerToys 37400'
inputs:
teamId: 37400
authId: '$(TouchdownApplicationID)'
authKey: '$(TouchdownApplicationKey)'
resourceFilePath: |
**\Resources.resx
**\Resource.resx
**\Resources.resw
appendRelativeDir: true
localizationTarget: false
# pseudoSetting: Included
- task: MicrosoftTDBuild.tdbuild-task.tdbuild-task.TouchdownBuildTask@1
displayName: 'Download Localization Files -- PowerToys 37400'
inputs:
teamId: 37400
authId: '$(TouchdownApplicationID)'
authKey: '$(TouchdownApplicationKey)'
resourceFilePath: |
**\Resources.resx
**\Resource.resx
**\Resources.resw
appendRelativeDir: true
localizationTarget: false
# pseudoSetting: Included
- task: PowerShell@2
displayName: Move Loc files into correct locations
inputs:
targetType: inline
script: >-
$VerbosePreference = "Continue"
- task: PowerShell@2
displayName: Move Loc files into correct locations
inputs:
targetType: inline
script: >-
$VerbosePreference = "Continue"
./tools/build/move-and-rename-resx.ps1
./tools/build/move-and-rename-resx.ps1
./tools/build/move-uwp-resw.ps1
pwsh: true
- task: CmdLine@2
displayName: Moving telem files
inputs:
script: |
call nuget.exe restore -configFile .pipelines/release-nuget.config -PackagesDirectory . .pipelines/packages.config || exit /b 1
move /Y "Microsoft.PowerToys.Telemetry.2.0.0\build\include\TraceLoggingDefines.h" "src\common\Telemetry\TraceLoggingDefines.h" || exit /b 1
move /Y "Microsoft.PowerToys.Telemetry.2.0.0\build\include\TelemetryBase.cs" "src\common\Telemetry\TelemetryBase.cs" || exit /b 1
./tools/build/move-uwp-resw.ps1
pwsh: true
- task: CmdLine@2
displayName: Moving telem files
inputs:
script: |
call nuget.exe restore -configFile .pipelines/release-nuget.config -PackagesDirectory . .pipelines/packages.config || exit /b 1
move /Y "Microsoft.PowerToys.Telemetry.2.0.0\build\include\TraceLoggingDefines.h" "src\common\Telemetry\TraceLoggingDefines.h" || exit /b 1
move /Y "Microsoft.PowerToys.Telemetry.2.0.0\build\include\TelemetryBase.cs" "src\common\Telemetry\TelemetryBase.cs" || exit /b 1
## ALL BUT INSTALLER BUILDING
- task: VSBuild@1
displayName: Build PowerToys main project
inputs:
solution: '**\PowerToys.sln'
vsVersion: 17.0
msbuildArgs: -restore /p:RestorePackagesConfig=true /p:RestoreConfigFile="$(Build.SourcesDirectory)\.pipelines\release-nuget.config" /p:CIBuild=true /bl:$(Build.SourcesDirectory)\msbuild.binlog
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
clean: true
maximumCpuCount: true
## ALL BUT INSTALLER BUILDING
- task: VSBuild@1
displayName: Build PowerToys main project
inputs:
solution: '**\PowerToys.sln'
vsVersion: 17.0
msbuildArgs: -restore /p:RestorePackagesConfig=true /p:RestoreConfigFile="$(Build.SourcesDirectory)\.pipelines\release-nuget.config" /p:CIBuild=true /bl:$(Build.SourcesDirectory)\msbuild.binlog
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
clean: true
maximumCpuCount: true
- task: VSBuild@1
displayName: Build BugReportTool
inputs:
solution: '**/tools/BugReportTool/BugReportTool.sln'
vsVersion: 17.0
msbuildArgs: -restore /p:RestorePackagesConfig=true /p:RestoreConfigFile="$(Build.SourcesDirectory)\.pipelines\release-nuget.config" /p:CIBuild=true /bl:$(Build.SourcesDirectory)\msbuild.binlog
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
clean: true
maximumCpuCount: true
- task: VSBuild@1
displayName: Build BugReportTool
inputs:
solution: '**/tools/BugReportTool/BugReportTool.sln'
vsVersion: 17.0
msbuildArgs: -restore /p:RestorePackagesConfig=true /p:RestoreConfigFile="$(Build.SourcesDirectory)\.pipelines\release-nuget.config" /p:CIBuild=true /bl:$(Build.SourcesDirectory)\msbuild.binlog
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
clean: true
maximumCpuCount: true
- task: VSBuild@1
displayName: Build WebcamReportTool
inputs:
solution: '**/tools/WebcamReportTool/WebcamReportTool.sln'
vsVersion: 17.0
msbuildArgs: -restore /p:RestorePackagesConfig=true /p:RestoreConfigFile="$(Build.SourcesDirectory)\.pipelines\release-nuget.config" /p:CIBuild=true /bl:$(Build.SourcesDirectory)\msbuild.binlog
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
clean: true
maximumCpuCount: true
- task: VSBuild@1
displayName: Build WebcamReportTool
inputs:
solution: '**/tools/WebcamReportTool/WebcamReportTool.sln'
vsVersion: 17.0
msbuildArgs: -restore /p:RestorePackagesConfig=true /p:RestoreConfigFile="$(Build.SourcesDirectory)\.pipelines\release-nuget.config" /p:CIBuild=true /bl:$(Build.SourcesDirectory)\msbuild.binlog
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
clean: true
maximumCpuCount: true
- task: VSBuild@1
displayName: Build StylesReportTool
inputs:
solution: '**/tools/StylesReportTool/StylesReportTool.sln'
vsVersion: 17.0
msbuildArgs: -restore /p:RestorePackagesConfig=true /p:RestoreConfigFile="$(Build.SourcesDirectory)\.pipelines\release-nuget.config" /p:CIBuild=true /bl:$(Build.SourcesDirectory)\msbuild.binlog
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
clean: true
maximumCpuCount: true
- task: VSBuild@1
displayName: Build StylesReportTool
inputs:
solution: '**/tools/StylesReportTool/StylesReportTool.sln'
vsVersion: 17.0
msbuildArgs: -restore /p:RestorePackagesConfig=true /p:RestoreConfigFile="$(Build.SourcesDirectory)\.pipelines\release-nuget.config" /p:CIBuild=true /bl:$(Build.SourcesDirectory)\msbuild.binlog
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
clean: true
maximumCpuCount: true
- task: VSBuild@1
displayName: Publish Settings for Packaging
inputs:
solution: 'src/settings-ui/Settings.UI/PowerToys.Settings.csproj'
vsVersion: 17.0
msbuildArgs: >-
/target:Publish
/p:Configuration=$(BuildConfiguration);Platform=$(BuildPlatform);AppxBundle=Never
/p:VCRTForwarders-IncludeDebugCRT=false
/p:PowerToysRoot=$(Build.SourcesDirectory)
/p:PublishProfile=InstallationPublishProfile.pubxml
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
maximumCpuCount: true
- task: VSBuild@1
displayName: Publish Settings for Packaging
inputs:
solution: 'src/settings-ui/Settings.UI/PowerToys.Settings.csproj'
vsVersion: 17.0
msbuildArgs: >-
/target:Publish
/p:Configuration=$(BuildConfiguration);Platform=$(BuildPlatform);AppxBundle=Never
/p:VCRTForwarders-IncludeDebugCRT=false
/p:PowerToysRoot=$(Build.SourcesDirectory)
/p:PublishProfile=InstallationPublishProfile.pubxml
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
maximumCpuCount: true
- task: VSBuild@1
displayName: Publish Launcher for Packaging
inputs:
solution: 'src/modules/launcher/PowerLauncher/PowerLauncher.csproj'
vsVersion: 17.0
# The arguments should be the same as the ones for Settings; make sure they are.
msbuildArgs: >-
/target:Publish
/p:Configuration=$(BuildConfiguration);Platform=$(BuildPlatform);AppxBundle=Never
/p:VCRTForwarders-IncludeDebugCRT=false
/p:PowerToysRoot=$(Build.SourcesDirectory)
/p:PublishProfile=InstallationPublishProfile.pubxml
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
maximumCpuCount: true
- task: VSBuild@1
displayName: Publish Launcher for Packaging
inputs:
solution: 'src/modules/launcher/PowerLauncher/PowerLauncher.csproj'
vsVersion: 17.0
# The arguments should be the same as the ones for Settings; make sure they are.
msbuildArgs: >-
/target:Publish
/p:Configuration=$(BuildConfiguration);Platform=$(BuildPlatform);AppxBundle=Never
/p:VCRTForwarders-IncludeDebugCRT=false
/p:PowerToysRoot=$(Build.SourcesDirectory)
/p:PublishProfile=InstallationPublishProfile.pubxml
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
maximumCpuCount: true
- task: VSBuild@1
displayName: Publish Monaco Preview Handler for Packaging
inputs:
solution: 'src/modules/previewpane/MonacoPreviewHandler/MonacoPreviewHandler.csproj'
vsVersion: 17.0
# The arguments should be the same as the ones for Settings; make sure they are.
msbuildArgs: >-
/target:Publish
/p:Configuration=$(BuildConfiguration);Platform=$(BuildPlatform);AppxBundle=Never
/p:VCRTForwarders-IncludeDebugCRT=false
/p:PowerToysRoot=$(Build.SourcesDirectory)
/p:PublishProfile=InstallationPublishProfile.pubxml
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
maximumCpuCount: true
- task: VSBuild@1
displayName: Publish Monaco Preview Handler for Packaging
inputs:
solution: 'src/modules/previewpane/MonacoPreviewHandler/MonacoPreviewHandler.csproj'
vsVersion: 17.0
# The arguments should be the same as the ones for Settings; make sure they are.
msbuildArgs: >-
/target:Publish
/p:Configuration=$(BuildConfiguration);Platform=$(BuildPlatform);AppxBundle=Never
/p:VCRTForwarders-IncludeDebugCRT=false
/p:PowerToysRoot=$(Build.SourcesDirectory)
/p:PublishProfile=InstallationPublishProfile.pubxml
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
maximumCpuCount: true
- task: VSBuild@1
displayName: Publish Markdown Preview Handler for Packaging
inputs:
solution: 'src/modules/previewpane/MarkdownPreviewHandler/MarkdownPreviewHandler.csproj'
vsVersion: 17.0
# The arguments should be the same as the ones for Settings; make sure they are.
msbuildArgs: >-
/target:Publish
/p:Configuration=$(BuildConfiguration);Platform=$(BuildPlatform);AppxBundle=Never
/p:VCRTForwarders-IncludeDebugCRT=false
/p:PowerToysRoot=$(Build.SourcesDirectory)
/p:PublishProfile=InstallationPublishProfile.pubxml
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
maximumCpuCount: true
- task: VSBuild@1
displayName: Publish Markdown Preview Handler for Packaging
inputs:
solution: 'src/modules/previewpane/MarkdownPreviewHandler/MarkdownPreviewHandler.csproj'
vsVersion: 17.0
# The arguments should be the same as the ones for Settings; make sure they are.
msbuildArgs: >-
/target:Publish
/p:Configuration=$(BuildConfiguration);Platform=$(BuildPlatform);AppxBundle=Never
/p:VCRTForwarders-IncludeDebugCRT=false
/p:PowerToysRoot=$(Build.SourcesDirectory)
/p:PublishProfile=InstallationPublishProfile.pubxml
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
maximumCpuCount: true
- task: VSBuild@1
displayName: Publish Svg Preview Handler for Packaging
inputs:
solution: 'src/modules/previewpane/SvgPreviewHandler/SvgPreviewHandler.csproj'
vsVersion: 17.0
# The arguments should be the same as the ones for Settings; make sure they are.
msbuildArgs: >-
/target:Publish
/p:Configuration=$(BuildConfiguration);Platform=$(BuildPlatform);AppxBundle=Never
/p:VCRTForwarders-IncludeDebugCRT=false
/p:PowerToysRoot=$(Build.SourcesDirectory)
/p:PublishProfile=InstallationPublishProfile.pubxml
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
maximumCpuCount: true
- task: VSBuild@1
displayName: Publish Svg Preview Handler for Packaging
inputs:
solution: 'src/modules/previewpane/SvgPreviewHandler/SvgPreviewHandler.csproj'
vsVersion: 17.0
# The arguments should be the same as the ones for Settings; make sure they are.
msbuildArgs: >-
/target:Publish
/p:Configuration=$(BuildConfiguration);Platform=$(BuildPlatform);AppxBundle=Never
/p:VCRTForwarders-IncludeDebugCRT=false
/p:PowerToysRoot=$(Build.SourcesDirectory)
/p:PublishProfile=InstallationPublishProfile.pubxml
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
maximumCpuCount: true
- task: VSBuild@1
displayName: Publish Svg Thumbnail Provider for Packaging
inputs:
solution: 'src/modules/previewpane/SvgThumbnailProvider/SvgThumbnailProvider.csproj'
vsVersion: 17.0
# The arguments should be the same as the ones for Settings; make sure they are.
msbuildArgs: >-
/target:Publish
/p:Configuration=$(BuildConfiguration);Platform=$(BuildPlatform);AppxBundle=Never
/p:VCRTForwarders-IncludeDebugCRT=false
/p:PowerToysRoot=$(Build.SourcesDirectory)
/p:PublishProfile=InstallationPublishProfile.pubxml
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
maximumCpuCount: true
- task: VSBuild@1
displayName: Publish Svg Thumbnail Provider for Packaging
inputs:
solution: 'src/modules/previewpane/SvgThumbnailProvider/SvgThumbnailProvider.csproj'
vsVersion: 17.0
# The arguments should be the same as the ones for Settings; make sure they are.
msbuildArgs: >-
/target:Publish
/p:Configuration=$(BuildConfiguration);Platform=$(BuildPlatform);AppxBundle=Never
/p:VCRTForwarders-IncludeDebugCRT=false
/p:PowerToysRoot=$(Build.SourcesDirectory)
/p:PublishProfile=InstallationPublishProfile.pubxml
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
maximumCpuCount: true
- task: VSBuild@1
displayName: Publish File Locksmith UI for Packaging
inputs:
solution: 'src/modules/FileLocksmith/FileLocksmithUI/FileLocksmithUI.csproj'
vsVersion: 17.0
# The arguments should be the same as the ones for Settings; make sure they are.
msbuildArgs: >-
/target:Publish
/p:Configuration=$(BuildConfiguration);Platform=$(BuildPlatform);AppxBundle=Never
/p:VCRTForwarders-IncludeDebugCRT=false
/p:PowerToysRoot=$(Build.SourcesDirectory)
/p:PublishProfile=InstallationPublishProfile.pubxml
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
maximumCpuCount: true
- task: VSBuild@1
displayName: Publish File Locksmith UI for Packaging
inputs:
solution: 'src/modules/FileLocksmith/FileLocksmithUI/FileLocksmithUI.csproj'
vsVersion: 17.0
# The arguments should be the same as the ones for Settings; make sure they are.
msbuildArgs: >-
/target:Publish
/p:Configuration=$(BuildConfiguration);Platform=$(BuildPlatform);AppxBundle=Never
/p:VCRTForwarders-IncludeDebugCRT=false
/p:PowerToysRoot=$(Build.SourcesDirectory)
/p:PublishProfile=InstallationPublishProfile.pubxml
platform: $(BuildPlatform)
configuration: $(BuildConfiguration)
maximumCpuCount: true
# Check if deps.json files don't reference different dll versions.
- task: PowerShell@2
displayName: Audit deps.json files for all applications
inputs:
filePath: '.pipelines/verifyDepsJsonLibraryVersions.ps1'
arguments: -targetDir '$(build.sourcesdirectory)\$(BuildPlatform)\$(BuildConfiguration)'
pwsh: true
# Check if deps.json files don't reference different dll versions.
- task: PowerShell@2
displayName: Audit deps.json files for all applications
inputs:
filePath: '.pipelines/verifyDepsJsonLibraryVersions.ps1'
arguments: -targetDir '$(build.sourcesdirectory)\$(BuildPlatform)\$(BuildConfiguration)'
pwsh: true
# Check if asset files on the main application paths are playing nice and avoiding basic conflicts.
- task: PowerShell@2
displayName: Audit base applications path asset conflicts
inputs:
filePath: '.pipelines/verifyPossibleAssetConflicts.ps1'
arguments: -targetDir '$(build.sourcesdirectory)\$(BuildPlatform)\$(BuildConfiguration)'
pwsh: true
# Check if asset files on the main application paths are playing nice and avoiding basic conflicts.
- task: PowerShell@2
displayName: Audit base applications path asset conflicts
inputs:
filePath: '.pipelines/verifyPossibleAssetConflicts.ps1'
arguments: -targetDir '$(build.sourcesdirectory)\$(BuildPlatform)\$(BuildConfiguration)'
pwsh: true
- task: PowerShell@2
displayName: Audit WinAppSDK applications path asset conflicts
inputs:
filePath: '.pipelines/verifyPossibleAssetConflicts.ps1'
arguments: -targetDir '$(build.sourcesdirectory)\$(BuildPlatform)\$(BuildConfiguration)\WinUI3Apps'
pwsh: true
- task: PowerShell@2
displayName: Audit WinAppSDK applications path asset conflicts
inputs:
filePath: '.pipelines/verifyPossibleAssetConflicts.ps1'
arguments: -targetDir '$(build.sourcesdirectory)\$(BuildPlatform)\$(BuildConfiguration)\WinUI3Apps'
pwsh: true
#### MAIN SIGNING AREA
# reference https://dev.azure.com/microsoft/Dart/_git/AppDriver?path=/ESRPSigning.json&version=GBarm64-netcore&_a=contents for winappdriver
# https://dev.azure.com/microsoft/Dart/_git/AppDriver?path=/CIPolicy.xml&version=GBarm64-netcore&_a=contents
#### MAIN SIGNING AREA
# reference https://dev.azure.com/microsoft/Dart/_git/AppDriver?path=/ESRPSigning.json&version=GBarm64-netcore&_a=contents for winappdriver
# https://dev.azure.com/microsoft/Dart/_git/AppDriver?path=/CIPolicy.xml&version=GBarm64-netcore&_a=contents
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
displayName: Sign Core PT
inputs:
ConnectedServiceName: 'Terminal/Console/WinAppDriver Team Code Signing Connection'
FolderPath: '$(BuildPlatform)/$(BuildConfiguration)' # Video conf uses x86 and x64.
signType: batchSigning
batchSignPolicyFile: '$(build.sourcesdirectory)\.pipelines\ESRPSigning_core.json'
ciPolicyFile: '$(build.sourcesdirectory)\.pipelines\CIPolicy.xml'
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@3
displayName: Sign Core PT
inputs:
ConnectedServiceName: 'Terminal/Console/WinAppDriver Team Code Signing Connection'
FolderPath: '$(BuildPlatform)/$(BuildConfiguration)' # Video conf uses x86 and x64.
signType: batchSigning
batchSignPolicyFile: '$(build.sourcesdirectory)\.pipelines\ESRPSigning_core.json'
ciPolicyFile: '$(build.sourcesdirectory)\.pipelines\CIPolicy.xml'
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@1
displayName: Sign x86 directshow VCM
inputs:
ConnectedServiceName: 'Terminal/Console/WinAppDriver Team Code Signing Connection'
FolderPath: 'x86/$(BuildConfiguration)' # Video conf uses x86 and x64.
signType: batchSigning
batchSignPolicyFile: '$(build.sourcesdirectory)\.pipelines\ESRPSigning_vcm.json'
ciPolicyFile: '$(build.sourcesdirectory)\.pipelines\CIPolicy.xml'
#### END SIGNING
## END MAIN
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@3
displayName: Sign x86 directshow VCM
inputs:
ConnectedServiceName: 'Terminal/Console/WinAppDriver Team Code Signing Connection'
FolderPath: 'x86/$(BuildConfiguration)' # Video conf uses x86 and x64.
signType: batchSigning
batchSignPolicyFile: '$(build.sourcesdirectory)\.pipelines\ESRPSigning_vcm.json'
ciPolicyFile: '$(build.sourcesdirectory)\.pipelines\CIPolicy.xml'
#### END SIGNING
## END MAIN
- task: PublishBuildArtifacts@1
displayName: 'Publish Artifact: binlog'
condition: failed()
continueOnError: True
inputs:
PathtoPublish: $(Build.SourcesDirectory)\msbuild.binlog
ArtifactName: binlog-$(BuildPlatform)
- pwsh: |-
Move-Item msbuild.binlog "$(Build.ArtifactStagingDirectory)/"
displayName: Stage binlog into artifact directory
condition: always()
- task: ComponentGovernanceComponentDetection@0
displayName: Component Detection
- task: ComponentGovernanceComponentDetection@0
displayName: Component Detection
- task: CopyFiles@2
displayName: Copying files for symbols
inputs:
contents: >-
**/*.pdb
flattenFolders: True
targetFolder: $(Build.ArtifactStagingDirectory)/Symbols-$(BuildPlatform)/
- task: PowerShell@2
displayName: 'Remove unneeded files from ArtifactStagingDirectory'
inputs:
targetType: 'inline'
script: |
cd $(Build.ArtifactStagingDirectory)/Symbols-$(BuildPlatform)/
Remove-Item vc143.pdb
Remove-Item *test*
- task: CopyFiles@2
displayName: Copying files for symbols
inputs:
contents: >-
**/*.pdb
flattenFolders: True
targetFolder: $(Build.ArtifactStagingDirectory)/Symbols-$(BuildPlatform)/
- task: PowerShell@2
displayName: 'Remove unneeded files from ArtifactStagingDirectory'
inputs:
targetType: 'inline'
script: |
cd $(Build.ArtifactStagingDirectory)/Symbols-$(BuildPlatform)/
Remove-Item vc143.pdb
Remove-Item *test*
- task: PublishSymbols@2
displayName: Publish symbols path
continueOnError: True
inputs:
SearchPattern: |
$(Build.ArtifactStagingDirectory)/Symbols-$(BuildPlatform)/**/*.*
IndexSources: false
SymbolServerType: TeamServices
- task: PublishBuildArtifacts@1
displayName: 'Publish Artifact: Symbols'
inputs:
PathtoPublish: $(System.ArtifactsDirectory)/Symbols-$(BuildPlatform)/
ArtifactName: Symbols-${{ parameters.versionNumber }}-$(BuildPlatform)
- task: PublishSymbols@2
displayName: Publish symbols path
continueOnError: True
inputs:
SearchPattern: |
$(Build.ArtifactStagingDirectory)/Symbols-$(BuildPlatform)/**/*.*
IndexSources: false
SymbolServerType: TeamServices
- template: .pipelines/installer-steps.yml@self
parameters:
versionNumber: ${{ parameters.versionNumber }}
perUserArg: "false"
buildSubDir: "MachineSetup"
installerPrefix: "PowerToysSetup"
- task: DeleteFiles@1
displayName: 'Remove symbols from ArtifactStagingDirectory'
inputs:
Contents: '*'
SourceFolder: $(Build.ArtifactStagingDirectory)/Symbols-$(BuildPlatform)/
RemoveSourceFolder: True
- task: PowerShell@2
displayName: Clean installer dir before building per-user installer
inputs:
targetType: inline
script: git clean -xfd -e *exe -- .\installer\
pwsh: true
- template: installer-steps.yml
parameters:
versionNumber: ${{ parameters.versionNumber }}
perUserArg: "false"
buildSubDir: "MachineSetup"
installerPrefix: "PowerToysSetup"
- template: .pipelines/installer-steps.yml@self
parameters:
versionNumber: ${{ parameters.versionNumber }}
perUserArg: "true"
buildSubDir: "UserSetup"
installerPrefix: "PowerToysUserSetup"
- task: PowerShell@2
displayName: Clean installer dir before building per-user installer
inputs:
targetType: inline
script: git clean -xfd -e *exe -- .\installer\
pwsh: true
- task: CopyFiles@2
displayName: Copying setup file over
inputs:
contents: "**/PowerToys*Setup-*.exe"
flattenFolders: True
targetFolder: $(Build.ArtifactStagingDirectory)
- template: installer-steps.yml
parameters:
versionNumber: ${{ parameters.versionNumber }}
perUserArg: "true"
buildSubDir: "UserSetup"
installerPrefix: "PowerToysUserSetup"
- task: PowerShell@2
displayName: 'Calculating SHA256 hash'
inputs:
targetType: 'inline'
script: |
$p = "$(System.ArtifactsDirectory)\";
$staging = "$(Build.ArtifactStagingDirectory)\"
$userHash = ((get-item $p\PowerToysUserSetup*.exe | Get-FileHash).Hash);
$machineHash = ((get-item $p\PowerToysSetup*.exe | Get-FileHash).Hash);
$userPlat = "hash_user_$(BuildPlatform).txt";
$machinePlat = "hash_machine_$(BuildPlatform).txt";
$combinedUserPath = $staging + $userPlat;
$combinedMachinePath = $staging + $machinePlat;
echo $p
- task: CopyFiles@2
displayName: Copying setup file over
inputs:
contents: "**/PowerToys*Setup-*.exe"
flattenFolders: True
targetFolder: $(Build.ArtifactStagingDirectory)
echo $userPlat
echo $userHash
echo $combinedUserPath
- task: PowerShell@2
displayName: 'Calculating SHA256 hash'
inputs:
targetType: 'inline'
script: |
$p = "$(System.ArtifactsDirectory)\";
$staging = "$(Build.ArtifactStagingDirectory)\"
$userHash = ((get-item $p\PowerToysUserSetup*.exe | Get-FileHash).Hash);
$machineHash = ((get-item $p\PowerToysSetup*.exe | Get-FileHash).Hash);
$userPlat = "hash_user_$(BuildPlatform).txt";
$machinePlat = "hash_machine_$(BuildPlatform).txt";
$combinedUserPath = $staging + $userPlat;
$combinedMachinePath = $staging + $machinePlat;
echo $p
echo $userPlat
echo $userHash
echo $combinedUserPath
echo $machinePlat
echo $machineHash
echo $combinedMachinePath
$userHash | out-file -filepath $combinedUserPath
$machineHash | out-file -filepath $combinedMachinePath
pwsh: true
- task: PublishBuildArtifacts@1
displayName: "Publish Artifact: PowerToySetup"
inputs:
PathtoPublish: $(System.ArtifactsDirectory)
ArtifactName: setup-$(BuildPlatform)
# Publishing the GPO files with a version number
- task: PublishBuildArtifacts@1
displayName: 'Publish Artifact: GPO Files'
inputs:
PathtoPublish: src\gpo\assets
ArtifactName: GroupPolicyObjectsFiles-${{ parameters.versionNumber }}
echo $machinePlat
echo $machineHash
echo $combinedMachinePath
$userHash | out-file -filepath $combinedUserPath
$machineHash | out-file -filepath $combinedMachinePath
pwsh: true
# Publishing the GPO files
- pwsh: |-
New-Item "$(Build.ArtifactStagingDirectory)/gpo" -Type Directory
Copy-Item src\gpo\assets\* "$(Build.ArtifactStagingDirectory)/gpo" -Recurse
displayName: Stage the GPO files
...

7457
.pipelines/sdl.gdnbaselines Normal file

File diff suppressed because it is too large Load Diff