From 89020af553b43176ea7f184ee84927d27bcd3969 Mon Sep 17 00:00:00 2001 From: Dongbo Wang Date: Mon, 1 Apr 2024 15:39:44 -0700 Subject: [PATCH 1/4] Ignore test folders for Component Governance and add release stage --- .pipelines/PSReadLine-Official.yml | 58 +++++++++++++++++++++++++++++- 1 file changed, 57 insertions(+), 1 deletion(-) diff --git a/.pipelines/PSReadLine-Official.yml b/.pipelines/PSReadLine-Official.yml index ab49deeee..83adce25f 100644 --- a/.pipelines/PSReadLine-Official.yml +++ b/.pipelines/PSReadLine-Official.yml @@ -32,6 +32,8 @@ extends: WindowsHostVersion: '1ESWindows2022' globalSdl: disableLegacyManifest: true + cg: # Component Governance parameters. Ignore test components. + ignoreDirectories: $(Build.SourcesDirectory)\PSReadLine\MockPSConsole,$(Build.SourcesDirectory)\PSReadLine\test sbom: enabled: true packageName: PSReadLine @@ -43,7 +45,7 @@ extends: forStages: [Build] credscan: enabled: true - scanFolder: $(Build.SourcesDirectory)\PSReadLine\PSReadLine + scanFolder: $(Build.SourcesDirectory)\PSReadLine\PSReadLine binskim: enabled: true apiscan: @@ -235,3 +237,57 @@ extends: SourceFolder: $(nugetPath) Contents: '**\*' TargetFolder: $(ob_outputDirectory) + + - stage: release + dependsOn: buildstage + displayName: Release PSReadLine + + jobs: + - job: validation + displayName: Manual validation + pool: + type: agentless + timeoutInMinutes: 1440 + + steps: + - task: ManualValidation@0 + displayName: Wait 24 hours for validation + inputs: + instructions: Please validate the release + timeoutInMinutes: 1440 + + - job: publish + dependsOn: validation + displayName: Publish to PSGallery + variables: + - name: nugetPath + value: $(Pipeline.Workspace)\NuGetPackage + pool: + type: windows + + steps: + - task: DownloadPipelineArtifact@2 + displayName: 'Download nupkg artifact' + inputs: + targetPath: $(nugetPath) + artifact: drop_buildstage_nupkg + + - pwsh: | + Get-ChildItem $(nugetPath) -Recurse + displayName: Find signed Nupkg + + - task: NuGetCommand@2 + displayName: Push PSReadLine module to Azure feed + inputs: + command: push + packagesToPush: $(nugetPath)\PSReadLine.*.nupkg + nuGetFeedType: internal + publishVstsFeed: AzArtifactsFeed + + - task: NuGetCommand@2 + displayName: Push PSReadLine module to PSGallery feed + inputs: + command: push + packagesToPush: $(nugetPath)\PSReadLine.*.nupkg + nuGetFeedType: external + publishFeedCredentials: PowerShellGalleryFeed From 27bff800ac9596c2ca44da6fb7f2c946266a5097 Mon Sep 17 00:00:00 2001 From: Dongbo Wang Date: Mon, 1 Apr 2024 15:55:03 -0700 Subject: [PATCH 2/4] Fix an error --- .pipelines/PSReadLine-Official.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.pipelines/PSReadLine-Official.yml b/.pipelines/PSReadLine-Official.yml index 83adce25f..eea7aea8f 100644 --- a/.pipelines/PSReadLine-Official.yml +++ b/.pipelines/PSReadLine-Official.yml @@ -260,6 +260,8 @@ extends: dependsOn: validation displayName: Publish to PSGallery variables: + - name: ob_outputDirectory + value: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT' - name: nugetPath value: $(Pipeline.Workspace)\NuGetPackage pool: From a085934eaede2ad314708c80245e45d409adb7f2 Mon Sep 17 00:00:00 2001 From: Dongbo Wang Date: Tue, 2 Apr 2024 10:12:51 -0700 Subject: [PATCH 3/4] exclude test components for SBOM --- .pipelines/PSReadLine-Official.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.pipelines/PSReadLine-Official.yml b/.pipelines/PSReadLine-Official.yml index eea7aea8f..b4ca8942f 100644 --- a/.pipelines/PSReadLine-Official.yml +++ b/.pipelines/PSReadLine-Official.yml @@ -37,6 +37,7 @@ extends: sbom: enabled: true packageName: PSReadLine + buildComponentPath: $(Build.SourcesDirectory)\PSReadLine\PSReadLine codeql: compiled: enabled: true From 476a61327ea507e1d9a79fb1e25120b9367bd9a1 Mon Sep 17 00:00:00 2001 From: Dongbo Wang Date: Tue, 2 Apr 2024 11:19:11 -0700 Subject: [PATCH 4/4] Update a display name --- .pipelines/PSReadLine-Official.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pipelines/PSReadLine-Official.yml b/.pipelines/PSReadLine-Official.yml index b4ca8942f..79ed79286 100644 --- a/.pipelines/PSReadLine-Official.yml +++ b/.pipelines/PSReadLine-Official.yml @@ -259,7 +259,7 @@ extends: - job: publish dependsOn: validation - displayName: Publish to PSGallery + displayName: Publish to AzFeed and PSGallery variables: - name: ob_outputDirectory value: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT'