AllMirror
/
.NET-SDK
mirror of https://github.com/dotnet/sdk


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328
							trigger:
  batch: true
  branches:
    include:
    - main
    - release/9.0.1xx-preview*
    - internal/release/*
    - exp/*

pr:
  branches:
    include:
    - main
    - release/*
    - internal/release/*

variables:
  - name: _CIBuild
    value: -restore -build -sign -pack -ci
  # Disable post-build signing for internal release-branch builds or internal manual builds.
  - ${{ if and(eq(variables['System.TeamProject'], 'internal'), or(startswith(variables['Build.SourceBranch'], 'refs/heads/release/'), startswith(variables['Build.SourceBranch'], 'refs/heads/internal/release/'), eq(variables['Build.Reason'], 'Manual'))) }}:
    - name: PostBuildSign
      value: false
  - ${{ else }}:
    - name: PostBuildSign
      value: true
  - ${{ if eq(variables['System.TeamProject'], 'public') }}:
    - name: _InternalRuntimeDownloadArgs
      value: ''
    - name: _OfficialBuildArgs
      value: ''
    - name: "skipComponentGovernanceDetection"
      value: "true"
  - ${{ if ne(variables['System.TeamProject'], 'public') }}:
    - name: _OfficialBuildArgs
      value: /p:OfficialBuilder=Microsoft
    - name: Codeql.Enabled
      value: true
    - group: DotNetBuilds storage account read tokens
    - name: _InternalRuntimeDownloadArgs
      value: /p:DotNetRuntimeSourceFeed=https://dotnetbuilds.blob.core.windows.net/internal 
        /p:DotNetRuntimeSourceFeedKey=$(dotnetbuilds-internal-container-read-token-base64) 
  - ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
    - group: DotNet-CLI-SDLValidation-Params
  - template: /eng/common/templates-official/variables/pool-providers.yml
  # Set the MicroBuild plugin installation directory to the agent temp directory to avoid SDL tool scanning.
  - name: MicroBuildOutputFolderOverride
    value: $(Agent.TempDirectory)

resources:
  repositories:
  - repository: 1esPipelines
    type: git
    name: 1ESPipelineTemplates/1ESPipelineTemplates
    ref: refs/tags/release

extends:
  template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines
  parameters:
    sdl:
      sourceAnalysisPool:
        name: $(DncEngInternalBuildPool)
        image: 1es-windows-2022
        os: windows
    stages:
    - stage: build
      displayName: Build
      jobs:
      - job: Publish_Build_Configuration
        pool:
          ${{ if eq(variables['System.TeamProject'], 'public') }}:
            name: $(DncEngPublicBuildPool)
            image: 1es-windows-2022-open
            os: windows
          ${{ if eq(variables['System.TeamProject'], 'internal') }}:
            name: $(DncEngInternalBuildPool)
            image: 1es-windows-2022
            os: windows
        steps:
          - task: 1ES.PublishPipelineArtifact@1
            displayName: Publish Build Config
            inputs:
              targetPath: $(Build.SourcesDirectory)\eng\buildConfiguration
              artifactName: buildConfiguration
      - template: /eng/build.yml@self
        parameters:
          agentOs: Windows_NT
          pool:
            ${{ if eq(variables['System.TeamProject'], 'public') }}:
              name: $(DncEngPublicBuildPool)
              image: 1es-windows-2022-open
              os: windows
            ${{ if ne(variables['System.TeamProject'], 'public') }}:
              name: $(DncEngInternalBuildPool)
              image: 1es-windows-2022
              os: windows
          ${{ if eq(variables['System.TeamProject'], 'public') }}:
            helixTargetQueue: Windows.Amd64.VS2022.Pre.Open
          ${{ if ne(variables['System.TeamProject'], 'public') }}:
            helixTargetQueue: Windows.Amd64.VS2022.Pre
          variables:
          - name: _BuildConfig
            value: Release
          - name: _PublishArgs
            value: '-publish /p:DotNetPublishUsingPipelines=true'
          - ${{ if or(eq(variables['System.TeamProject'], 'public'), in(variables['Build.Reason'], 'PullRequest')) }}:
            - name: _SignType
              value: test
            - name: _Test
              value: -test
          - ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
            - name: _SignType
              value: real
            - name: _Test
              value: ''
      - template: /eng/common/templates-official/job/source-build.yml@self
        parameters:
          platform:
            name: 'Managed'
            container: mcr.microsoft.com/dotnet-buildtools/prereqs:centos-stream9
      - ${{ if or(eq(variables['System.TeamProject'], 'public'), in(variables['Build.Reason'], 'PullRequest')) }}:
        - template: /eng/build.yml@self
          parameters:
            agentOs: Windows_NT_FullFramework
            pool:
              ${{ if eq(variables['System.TeamProject'], 'public') }}:
                name: $(DncEngPublicBuildPool)
                image: 1es-windows-2022-open
                os: windows
              ${{ if ne(variables['System.TeamProject'], 'public') }}:
                name: $(DncEngInternalBuildPool)
                image: 1es-windows-2022
                os: windows
            ${{ if eq(variables['System.TeamProject'], 'public') }}:
              helixTargetQueue: Windows.Amd64.VS2022.Pre.Open
            ${{ if ne(variables['System.TeamProject'], 'public') }}:
              helixTargetQueue: Windows.Amd64.VS2022.Pre
            variables:
            - name: _BuildConfig
              value: Debug
            - name: _PublishArgs
              value: ''
            - name: _SignType
              value: test
            - name: _Test
              value: -test

        - template: /eng/build.yml@self
          parameters:
            agentOs: Windows_NT_TestAsTools
            pool:
              ${{ if eq(variables['System.TeamProject'], 'public') }}:
                name: $(DncEngPublicBuildPool)
                image: 1es-windows-2022-open
                os: windows
              ${{ if ne(variables['System.TeamProject'], 'public') }}:
                name: $(DncEngInternalBuildPool)
                image: 1es-windows-2022
                os: windows
            variables:
            - name: _BuildConfig
              value: Debug
            - name: _PublishArgs
              value: ''
            - name: _SignType
              value: test

        - template: /eng/build.yml@self
          parameters:
            agentOs: Ubuntu_22_04
            pool:
              ${{ if eq(variables['System.TeamProject'], 'public') }}:
                name: $(DncEngPublicBuildPool)
                image: 1es-ubuntu-2204-open
                os: linux
              ${{ if ne(variables['System.TeamProject'], 'public') }}:
                name: $(DncEngInternalBuildPool)
                image: 1es-ubuntu-2204
                os: linux
            ${{ if eq(variables['System.TeamProject'], 'public') }}:
              helixTargetQueue: ubuntu.2204.amd64.open
            ${{ if ne(variables['System.TeamProject'], 'public') }}:
              helixTargetQueue: Ubuntu.2204.Amd64
            variables:
            - name: _BuildConfig
              value: Release
            - name: _PublishArgs
              value: ''
            - name: _SignType
              value: test
            - name: _Test
              value: -test

        - template: /eng/build.yml@self
          parameters:
            agentOs: Darwin
            pool:
              name: Azure Pipelines
              image: macOS-latest
              os: macOS
            ${{ if eq(variables['System.TeamProject'], 'public') }}:
              helixTargetQueue: OSX.13.Amd64.Open
            ${{ if ne(variables['System.TeamProject'], 'public') }}:
              helixTargetQueue: OSX.13.Amd64
            variables:
            - name: _BuildConfig
              value: Release
            - name: _PublishArgs
              value: ''
            - name: _SignType
              value: test
            - name: _Test
              value: -test

          # template-engine builds
        - template: /eng/build.yml@self
          parameters:
            agentOs: Windows_NT_TemplateEngine
            pool:
              ${{ if eq(variables['System.TeamProject'], 'public') }}:
                name: $(DncEngPublicBuildPool)
                image: 1es-windows-2022-open
                os: windows
              ${{ if ne(variables['System.TeamProject'], 'public') }}:
                name: $(DncEngInternalBuildPool)
                image: 1es-windows-2022
                os: windows
            ${{ if eq(variables['System.TeamProject'], 'public') }}:
              helixTargetQueue: Windows.Amd64.VS2022.Pre.Open
            ${{ if ne(variables['System.TeamProject'], 'public') }}:
              helixTargetQueue: Windows.Amd64.VS2022.Pre
            variables:
              - name: _BuildConfig
                value: Release
              - name: PublishArgs
                value: '-publish /p:DotNetPublishUsingPipelines=true'
              - name: _SignType
                value: test
              - name: _Test
                value: -test

        - template: /eng/build.yml@self
          parameters:
            agentOs: Ubuntu_22_04_TemplateEngine
            pool:
              ${{ if eq(variables['System.TeamProject'], 'public') }}:
                name: $(DncEngPublicBuildPool)
                image: 1es-ubuntu-2204-open
                os: linux
              ${{ if ne(variables['System.TeamProject'], 'public') }}:
                name: $(DncEngInternalBuildPool)
                image: 1es-ubuntu-2204
                os: linux
            ${{ if eq(variables['System.TeamProject'], 'public') }}:
              helixTargetQueue: 'ubuntu.2204.amd64.open@mcr.microsoft.com/dotnet-buildtools/prereqs:ubuntu-22.04-helix-amd64'
            ${{ if ne(variables['System.TeamProject'], 'public') }}:
              helixTargetQueue: Ubuntu.2204.Amd64
            variables:
              - name: _BuildConfig
                value: Release
              - name: _PublishArgs
                value: ''
              - name: _SignType
                value: test
              - name: _Test
                value: -test

        - template: /eng/build.yml@self
          parameters:
            agentOs: Darwin_TemplateEngine
            pool:
              name: Azure Pipelines
              image: macOS-latest
              os: macOS
            ${{ if eq(variables['System.TeamProject'], 'public') }}:
              helixTargetQueue: OSX.1100.Amd64.Open
            ${{ if ne(variables['System.TeamProject'], 'public') }}:
              helixTargetQueue: OSX.1100.Amd64
            variables:
            - name: _BuildConfig
              value: Release
            - name: _PublishArgs
              value: ''
            - name: _SignType
              value: test
            - name: _Test
              value: -test

        # dotnet-format builds
        - template: /eng/dotnet-format/dotnet-format-integration.yml@self
          parameters:
            PublishTaskName: 1ES.PublishBuildArtifacts@1

      - ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
        - template: /eng/common/templates-official/job/publish-build-assets.yml@self
          parameters:
            publishUsingPipelines: true
            publishAssetsImmediately: true
            dependsOn:
              - Windows_NT
              - Source_Build_Managed
            pool:
              name: $(DncEngInternalBuildPool)
              image: 1es-windows-2022
              os: windows
    - ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
      - template: /eng/common/templates-official/post-build/post-build.yml@self
        parameters:
          publishingInfraVersion: 3
          enableSymbolValidation: false
          enableSigningValidation: false
          enableNugetValidation: false
          enableSourceLinkValidation: false
          publishInstallersAndChecksums: true
          publishAssetsImmediately: true
          SDLValidationParameters:
            enable: false
            params: ' -SourceToolsList @("policheck","credscan")
            -TsaInstanceURL $(_TsaInstanceURL)
            -TsaProjectName $(_TsaProjectName)
            -TsaNotificationEmail $(_TsaNotificationEmail)
            -TsaCodebaseAdmin $(_TsaCodebaseAdmin)
            -TsaBugAreaPath $(_TsaBugAreaPath)
            -TsaIterationPath $(_TsaIterationPath)
            -TsaRepositoryName "dotnet-sdk"
            -TsaCodebaseName "dotnet-sdk"
            -TsaPublish $True'