Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Transition release phase to ESRP #4986

Open
scbedd opened this issue Jun 28, 2024 · 0 comments
Open

Transition release phase to ESRP #4986

scbedd opened this issue Jun 28, 2024 · 0 comments

Comments

@scbedd
Copy link
Member

scbedd commented Jun 28, 2024

Hey autorest folks!

Filing an issue to recommend an update to your release process. All the published packages from the azure-sdk team going to npm are now published through the ESRP release process. Given the relative ease of the work, I recommend that you take advantage of the trail we've already blazed.

For you, it's effectively changing publish.yaml to utilize EsrpRelease. Below is a hard example of what this looks during the actual release phase.

                  # download the 1es.published artifact
                  - download: current
                    artifact: drop
                    timeoutInMinutes: 5

                  # "tag" is 'latest' or 'beta' or whatever else npmjs.org tag. 
                  # this step merely isolates the tgz of the releasing npm package into its own directory
                  # so the ESRP publishing process cannot get confused
                  - pwsh: |
                      Write-Host "Will deploy with tag of $(Tag)"
                      Get-ChildItem "$(Pipeline.Workspace)/drop" -Recurse -Force `
                        | Where-Object { $_.Name -like "*.tgz" } `
                        | Copy-Item -Destination "$(Build.ArtifactStagingDirectory)"
                      Get-ChildItem "$(Build.ArtifactStagingDirectory)" -Recurse -Force | % { Write-Host $_.FullName }
                    displayName: Move artifact to $(Build.ArtifactStagingDirectory)
                  
                  # you operate within azure-sdk/internal, so you do not need to worry about these service connections
                  - task: EsrpRelease@7
                    inputs:
                      displayName: 'Publish oav to ESRP'
                      ConnectedServiceName: 'Azure SDK Engineering System'
                      ClientId: '5f81938c-2544-4f1f-9251-dd9de5b8a81b'
                      KeyVaultName: 'AzureSDKEngKeyVault'
                      AuthCertName: 'azure-sdk-esrp-release-auth-certificate'
                      SignCertName: 'azure-sdk-esrp-release-sign-certificate'
                      Intent: 'PackageDistribution'
                      ContentType: 'npm'
                      FolderLocation: $(Build.ArtifactStagingDirectory)
                      Owners: ${{ coalesce(variables['Build.RequestedForEmail'], 'azuresdk@microsoft.com') }}
                      Approvers: 'azuresdk@microsoft.com'
                      ServiceEndpointUrl: 'https://api.esrp.microsoft.com'
                      MainPublisher: 'ESRPRELPACMANTEST'
                      DomainTenantId: '72f988bf-86f1-41af-91ab-2d7cd011db47'
                      productstate: $(Tag)

The only pre-req to publish your packages through this methodology is that microsoft1es is a maintainer or the packages being released. Take a look at Owners, productState (this is the "tag" on npmjs.org the package will publish under), FolderLocation, and displayName`. Everything else is set the way you need.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@scbedd