Nightly build refinements (#649)

kirankumarkolli · web-flow · commit 2b068ab43e10 · 2019-08-07T05:07:09.000+05:30
* Builds validation disabled

* Builds validation disabled

* Builds validation disabled

* Builds validation disabled

* Builds validation disabled

* Builds validation disabled

* Builds validation disabled

* Builds validation disabled

* Builds validation disabled

* Builds validation disabled

* Builds validation disabled

* Builds validation disabled

* Builds validation disabled

* Builds validation disabled

* Builds validation disabled

* Builds validation disabled

* Builds validation disabled

* Builds validation disabled

* Some more refactoring

* Bug fixes

* fix

* fix

* some clean-up

* Some more teplate clean-up

* Reset the test configuration

* Refreshing trigger details
diff --git a/azure-pipelines-functional.yml b/azure-pipelines-functional.yml
@@ -1,3 +1,6 @@
+# A pipeline with no CI trigger
+trigger: none
+
 pr:
   branches:
     include:
diff --git a/azure-pipelines-nightly.yml b/azure-pipelines-nightly.yml
@@ -1,29 +1,75 @@
+# A pipeline with no CI trigger
+trigger: none
+
+pr: none
+
+schedules:
+- cron: "0 0 * * *" # cron syntax https://docs.microsoft.com/en-us/azure/devops/pipelines/build/triggers?view=azure-devops&tabs=yaml#scheduled-triggers
+  displayName: Cosmos Nightly 
+  branches:
+    include: master
+  always: boolean # whether to always run the pipeline or only if there have been source code changes since the last run. The default is false
+
+
 variables:
   ReleaseArguments: ' --filter "TestCategory!=Quarantine" --verbosity normal '
   VmImage: vs2017-win2016 # https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/hosted?view=azure-devops
   BuildConfiguration: Release
+  IsNightly: true
+
 
+stages:
+- stage:
+  displayName: Gate 
+  jobs:
+    - template:  templates/static-tools.yml
+      parameters:
+        BuildConfiguration: $(BuildConfiguration)
+        VmImage: $(VmImage)
 
-jobs: 
-#- template:  templates/build-test.yml
-#  parameters:
-#    BuildConfiguration: $(BuildConfiguration)
-#    Arguments: $(ReleaseArguments)
-#    VmImage: $(VmImage)
     
-- task: DotNetCoreCLI@2
-  displayName: Microsoft.Azure.Cosmos
-  inputs: 
-    command: build  
-    configuration: $(BuildConfiguration)
-    projects: 'Microsoft.Azure.Cosmos/src/*.csproj' 
-    arguments: ${{ parameters.ReleaseArguments }} --configuration $(BuildConfiguration) /p:IsNightly=true /p:GeneratePackageOnBuild=true 
+    - template:  templates/build-test.yml
+      parameters:
+        BuildConfiguration: $(BuildConfiguration)
+        Arguments: $(ReleaseArguments) /p:IsNightly=true /p:GeneratePackageOnBuild=true 
+        VmImage: $(VmImage)
+          
+
+- stage:
+  displayName: Publish 
+  jobs:
+    - job:
+      pool:
+        vmImage: $(VmImage)
     
-steps:
-- task: NuGetCommand@2
-  displayName: 'NuGet push'
-  inputs:
-    command: push
-    configuration: '$(BuildConfiguration)' 
-    publishVstsFeed: '4000bd49-81c3-47f2-94d8-d1392b95c228/04efb628-f46d-4b48-ac4d-5af5b1c75043' #azure-cosmos-dotnet
-    
+      steps:
+      - task: DotNetCoreCLI@2
+        displayName: Build Microsoft.Azure.Cosmos
+        inputs: 
+          command: build  
+          configuration: $(BuildConfiguration)
+          nugetConfigPath: NuGet.config
+          projects: Microsoft.Azure.Cosmos/src/Microsoft.Azure.Cosmos.csproj 
+          arguments: --configuration $(BuildConfiguration) 
+          versioningScheme: OFF
+          
+      - task: DotNetCoreCLI@2
+        displayName: Pack Microsoft.Azure.Cosmos
+        inputs: 
+          command: pack 
+          configuration: $(BuildConfiguration)
+          searchPatternPack: Microsoft.Azure.Cosmos/src/Microsoft.Azure.Cosmos.csproj
+          arguments: --configuration $(BuildConfiguration) 
+          versioningScheme: OFF
+          
+      - task: DotNetCoreCLI@2
+        displayName: Push Microsoft.Azure.Cosmos
+        inputs: 
+          command: push 
+          configuration: $(BuildConfiguration)
+          searchPatternPack: Microsoft.Azure.Cosmos/src/Microsoft.Azure.Cosmos.csproj
+          arguments: --configuration $(BuildConfiguration) 
+          packagesToPush: '$(Build.ArtifactStagingDirectory)/*.nupkg'
+          nuGetFeedType: 'internal'
+          publishVstsFeed: '4000bd49-81c3-47f2-94d8-d1392b95c228/04efb628-f46d-4b48-ac4d-5af5b1c75043' #azure-cosmos-dotnet
+          versioningScheme: OFF
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
@@ -1,3 +1,6 @@
+# A pipeline with no CI trigger
+trigger: none
+
 pr:
   branches:
     include:
@@ -14,73 +17,11 @@ variables:
   VmImage: vs2017-win2016 # https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/hosted?view=azure-devops
 
 
-jobs: 
-- job: 
-  displayName: Static Analysis 
-  pool:
-    vmImage: '$(VmImage)' # https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/hosted?view=azure-devops
-    
-  steps:
-  - checkout: self  # self represents the repo where the initial Pipelines YAML file was found
-    clean: true  # if true, execute `execute git clean -ffdx && git reset --hard HEAD` before fetching
-    lfs: true  # whether to download Git-LFS files; defaults to false
-      
-  #Analyze source code for type of content and target types to help determine which tools to run 
-  - task: securedevelopmentteam.vss-secure-development-tools.build-task-autoapplicability.AutoApplicability@1
-    displayName: 'AutoApplicability'
-    inputs:
-      VerboseWriter: true
-      ExternalRelease: true
-      InternalRelease: true
-      IsService: true
-      IsSoftware: true    
-    
-  # Analyze source and build output text files for credentials
-  - task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2
-    displayName: 'CredScan'
-    inputs:
-      scanFolder: $(Build.SourcesDirectory)
-      suppressionsFile: CredScanSuppressions.json 
-      debugMode: true
-  
-  # Scan text elements including code, code comments, and content/web pages, for sensitive terms based on legal, cultural, or geopolitical reasons
-  - task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@1
-    displayName: 'PoliCheck'
-    inputs:
-      targetType: F
-      
-  # AntiMalware scan
-  - task: securedevelopmentteam.vss-secure-development-tools.build-task-antimalware.AntiMalware@3
-    displayName: 'AntiMalware'
-    inputs:
-      EnableServices: true
-  
-  # Run checks for recently discovered vulnerabilities which are not yet incorporated to another tool
-  - task: securedevelopmentteam.vss-secure-development-tools.build-task-vulnerabilityassessment.VulnerabilityAssessment@0
-    displayName: 'Vulnerability Assessment'
-    
-  - task: DotNetCoreCLI@2
-    displayName: Build Microsoft.Azure.Cosmos.sln
-    inputs:
-      command: build 
-      projects: 'Microsoft.Azure.Cosmos.sln'
-      configuration: '$(BuildConfiguration)'
-      publishTestResults: true 
-      
-#  - task: securedevelopmentteam.vss-secure-development-tools.build-task-binskim.BinSkim@3
-#    displayName: 'BinSkim'
-#    inputs:
-#      InputType: Basic
-
-  # Publish Analysis Results (position after all tools ran)
-  - task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@2
-    displayName: 'Publish Security Analysis Logs'
-
-  # The Post-Analysis build task will analyze the log files produced by the tools, and introduce a build break
-  - task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@1
-    displayName: 'Post Analysis'
-    inputs:
-      AllTools: true
+jobs:
+- template:  templates/static-tools.yml
+  parameters:
+    BuildConfiguration: Release
+    VmImage: $(VmImage)
         
 
 #- template:  templates/build-test.yml
diff --git a/templates/static-tools.yml b/templates/static-tools.yml
@@ -0,0 +1,73 @@
+# File: templates\static-tools.yml
+
+parameters:
+  BuildConfiguration: ''
+  VmImage: '' 
+
+jobs: 
+- job: 
+  displayName: Static Analysis 
+  pool:
+    vmImage: '${{ parameters.VmImage }}' 
+    
+  steps:
+  - checkout: self  # self represents the repo where the initial Pipelines YAML file was found
+    clean: true  # if true, execute `execute git clean -ffdx && git reset --hard HEAD` before fetching
+    lfs: true  # whether to download Git-LFS files; defaults to false
+      
+  #Analyze source code for type of content and target types to help determine which tools to run 
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-autoapplicability.AutoApplicability@1
+    displayName: 'AutoApplicability'
+    inputs:
+      VerboseWriter: true
+      ExternalRelease: true
+      InternalRelease: true
+      IsService: true
+      IsSoftware: true    
+    
+  # Analyze source and build output text files for credentials
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2
+    displayName: 'CredScan'
+    inputs:
+      scanFolder: $(Build.SourcesDirectory)
+      suppressionsFile: CredScanSuppressions.json 
+      debugMode: true
+  
+  # Scan text elements including code, code comments, and content/web pages, for sensitive terms based on legal, cultural, or geopolitical reasons
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@1
+    displayName: 'PoliCheck'
+    inputs:
+      targetType: F
+      
+  # AntiMalware scan
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-antimalware.AntiMalware@3
+    displayName: 'AntiMalware'
+    inputs:
+      EnableServices: true
+  
+  # Run checks for recently discovered vulnerabilities which are not yet incorporated to another tool
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-vulnerabilityassessment.VulnerabilityAssessment@0
+    displayName: 'Vulnerability Assessment'
+    
+  - task: DotNetCoreCLI@2
+    displayName: Build Microsoft.Azure.Cosmos.sln
+    inputs:
+      command: build 
+      projects: 'Microsoft.Azure.Cosmos.sln'
+      configuration: '${{ parameters.BuildConfiguration }}'
+      publishTestResults: true 
+      
+#  - task: securedevelopmentteam.vss-secure-development-tools.build-task-binskim.BinSkim@3
+#    displayName: 'BinSkim'
+#    inputs:
+#      InputType: Basic
+
+  # Publish Analysis Results (position after all tools ran)
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@2
+    displayName: 'Publish Security Analysis Logs'
+
+  # The Post-Analysis build task will analyze the log files produced by the tools, and introduce a build break
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@1
+    displayName: 'Post Analysis'
+    inputs:
+      AllTools: true
