Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

msbuild task and cli nugets #1992

Merged
merged 5 commits into from
Mar 25, 2021
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,10 @@ updates:
directory: "/src/Bicep.Cli.E2eTests"
schedule:
interval: "daily"
- package-ecosystem: "npm"
directory: "/src/Bicep.MSBuild.E2eTests"
schedule:
interval: "daily"
- package-ecosystem: "nuget"
directory: "/"
schedule:
Expand Down
97 changes: 95 additions & 2 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,18 +29,22 @@ jobs:
rid: 'win-x64'
configuration: 'release'
publishLanguageServer: 'false'
publishPackages: 'false'
- os: 'ubuntu-latest'
rid: 'linux-x64'
configuration: 'release'
publishLanguageServer: 'true'
publishPackages: 'true'
- os: 'ubuntu-latest'
rid: 'linux-musl-x64'
configuration: 'release'
publishLanguageServer: 'false'
publishPackages: 'false'
- os: 'macos-latest'
rid: 'osx-x64'
configuration: 'release'
publishLanguageServer: 'false'
publishPackages: 'false'

steps:
- uses: actions/checkout@v2
Expand All @@ -53,6 +57,10 @@ jobs:

- name: Build
run: dotnet build --configuration ${{ matrix.configuration }}

- name: Pack
if: ${{ matrix.publishPackages == 'true' }}
run: dotnet pack --configuration ${{ matrix.configuration }}

- name: Test
run: dotnet test --configuration ${{ matrix.configuration }} --collect:"XPlat Code Coverage" --settings ./.github/workflows/codecov.runsettings
Expand All @@ -79,13 +87,14 @@ jobs:
args: -c "apk add --update nodejs npm && npm ci --prefix ./src/Bicep.Cli.E2eTests && npm test --prefix ./src/Bicep.Cli.E2eTests"
env:
BICEP_CLI_EXECUTABLE: ../Bicep.Cli/bin/${{ matrix.configuration }}/net5.0/${{ matrix.rid }}/publish/bicep

- name: Upload Language Server
uses: actions/upload-artifact@v2
if: ${{ matrix.publishLanguageServer == 'true' }}
with:
name: Bicep.LangServer
path: ./src/Bicep.LangServer/bin/${{ matrix.configuration }}/net5.0/publish/*
if-no-files-found: error

- name: Upload Bicep
uses: actions/upload-artifact@v2
Expand All @@ -94,6 +103,14 @@ jobs:
path: ./src/Bicep.Cli/bin/${{ matrix.configuration }}/net5.0/${{ matrix.rid }}/publish/*
if-no-files-found: error

- name: Upload Packages
uses: actions/upload-artifact@v2
if: ${{ matrix.publishPackages == 'true' }}
with:
name: bicep-nupkg-any
path: ./out/*
if-no-files-found: error

- name: Upload Code Coverage
uses: codecov/codecov-action@v1
with:
Expand Down Expand Up @@ -126,7 +143,83 @@ jobs:
uses: actions/upload-artifact@v2
with:
name: bicep-setup-win-x64
path: ./src/installer-win/bin/release/net46/bicep-setup-win-x64.exe
path: ./src/installer-win/bin/release/net472/bicep-setup-win-x64.exe
if-no-files-found: error

build-packages:
name: 'Build Packages'
runs-on: ${{ matrix.os }}
needs: build-bicep

env:
CI: true
RuntimeSuffix: ${{ matrix.rid }}

strategy:
fail-fast: false
matrix:
os: [ 'windows-latest', 'ubuntu-latest', 'macos-latest' ]
include:
- os: 'windows-latest'
rid: 'win-x64'
- os: 'ubuntu-latest'
rid: 'linux-x64'
- os: 'macos-latest'
rid: 'osx-x64'

steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0 # avoid shallow clone so nbgv can do its work.
submodules: true

- name: Setup .NET Core
uses: actions/setup-dotnet@v1.7.2

- name: Setup Node.js
uses: actions/setup-node@v2.1.5
with:
node-version: 10.x

- name: npm ci
run: npm ci
working-directory: ./src/Bicep.MSBuild.E2eTests

- name: Compile
run: npm run compile
working-directory: ./src/Bicep.MSBuild.E2eTests

- name: Download Bicep CLI
uses: actions/download-artifact@v2
with:
name: bicep-release-${{ matrix.rid }}
path: ./src/Bicep.Cli.Nuget/tools

- name: Download .Net Packages
uses: actions/download-artifact@v2
with:
name: bicep-nupkg-any
path: ./src/Bicep.MSBuild.E2eTests/examples/local-packages

- name: Build CLI Package
run: dotnet build --configuration release /p:RuntimeSuffix=${{ matrix.rid }} ./src/Bicep.Cli.Nuget/nuget.proj

- name: Upload CLI Package
uses: actions/upload-artifact@v2
with:
name: bicep-nupkg-${{ matrix.rid }}
path: ./src/Bicep.Cli.Nuget/*.nupkg
if-no-files-found: error

- name: Download CLI Package
uses: actions/download-artifact@v2
with:
name: bicep-nupkg-${{ matrix.rid }}
path: ./src/Bicep.MSBuild.E2eTests/examples/local-packages

- name: Run E2E tests
run: npm run test
working-directory: ./src/Bicep.MSBuild.E2eTests

build-vsix:
name: 'Build VSIX'
Expand Down
30 changes: 28 additions & 2 deletions .pipelines/Bicep.yml
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,32 @@ steps:
targetFolder: '$(Build.SourcesDirectory)/out/bicep-$(BuildConfiguration)-${{ parameters.rid }}/'

- ${{ if eq(parameters.rid, 'win-x64') }}:
- task: onebranch.pipeline.signing@1
displayName: Sign Bicep.MSBuild bin
inputs:
command: 'sign'
signing_profile: 'external_distribution'
files_to_sign: '**/*.dll'
search_root: '$(Build.SourcesDirectory)/src/Bicep.MSBuild/bin/$(BuildConfiguration)/netstandard2.0/'

- task: DotNetCoreCLI@2
displayName: Pack
inputs:
command: custom
custom: pack
projects: $(BuildSolution)
arguments: '--configuration $(BuildConfiguration) /p:BuildProjectReferences=false /p:NoBuild=true /p:PublicRelease=${{ parameters.official }}'

# test signing fails on .nupkg files and .snupkg files are completely unsupported for signing
- ${{ if eq(parameters.official, 'true') }}:
- task: onebranch.pipeline.signing@1
displayName: Sign Nuget Packages
inputs:
command: 'sign'
signing_profile: 'external_distribution'
files_to_sign: '**/*.nupkg'
search_root: '$(Build.SourcesDirectory)\out\'

- task: CopyFiles@2
displayName: Copy bicep to setup project
inputs:
Expand Down Expand Up @@ -116,11 +142,11 @@ steps:
command: 'sign'
signing_profile: 'external_distribution'
files_to_sign: '**/*.exe'
search_root: '$(Build.SourcesDirectory)/src/installer-win/bin/release/net46/'
search_root: '$(Build.SourcesDirectory)/src/installer-win/bin/release/net472/'

- task: CopyFiles@2
displayName: Copy Windows Setup to output
inputs:
sourceFolder: '$(Build.SourcesDirectory)/src/installer-win/bin/release/net46/'
sourceFolder: '$(Build.SourcesDirectory)/src/installer-win/bin/release/net472/'
contents: '**'
targetFolder: '$(Build.SourcesDirectory)/out/bicep-setup-${{ parameters.rid }}/'
103 changes: 103 additions & 0 deletions .pipelines/Common.yml
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,109 @@ stages:
official: ${{ parameters.official }}
rid: osx-x64

- job: packages_windows
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

packages_windows [](start = 9, length = 16)

Packages have to be signed on a Windows container (limitations of the current infra), but tests have to run on the right OS as separate jobs. This is different than the GH build.

dependsOn: bicep_windows
pool:
type: windows # read more about custom job pool types at https://aka.ms/obpipelines/yaml/jobs

variables:
ob_outputDirectory: '$(Build.SourcesDirectory)/out' # this directory is uploaded to pipeline artifacts, reddog and cloudvault. More info at https://aka.ms/obpipelines/artifacts
# https://aka.ms/obpipelines/sdl
ob_sdl_binskim_enabled: true # you can disable sdl tools in non-official build
ob_sdl_binskim_break: false # always break the build on binskim issues. You can disable it by setting to 'false'
ob_sdl_binskim_scanOutputDirectoryOnly: true
ob_sdl_roslyn_break: true
# ob_sdl_suppression_suppressionFile: $(Build.SourcesDirectory)\.gdn\job.gdnsuppress
steps:
- template: Packages.yml
parameters:
official: ${{ parameters.official }}
rid: win-x64
artifactSuffix: windows

- job: packages_linux
dependsOn: bicep_linux
pool:
# signing must happen on Windows
type: windows # read more about custom job pool types at https://aka.ms/obpipelines/yaml/jobs

variables:
ob_outputDirectory: '$(Build.SourcesDirectory)/out' # this directory is uploaded to pipeline artifacts, reddog and cloudvault. More info at https://aka.ms/obpipelines/artifacts
# https://aka.ms/obpipelines/sdl
ob_sdl_binskim_enabled: true # you can disable sdl tools in non-official build
ob_sdl_binskim_break: false # always break the build on binskim issues. You can disable it by setting to 'false'
ob_sdl_binskim_scanOutputDirectoryOnly: true
ob_sdl_roslyn_break: true
# ob_sdl_suppression_suppressionFile: $(Build.SourcesDirectory)\.gdn\job.gdnsuppress
steps:
- template: Packages.yml
parameters:
official: ${{ parameters.official }}
rid: linux-x64
artifactSuffix: linux

- job: packages_osx
dependsOn: bicep_osx
pool:
# signing must happen on Windows
type: windows # read more about custom job pool types at https://aka.ms/obpipelines/yaml/jobs

variables:
ob_outputDirectory: '$(Build.SourcesDirectory)/out' # this directory is uploaded to pipeline artifacts, reddog and cloudvault. More info at https://aka.ms/obpipelines/artifacts
# https://aka.ms/obpipelines/sdl
ob_sdl_binskim_enabled: true # you can disable sdl tools in non-official build
ob_sdl_binskim_break: false # always break the build on binskim issues. You can disable it by setting to 'false'
ob_sdl_binskim_scanOutputDirectoryOnly: true
ob_sdl_roslyn_break: true
# ob_sdl_suppression_suppressionFile: $(Build.SourcesDirectory)\.gdn\job.gdnsuppress
steps:
- template: Packages.yml
parameters:
official: ${{ parameters.official }}
rid: osx-x64
artifactSuffix: osx

- job: packages_test_windows
dependsOn: packages_windows
pool:
type: windows # read more about custom job pool types at https://aka.ms/obpipelines/yaml/jobs

variables:
ob_outputDirectory: '$(Build.SourcesDirectory)/out' # this directory is uploaded to pipeline artifacts, reddog and cloudvault. More info at https://aka.ms/obpipelines/artifacts
# https://aka.ms/obpipelines/sdl
ob_sdl_binskim_enabled: true # you can disable sdl tools in non-official build
ob_sdl_binskim_break: false # always break the build on binskim issues. You can disable it by setting to 'false'
ob_sdl_binskim_scanOutputDirectoryOnly: true
ob_sdl_roslyn_break: true
# ob_sdl_suppression_suppressionFile: $(Build.SourcesDirectory)\.gdn\job.gdnsuppress
steps:
- template: PackagesTest.yml
parameters:
official: ${{ parameters.official }}
rid: win-x64
artifactSuffix: windows

- job: packages_test_linux
Copy link
Member Author

@majastrz majastrz Mar 24, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

packages_test_linux [](start = 9, length = 19)

Sadly no osx image in the internal pipeline, which means no E2E tests :( We do have them on the GH side, though.

dependsOn: packages_linux
pool:
# signing must happen on Windows
type: linux # read more about custom job pool types at https://aka.ms/obpipelines/yaml/jobs

variables:
ob_outputDirectory: '$(Build.SourcesDirectory)/out' # this directory is uploaded to pipeline artifacts, reddog and cloudvault. More info at https://aka.ms/obpipelines/artifacts
# https://aka.ms/obpipelines/sdl
ob_sdl_binskim_enabled: true # you can disable sdl tools in non-official build
ob_sdl_binskim_break: false # always break the build on binskim issues. You can disable it by setting to 'false'
ob_sdl_binskim_scanOutputDirectoryOnly: true
ob_sdl_roslyn_break: true
# ob_sdl_suppression_suppressionFile: $(Build.SourcesDirectory)\.gdn\job.gdnsuppress
steps:
- template: PackagesTest.yml
parameters:
official: ${{ parameters.official }}
rid: linux-x64
artifactSuffix: linux

- job: vsix
dependsOn: bicep_windows
pool:
Expand Down
52 changes: 52 additions & 0 deletions .pipelines/Packages.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
parameters:
- name: official
type: boolean
- name: rid
type: string
- name: artifactSuffix
type: string

steps:
- task: UseDotNet@2
displayName: Setup .NET Core
continueOnError: true
inputs:
packageType: 'sdk'
useGlobalJson: true
performMultiLevelLookup: true

# downloads to $(Pipeline.Workspace)/{artifact}
- download: current
displayName: Download Bicep CLI
artifact: drop_build_bicep_${{ parameters.artifactSuffix }}

- task: CopyFiles@2
displayName: Copy Bicep CLI for packaging
inputs:
sourceFolder: '$(Pipeline.Workspace)/drop_build_bicep_${{ parameters.artifactSuffix }}/bicep-Release-${{ parameters.rid }}'
contents: '*'
targetFolder: '$(Build.SourcesDirectory)/src/Bicep.Cli.Nuget/tools'

- task: DotNetCoreCLI@2
displayName: Build Package
inputs:
command: build
projects: $(Build.SourcesDirectory)/src/Bicep.Cli.Nuget/nuget.proj
arguments: '--configuration $(BuildConfiguration) /p:PublicRelease=${{ parameters.official }} /p:RuntimeSuffix=${{ parameters.rid }}'

- task: CopyFiles@2
displayName: Copy Package to output
inputs:
sourceFolder: '$(Build.SourcesDirectory)/src/Bicep.Cli.Nuget/'
contents: '*.nupkg'
targetFolder: '$(Build.SourcesDirectory)/out/'

# test signing fails on .nupkg files
- ${{ if eq(parameters.official, 'true') }}:
- task: onebranch.pipeline.signing@1
displayName: Sign Nuget Packages
inputs:
command: 'sign'
signing_profile: 'external_distribution'
files_to_sign: '**/*.nupkg'
search_root: '$(Build.SourcesDirectory)\out\'
Loading