1ESPT template refactor dropped in-pipeline SDL runs #15140
Comments
|
I thought the plan was not to ackport that because there were so many differences in the templates for prior releases and it would require essentially handcrafting the change in each branch |
|
We didn't backport the change directly, but some of it made its way into the official templates of older versions. |
|
I thought we dropped these runs by design, as even with the deficiencies we determined 1es would own the guardian scans? If we need to bring them back, we'll need to see if the infra we use to acquire the guardian tooling still works and then we can try to test it out. |
|
The initial implementation of the templates: #14525 (comment) removed the SDL runs by design, so we will need to implement the 1ES PT version of this functionality if these are scans that we want to re-implement. |
|
Turns out some of the tooling doesn't do a good enough job for product signoff at this point :/ |
|
I thought the release process caught this? If more work needs to be done, do you think it falls to Prague? Also, isn't 1ES on the hook to make this happen? |
|
1ES is on the hook to make this happen and make it better. It's a matter of timing (since GA is so close). We'll keep on as we are today as there are some workarounds to make 1ES behave sort of how we need. |
#14703 dropped the SDL runs. The call to the SDL template would have been here: https://github.com/dotnet/arcade/blob/main/eng/common/core-templates/post-build/post-build.yml#L261. This change then got backported to older branches (to templates-official). There are some gaps in 1ESPT SDL vs. Arcade's. We should fix this for now.
The text was updated successfully, but these errors were encountered: