From ed71272ffbb47991025af2ffbfc4f241dc97f3f8 Mon Sep 17 00:00:00 2001 From: Dmitrii Bobreshev <106314398+DmitriiBobreshev@users.noreply.github.com> Date: Mon, 12 Feb 2024 11:08:01 +0100 Subject: [PATCH] 1ES Pipelines Template Adoption (#367) * 1ES Pipelines Template Adoption - Switch to 1ES templates * 1ES Pipelines Template Adoption - CreadScan Fix * 1ES Pipelines Template Adoption - CreadScan Fix --- azure-pipelines.yml | 217 ++++++++++++++++++++++------------------- test/units/handlers.ts | 16 +-- 2 files changed, 122 insertions(+), 111 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 8edbd511..c9ed33bb 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -1,117 +1,128 @@ +# This Yaml Document has been converted by ESAI Yaml Pipeline Conversion Tool. +# Please make sure to check all the converted content, it is your team's responsibility to make sure that the pipeline is still valid and functions as expected. +# This pipeline will be extended to the OneESPT template +# If you are not using the E+D shared hosted pool with windows-2022, replace the pool section with your hosted pool, os, and image name. If you are using a Linux image, you must specify an additional windows image for SDL: https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/1es-pipeline-templates/features/sdlanalysis/overview#how-to-specify-a-windows-pool-for-the-sdl-source-analysis-stage +# The Task 'PublishPipelineArtifact@1' has been converted to an output named 'Publish _build artifact' in the templateContext section. trigger: - - master - - releases/* - +- master +- releases/* variables: isMaster: $[eq(variables['Build.SourceBranch'], 'refs/heads/master')] isRelease: $[startsWith(variables['Build.SourceBranch'], 'refs/heads/releases')] - parameters: - - name: nodeVersionList - type: object - default: [6, 8, 10, 12, 14, 16] - - - name: imageList - type: object - default: ['windows-latest', 'ubuntu-latest'] - - - name: publishToNpm - displayName: Publish to npm - type: boolean - default: false - -stages: - - stage: Build - displayName: Build typed-rest-client - jobs: +- name: nodeVersionList + type: object + default: [6, 8, 10, 12, 14, 16] +- name: imageList + type: object + default: + windows: 'windows-latest' + ubuntu: 'ubuntu-latest' +- name: publishToNpm + displayName: Publish to npm + type: boolean + default: false +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + sdl: + sourceAnalysisPool: + name: Azure-Pipelines-1ESPT-ExDShared + image: windows-2022 + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: Build + displayName: Build typed-rest-client + jobs: - job: Build_and_Publish displayName: Build and Publish artifact pool: - vmImage: 'ubuntu-20.04' + name: Azure-Pipelines-1ESPT-ExDShared + image: ubuntu-latest + os: linux + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish _build artifact' + targetPath: _build + artifactType: pipeline + artifactName: _build steps: - #build on node 8.x - - task: NodeTool@0 - inputs: - versionSpec: '8.x' - displayName: Install node 8 - - - script: npm install - displayName: npm install - - - script: npm run build - displayName: npm run build - - - task: PublishPipelineArtifact@1 - displayName: Publish _build artifact - inputs: - targetPath: _build - artifactType: pipeline - artifactName: _build - - # run unit tests on different platforms and node versions - - stage: Test - displayName: Test typed-rest-client - jobs: + - task: NodeTool@0 + inputs: + versionSpec: '8.x' + displayName: Install node 8 + - script: npm install + displayName: npm install + - script: npm run build + displayName: npm run build + - stage: Test + displayName: Test typed-rest-client + jobs: - ${{ each image in parameters.imageList }}: - - ${{ each nodeVersion in parameters.nodeVersionList }}: - - job: Node_os_${{ nodeVersion }}_${{ replace(image,'-','_') }} - displayName: Node.js ${{ nodeVersion }} on ${{ image }} - pool: - vmImage: ${{ image }} - steps: - - task: DownloadPipelineArtifact@2 - displayName: Download built typed-rest-client package - inputs: - artifact: _build - path: $(Build.SourcesDirectory)/_build - patterns: '!package-lock.json' #Exclude package-lock.json - - - script: npm install - displayName: npm install - - - task: NodeTool@0 - inputs: - versionSpec: ${{ nodeVersion }}.x - displayName: Install node ${{ nodeVersion }} - - - script: npm run units - displayName: npm run units - - - script: npm run test - displayName: npm run test - - - stage: Publish - condition: and(succeeded(), or(eq('${{ parameters.publishToNpm }}', true), eq(variables.isRelease, true), eq(variables.isMaster, true))) - jobs: + - ${{ each nodeVersion in parameters.nodeVersionList }}: + - job: Node_os_${{ nodeVersion }}_${{ image.key }} + displayName: Node.js ${{ nodeVersion }} on ${{ image.key }} + pool: + name: Azure-Pipelines-1ESPT-ExDShared + image: ${{ image.value }} + os: ${{ image.key }} + steps: + - task: DownloadPipelineArtifact@2 + displayName: Download built typed-rest-client package + inputs: + artifact: _build + path: $(Build.SourcesDirectory)/_build + patterns: '!package-lock.json' + - script: npm install + displayName: npm install + - task: NodeTool@0 + inputs: + versionSpec: ${{ nodeVersion }}.x + displayName: Install node ${{ nodeVersion }} + - script: npm run units + displayName: npm run units + - script: npm run test + displayName: npm run test + - stage: Publish + condition: and(succeeded(), or(eq('${{ parameters.publishToNpm }}', true), eq(variables.isRelease, true), eq(variables.isMaster, true))) + jobs: - job: Publish_package displayName: Publish npm package pool: - vmImage: 'ubuntu-20.04' + name: Azure-Pipelines-1ESPT-ExDShared + image: ubuntu-latest + os: linux steps: - - task: DownloadPipelineArtifact@2 - displayName: Download built typed-rest-client package - inputs: - artifact: _build - path: $(Build.SourcesDirectory)/_build - - - task: Npm@1 - displayName: Publish typed-rest-client to npm - inputs: - command: publish - workingDir: '_build' - publishRegistry: useExternalRegistry - publishEndpoint: NPM-Automation-Token - continueOnError: true - - - script: npm install - displayName: npm install - continueOnError: true - condition: and(succeeded(), eq(variables.isMaster, true)) - - - script: node ./ci/create-release-notes.js - continueOnError: true - condition: and(succeeded(), eq(variables.isMaster, true)) - env: - GH_TOKEN: $(githubToken) - branch: $(Build.SourceBranchName) - displayName: Create Release + - task: DownloadPipelineArtifact@2 + displayName: Download built typed-rest-client package + inputs: + artifact: _build + path: $(Build.SourcesDirectory)/_build + - task: Npm@1 + displayName: Publish typed-rest-client to npm + inputs: + command: publish + workingDir: '_build' + publishRegistry: useExternalRegistry + publishEndpoint: NPM-Automation-Token + continueOnError: true + - script: npm install + displayName: npm install + continueOnError: true + condition: and(succeeded(), eq(variables.isMaster, true)) + - script: node ./ci/create-release-notes.js + continueOnError: true + condition: and(succeeded(), eq(variables.isMaster, true)) + env: + GH_TOKEN: $(githubToken) + branch: $(Build.SourceBranchName) + displayName: Create Release \ No newline at end of file diff --git a/test/units/handlers.ts b/test/units/handlers.ts index 99d17514..efc3385f 100644 --- a/test/units/handlers.ts +++ b/test/units/handlers.ts @@ -21,11 +21,11 @@ describe('Authentication Handlers Tests', function () { 'SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c' }, personalAccessToken: { - secret: 'scbfb44vxzku5l4xgc3qfazn3lpk4awflfryc76esaiq7aypcbhs' + sampleToken: 'scbfb44vxzku5l4xgc3qfazn3lpk4awflfryc76esaiq7aypcbhs' }, ntlm: { - username: 'Zaphod', - password: 'Beeblebrox', + sampleUser: 'Zaphod', + samplePass: 'Beeblebrox', domain: 'Ursa-Minor', workstation: 'LightCity' } @@ -164,7 +164,7 @@ describe('Authentication Handlers Tests', function () { it('[Personal Access Token] - does basic http get request with PAT token auth', async() => { const url: string = 'http://microsoft.com'; - const secret: string = _authHandlersOptions.personalAccessToken.secret; + const secret: string = _authHandlersOptions.personalAccessToken.sampleToken; const personalAccessToken: string = Buffer.from(`PAT:${secret}`).toString('base64'); const expectedAuthHeader: string = `Basic ${personalAccessToken}`; const patAuthHandler: hm.PersonalAccessTokenCredentialHandler = @@ -212,7 +212,7 @@ describe('Authentication Handlers Tests', function () { it('[Personal Access Token] - does redirection request with PAT token auth', async() => { const url: string = 'http://microsoft.com'; const redirectionUrl: string = 'http://jfrog.com'; - const secret: string = _authHandlersOptions.personalAccessToken.secret; + const secret: string = _authHandlersOptions.personalAccessToken.sampleToken; const personalAccessToken: string = Buffer.from(`PAT:${secret}`).toString('base64'); const expectedAuthHeader: string = `Basic ${personalAccessToken}`; const patAuthHandler: hm.PersonalAccessTokenCredentialHandler = @@ -357,7 +357,7 @@ describe('Authentication Handlers Tests', function () { /** * Following NTLM Authentication Example on: * https://www.innovation.ch/personal/ronald/ntlm.html - * With username: "Zaphod", password: "Beeblebrox" & + * With sampleUser: "Zaphod", samplePass: "Beeblebrox" & * workstation/hostname: "LightCity", domain: "Ursa-Minor" */ const url: string = 'http://microsoft.com'; @@ -384,8 +384,8 @@ describe('Authentication Handlers Tests', function () { .reply(httpm.HttpCodes.OK); const ntlmAuthHandler: hm.NtlmCredentialHandler = new hm.NtlmCredentialHandler( - _authHandlersOptions.ntlm.username, - _authHandlersOptions.ntlm.password, + _authHandlersOptions.ntlm.sampleUser, + _authHandlersOptions.ntlm.samplePass, _authHandlersOptions.ntlm.workstation, _authHandlersOptions.ntlm.domain );