dotnet-installer/.vsts-ci.yml

394 lines
14 KiB
YAML

# Pipeline: https://dnceng.visualstudio.com/internal/_build?definitionId=286
trigger:
batch: true
branches:
include:
- main
- master
- release/*
- internal/release/*
variables:
- name: _PublishUsingPipelines
value: false
- ${{ if or(startswith(variables['Build.SourceBranch'], 'refs/heads/release/'), startswith(variables['Build.SourceBranch'], 'refs/heads/internal/release/'), eq(variables['Build.Reason'], 'Manual')) }}:
- name: PostBuildSign
value: false
- ${{ else }}:
- name: PostBuildSign
value: true
- ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
- name: Codeql.Enabled
value: true
- group: DotNet-DotNetCli-Storage
- group: DotNet-Installer-SDLValidation-Params
- name: _PublishUsingPipelines
value: true
- name: _InternalRuntimeDownloadArgs
value: ''
- ${{ if eq(variables['System.TeamProject'], 'internal') }}:
- group: DotNetBuilds storage account read tokens
- name: _InternalRuntimeDownloadArgs
value: /p:DotNetRuntimeSourceFeed=https://dotnetbuilds.blob.core.windows.net/internal
/p:DotNetRuntimeSourceFeedKey=$(dotnetbuilds-internal-container-read-token-base64)
/p:dotnetbuilds-internal-container-read-token-base64=$(dotnetbuilds-internal-container-read-token-base64)
- template: /eng/common/templates/variables/pool-providers.yml
# Set the MicroBuild plugin installation directory to the agent temp directory to avoid SDL tool scanning.
- name: MicroBuildOutputFolderOverride
value: $(Agent.TempDirectory)
resources:
repositories:
- repository: 1esPipelines
type: git
name: 1ESPipelineTemplates/1ESPipelineTemplates
ref: refs/tags/release
extends:
${{ if notin(variables['Build.Reason'], 'PullRequest') }}:
template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines
${{ else }}:
template: v1/1ES.Unofficial.PipelineTemplate.yml@1esPipelines
parameters:
containers:
alpine315WithNode:
image: mcr.microsoft.com/dotnet-buildtools/prereqs:alpine-3.15-WithNode
cblMariner20Fpm:
image: mcr.microsoft.com/dotnet-buildtools/prereqs:cbl-mariner-2.0-fpm
centosStream8:
image: mcr.microsoft.com/dotnet-buildtools/prereqs:centos-stream8
debianStretch:
image: mcr.microsoft.com/dotnet-buildtools/prereqs:debian-stretch
fedora36:
image: mcr.microsoft.com/dotnet-buildtools/prereqs:fedora-36
ubuntu2204:
image: mcr.microsoft.com/dotnet-buildtools/prereqs:ubuntu-22.04
ubuntu1804Cross:
image: mcr.microsoft.com/dotnet-buildtools/prereqs:ubuntu-18.04-cross
ubuntu2204DebPkg:
image: mcr.microsoft.com/dotnet-buildtools/prereqs:ubuntu-22.04-debpkg
sdl:
sourceAnalysisPool:
name: $(DncEngInternalBuildPool)
image: 1es-windows-2022
os: windows
# Temporary to workaround MicroBuild issues.
credscan:
enabled: false
justificationForDisabling: 'CredScan is failing on the MicroBuild signing plugin. "MicroBuild/Plugins/nuget.config" has changing content and thus cannot be baselined.'
stages:
- stage: Build
jobs:
# Build Retry Configuration
- job: Publish_Build_Configuration
pool:
${{ if eq(variables['System.TeamProject'], 'public') }}:
name: $(DncEngPublicBuildPool)
image: 1es-windows-2022-open
os: windows
${{ if eq(variables['System.TeamProject'], 'internal') }}:
name: $(DncEngInternalBuildPool)
image: 1es-windows-2022
os: windows
steps:
- task: 1ES.PublishPipelineArtifact@1
displayName: Publish Build Config
inputs:
targetPath: $(Build.SourcesDirectory)\eng\buildConfiguration
artifactName: buildConfiguration
# PR-only jobs
- ${{ if or(eq(variables['System.TeamProject'], 'public'), in(variables['Build.Reason'], 'PullRequest')) }}:
# Windows
- template: eng/build.yml@self
parameters:
agentOs: Windows_NT
jobName: Build_Debug_x64
buildConfiguration: Debug
buildArchitecture: x64
additionalBuildParameters: '/p:PublishInternalAsset=true'
runTests: true
# Linux
- template: eng/build.yml@self
parameters:
agentOs: Linux
jobName: Build_Ubuntu_22_04_Debug_x64
container: ubuntu2204
buildConfiguration: Debug
buildArchitecture: x64
linuxPortable: true
runTests: true
- template: eng/build.yml@self
parameters:
agentOs: Linux
jobName: Build_Fedora_36_Debug_x64
container: fedora36
buildConfiguration: Debug
buildArchitecture: x64
linuxPortable: true
runTests: true
- template: eng/build.yml@self
parameters:
agentOs: Linux
jobName: Build_CentOS_8_Stream_Debug_x64
container: centosStream8
buildConfiguration: Debug
buildArchitecture: x64
linuxPortable: false
runTests: true
- template: eng/build.yml@self
parameters:
agentOs: Linux
jobName: Build_Debian_Stretch_Debug_x64
container: debianStretch
buildConfiguration: Debug
buildArchitecture: x64
additionalBuildParameters: '/p:BuildSdkDeb=true'
linuxPortable: false
runTests: true
- template: eng/build.yml@self
parameters:
agentOs: Linux
jobName: Build_Arm64_Debug
buildConfiguration: Debug
buildArchitecture: arm64
runtimeIdentifier: 'linux-arm64'
linuxPortable: true
# Never run tests on arm64
runTests: false
- template: eng/build.yml@self
parameters:
agentOs: Linux
jobName: Build_Linux_musl_Debug_x64
container: alpine315WithNode
buildConfiguration: Debug
buildArchitecture: x64
runtimeIdentifier: 'linux-musl-x64'
# Pass in HostOSName when running on alpine
additionalBuildParameters: '/p:HostOSName="linux-musl"'
linuxPortable: false
runTests: true
- template: eng/build.yml@self
parameters:
agentOs: Linux
jobName: Build_LinuxPortable_Release_x64
buildConfiguration: Release
buildArchitecture: x64
linuxPortable: true
runTests: true
# MacOS
- template: eng/build.yml@self
parameters:
agentOs: Darwin
jobName: Build_Release_x64
buildConfiguration: Release
buildArchitecture: x64
runTests: true
# Official/PGO instrumentation Builds
- ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
# Windows
- template: eng/build.yml@self
parameters:
agentOs: Windows_NT
jobName: Build_Release_x64
buildConfiguration: Release
buildArchitecture: x64
additionalBuildParameters: '/p:PublishInternalAsset=true'
runTests: false
- template: eng/build.yml@self
parameters:
agentOs: Windows_NT
jobName: Build_Release_x86
buildConfiguration: Release
buildArchitecture: x86
runTests: false
- template: eng/build.yml@self
parameters:
agentOs: Windows_NT
jobName: Build_Release_arm64
buildConfiguration: Release
buildArchitecture: arm64
runTests: false
# Linux
- template: eng/build.yml@self
parameters:
agentOs: Linux
jobName: Build_Arm_Release
buildConfiguration: Release
buildArchitecture: arm
runtimeIdentifier: 'linux-arm'
linuxPortable: true
runTests: false
- template: eng/build.yml@self
parameters:
agentOs: Linux
jobName: Build_Arm64_Release
buildConfiguration: Release
buildArchitecture: arm64
runtimeIdentifier: 'linux-arm64'
linuxPortable: true
runTests: false
- template: eng/build.yml@self
parameters:
agentOs: Linux
jobName: Build_Linux_musl_Release_arm
container: ubuntu1804Cross
buildConfiguration: Release
buildArchitecture: arm
runtimeIdentifier: 'linux-musl-arm'
additionalBuildParameters: '/p:OSName="linux-musl"'
linuxPortable: false
runTests: false
- template: eng/build.yml@self
parameters:
agentOs: Linux
jobName: Build_Linux_musl_Release_arm64
buildConfiguration: Release
buildArchitecture: arm64
runtimeIdentifier: 'linux-musl-arm64'
additionalBuildParameters: '/p:OSName="linux-musl"'
linuxPortable: false
runTests: false
- template: eng/build.yml@self
parameters:
agentOs: Linux
jobName: Build_Linux_musl_Release_x64
container: alpine315WithNode
buildConfiguration: Release
buildArchitecture: x64
runtimeIdentifier: 'linux-musl-x64'
# Pass in HostOSName when running on alpine
additionalBuildParameters: '/p:HostOSName="linux-musl"'
linuxPortable: false
runTests: false
- template: eng/build.yml@self
parameters:
agentOs: Linux
jobName: Build_Linux_Portable_Deb_Release_x64
container: ubuntu2204DebPkg
buildConfiguration: Release
buildArchitecture: x64
# Do not publish zips and tarballs. The linux-x64 binaries are
# already published by Build_LinuxPortable_Release_x64
additionalBuildParameters: '/p:PublishBinariesAndBadge=false /p:BuildSdkDeb=true'
linuxPortable: true
runTests: false
- template: eng/build.yml@self
parameters:
agentOs: Linux
jobName: Build_Linux_Portable_Rpm_Release_x64
container: cblMariner20Fpm
buildConfiguration: Release
buildArchitecture: x64
# Do not publish zips and tarballs. The linux-x64 binaries are
# already published by Build_LinuxPortable_Release_x64
additionalBuildParameters: '/p:PublishBinariesAndBadge=false /p:IsRPMBasedDistro=true'
linuxPortable: true
runTests: false
- template: eng/build.yml@self
parameters:
agentOs: Linux
jobName: Build_Linux_Portable_Rpm_Release_Arm64
container: cblMariner20Fpm
buildConfiguration: Release
buildArchitecture: arm64
runtimeIdentifier: 'linux-arm64'
# Do not publish zips and tarballs. The linux-x64 binaries are
# already published by Build_LinuxPortable_Release_x64
additionalBuildParameters: '/p:PublishBinariesAndBadge=false /p:CLIBUILD_SKIP_TESTS=true /p:IsRPMBasedDistro=true'
linuxPortable: true
runTests: false
- template: eng/build.yml@self
parameters:
agentOs: Linux
jobName: Build_LinuxPortable_Release_x64
buildConfiguration: Release
buildArchitecture: x64
linuxPortable: true
runTests: false
# MacOS
- template: eng/build.yml@self
parameters:
agentOs: Darwin
jobName: Build_Release_x64
buildConfiguration: Release
buildArchitecture: x64
runTests: false
- template: eng/build.yml@self
parameters:
agentOs: Darwin
jobName: Build_Release_arm64
runtimeIdentifier: 'osx-arm64'
buildConfiguration: Release
buildArchitecture: arm64
runTests: false
# Windows PGO Instrumentation builds
- template: eng/build.yml@self
parameters:
agentOs: Windows_NT
pgoInstrument: true
jobName: Build_Release_x64
buildConfiguration: Release
buildArchitecture: x64
additionalBuildParameters: '/p:PublishInternalAsset=true'
runTests: false
- template: eng/build.yml@self
parameters:
agentOs: Windows_NT
pgoInstrument: true
jobName: Build_Release_x86
buildConfiguration: Release
buildArchitecture: x86
runTests: false
- template: eng/build.yml@self
parameters:
agentOs: Windows_NT
pgoInstrument: true
jobName: Build_Release_arm64
buildConfiguration: Release
buildArchitecture: arm64
runTests: false
# Linux PGO Instrumentation builds
- template: eng/build.yml@self
parameters:
agentOs: Linux
pgoInstrument: true
jobName: Build_LinuxPortable_Release_x64
buildConfiguration: Release
buildArchitecture: x64
linuxPortable: true
runTests: false
- template: eng/build.yml@self
parameters:
agentOs: Linux
pgoInstrument: true
jobName: Build_Release_arm64
buildConfiguration: Release
buildArchitecture: arm64
linuxPortable: true
runTests: false
# Source Build
- template: /eng/common/templates-official/jobs/source-build.yml@self
- ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
- stage: Publish
dependsOn:
- Build
jobs:
- template: /eng/common/templates-official/job/publish-build-assets.yml@self
parameters:
publishUsingPipelines: true
publishAssetsImmediately: true
pool:
name: $(DncEngInternalBuildPool)
image: 1es-windows-2022
os: windows