Skip to content

Commit

Permalink
Use deploybox to release to Gallery (#1800)
Browse files Browse the repository at this point in the history
  • Loading branch information
@adityapatwardhan
adityapatwardhan authored Feb 26, 2025
1 parent 1f15eed commit a4d16b8
Showing 1 changed file with 31 additions and 37 deletions.
68 changes: 31 additions & 37 deletions .pipelines/PSResourceGet-Official.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ variables:
value: onebranch.azurecr.io/windows/ltsc2022/vse2022:latest # Docker image which is used to build the project https://aka.ms/obpipelines/containers

resources:
repositories:
repositories:
- repository: onebranchTemplates
type: git
name: OneBranch.Pipelines/GovernedTemplates
Expand All @@ -41,6 +41,8 @@ extends:
featureFlags:
WindowsHostVersion: '1ESWindows2022'
customTags: 'ES365AIMigrationTooling'
release:
category: NonAzure
globalSdl:
disableLegacyManifest: true
sbom:
Expand All @@ -58,7 +60,7 @@ extends:
binskim:
enabled: true
apiscan:
enabled: false
enabled: false

stages:
- stage: stagebuild
Expand Down Expand Up @@ -125,15 +127,6 @@ extends:
AnalyzeInPipeline: true
Language: csharp

- pwsh: |
$module = 'Microsoft.PowerShell.PSResourceGet'
Write-Verbose "installing $module..." -verbose
$ProgressPreference = 'SilentlyContinue'
Install-Module $module -AllowClobber -Force
displayName: Install PSResourceGet 0.9.0 or above for build.psm1
env:
ob_restore_phase: true # Set ob_restore_phase to run this step before '🔒 Setup Signing' step.
# this is installing .NET
- pwsh: |
Set-Location "$(repoRoot)"
Expand Down Expand Up @@ -167,14 +160,14 @@ extends:
}
}
displayName: Find all 3rd party files that need to be signed
- task: onebranch.pipeline.signing@1
displayName: Sign 3rd Party files
inputs:
command: 'sign'
signing_profile: 135020002
files_to_sign: '*.dll'
search_root: $(signSrcPath)/Microsoft.PowerShell.PSResourceGet/UnsignedDependencies
search_root: $(signSrcPath)/Microsoft.PowerShell.PSResourceGet/UnsignedDependencies

- pwsh: |
$newlySignedDepsPath = Join-Path -Path $(signSrcPath) -ChildPath "Microsoft.PowerShell.PSResourceGet" -AdditionalChildPath "UnsignedDependencies"
Expand Down Expand Up @@ -216,7 +209,7 @@ extends:
value: $(Build.SourcesDirectory)\PSResourceGet\.config\tsaoptions.json
# Disable because SBOM was already built in the previous job
- name: ob_sdl_sbom_enabled
value: false
value: true
- name: signOutPath
value: $(repoRoot)/signed
- name: ob_signing_setup_enabled
Expand Down Expand Up @@ -250,15 +243,12 @@ extends:
displayName: Capture artifacts directory structure
- pwsh: |
$module = 'Microsoft.PowerShell.PSResourceGet'
Write-Verbose "installing $module..." -verbose
$ProgressPreference = 'SilentlyContinue'
Install-Module $module -AllowClobber -Force
displayName: Install PSResourceGet 0.9.0 or above for build.psm1
# This need to be done before set-location so the module from PSHome is loaded
Import-Module -Name Microsoft.PowerShell.PSResourceGet -Force
- pwsh: |
Set-Location "$(signOutPath)\Microsoft.PowerShell.PSResourceGet"
New-Item -ItemType Directory -Path "$(signOutPath)\PublishedNupkg" -Force
$null = New-Item -ItemType Directory -Path "$(signOutPath)\PublishedNupkg" -Force
Register-PSResourceRepository -Name 'localRepo' -Uri "$(signOutPath)\PublishedNupkg"
Publish-PSResource -Path "$(signOutPath)\Microsoft.PowerShell.PSResourceGet" -Repository 'localRepo' -Verbose
displayName: Create nupkg for publishing
Expand All @@ -274,61 +264,65 @@ extends:
- pwsh: |
Set-Location "$(signOutPath)\PublishedNupkg"
Write-Host "Contents of signOutPath:"
Get-ChildItem "$(signOutPath)" -Recurse
Get-ChildItem "$(signOutPath)" -Recurse
displayName: Find Nupkg
- task: CopyFiles@2
displayName: "Copy nupkg to ob_outputDirectory - '$(ob_outputDirectory)'"
inputs:
Contents: $(signOutPath)\PublishedNupkg\Microsoft.PowerShell.PSResourceGet.*.nupkg
TargetFolder: $(ob_outputDirectory)

- pwsh: |
Write-Host "Contents of ob_outputDirectory:"
Get-ChildItem "$(ob_outputDirectory)" -Recurse
Get-ChildItem "$(ob_outputDirectory)" -Recurse
displayName: Find Signed Nupkg
- stage: release
displayName: Release PSResourceGet
dependsOn: stagebuild
variables:
version: $[ stageDependencies.build.main.outputs['package.version'] ]
drop: $(Pipeline.Workspace)/drop_build_main
drop: $(Pipeline.Workspace)/drop_stagebuild_nupkg
ob_release_environment: 'Production'

jobs:
- job: validation
displayName: Manual validation
pool:
type: agentless
type: server
timeoutInMinutes: 1440
steps:
- task: ManualValidation@0
displayName: Wait 24 hours for validation
inputs:
instructions: Please validate the release
timeoutInMinutes: 1440

- job: PSGalleryPublish
displayName: Publish to PSGallery
dependsOn: validation
templateContext:
inputs:
- input: pipelineArtifact
artifactName: drop_stagebuild_nupkg
pool:
type: windows
type: release
os: windows
variables:
ob_outputDirectory: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT'
steps:
- download: current
displayName: Download artifact

- pwsh: |
Get-ChildItem $(Pipeline.Workspace) -Recurse
displayName: Capture environment
- pwsh: |
Get-ChildItem "$(Pipeline.Workspace)/drop_stagebuild_nupkg" -Recurse
- task: PowerShell@2
inputs:
targetType: 'inline'
script: |
Get-ChildItem "$(Pipeline.Workspace)/" -Recurse
displayName: Find signed Nupkg

- task: NuGetCommand@2
displayName: Push PowerShellGet module artifacts to PSGallery feed
inputs:
command: push
packagesToPush: '$(Pipeline.Workspace)\drop_stagebuild_nupkg\PSResourceGet\signed\PublishedNupkg\Microsoft.PowerShell.PSResourceGet.*.nupkg'
packagesToPush: '$(Pipeline.Workspace)\PSResourceGet\signed\PublishedNupkg\Microsoft.PowerShell.PSResourceGet.*.nupkg'
nuGetFeedType: external
publishFeedCredentials: PSGet-PSGalleryPush

0 comments on commit a4d16b8

Please sign in to comment.