msbuild

execute-sdl.yml
139 строк · 7.2 Кб
Перенос по словам
1
parameters:
2
  enable: 'false'                                             # Whether the SDL validation job should execute or not
3
  overrideParameters: ''                                       # Optional: to override values for parameters.
4
  additionalParameters: ''                                     # Optional: parameters that need user specific values eg: '-SourceToolsList @("abc","def") -ArtifactToolsList @("ghi","jkl")'
5
  # Optional: if specified, restore and use this version of Guardian instead of the default.
6
  overrideGuardianVersion: ''
7
  # Optional: if true, publish the '.gdn' folder as a pipeline artifact. This can help with in-depth
8
  # diagnosis of problems with specific tool configurations.
9
  publishGuardianDirectoryToPipeline: false
10
  # The script to run to execute all SDL tools. Use this if you want to use a script to define SDL
11
  # parameters rather than relying on YAML. It may be better to use a local script, because you can
12
  # reproduce results locally without piecing together a command based on the YAML.
13
  executeAllSdlToolsScript: 'eng/common/sdl/execute-all-sdl-tools.ps1'
14
  # There is some sort of bug (has been reported) in Azure DevOps where if this parameter is named
15
  # 'continueOnError', the parameter value is not correctly picked up.
16
  # This can also be remedied by the caller (post-build.yml) if it does not use a nested parameter
17
  sdlContinueOnError: false                                    # optional: determines whether to continue the build if the step errors;
18
  # optional: determines if build artifacts should be downloaded.
19
  downloadArtifacts: true
20
  # optional: determines if this job should search the directory of downloaded artifacts for
21
  # 'tar.gz' and 'zip' archive files and extract them before running SDL validation tasks.
22
  extractArchiveArtifacts: false
23
  dependsOn: ''                                                # Optional: dependencies of the job
24
  artifactNames: ''                                            # Optional: patterns supplied to DownloadBuildArtifacts
25
                                                               # Usage:
26
                                                               #  artifactNames:
27
                                                               #    - 'BlobArtifacts'
28
                                                               #    - 'Artifacts_Windows_NT_Release'
29
  # Optional: download a list of pipeline artifacts. 'downloadArtifacts' controls build artifacts,
30
  # not pipeline artifacts, so doesn't affect the use of this parameter.
31
  pipelineArtifactNames: []
32

33
jobs:
34
- job: Run_SDL
35
  dependsOn: ${{ parameters.dependsOn }}
36
  displayName: Run SDL tool
37
  condition: and(succeededOrFailed(), eq( ${{ parameters.enable }}, 'true'))
38
  variables:
39
    - group: DotNet-VSTS-Bot
40
    - name: AzDOProjectName
41
      value: ${{ parameters.AzDOProjectName }}
42
    - name: AzDOPipelineId
43
      value: ${{ parameters.AzDOPipelineId }}
44
    - name: AzDOBuildId
45
      value: ${{ parameters.AzDOBuildId }}
46
    - template: /eng/common/templates/variables/sdl-variables.yml
47
    - name: GuardianVersion
48
      value: ${{ coalesce(parameters.overrideGuardianVersion, '$(DefaultGuardianVersion)') }}
49
    - template: /eng/common/templates/variables/pool-providers.yml
50
  pool:
51
    # We don't use the collection uri here because it might vary (.visualstudio.com vs. dev.azure.com)
52
    ${{ if eq(variables['System.TeamProject'], 'DevDiv') }}:
53
      name: VSEngSS-MicroBuild2022-1ES
54
      demands: Cmd
55
    # If it's not devdiv, it's dnceng
56
    ${{ if ne(variables['System.TeamProject'], 'DevDiv') }}:
57
      name: $(DncEngInternalBuildPool)
58
      demands: ImageOverride -equals windows.vs2019.amd64
59
  steps:
60
  - checkout: self
61
    clean: true
62

63
  # If the template caller didn't provide an AzDO parameter, set them all up as Maestro vars.
64
  - ${{ if not(and(parameters.AzDOProjectName, parameters.AzDOPipelineId, parameters.AzDOBuildId)) }}:
65
    - template: /eng/common/templates/post-build/setup-maestro-vars.yml
66

67
  - ${{ if ne(parameters.downloadArtifacts, 'false')}}:
68
    - ${{ if ne(parameters.artifactNames, '') }}:
69
      - ${{ each artifactName in parameters.artifactNames }}:
70
        - task: DownloadBuildArtifacts@0
71
          displayName: Download Build Artifacts
72
          inputs:
73
            buildType: specific
74
            buildVersionToDownload: specific
75
            project: $(AzDOProjectName)
76
            pipeline: $(AzDOPipelineId)
77
            buildId: $(AzDOBuildId)
78
            artifactName: ${{ artifactName }}
79
            downloadPath: $(Build.ArtifactStagingDirectory)\artifacts
80
            checkDownloadedFiles: true
81
    - ${{ if eq(parameters.artifactNames, '') }}:
82
      - task: DownloadBuildArtifacts@0
83
        displayName: Download Build Artifacts
84
        inputs:
85
          buildType: specific
86
          buildVersionToDownload: specific
87
          project: $(AzDOProjectName)
88
          pipeline: $(AzDOPipelineId)
89
          buildId: $(AzDOBuildId)
90
          downloadType: specific files
91
          itemPattern: "**"
92
          downloadPath: $(Build.ArtifactStagingDirectory)\artifacts
93
          checkDownloadedFiles: true
94

95
  - ${{ each artifactName in parameters.pipelineArtifactNames }}:
96
    - task: DownloadPipelineArtifact@2
97
      displayName: Download Pipeline Artifacts
98
      inputs:
99
        buildType: specific
100
        buildVersionToDownload: specific
101
        project: $(AzDOProjectName)
102
        pipeline: $(AzDOPipelineId)
103
        buildId: $(AzDOBuildId)
104
        artifactName: ${{ artifactName }}
105
        downloadPath: $(Build.ArtifactStagingDirectory)\artifacts
106
        checkDownloadedFiles: true
107

108
  - powershell: eng/common/sdl/trim-assets-version.ps1
109
      -InputPath $(Build.ArtifactStagingDirectory)\artifacts
110
    displayName: Trim the version from the NuGet packages
111
    continueOnError: ${{ parameters.sdlContinueOnError }}
112

113
  - powershell: eng/common/sdl/extract-artifact-packages.ps1
114
      -InputPath $(Build.ArtifactStagingDirectory)\artifacts\BlobArtifacts
115
      -ExtractPath $(Build.ArtifactStagingDirectory)\artifacts\BlobArtifacts
116
    displayName: Extract Blob Artifacts
117
    continueOnError: ${{ parameters.sdlContinueOnError }}
118

119
  - powershell: eng/common/sdl/extract-artifact-packages.ps1
120
      -InputPath $(Build.ArtifactStagingDirectory)\artifacts\PackageArtifacts
121
      -ExtractPath $(Build.ArtifactStagingDirectory)\artifacts\PackageArtifacts
122
    displayName: Extract Package Artifacts
123
    continueOnError: ${{ parameters.sdlContinueOnError }}
124

125
  - ${{ if ne(parameters.extractArchiveArtifacts, 'false') }}:
126
    - powershell: eng/common/sdl/extract-artifact-archives.ps1
127
        -InputPath $(Build.ArtifactStagingDirectory)\artifacts
128
        -ExtractPath $(Build.ArtifactStagingDirectory)\artifacts
129
      displayName: Extract Archive Artifacts
130
      continueOnError: ${{ parameters.sdlContinueOnError }}
131
  
132
  - template: /eng/common/templates/steps/execute-sdl.yml
133
    parameters:
134
      overrideGuardianVersion: ${{ parameters.overrideGuardianVersion }}
135
      executeAllSdlToolsScript: ${{ parameters.executeAllSdlToolsScript }}
136
      overrideParameters: ${{ parameters.overrideParameters }}
137
      additionalParameters: ${{ parameters.additionalParameters }}
138
      publishGuardianDirectoryToPipeline: ${{ parameters.publishGuardianDirectoryToPipeline }}
139
      sdlContinueOnError: ${{ parameters.sdlContinueOnError }}
140
msbuild

Использование cookies
