@microsoft/windows-admin-center-sdk
Version:
Microsoft - Windows Admin Center Shell
207 lines (205 loc) • 6.85 kB
YAML
trigger:
branches:
include:
- main
paths:
exclude:
- version.json
- src/version.ts
batch: True
jobs:
- job: Phase_1
displayName: Phase 1
cancelTimeoutInMinutes: 1
pool:
vmImage: 'windows-2019'
steps:
- checkout: self
clean: true
persistCredentials: true
- task: PoliCheck@1
displayName: Run PoliCheck
- task: Semmle@0
displayName: Run Semmle (tsandjs)
continueOnError: true
inputs:
sourceCodeDirectory: $(Build.SourcesDirectory)/src
language: tsandjs
includeNodeModules: false
- task: PowerShell@2
displayName: Install Pester 3.4.0 if not present
inputs:
targetType: inline
script: |
$path = $env:ProgramFiles + "\WindowsPowerShell\Modules\Pester"
$versions = get-childItem -Path $path -ErrorAction Ignore
$versions
$found = $versions | ?{ $_.Name -eq "3.4.0" }
if ($null -eq $found) { Install-Module -Name Pester -RequiredVersion 3.4.0 -SkipPublisherCheck -Force }
- task: PowerShell@2
displayName: Run whoami and hostname
inputs:
targetType: inline
script: |
whoami
hostname
- task: NodeTool@0
displayName: 'Use Node 18.20.4'
inputs:
versionSpec: 18.20.4
- task: Npm@1
displayName: 'npm install @angular/cli'
inputs:
command: custom
customCommand: 'install -g --globalconfig $(Build.SourcesDirectory)/.npmrc @angular/cli@15.2.9 --loglevel verbose'
- task: Npm@1
displayName: 'npm install typescript@4.8.2'
inputs:
command: custom
customCommand: 'install -g --globalconfig $(Build.SourcesDirectory)/.npmrc typescript@4.8.2 --loglevel verbose'
- task: Npm@1
displayName: npm ci
inputs:
command: custom
verbose: true
customCommand: ci
- task: PowerShell@2
displayName: Increment package version and update all packages.json with new version and private:false
inputs:
filePath: build/increment-package-version.ps1
failOnStderr: true
- task: gulp@0
displayName: 'gulp build'
inputs:
gulpFile: gulpfile.ts
targets: build
arguments: --verbose --prod --junit
publishJUnitResults: true
testResultsFiles: unittests\junitresults.xml
testRunTitle: WAC Build Unit Tests
- task: PowerShell@2
displayName: Add package version into psd1
inputs:
filePath: build/update-powershell-code.ps1
failOnStderr: true
- task: EsrpCodeSigning@2
displayName: ESRP CodeSigning for PowerShellModule
inputs:
ConnectedServiceName: 62bd045c-f530-473f-b137-6dca47b5ee68
FolderPath: $(Build.SourcesDirectory)\dist\powershell-module
Pattern: '*.psm1,*.psd1'
signConfigType: inlineSignParams
inlineOperation: >-
[
{
"keyCode": "CP-230012",
"operationCode": "SigntoolSign",
"parameters": {
"OpusName": "Microsoft",
"OpusInfo": "http://www.microsoft.com",
"FileDigest": "/fd \"SHA256\"",
"PageHash": "/NPH",
"TimeStamp": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
},
"toolName": "sign",
"toolVersion": "1.0"
},
{
"keyCode": "CP-230012",
"operationCode": "SigntoolVerify",
"parameters": {},
"toolName": "sign",
"toolVersion": "1.0"
}
]
- task: DeleteFiles@1
displayName: Delete MD files from dist\powershell-module
inputs:
SourceFolder: $(Build.SourcesDirectory)\dist\powershell-module
Contents: '*.md'
- task: PowerShell@2
displayName: Commit and push version increment
inputs:
filePath: build/push-incremented-version.ps1
failOnStderr: false
- task: PowerShell@2
displayName: Remove 'private' flag from package.json
inputs:
targetType: inline
script: |
# get content of package.json and set private flag to be false.
$package = Get-Content package.json | ConvertFrom-Json
$package.private = $false
ConvertTo-Json $package | Set-Content package.json
# create packageVersion variable
Write-Host "##vso[task.setvariable variable=packageVersion]$($package.version)"
- task: npmAuthenticate@0
displayName: Enable authentication for npm
inputs:
workingFile: .npmrc
- task: Npm@1
displayName: npm publish
inputs:
command: publish
workingDir: .\
verbose: true
publishRegistry: useFeed
publishFeed: 96fcd20e-1738-40b2-ab8b-0ac8364f4225
- task: gulp@0
displayName: 'gulp pack'
inputs:
gulpFile: gulpfile.ts
targets: pack
arguments: --V $(packageVersion)
- task: EsrpCodeSigning@2
displayName: ESRP CodeSigning for Nuget Package
inputs:
ConnectedServiceName: 62bd045c-f530-473f-b137-6dca47b5ee68
FolderPath: $(Build.SourcesDirectory)
Pattern: nuget\*.nupkg
signConfigType: inlineSignParams
inlineOperation: >-
[
{
"KeyCode" : "CP-401405",
"OperationCode" : "NuGetSign",
"Parameters" : {},
"ToolName" : "sign",
"ToolVersion" : "1.0"
},
{
"KeyCode" : "CP-401405",
"OperationCode" : "NuGetVerify",
"Parameters" : {},
"ToolName" : "sign",
"ToolVersion" : "1.0"
}
]
# Note: SBOMs are confidential/internal
- task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
displayName: 'SBOM Generation and Telemetry'
inputs:
BuildDropPath: '$(Build.SourcesDirectory)\dist'
PackageName: 'Windows Admin Center - $(Build.Repository.Name)'
PackageVersion: '$(packageVersion)'
Verbosity: 'Verbose'
- task: DropValidatorTask@0
displayName: SBOM Validator and Publisher
inputs:
BuildDropPath: '$(Build.SourcesDirectory)\dist'
OutputPath: '$(Build.SourcesDirectory)\dist\_manifest\sbom-validator-output.json'
ValidateSignature: true
Verbosity: 'Verbose'
- task: PublishBuildArtifacts@1
displayName: Publish SBOM Artifact (for verification)
inputs:
PathtoPublish: '$(Build.SourcesDirectory)\dist\_manifest'
ArtifactName: 'SBOM Artifact'
publishLocation: 'Container'
- task: NuGetCommand@2
displayName: Publish NuGet Package
inputs:
command: push
searchPatternPush: nuget\*.nupkg
feedPublish: 143c79b1-682d-4127-a8fa-fb355fbedfa2
...