Skip to content

Commit 0711f5d

Browse files
committed
revert accidentally pushed changes
1 parent e966dcf commit 0711f5d

8 files changed

Lines changed: 759 additions & 740 deletions

.devops/CredScanSuppressions.json

Lines changed: 0 additions & 37 deletions
This file was deleted.
Lines changed: 50 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,50 @@
1+
# These steps have to run on a windows machine,
2+
# and therefore unfortunately can't be integrated in the regular steps
3+
4+
jobs:
5+
- job: compliance
6+
displayName: Compliance checks
7+
pool: uifabric-windows-2019-small
8+
steps:
9+
- task: UseDotNet@2
10+
condition: succeededOrFailed()
11+
displayName: 'Use .NET Core sdk 3.x'
12+
inputs:
13+
version: 3.x
14+
steps:
15+
16+
- task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@3
17+
condition: succeededOrFailed()
18+
displayName: '🧭 Run Credential Scanner'
19+
inputs:
20+
debugMode: false
21+
22+
- task: securedevelopmentteam.vss-secure-development-tools.build-task-eslint.ESLint@1
23+
condition: succeededOrFailed()
24+
displayName: '🧭 Run ESLint'
25+
26+
- task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@3
27+
displayName: '🧭 Publish Guardian Artifacts - All Tools'
28+
inputs:
29+
ArtifactType: M365
30+
condition: succeededOrFailed()
31+
32+
- task: AssetRetention@3
33+
displayName: 🧭 Arrow Retention
34+
inputs:
35+
ArrowServiceConnection: 'Arrow_uifabric_uifabric_PROD'
36+
AssetGroupName: '$(System.TeamProject)_$(Build.DefinitionName)'
37+
AssetNumber: '$(Build.BuildId)'
38+
IsShipped: false
39+
DropsToRetain: 'CodeAnalysisLogs'
40+
condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/master'))
41+
42+
- task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@2
43+
displayName: '🧭 Guardian Break'
44+
inputs:
45+
GdnBreakPolicyMinSev: Warning
46+
GdnBreakAllTools: true
47+
GdnBreakGdnToolESLint: true
48+
GdnBreakGdnToolESLintSeverity: Warning
49+
GdnBreakPolicy: M365
50+
condition: succeededOrFailed()

azure-pipelines.hotfix.yml

Lines changed: 62 additions & 72 deletions
Original file line numberDiff line numberDiff line change
@@ -11,78 +11,68 @@ parameters:
1111

1212
variables:
1313
- template: .devops/templates/variables.yml
14+
- group: InfoSec-SecurityResults
1415
- name: tags
1516
value: production,externalfacing
1617

17-
resources:
18-
repositories:
19-
- repository: 1esPipelines
20-
type: git
21-
name: 1ESPipelineTemplates/1ESPipelineTemplates
22-
ref: refs/tags/release
23-
24-
extends:
25-
template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines
26-
parameters:
27-
pool:
28-
name: Azure-Pipelines-1ESPT-ExDShared
29-
image: windows-latest
30-
os: windows # We need windows because compliance task only run on windows.
31-
stages:
32-
- stage: main
33-
jobs:
34-
- job: Release
35-
dependsOn: Compliance
36-
pool:
37-
name: '1ES-Host-Ubuntu'
38-
image: '1ES-PT-Ubuntu-20.04'
39-
os: linux
40-
workspace:
41-
clean: all
42-
templateContext:
43-
outputs:
44-
- output: pipelineArtifact
45-
targetPath: $(System.DefaultWorkingDirectory)
46-
artifactName: output
47-
steps:
48-
- template: .devops/templates/tools.yml@self
49-
50-
- script: |
51-
node -e "if('$(targetNpmVersion)' === '') throw new Error('targetNpmVersion is not specified');"
52-
displayName: 'Checking for targetNpmVersion variable'
53-
54-
- script: |
55-
npm install semver
56-
node -e "let semver = require('semver');if(semver.valid('$(targetNpmVersion)') === null){ throw new Error('Invalid version specified'); }"
57-
displayName: 'Check targetNpmVersion is valid semver'
58-
59-
- task: Bash@3
60-
inputs:
61-
filePath: yarn-ci.sh
62-
displayName: yarn
63-
64-
- script: |
65-
npm version $(targetNpmVersion)
66-
workingDirectory: 'packages/react'
67-
displayName: 'Manually set package version'
68-
69-
- script: |
70-
yarn buildto @fluentui/react --production
71-
displayName: yarn build to FUIR (Create production build)
72-
73-
- script: yarn workspace @fluentui/react bundle --production
74-
displayName: yarn bundle FUIR
75-
76-
- script: |
77-
npm pack
78-
displayName: 'Create tarball'
79-
workingDirectory: 'packages/react'
80-
81-
- ${{ if ne(parameters.isTestRun, true) }}:
82-
- script: |
83-
npm publish packages/react/react-$(targetNpmVersion).tgz --tag hf8 --//registry.npmjs.org/:_authToken=$(npmToken)
84-
displayName: Publish new version
85-
86-
- template: .devops/templates/cleanup.yml@self
87-
parameters:
88-
checkForModifiedFiles: false
18+
jobs:
19+
- template: .devops/templates/compliance-job.yml
20+
21+
- job: Release
22+
dependsOn: Compliance
23+
pool: '1ES-Host-Ubuntu'
24+
workspace:
25+
clean: all
26+
steps:
27+
- template: .devops/templates/tools.yml
28+
29+
- script: |
30+
node -e "if('$(targetNpmVersion)' === '') throw new Error('targetNpmVersion is not specified');"
31+
displayName: 'Checking for targetNpmVersion variable'
32+
33+
- script: |
34+
npm install semver
35+
node -e "let semver = require('semver');if(semver.valid('$(targetNpmVersion)') === null){ throw new Error('Invalid version specified'); }"
36+
displayName: 'Check targetNpmVersion is valid semver'
37+
38+
- task: Bash@3
39+
inputs:
40+
filePath: yarn-ci.sh
41+
displayName: yarn
42+
43+
- script: |
44+
npm version $(targetNpmVersion)
45+
workingDirectory: 'packages/react'
46+
displayName: 'Manually set package version'
47+
48+
- script: |
49+
yarn buildto @fluentui/react --production
50+
displayName: yarn build to FUIR (Create production build)
51+
52+
- script: yarn workspace @fluentui/react bundle --production
53+
displayName: yarn bundle FUIR
54+
55+
- script: |
56+
npm pack
57+
displayName: 'Create tarball'
58+
workingDirectory: 'packages/react'
59+
60+
- ${{ if ne(parameters.isTestRun, true) }}:
61+
- script: |
62+
npm publish packages/react/react-$(targetNpmVersion).tgz --tag hf8 --//registry.npmjs.org/:_authToken=$(npmToken)
63+
displayName: Publish new version
64+
65+
- task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
66+
displayName: 📒 Generate Manifest
67+
inputs:
68+
BuildDropPath: $(System.DefaultWorkingDirectory)
69+
70+
- task: PublishPipelineArtifact@1
71+
displayName: 📒 Publish Manifest
72+
inputs:
73+
artifactName: SBom-$(System.JobAttempt)
74+
targetPath: $(System.DefaultWorkingDirectory)/_manifest
75+
76+
- template: .devops/templates/cleanup.yml
77+
parameters:
78+
checkForModifiedFiles: false

0 commit comments

Comments
 (0)