2024-02-06 21:05:52 +01:00
|
|
|
trigger: none
|
2023-03-27 22:34:59 +02:00
|
|
|
pr: none
|
2023-01-18 09:23:16 -08:00
|
|
|
|
2024-02-06 21:05:52 +01:00
|
|
|
resources:
|
|
|
|
|
repositories:
|
|
|
|
|
- repository: 1esPipelines
|
|
|
|
|
type: git
|
|
|
|
|
name: 1ESPipelineTemplates/1ESPipelineTemplates
|
|
|
|
|
ref: refs/tags/release
|
2023-01-18 09:23:16 -08:00
|
|
|
|
2024-02-06 21:05:52 +01:00
|
|
|
extends:
|
|
|
|
|
template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines
|
|
|
|
|
parameters:
|
|
|
|
|
pool:
|
|
|
|
|
name: DevDivPlaywrightAzurePipelinesUbuntu2204
|
|
|
|
|
os: linux
|
|
|
|
|
sdl:
|
|
|
|
|
sourceAnalysisPool:
|
|
|
|
|
name: DevDivPlaywrightAzurePipelinesWindows2022
|
|
|
|
|
# The image must be windows-based due to restrictions of the SDL tools. See: https://aka.ms/AAo6v8e
|
|
|
|
|
# In the case of a windows build, this can be the same as the above pool image.
|
|
|
|
|
os: windows
|
2024-02-06 22:51:42 +01:00
|
|
|
suppression:
|
|
|
|
|
suppressionFile: $(Build.SourcesDirectory)\.azure-pipelines\guardian\SDL\.gdnsuppress
|
2024-02-06 21:05:52 +01:00
|
|
|
stages:
|
|
|
|
|
- stage: Stage
|
|
|
|
|
jobs:
|
|
|
|
|
- job: HostJob
|
|
|
|
|
steps:
|
|
|
|
|
- bash: |
|
|
|
|
|
if [[ ! "$CURRENT_BRANCH" =~ ^release-.* ]]; then
|
|
|
|
|
echo "Can only publish from a release branch."
|
|
|
|
|
echo "Unexpected branch name: $CURRENT_BRANCH"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
env:
|
|
|
|
|
CURRENT_BRANCH: ${{ variables['Build.SourceBranchName'] }}
|
|
|
|
|
displayName: "Check the branch is a release branch"
|
|
|
|
|
|
|
|
|
|
- bash: |
|
|
|
|
|
echo "importing GPG key:"
|
|
|
|
|
# Pipeline variables do not preserve line ends so we use base64 instead of --armored as a workaround.
|
|
|
|
|
echo $GPG_PRIVATE_KEY_BASE64 | base64 -d | gpg --batch --import
|
|
|
|
|
echo "list keys after import:"
|
|
|
|
|
gpg --list-keys
|
|
|
|
|
env:
|
|
|
|
|
GPG_PRIVATE_KEY_BASE64: $(GPG_PRIVATE_KEY_BASE64) # secret variable has to be mapped to an env variable
|
|
|
|
|
displayName: "Import gpg key"
|
|
|
|
|
|
2024-06-25 08:34:20 -07:00
|
|
|
- bash: ./scripts/download_driver.sh
|
2024-02-06 21:05:52 +01:00
|
|
|
displayName: 'Download driver'
|
|
|
|
|
|
|
|
|
|
- bash: mvn -B deploy -D skipTests --no-transfer-progress --activate-profiles release -D gpg.passphrase=$GPG_PASSPHRASE -DaltDeploymentRepository=snapshot-repo::default::file:$(pwd)/local-build
|
|
|
|
|
displayName: 'Build and deploy to a local directory'
|
|
|
|
|
env:
|
|
|
|
|
GPG_PASSPHRASE: $(GPG_PASSPHRASE) # secret variable has to be mapped to an env variable
|
|
|
|
|
|
2024-05-03 16:03:41 +00:00
|
|
|
- task: EsrpRelease@7
|
2024-02-06 21:05:52 +01:00
|
|
|
inputs:
|
2024-05-03 16:03:41 +00:00
|
|
|
connectedservicename: 'Playwright-ESRP-Azure'
|
|
|
|
|
keyvaultname: 'pw-publishing-secrets'
|
|
|
|
|
authcertname: 'ESRP-Release-Auth'
|
|
|
|
|
signcertname: 'ESRP-Release-Sign'
|
|
|
|
|
clientid: '13434a40-7de4-4c23-81a3-d843dc81c2c5'
|
|
|
|
|
intent: 'PackageDistribution'
|
|
|
|
|
contenttype: 'Maven'
|
2024-05-03 17:55:40 +00:00
|
|
|
# Keeping it commented out as a workaround for:
|
|
|
|
|
# https://portal.microsofticm.com/imp/v3/incidents/incident/499972482/summary
|
|
|
|
|
# contentsource: 'folder'
|
2024-05-03 16:03:41 +00:00
|
|
|
folderlocation: './local-build'
|
|
|
|
|
waitforreleasecompletion: true
|
|
|
|
|
owners: 'yurys@microsoft.com'
|
|
|
|
|
approvers: 'maxschmitt@microsoft.com'
|
|
|
|
|
serviceendpointurl: 'https://api.esrp.microsoft.com'
|
|
|
|
|
mainpublisher: 'Playwright'
|
|
|
|
|
domaintenantid: '72f988bf-86f1-41af-91ab-2d7cd011db47'
|
2024-02-06 21:05:52 +01:00
|
|
|
displayName: 'ESRP Release to Maven'
|
