1- parameters :
2- displayName : ' '
3- imageDir : ' '
4- imageDebianFlavor : ' '
5- scriptPath : ' '
6- artifactsFileName : ' '
7- jobName : ' '
1+ # trigger: none
82
9- jobs :
10- - job : ${{ parameters.jobName }}
11- displayName : ${{ parameters.displayName }}
12- pool :
13- name : AzurePipelines-EO
14- demands :
15- - ImageOverride -equals AzurePipelinesUbuntu20.04compliant
16- timeoutInMinutes : 250
17- steps :
18- - task : ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
19- displayName : ' Component Detection - OSS Compliance'
20- inputs :
21- ignoreDirectories : ' $(Build.SourcesDirectory)/tests'
3+ # The `resources` specify the location and version of the 1ES PT.
4+ resources :
5+ repositories :
6+ - repository : 1esPipelines
7+ type : git
8+ name : 1ESPipelineTemplates/1ESPipelineTemplates
9+ ref : refs/tags/release
2210
23- - task : ShellScript@2
24- displayName : Build images
25- inputs :
26- scriptPath : ${{ parameters.scriptPath }}
27- args : ${{ parameters.imageDir }} ${{ parameters.imageDebianFlavor }}
28- env :
29- ORYX_SDK_STORAGE_ACCOUNT_ACCESS_TOKEN : $(ORYX-SDK-STAGING-PRIVATE-SAS-TOKEN)
30- DOTNET_PRIVATE_STORAGE_ACCOUNT_ACCESS_TOKEN : $(DotnetPrivateStorageAccountAccessToken)
11+ extends :
12+ # The pipeline extends the 1ES PT which will inject different SDL and compliance tasks.
13+ # For non-production pipelines, use "Unofficial" as defined below.
14+ # For productions pipelines, use "Official".
15+ template : v1/1ES.Official.PipelineTemplate.yml@1esPipelines
16+ parameters :
17+ # Update the pool with your team's 1ES hosted pool.
18+ pool :
19+ name : AzurePipelines-EO
20+ image : AzurePipelinesUbuntu20.04compliant # Name of the image in your pool. If not specified, first image of the pool is used
21+ os : linux # OS of the image. Allowed values: windows, linux, macOS
3122
32- - task : AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
33- displayName : Generate Software Bill of Materials (SBOM)
34- inputs :
35- BuildDropPath : ' $(Build.ArtifactStagingDirectory)'
36- AdditionalComponentDetectorArgs : ' --DirectoryExclusionList **/SampleApps/**'
23+ stages :
24+ - stage : Stage
25+ jobs :
26+ - job : HostJob
27+ timeoutInMinutes : 250
28+ # If the pipeline publishes artifacts, use `templateContext` to define the artifacts.
29+ # This will enable 1ES PT to run SDL analysis tools on the artifacts and then upload them.
30+ templateContext :
31+ outputs :
32+ - output : pipelineArtifact
33+ targetPath : $(Build.ArtifactStagingDirectory)
34+ artifactName : buildImageBasesJobArtifact
35+ # Define the steps that the pipeline will run.
36+ # In most cases, copy and paste the steps from the original pipeline.
37+ steps :
38+ - task : ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
39+ displayName : ' Component Detection - OSS Compliance'
40+ inputs :
41+ ignoreDirectories : ' $(Build.SourcesDirectory)/tests'
3742
38- - task : CopyFiles @2
39- displayName : Copy artifacts to staging directory
40- inputs :
41- sourceFolder : ' $(Build.SourcesDirectory)/artifacts '
42- contents : ' **/*.* '
43- targetFolder : $(Build.ArtifactStagingDirectory)
44- overWrite : true
45- condition : true
43+ - task : ShellScript @2
44+ displayName : Build images
45+ inputs :
46+ scriptPath : ${{ parameters.scriptPath }}
47+ args : ${{ parameters.imageDir }} ${{ parameters.imageDebianFlavor }}
48+ env :
49+ ORYX_SDK_STORAGE_ACCOUNT_ACCESS_TOKEN : $(ORYX-SDK-STAGING-PRIVATE-SAS-TOKEN)
50+ DOTNET_PRIVATE_STORAGE_ACCOUNT_ACCESS_TOKEN : $(DotnetPrivateStorageAccountAccessToken)
4651
47- - task : Docker@1
48- displayName : Push built base images to dev ACR
49- inputs :
50- command : push
51- azureSubscriptionEndpoint : $(ascName)
52- azureContainerRegistry : $(acrName)
53- pushMultipleImages : true
54- imageNamesPath : ' $(Build.ArtifactStagingDirectory)/images/${{ parameters.artifactsFileName }}'
55- enforceDockerNamingConvention : false
52+ - task : AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
53+ displayName : Generate Software Bill of Materials (SBOM)
54+ inputs :
55+ BuildDropPath : ' $(Build.ArtifactStagingDirectory)'
56+ AdditionalComponentDetectorArgs : ' --DirectoryExclusionList **/SampleApps/**'
5657
57- - task : ShellScript@2
58- displayName : ' Clean up Docker containers and images'
59- inputs :
60- scriptPath : ./vsts/scripts/cleanDocker.sh
58+ - task : CopyFiles@2
59+ displayName : Copy artifacts to staging directory
60+ inputs :
61+ sourceFolder : ' $(Build.SourcesDirectory)/artifacts'
62+ contents : ' **/*.*'
63+ targetFolder : $(Build.ArtifactStagingDirectory)
64+ overWrite : true
65+ condition : true
6166
62- - task : PublishBuildArtifacts@1
63- displayName : Publish build artifacts
64- inputs :
65- pathtoPublish : $(Build.ArtifactStagingDirectory)
67+ - task : Docker@1
68+ displayName : Push built base images to dev ACR
69+ inputs :
70+ command : push
71+ azureSubscriptionEndpoint : $(ascName)
72+ azureContainerRegistry : $(acrName)
73+ pushMultipleImages : true
74+ imageNamesPath : ' $(Build.ArtifactStagingDirectory)/images/${{ parameters.artifactsFileName }}'
75+ enforceDockerNamingConvention : false
6676
67- - task : ShellScript@2
68- displayName : ' Clean up Docker containers and images'
69- inputs :
70- scriptPath : ./vsts/scripts/cleanDocker.sh
71- condition : true
77+ - task : ShellScript@2
78+ displayName : ' Clean up Docker containers and images'
79+ inputs :
80+ scriptPath : ./vsts/scripts/cleanDocker.sh
81+
82+ - task : PublishBuildArtifacts@1
83+ displayName : Publish build artifacts
84+ inputs :
85+ pathtoPublish : $(Build.ArtifactStagingDirectory)
86+
87+ - task : ShellScript@2
88+ displayName : ' Clean up Docker containers and images'
89+ inputs :
90+ scriptPath : ./vsts/scripts/cleanDocker.sh
91+ condition : true
0 commit comments