11trigger :
2- - main
2+ - main
33
44# the `resources` specify the location and version of the 1ES Pipeline Template (PT).
55resources :
66 repositories :
7- - repository : 1ESPipelineTemplates
8- type : git
9- name : 1ESPipelineTemplates/1ESPipelineTemplates
10- ref : refs/tags/release
7+ - repository : 1ESPipelineTemplates
8+ type : git
9+ name : 1ESPipelineTemplates/1ESPipelineTemplates
10+ ref : refs/tags/release
1111
1212extends :
1313 # this pipeline extends an existing 1ES PT which injects various SDL and compliance tasks
@@ -28,14 +28,12 @@ extends:
2828 stages :
2929 - stage : Component_Governance
3030 jobs :
31- - job : CG_Prep
32- steps :
33- # Component Governance (CG) does not support pyproject.toml yet.
34- # For this reason, use toml-to-requirements to export dependencies into a requirements.txt file.
35- # CG will auto-detect the requirements.txt file and use it to scan for dependencies.
36- - script : |
37- pip install toml-to-requirements
38- toml-to-req --toml-file backend/pyproject.toml --poetry --optional-lists dev,test,backend,frontend
39- # toml-to-req is not perfect. It will leave wildcard characters in the requirements.txt file which we remove
40- sed -i 's/\*//g' requirements.txt
41- displayName: 'Export python dependencies to requirements.txt for CG'
31+ - job : CG_Prep
32+ steps :
33+ # Component Governance (CG) does not support pyproject.toml yet.
34+ # For this reason, we export dependencies into a requirements.txt file.
35+ # CG will auto-detect the requirements.txt file and use it to scan for dependencies.
36+ - script : |
37+ pip install poetry poetry-plugin-export
38+ poetry export --directory=backend --format=requirements.txt --without-hashes --without-urls --all-extras --all-groups -o requirements.txt
39+ displayName: "Export python dependencies to requirements.txt for CG"
0 commit comments