Skip to content

Commit 8c09608

Browse files
author
Steve Lee (POWERSHELL HE/HIM) (from Dev Box)
committed
change to using azcli task to get access token
1 parent 99bd13b commit 8c09608

File tree

2 files changed

+31
-16
lines changed

2 files changed

+31
-16
lines changed

.pipelines/DSC-Official.yml

Lines changed: 26 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -75,13 +75,25 @@ extends:
7575
Write-Host ("sending " + $vstsCommandString)
7676
Write-Host "##$vstsCommandString"
7777
name: Package
78+
- task: AzureCLI@2
79+
displayName: Get Az Token
80+
inputs:
81+
azureSubscription: az-blob-cicd-infra
82+
scriptType: pscore
83+
scriptLocation: inlineScript
84+
inlineScript: |
85+
$token = az account get-access-token --query accessToken --resource 499b84ac-1321-427f-aa17-267ca6975798 -o tsv
86+
$vstsCommandString = "vso[task.setvariable variable=AzToken;]$token"
87+
Write-Host "Setting token"
88+
Write-Host "##$vstsCommandString"
7889
7990
- job: BuildWin_x64
8091
dependsOn: SetPackageVersion
8192
variables:
8293
ob_sdl_tsa_configFile: '$(Build.SourcesDirectory)\DSC\.config\tsaoptions.json'
8394
ob_outputDirectory: '$(Build.ArtifactStagingDirectory)'
8495
signSrcPath: '$(Build.SourcesDirectory)\out'
96+
AzToken: $[ dependencies.SetPackageVersion.outputs['AzToken'] ]
8597
ob_sdl_sbom_enabled: true
8698
ob_signing_setup_enabled: true
8799
ob_sdl_codeql_compiled_enabled: true
@@ -93,6 +105,7 @@ extends:
93105
buildName: x86_64-pc-windows-msvc
94106
signSrcPath: '$(signSrcPath)'
95107
PackageRoot: '$(PackageRoot)'
108+
token: '$(AzToken)'
96109

97110
- job: BuildWin_arm64
98111
dependsOn: SetPackageVersion
@@ -111,6 +124,7 @@ extends:
111124
buildName: aarch64-pc-windows-msvc
112125
signSrcPath: '$(signSrcPath)'
113126
PackageRoot: '$(PackageRoot)'
127+
token: '$(AzToken)'
114128

115129
- job: CreateMsixBundle
116130
dependsOn:
@@ -155,6 +169,7 @@ extends:
155169
variables:
156170
LinuxContainerImage: 'onebranch.azurecr.io/linux/ubuntu-2204:latest'
157171
PackageVersion: $[ dependencies.SetPackageVersion.outputs['Package.Version'] ]
172+
AzToken: $[ dependencies.SetPackageVersion.outputs['AzToken'] ]
158173
ob_outputDirectory: '$(Build.ArtifactStagingDirectory)'
159174
displayName: Linux-x64-musl
160175
pool:
@@ -168,17 +183,12 @@ extends:
168183
displayName: Install Rust
169184
env:
170185
ob_restore_phase: true
171-
- task: AzureCLI@2
172-
displayName: Azure CLI
173-
inputs:
174-
azureSubscription: az-blob-cicd-infra
175-
scriptType: pscore
176-
scriptLocation: inlineScript
177-
inlineScript: |
178-
az account show
179186
- pwsh: |
180187
apt update
181188
apt -y install musl-tools
189+
$header = "Bearer $accessToken"
190+
$env:CARGO_REGISTRIES_POWERSHELL_TOKEN = $header
191+
$env:CARGO_REGISTRIES_POWERSHELL_CREDENTIAL_PROVIDER = 'cargo:token'
182192
./build.ps1 -Release -Architecture x86_64-unknown-linux-musl
183193
./build.ps1 -PackageType tgz -Architecture x86_64-unknown-linux-musl -Release
184194
Copy-Item ./bin/*.tar.gz "$(ob_outputDirectory)"
@@ -190,6 +200,7 @@ extends:
190200
variables:
191201
LinuxContainerImage: 'onebranch.azurecr.io/linux/ubuntu-2004-arm64:latest'
192202
PackageVersion: $[ dependencies.SetPackageVersion.outputs['Package.Version'] ]
203+
AzToken: $[ dependencies.SetPackageVersion.outputs['AzToken'] ]
193204
ob_outputDirectory: '$(Build.ArtifactStagingDirectory)'
194205
displayName: Linux-ARM64-musl
195206
pool:
@@ -227,6 +238,9 @@ extends:
227238
if ((openssl version -d) -match 'OPENSSLDIR: "(?<dir>.*?)"') {
228239
$env:OPENSSL_LIB_DIR = $matches['dir']
229240
}
241+
$header = "Bearer $accessToken"
242+
$env:CARGO_REGISTRIES_POWERSHELL_TOKEN = $header
243+
$env:CARGO_REGISTRIES_POWERSHELL_CREDENTIAL_PROVIDER = 'cargo:token'
230244
./build.ps1 -Release -Architecture aarch64-unknown-linux-musl
231245
./build.ps1 -PackageType tgz -Architecture aarch64-unknown-linux-musl -Release
232246
Copy-Item ./bin/*.tar.gz "$(ob_outputDirectory)"
@@ -237,6 +251,7 @@ extends:
237251
dependsOn: SetPackageVersion
238252
variables:
239253
PackageVersion: $[ dependencies.SetPackageVersion.outputs['Package.Version'] ]
254+
AzToken: $[ dependencies.SetPackageVersion.outputs['AzToken'] ]
240255
ob_outputDirectory: '$(Build.ArtifactStagingDirectory)'
241256
displayName: BuildMac
242257
pool:
@@ -268,6 +283,9 @@ extends:
268283
inlineScript: |
269284
az account show
270285
- pwsh: |
286+
$header = "Bearer $accessToken"
287+
$env:CARGO_REGISTRIES_POWERSHELL_TOKEN = $header
288+
$env:CARGO_REGISTRIES_POWERSHELL_CREDENTIAL_PROVIDER = 'cargo:token'
271289
./build.ps1 -Release -Architecture $(buildName)
272290
./build.ps1 -PackageType tgz -Architecture $(buildName) -Release
273291
Copy-Item ./bin/*.tar.gz "$(ob_outputDirectory)"

.pipelines/DSC-Windows.yml

Lines changed: 5 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,8 @@ parameters:
88
- name: BuildConfiguration
99
type: string
1010
default: Release
11+
- name: token
12+
type: string
1113

1214
steps:
1315
- checkout: self
@@ -34,15 +36,10 @@ steps:
3436
displayName: Install Rust
3537
env:
3638
ob_restore_phase: true
37-
- task: AzureCLI@2
38-
displayName: Azure CLI
39-
inputs:
40-
azureSubscription: az-blob-cicd-infra
41-
scriptType: pscore
42-
scriptLocation: inlineScript
43-
inlineScript: |
44-
az account show
4539
- pwsh: |
40+
$header = "Bearer ${ parameters.token }"
41+
$env:CARGO_REGISTRIES_POWERSHELL_TOKEN = $header
42+
$env:CARGO_REGISTRIES_POWERSHELL_CREDENTIAL_PROVIDER = 'cargo:token'
4643
Set-Location "$(Build.SourcesDirectory)/DSC"
4744
$LLVMBIN = "$($env:PROGRAMFILES)\Microsoft Visual Studio\2022\Enterprise\VC\Tools\Llvm\bin"
4845
if (!(Test-Path $LLVMBIN)) {

0 commit comments

Comments
 (0)