Use internal repository to manage secondary pipeline dependencies #25535
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 16 commits
September 23, 2025 12:35
github-actions
bot
added
area: build
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR modernizes dependency management for secondary pipelines by introducing an internal repository approach. The change moves from using npx for direct package installations to utilizing the ff_pipeline_host repository with pnpm and lockfile-based dependency management.
Key changes include:
- Migrating from
npxcommands topnpm execfor better dependency control - Switching from custom workspace directories to
$(Build.SourcesDirectory) - Adding proper dependency installation steps using pnpm with lockfiles
Reviewed Changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| tools/pipelines/templates/include-vars-telemetry-generator.yml | Adds new variable for telemetry generator handlers path in the repository-based approach |
| tools/pipelines/templates/include-upload-stage-telemetry.yml | Replaces telemetry setup template with repository checkout and pnpm-based dependency installation |
| tools/pipelines/templates/include-test-real-service.yml | Major refactor from workspace-based npm to repository-based pnpm approach with streamlined dependency management |
| scripts/get-test-pass-rate.mjs | Removes script file (likely moved to the internal repository) |
Abe27342
commented
Sep 24, 2025
| // This script is used in the "runAfterAll" stage in our E2E test pipeline. It's used | ||
| // to get timeline and metrics data so that the test pass rate can be calculated in a later step. | ||
|
|
||
| // The Build ID needed to fetch the desired data. |
Contributor
Author
There was a problem hiding this comment.
I just moved this whole script to the internal repository. If we leave it here, we need another checkout step in the telemetry upload job to get at it, which seems kinda wasteful.
Moving it comes with some more compatibility concerns, but I think that's probably ok.
jzaffiro
reviewed
Sep 24, 2025
| workingDirectory: ${{ parameters.testWorkspace }} | ||
| targetType: 'inline' | ||
| script: 'npm install $(Initialize.testPackageTgz) ${{ parameters.loggerPackage }}' | ||
| script: 'pnpm install $(Initialize.testPackageTgz)' |
Contributor
There was a problem hiding this comment.
Is the logger installed by default when the pipeline host repo is checked out?
jzaffiro
approved these changes
Sep 24, 2025
Contributor
jzaffiro
left a comment
jzaffiro
left a comment
There was a problem hiding this comment.
I think the performance benchmarks pipeline will need to be updated separately since it doesn't use the include-test-real-service template, but I'm fine to have this go in first.
Contributor
Author
Yup, it definitely needs updates. That's the one I think might be broken as well by this refactor, but we'll see. It's broken now anyway, so... :P |
This was referenced Sep 24, 2025
Abe27342
added a commit
that referenced
this pull request
Sep 24, 2025
## Description Follow-up to #25535: this extra syntax is no longer required after moving off `npx` and though they are benign for me locally, they cause parameters to not be plumbed through in pipelines (likely due to shell differences) Test run: [here](https://dev.azure.com/fluidframework/internal/_build/results?buildId=357111&view=results) Co-authored-by: Abram Sanderson <[email protected]>
Abe27342
added a commit
that referenced
this pull request
Sep 24, 2025
## Description Follow-up to #25535 that allows specifying the primary registry in `include-install-pnpm.yaml` so that the telemetry stage upload template can reference the feed we use to install internal packages. Test run [here](https://dev.azure.com/fluidframework/internal/_build/results?buildId=357059&view=logs&j=7ef2f12f-27d7-5730-657b-d3ad5f630362&t=9da23dd1-2e0f-578e-ea27-ee9162e0f22c). Co-authored-by: Abram Sanderson <[email protected]>
Abe27342
added a commit
that referenced
this pull request
Sep 25, 2025
…25543) ## Description Follow-up to #25535: in line with using a "host repository" that has package-lock'd internal dependencies, tighten the "copy devDependency" script that we use to get devDependencies necessary at workload runtime to exclude some common dependencies that are only used at build time. This is motivated by still seeing some DDS fuzz harness pipeline failures due to recently published transitive dependencies of build-tools. Test run: [here](https://dev.azure.com/fluidframework/internal/_build/results?buildId=357194&view=logs&j=bbaafa3d-c204-5f81-4508-786dc29a3642&t=f302f968-fb15-5cb8-d0fb-0d951f384806) --------- Co-authored-by: Abram Sanderson <[email protected]>
This was referenced Sep 25, 2025
Abe27342
added a commit
that referenced
this pull request
Sep 26, 2025
…25550) ## Description Follow-up to #25535 which applies the same kind of change to the performance benchmarks pipeline template. Test run: [here](https://dev.azure.com/fluidframework/internal/_build/results?buildId=357522&view=results) --------- Co-authored-by: Abram Sanderson <[email protected]>
Abe27342
added a commit
that referenced
this pull request
Sep 26, 2025
) ## Description Follow-up to #25535 which restores the caching of compat dependencies we previously had. Couldn't help myself from making a tweak so the cache key is invalidated on minor version change, which should give us better long-term behavior: the set of versions to install is dynamically computed based on roughly the current package version, so using major+minor here should be a net win as only roughly one build per release should need to install compat dependencies, after that they will be cached. --------- Co-authored-by: Abram Sanderson <[email protected]>
anthony-murphy-agent
pushed a commit
to anthony-murphy-agent/FluidFramework
that referenced
this pull request
Jan 14, 2026
…crosoft#25535) ## Description Our secondary pipelines (real service e2e, stress tests, performance benchmarks, etc.) rely on a small amount of infrastructure published internally as npm packages. Before this change, we have been consuming those packages using `npx` or equivalent bare installations from within the secondary pipeline. This is not great practice as it does not allow repeatability of the generated install tree, as npm and other package managers prefer to use newer versions of packages within semver allowance as they are released. This PR updates the `include-real-service-test` template (which is used by several of these pipelines) to run its workload from the context of a very simple internal repository which has pnpm configurations and the packages we need installed. This gives us the benefits of a lock file within source control. Test run: [here](https://dev.azure.com/fluidframework/internal/_build/results?buildId=356944&view=results) --------- Co-authored-by: Abram Sanderson <[email protected]>
anthony-murphy-agent
pushed a commit
to anthony-murphy-agent/FluidFramework
that referenced
this pull request
Jan 14, 2026
## Description Follow-up to microsoft#25535: this extra syntax is no longer required after moving off `npx` and though they are benign for me locally, they cause parameters to not be plumbed through in pipelines (likely due to shell differences) Test run: [here](https://dev.azure.com/fluidframework/internal/_build/results?buildId=357111&view=results) Co-authored-by: Abram Sanderson <[email protected]>
anthony-murphy-agent
pushed a commit
to anthony-murphy-agent/FluidFramework
that referenced
this pull request
Jan 14, 2026
…soft#25540) ## Description Follow-up to microsoft#25535 that allows specifying the primary registry in `include-install-pnpm.yaml` so that the telemetry stage upload template can reference the feed we use to install internal packages. Test run [here](https://dev.azure.com/fluidframework/internal/_build/results?buildId=357059&view=logs&j=7ef2f12f-27d7-5730-657b-d3ad5f630362&t=9da23dd1-2e0f-578e-ea27-ee9162e0f22c). Co-authored-by: Abram Sanderson <[email protected]>
anthony-murphy-agent
pushed a commit
to anthony-murphy-agent/FluidFramework
that referenced
this pull request
Jan 14, 2026
…icrosoft#25543) ## Description Follow-up to microsoft#25535: in line with using a "host repository" that has package-lock'd internal dependencies, tighten the "copy devDependency" script that we use to get devDependencies necessary at workload runtime to exclude some common dependencies that are only used at build time. This is motivated by still seeing some DDS fuzz harness pipeline failures due to recently published transitive dependencies of build-tools. Test run: [here](https://dev.azure.com/fluidframework/internal/_build/results?buildId=357194&view=logs&j=bbaafa3d-c204-5f81-4508-786dc29a3642&t=f302f968-fb15-5cb8-d0fb-0d951f384806) --------- Co-authored-by: Abram Sanderson <[email protected]>
anthony-murphy-agent
pushed a commit
to anthony-murphy-agent/FluidFramework
that referenced
this pull request
Jan 14, 2026
…icrosoft#25550) ## Description Follow-up to microsoft#25535 which applies the same kind of change to the performance benchmarks pipeline template. Test run: [here](https://dev.azure.com/fluidframework/internal/_build/results?buildId=357522&view=results) --------- Co-authored-by: Abram Sanderson <[email protected]>
anthony-murphy-agent
pushed a commit
to anthony-murphy-agent/FluidFramework
that referenced
this pull request
Jan 14, 2026
…rosoft#25563) ## Description Follow-up to microsoft#25535 which restores the caching of compat dependencies we previously had. Couldn't help myself from making a tweak so the cache key is invalidated on minor version change, which should give us better long-term behavior: the set of versions to install is dynamically computed based on roughly the current package version, so using major+minor here should be a net win as only roughly one build per release should need to install compat dependencies, after that they will be cached. --------- Co-authored-by: Abram Sanderson <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Our secondary pipelines (real service e2e, stress tests, performance benchmarks, etc.) rely on a small amount of infrastructure published internally as npm packages. Before this change, we have been consuming those packages using
npxor equivalent bare installations from within the secondary pipeline. This is not great practice as it does not allow repeatability of the generated install tree, as npm and other package managers prefer to use newer versions of packages within semver allowance as they are released.This PR updates the
include-real-service-testtemplate (which is used by several of these pipelines) to run its workload from the context of a very simple internal repository which has pnpm configurations and the packages we need installed. This gives us the benefits of a lock file within source control.Test run: here