@@ -23,10 +23,10 @@ parameters:
2323# As an entrypoint pipeline yml file, all parameters here show up in the Queue Run dialog.
2424# If any paramaters should NOT be queue-time options, they should be removed from here
2525# and references to them in this file replaced with hard-coded values.
26- - name : RealSign
27- displayName : Real sign?
26+ - name : ForceOfficialBuild
27+ displayName : Official build ( sign, compliance, etc.)
2828 type : boolean
29- default : false
29+ default : false # this should remain false so PR builds using this pipeline are unofficial
3030# - name: ShouldSkipOptimize # Uncomment this and references to it below when setting EnableOptProf to true in build.yml.
3131# displayName: Skip OptProf optimization
3232# type: boolean
@@ -39,12 +39,8 @@ parameters:
3939 displayName : Run tests
4040 type : boolean
4141 default : true
42- - name : EnableCompliance
43- displayName : Run Compliance Tools
44- type : boolean
45- default : true
4642- name : EnableAPIScan
47- displayName : Include APIScan with Compliance tools
43+ displayName : Include APIScan with compliance tools
4844 type : boolean
4945 default : false # enable in individual repos only AFTER updating TSAOptions.json with your own values
5046
@@ -59,7 +55,7 @@ variables:
5955- template : GlobalVariables.yml
6056
6157extends :
62- ${{ if parameters.EnableCompliance }} :
58+ ${{ if or( parameters.ForceOfficialBuild, eq(variables['Build.Reason'],'Schedule')) }} :
6359 template : azure-pipelines/MicroBuild.1ES.Official.yml@MicroBuildTemplate
6460 parameters :
6561 sdl :
@@ -74,7 +70,7 @@ extends:
7470 suppression :
7571 suppressionFile : $(System.DefaultWorkingDirectory)\azure-pipelines\falsepositives.gdnsuppress
7672 sbom :
77- enabled : ${{ or(parameters.RealSign, eq(variables['Build.Reason'],'Schedule')) }} # Disable the generation for SBOMs for artifacts in unsigned builds since it's slow
73+ enabled : true
7874 stages :
7975 - stage : Build
8076 variables :
@@ -83,9 +79,9 @@ extends:
8379 - template : /azure-pipelines/build.yml@self
8480 parameters :
8581 Is1ESPT : true
86- RealSign : ${{ or(parameters.RealSign, eq(variables['Build.Reason'],'Schedule')) }}
82+ RealSign : true
8783 # ShouldSkipOptimize: ${{ parameters.ShouldSkipOptimize }}
88- EnableAPIScan : ${{ and(parameters.EnableCompliance, parameters. EnableAPIScan, ne(variables['Build.Reason'], 'pullRequest')) }}
84+ EnableAPIScan : ${{ and(parameters.EnableAPIScan, ne(variables['Build.Reason'], 'pullRequest')) }}
8985 windowsPool : VSEngSS-MicroBuild2022-1ES
9086 linuxPool :
9187 name : AzurePipelines-EO
@@ -100,7 +96,7 @@ extends:
10096 RunTests : ${{ parameters.RunTests }}
10197 - template : /azure-pipelines/prepare-insertion-stages.yml@self
10298 parameters :
103- RealSign : ${{ or(parameters.RealSign, eq(variables['Build.Reason'],'Schedule')) }}
99+ RealSign : true
104100 ${{ else }} :
105101 template : azure-pipelines/MicroBuild.1ES.Unofficial.yml@MicroBuildTemplate
106102 parameters :
@@ -116,9 +112,9 @@ extends:
116112 - template : /azure-pipelines/build.yml@self
117113 parameters :
118114 Is1ESPT : true
119- RealSign : ${{ or(parameters.RealSign, eq(variables['Build.Reason'],'Schedule')) }}
115+ RealSign : false
120116 # ShouldSkipOptimize: ${{ parameters.ShouldSkipOptimize }}
121- EnableAPIScan : ${{ and(parameters.EnableCompliance, parameters.EnableAPIScan, ne(variables['Build.Reason'], 'pullRequest')) }}
117+ EnableAPIScan : false
122118 windowsPool : VSEngSS-MicroBuild2022-1ES
123119 linuxPool :
124120 name : AzurePipelines-EO
@@ -133,4 +129,4 @@ extends:
133129 RunTests : ${{ parameters.RunTests }}
134130 - template : /azure-pipelines/prepare-insertion-stages.yml@self
135131 parameters :
136- RealSign : ${{ or(parameters.RealSign, eq(variables['Build.Reason'],'Schedule')) }}
132+ RealSign : false
0 commit comments