refactor pipeline to 1es

Andrew Omondi · Andrew Omondi · commit c261799d7b07 · 2024-09-05T11:15:44.000+03:00
diff --git a/.azure-pipelines/ci-build-production.yml b/.azure-pipelines/ci-build-production.yml
@@ -1,40 +1,54 @@
-# Typescript Typings V1 npm build and release pipeline
+# This Yaml Document has been converted by ESAI Yaml Pipeline Conversion Tool.
+# Please make sure to check all the converted content, it is your team's responsibility to make sure that the pipeline is still valid and functions as expected.
+# This pipeline will be extended to the OneESPT template
+# The pool section has been filled with placeholder values, replace the pool section with your hosted pool, os, and image name. If you are using a Linux image, you must specify an additional windows image for SDL: https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/1es-pipeline-templates/features/sdlanalysis/overview#how-to-specify-a-windows-pool-for-the-sdl-source-analysis-stage
 name: $(BuildDefinitionName)_$(SourceBranchName)_$(Date:yyyyMMdd)$(Rev:.r)
-
 trigger:
   branches:
     include:
-      - main
+    - main
   paths:
     include:
-      - microsoft-graph.d.ts
-
+    - microsoft-graph.d.ts
 pr: none
-
-pool:
-  vmImage: windows-latest
-
-steps:
-
-- checkout: self
-  displayName: checkout main
-
-- template: ./common-templates/security-pre-checks.yml
-- task: CopyFiles@2
-  displayName: 'Copy Files to staging directory'
-  inputs:
-    SourceFolder: '$(System.DefaultWorkingDirectory)'
-    Contents: |
-     **/*
-     !spec/**
-     !.azure-pipelines/**
-     !.github/**
-     !.git/**
-     !.vscode/**
-     !typings-demo.gif
-    TargetFolder: '$(Build.ArtifactStagingDirectory)'
-
-- task: PublishBuildArtifacts@1
-  displayName: 'Publish Artifact: drop'
-
-- template: ./common-templates/security-post-checks.yml
+resources:
+  repositories:
+  - repository: 1ESPipelineTemplates
+    type: git
+    name: 1ESPipelineTemplates/1ESPipelineTemplates
+    ref: refs/tags/release
+extends:
+  template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates
+  parameters:
+    pool:
+      name: 1ESPT-Pool-Name-Placeholder
+      image: windows-latest
+      os: windows
+    customBuildTags:
+    - ES365AIMigrationTooling
+    stages:
+    - stage: stage
+      jobs:
+      - job: job
+        templateContext:
+          outputs:
+          - output: pipelineArtifact
+            displayName: 'Publish Artifact: drop'
+        steps:
+        - checkout: self
+          displayName: checkout main
+        - template: /.azure-pipelines/common-templates/security-pre-checks.yml@self
+        - task: CopyFiles@2
+          displayName: 'Copy Files to staging directory'
+          inputs:
+            SourceFolder: '$(System.DefaultWorkingDirectory)'
+            Contents: |
+              **/*
+              !spec/**
+              !.azure-pipelines/**
+              !.github/**
+              !.git/**
+              !.vscode/**
+              !typings-demo.gif
+            TargetFolder: '$(Build.ArtifactStagingDirectory)'
+        - template: /.azure-pipelines/common-templates/security-post-checks.yml@self
diff --git a/.azure-pipelines/common-templates/security-post-checks.yml b/.azure-pipelines/common-templates/security-post-checks.yml
@@ -1,53 +1,51 @@
-# Copyright (c) Microsoft Corporation. All rights reserved.
-# Licensed under the MIT License.
+# This Yaml Document has been converted by ESAI Yaml Pipeline Conversion Tool.
+# Please make sure to check all the converted content, it is your team's responsibility to make sure that the pipeline is still valid and functions as expected.
 steps:
-  - task: CodesignValidation@0
-
-  - task: SdtReport@1
-    displayName: "Security Analysis Report"
-    continueOnError: true
-    condition: succeededOrFailed()
-    inputs:
-      AllTools: false
-      APIScan: false
-      BinSkim: false
-      BinSkimBreakOn: "WarningAbove"
-      CodesignValidation: false
-      CodesignValidationBreakOn: "WarningAbove"
-      CredScan: true
-      FortifySCA: false
-      FxCop: false
-      ModernCop: false
-      MSRD: false
-      PoliCheck: true
-      PoliCheckBreakOn: "Severity1"
-      RoslynAnalyzers: false
-      RoslynAnalyzersBreakOn: "WarningAbove"
-      SDLNativeRules: false
-      Semmle: false
-      TSLint: false
-      TSLintBreakOn: "WarningAbove"
-      ToolLogsNotFoundAction: "Standard"
-
-  - task: PublishSecurityAnalysisLogs@3
-    displayName: "Publish Security Analysis Logs"
-    inputs:
-      ArtifactName: "CodeAnalysisLogs"
-      ArtifactType: "Container"
-      AllTools: false
-      AntiMalware: false
-      APIScan: false
-      BinSkim: false
-      CodesignValidation: false
-      CredScan: true
-      FortifySCA: false
-      FxCop: false
-      ModernCop: true
-      MSRD: false
-      PoliCheck: true
-      RoslynAnalyzers: false
-      SDLNativeRules: false
-      Semmle: false
-      TSLint: true
-      WebScout: false
-      ToolLogsNotFoundAction: "Standard"
+- task: CodesignValidation@0
+- task: SdtReport@1
+  displayName: "Security Analysis Report"
+  continueOnError: true
+  condition: succeededOrFailed()
+  inputs:
+    AllTools: false
+    APIScan: false
+    BinSkim: false
+    BinSkimBreakOn: "WarningAbove"
+    CodesignValidation: false
+    CodesignValidationBreakOn: "WarningAbove"
+    CredScan: true
+    FortifySCA: false
+    FxCop: false
+    ModernCop: false
+    MSRD: false
+    PoliCheck: true
+    PoliCheckBreakOn: "Severity1"
+    RoslynAnalyzers: false
+    RoslynAnalyzersBreakOn: "WarningAbove"
+    SDLNativeRules: false
+    Semmle: false
+    TSLint: false
+    TSLintBreakOn: "WarningAbove"
+    ToolLogsNotFoundAction: "Standard"
+- task: PublishSecurityAnalysisLogs@3
+  displayName: "Publish Security Analysis Logs"
+  inputs:
+    ArtifactName: "CodeAnalysisLogs"
+    ArtifactType: "Container"
+    AllTools: false
+    AntiMalware: false
+    APIScan: false
+    BinSkim: false
+    CodesignValidation: false
+    CredScan: true
+    FortifySCA: false
+    FxCop: false
+    ModernCop: true
+    MSRD: false
+    PoliCheck: true
+    RoslynAnalyzers: false
+    SDLNativeRules: false
+    Semmle: false
+    TSLint: true
+    WebScout: false
+    ToolLogsNotFoundAction: "Standard"
diff --git a/.azure-pipelines/common-templates/security-pre-checks.yml b/.azure-pipelines/common-templates/security-pre-checks.yml
@@ -1,21 +1,20 @@
-# Copyright (c) Microsoft Corporation. All rights reserved.
-# Licensed under the MIT License.
+# This Yaml Document has been converted by ESAI Yaml Pipeline Conversion Tool.
+# Please make sure to check all the converted content, it is your team's responsibility to make sure that the pipeline is still valid and functions as expected.
 steps:
-  - task: CredScan@2
-    displayName: "Run CredScan"
-    inputs:
-      debugMode: false
-      batchSize: 20
-      toolMajorVersion: "V2"
-      searchersFileType: "Skype"
-
-  - task: PoliCheck@1
-    displayName: "Run PoliCheck"
-    condition: and(succeeded(), eq(eq(variables['Build.SourceBranch'], 'refs/heads/main'), false))
-    inputs:
-      targetType: F
-      SOMEnabled: true
-      optionsFC: 0
-      optionsXS: 0
-      optionsHMENABLE: 0
-      continueOnError: true
+- task: CredScan@2
+  displayName: "Run CredScan"
+  inputs:
+    debugMode: false
+    batchSize: 20
+    toolMajorVersion: "V2"
+    searchersFileType: "Skype"
+- task: PoliCheck@1
+  displayName: "Run PoliCheck"
+  condition: and(succeeded(), eq(eq(variables['Build.SourceBranch'], 'refs/heads/main'), false))
+  inputs:
+    targetType: F
+    SOMEnabled: true
+    optionsFC: 0
+    optionsXS: 0
+    optionsHMENABLE: 0
+    continueOnError: true
