266 lines
12 KiB
YAML
266 lines
12 KiB
YAML
parameters:
|
|
- name: official
|
|
type: boolean
|
|
default: false
|
|
- name: branding
|
|
type: string
|
|
default: Release
|
|
values:
|
|
- Release
|
|
- Preview
|
|
- Canary
|
|
- Dev
|
|
- name: buildTerminal
|
|
type: boolean
|
|
default: true
|
|
- name: buildConPTY
|
|
type: boolean
|
|
default: false
|
|
- name: buildWPF
|
|
type: boolean
|
|
default: false
|
|
- name: pgoBuildMode
|
|
type: string
|
|
default: Optimize
|
|
values:
|
|
- Optimize
|
|
- Instrument
|
|
- None
|
|
- name: buildConfigurations
|
|
type: object
|
|
default:
|
|
- Release
|
|
- name: buildPlatforms
|
|
type: object
|
|
default:
|
|
- x64
|
|
- x86
|
|
- arm64
|
|
- name: codeSign
|
|
type: boolean
|
|
default: true
|
|
- name: terminalInternalPackageVersion
|
|
type: string
|
|
default: '0.0.8'
|
|
|
|
- name: publishSymbolsToPublic
|
|
type: boolean
|
|
default: true
|
|
- name: symbolExpiryTime
|
|
type: string
|
|
default: 36530 # This is the default from PublishSymbols@2
|
|
- name: publishVpackToWindows
|
|
type: boolean
|
|
default: false
|
|
|
|
- name: extraPublishJobs
|
|
type: object
|
|
default: []
|
|
|
|
resources:
|
|
repositories:
|
|
- repository: templates
|
|
type: git
|
|
name: OneBranch.Pipelines/GovernedTemplates
|
|
ref: refs/heads/main
|
|
|
|
extends:
|
|
${{ if eq(parameters.official, true) }}:
|
|
template: v2/Microsoft.Official.yml@templates # https://aka.ms/obpipelines/templates
|
|
${{ else }}:
|
|
template: v2/Microsoft.NonOfficial.yml@templates
|
|
parameters:
|
|
featureFlags:
|
|
WindowsHostVersion: 1ESWindows2022
|
|
platform:
|
|
name: 'windows_undocked'
|
|
product: 'Windows Terminal'
|
|
cloudvault: # https://aka.ms/obpipelines/cloudvault
|
|
enabled: false
|
|
globalSdl: # https://aka.ms/obpipelines/sdl
|
|
tsa:
|
|
enabled: true
|
|
configFile: '$(Build.SourcesDirectory)\build\config\tsa.json'
|
|
binskim:
|
|
break: false
|
|
scanOutputDirectoryOnly: true
|
|
policheck:
|
|
break: false
|
|
severity: Note
|
|
baseline:
|
|
baselineFile: '$(Build.SourcesDirectory)\build\config\release.gdnbaselines'
|
|
suppressionSet: default
|
|
|
|
stages:
|
|
- stage: Build
|
|
displayName: Build
|
|
dependsOn: []
|
|
jobs:
|
|
- template: ./build/pipelines/templates-v2/job-build-project.yml@self
|
|
parameters:
|
|
pool: { type: windows }
|
|
variables:
|
|
ob_git_checkout: false # This job checks itself out
|
|
ob_git_skip_checkout_none: true
|
|
ob_outputDirectory: $(JobOutputDirectory)
|
|
ob_artifactBaseName: $(JobOutputArtifactName)
|
|
publishArtifacts: false # Handled by OneBranch
|
|
branding: ${{ parameters.branding }}
|
|
buildTerminal: ${{ parameters.buildTerminal }}
|
|
buildConPTY: ${{ parameters.buildConPTY }}
|
|
buildWPF: ${{ parameters.buildWPF }}
|
|
pgoBuildMode: ${{ parameters.pgoBuildMode }}
|
|
buildConfigurations: ${{ parameters.buildConfigurations }}
|
|
buildPlatforms: ${{ parameters.buildPlatforms }}
|
|
generateSbom: false # this is handled by onebranch
|
|
removeAllNonSignedFiles: true # appease the overlords
|
|
codeSign: ${{ parameters.codeSign }}
|
|
beforeBuildSteps: # Right before we build, lay down the universal package and localizations
|
|
- task: PkgESSetupBuild@12
|
|
displayName: Package ES - Setup Build
|
|
inputs:
|
|
disableOutputRedirect: true
|
|
|
|
- task: UniversalPackages@0
|
|
displayName: Download terminal-internal Universal Package
|
|
inputs:
|
|
feedListDownload: 2b3f8893-a6e8-411f-b197-a9e05576da48
|
|
packageListDownload: e82d490c-af86-4733-9dc4-07b772033204
|
|
versionListDownload: ${{ parameters.terminalInternalPackageVersion }}
|
|
|
|
- template: ./build/pipelines/templates-v2/steps-fetch-and-prepare-localizations.yml@self
|
|
parameters:
|
|
includePseudoLoc: true
|
|
|
|
- ${{ if eq(parameters.buildWPF, true) }}:
|
|
# Add an Any CPU build flavor for the WPF control bits
|
|
- template: ./build/pipelines/templates-v2/job-build-project.yml@self
|
|
parameters:
|
|
pool: { type: windows }
|
|
variables:
|
|
ob_git_checkout: false # This job checks itself out
|
|
ob_git_skip_checkout_none: true
|
|
ob_outputDirectory: $(JobOutputDirectory)
|
|
ob_artifactBaseName: $(JobOutputArtifactName)
|
|
publishArtifacts: false # Handled by OneBranch
|
|
jobName: BuildWPF
|
|
branding: ${{ parameters.branding }}
|
|
buildTerminal: false
|
|
buildWPFDotNetComponents: true
|
|
buildConfigurations: ${{ parameters.buildConfigurations }}
|
|
buildPlatforms:
|
|
- Any CPU
|
|
generateSbom: false # this is handled by onebranch
|
|
removeAllNonSignedFiles: true # appease the overlords
|
|
codeSign: ${{ parameters.codeSign }}
|
|
beforeBuildSteps:
|
|
- task: PkgESSetupBuild@12
|
|
displayName: Package ES - Setup Build
|
|
inputs:
|
|
disableOutputRedirect: true
|
|
# WPF doesn't need the localizations or the universal package, but if it does... put them here.
|
|
|
|
- stage: Package
|
|
displayName: Package
|
|
dependsOn: [Build]
|
|
jobs:
|
|
- ${{ if eq(parameters.buildTerminal, true) }}:
|
|
- template: ./build/pipelines/templates-v2/job-merge-msix-into-bundle.yml@self
|
|
parameters:
|
|
pool: { type: windows }
|
|
variables:
|
|
ob_git_checkout: false # This job checks itself out
|
|
ob_git_skip_checkout_none: true
|
|
ob_outputDirectory: $(JobOutputDirectory)
|
|
ob_artifactBaseName: $(JobOutputArtifactName)
|
|
### This job is also in charge of submitting the vpack to Windows if it's enabled
|
|
ob_createvpack_enabled: ${{ and(parameters.buildTerminal, parameters.publishVpackToWindows) }}
|
|
ob_updateOSManifest_enabled: ${{ and(parameters.buildTerminal, parameters.publishVpackToWindows) }}
|
|
### If enabled above, these options are in play.
|
|
ob_createvpack_packagename: 'WindowsTerminal.app'
|
|
ob_createvpack_owneralias: 'conhost@microsoft.com'
|
|
ob_createvpack_description: 'VPack for the Windows Terminal Application'
|
|
ob_createvpack_targetDestinationDirectory: '$(Destination)'
|
|
ob_createvpack_propsFile: false
|
|
ob_createvpack_provData: true
|
|
ob_createvpack_metadata: '$(Build.SourceVersion)'
|
|
ob_createvpack_topLevelRetries: 0
|
|
ob_createvpack_failOnStdErr: true
|
|
ob_createvpack_taskLogVerbosity: Detailed
|
|
ob_createvpack_verbose: true
|
|
ob_createvpack_vpackdirectory: '$(JobOutputDirectory)\vpack'
|
|
ob_updateOSManifest_gitcheckinConfigPath: '$(Build.SourcesDirectory)\build\config\GitCheckin.json'
|
|
# We're skipping the 'fetch' part of the OneBranch rules, but that doesn't mean
|
|
# that it doesn't expect to have downloaded a manifest directly to some 'destination'
|
|
# folder that it can then update and upload.
|
|
# Effectively: it says "destination" but it means "source"
|
|
# DH: Don't ask why.
|
|
ob_updateOSManifest_destination: $(XES_VPACKMANIFESTDIRECTORY)
|
|
ob_updateOSManifest_skipFetch: true
|
|
publishArtifacts: false # Handled by OneBranch
|
|
jobName: Bundle
|
|
branding: ${{ parameters.branding }}
|
|
buildConfigurations: ${{ parameters.buildConfigurations }}
|
|
buildPlatforms: ${{ parameters.buildPlatforms }}
|
|
generateSbom: false # Handled by onebranch
|
|
codeSign: ${{ parameters.codeSign }}
|
|
afterBuildSteps:
|
|
# This directory has to exist, even if we aren't using createvpack, because the Guardian rules demand it.
|
|
- pwsh: |-
|
|
New-Item "$(JobOutputDirectory)/vpack" -Type Directory
|
|
displayName: Make sure the vpack directory exists
|
|
|
|
- ${{ if parameters.publishVpackToWindows }}:
|
|
- pwsh: |-
|
|
Copy-Item -Verbose -Path "$(MsixBundlePath)" -Destination (Join-Path "$(JobOutputDirectory)/vpack" 'Microsoft.WindowsTerminal_8wekyb3d8bbwe.msixbundle')
|
|
displayName: Stage msixbundle for vpack
|
|
|
|
- ${{ if eq(parameters.buildConPTY, true) }}:
|
|
- template: ./build/pipelines/templates-v2/job-package-conpty.yml@self
|
|
parameters:
|
|
pool: { type: windows }
|
|
variables:
|
|
ob_git_checkout: false # This job checks itself out
|
|
ob_git_skip_checkout_none: true
|
|
ob_outputDirectory: $(JobOutputDirectory)
|
|
ob_artifactBaseName: $(JobOutputArtifactName)
|
|
publishArtifacts: false # Handled by OneBranch
|
|
buildConfigurations: ${{ parameters.buildConfigurations }}
|
|
buildPlatforms: ${{ parameters.buildPlatforms }}
|
|
generateSbom: false # this is handled by onebranch
|
|
codeSign: ${{ parameters.codeSign }}
|
|
|
|
- ${{ if eq(parameters.buildWPF, true) }}:
|
|
- template: ./build/pipelines/templates-v2/job-build-package-wpf.yml@self
|
|
parameters:
|
|
pool: { type: windows }
|
|
variables:
|
|
ob_git_checkout: false # This job checks itself out
|
|
ob_git_skip_checkout_none: true
|
|
ob_outputDirectory: $(JobOutputDirectory)
|
|
ob_artifactBaseName: $(JobOutputArtifactName)
|
|
publishArtifacts: false # Handled by OneBranch
|
|
buildConfigurations: ${{ parameters.buildConfigurations }}
|
|
buildPlatforms: ${{ parameters.buildPlatforms }}
|
|
generateSbom: false # this is handled by onebranch
|
|
codeSign: ${{ parameters.codeSign }}
|
|
|
|
- stage: Publish
|
|
displayName: Publish
|
|
dependsOn: [Build, Package]
|
|
jobs:
|
|
- template: ./build/pipelines/templates-v2/job-publish-symbols.yml@self
|
|
parameters:
|
|
pool: { type: windows }
|
|
includePublicSymbolServer: ${{ parameters.publishSymbolsToPublic }}
|
|
symbolPatGoesInTaskInputs: true # onebranch tries to muck with the PAT variable, so we need to change how it get the PAT
|
|
symbolExpiryTime: ${{ parameters.symbolExpiryTime }}
|
|
variables:
|
|
ob_git_checkout: false # This job checks itself out
|
|
ob_git_skip_checkout_none: true
|
|
ob_outputDirectory: $(Build.ArtifactStagingDirectory)
|
|
# Without this, OneBranch will nerf our symbol tasks
|
|
ob_symbolsPublishing_enabled: true
|
|
|
|
- ${{ parameters.extraPublishJobs }}
|