-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathbuild-publish.yml
123 lines (112 loc) · 5.23 KB
/
build-publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
variables:
- template: pipeline-templates/global-variables.yml
trigger:
branches:
include:
- master
- release-*
- multipleplugininstance
paths:
exclude:
- /**/*.md
pr: none
jobs:
- job:
displayName: "Windows MSI and Plugin Build"
variables:
- template: pipeline-templates/windows-job-variables.yml
pool:
vmImage: 'windows-latest'
steps:
- template: pipeline-templates/windows-setup-and-key-vault.yml
- template: pipeline-templates/windows-build-steps.yml
- task: GitHubRelease@1
inputs:
gitHubConnection: 'PangaeaBuild-GitHub'
repositoryName: 'OneIdentity/SafeguardDevOpsService'
action: 'create'
target: '$(Build.SourceVersion)'
tagSource: 'userSpecifiedTag'
tag: 'release-$(VersionString)'
title: '$(VersionString)'
isPreRelease: $(isPrerelease)
changeLogCompareToRelease: 'lastFullRelease'
changeLogType: 'commitBased'
assets: |
$(Build.ArtifactStagingDirectory)\bin\$(buildConfiguration)\en-us\*.msi
$(Build.ArtifactStagingDirectory)\bin\$(buildConfiguration)\$(pluginsDir)\*.zip
displayName: 'Creating and publishing a release to Github'
condition: and(succeeded(), eq(variables.isReleaseBranch, true))
- powershell: Publish-Module -Path $(Build.SourcesDirectory)\safeguard-devops -NuGetApiKey "$(PowerShellGalleryApiKey)" -Verbose -SkipAutomaticTags
displayName: 'Publish Powershell module to Powershell Gallery'
condition: and(succeeded(), eq(variables.isReleaseBranch, true))
- task: NuGetCommand@2
inputs:
command: 'custom'
arguments: 'push $(Build.ArtifactStagingDirectory)\OneIdentity.SafeguardSecretsBroker.PluginCommon.*.nupkg -source https://api.nuget.org/v3/index.json -ApiKey $(NugetOrgApiKey) -NonInteractive -Verbosity detailed'
displayName: 'Publishing NuGet packages to NuGet.org'
condition: and(succeeded(), eq(variables.isReleaseBranch, true))
- task: NuGetCommand@2
inputs:
command: 'push'
packagesToPush: '$(Build.ArtifactStagingDirectory)\OneIdentity.SafeguardSecretsBroker.AddonCommon.*.nupkg'
nuGetFeedType: 'internal'
publishVstsFeed: 'OneIdentity'
displayName: 'Publish NuGet packages to Azure DevOps Artifacts'
condition: and(succeeded(), eq(variables.isReleaseBranch, true))
- job:
displayName: "Linux Docker Alpine Build"
variables:
imageType: alpine3.12
pool:
vmImage: 'ubuntu-latest'
steps:
- template: pipeline-templates/linux-build-steps.yml
- task: AzureKeyVault@1
inputs:
azureSubscription: 'OneIdentity.RD.SBox.Safeguard-ServiceConnection'
KeyVaultName: 'SafeguardBuildSecrets'
SecretsFilter: 'DockerHubAccessToken,DockerHubPassword'
displayName: 'Get Docker Hub Access Token from Sandbox Azure Key Vault'
condition: and(succeeded(), eq(variables.isReleaseBranch, true), eq(variables.isPrerelease, false))
- task: Bash@3
inputs:
targetType: 'inline'
script: |
docker login -u petrsnd --password-stdin <<<$(DockerHubAccessToken) 2>/dev/null
docker tag oneidentity/safeguard-devops:$(VersionString)-alpine3.12 oneidentity/safeguard-devops:$(VersionString)-alpine
docker tag oneidentity/safeguard-devops:$(VersionString)-alpine3.12 oneidentity/safeguard-devops:latest
docker push oneidentity/safeguard-devops:$(VersionString)-alpine3.12
docker push oneidentity/safeguard-devops:$(VersionString)-alpine
docker push oneidentity/safeguard-devops:latest
docker logout
failOnStderr: true
condition: and(succeeded(), eq(variables.isReleaseBranch, true), eq(variables.isPrerelease, false))
displayName: 'Pushing docker Alpine image to Docker Hub'
- job:
displayName: "Linux Docker Ubuntu Build"
variables:
imageType: ubuntu20.04
pool:
vmImage: 'ubuntu-latest'
steps:
- template: pipeline-templates/linux-build-steps.yml
- task: AzureKeyVault@1
inputs:
azureSubscription: 'OneIdentity.RD.SBox.Safeguard-ServiceConnection'
KeyVaultName: 'SafeguardBuildSecrets'
SecretsFilter: 'DockerHubAccessToken,DockerHubPassword'
displayName: 'Get Docker Hub Access Token from Sandbox Azure Key Vault'
condition: and(succeeded(), eq(variables.isReleaseBranch, true), eq(variables.isPrerelease, false))
- task: Bash@3
inputs:
targetType: 'inline'
script: |
docker login -u petrsnd --password-stdin <<<$(DockerHubAccessToken) 2>/dev/null
docker tag oneidentity/safeguard-devops:$(VersionString)-ubuntu20.04 oneidentity/safeguard-devops:$(VersionString)-ubuntu
docker push oneidentity/safeguard-devops:$(VersionString)-ubuntu20.04
docker push oneidentity/safeguard-devops:$(VersionString)-ubuntu
docker logout
failOnStderr: true
condition: and(succeeded(), eq(variables.isReleaseBranch, true), eq(variables.isPrerelease, false))
displayName: 'Pushing docker ubuntu image to Docker Hub'