From 6a243f151f4eab41f9f346c955467116f3a01663 Mon Sep 17 00:00:00 2001 From: Lakshmipriya Gottipati Date: Thu, 28 Aug 2025 01:29:57 +0530 Subject: [PATCH 01/11] Change ConnectedServiceName to ForgeManagedIdentity --- azure-pipelines.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index dc3bb23..93c6066 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -45,7 +45,7 @@ steps: - task: EsrpCodeSigning@5 displayName: 'ESRP CodeSigning - Authenticode MI' inputs: - ConnectedServiceName: 'ForgeServiceConnection' + ConnectedServiceName: 'ForgeManagedIdentity' UseMSIAuthentication: true AppRegistrationClientId: 'ee5bddcd-7e6d-40c7-a645-8f0be9da4e24' AppRegistrationTenantId: '33e01921-4d64-4f8c-a055-5bdaffd5e33d' @@ -102,7 +102,7 @@ steps: - task: EsrpCodeSigning@5 displayName: 'ESRP CodeSigning - NuGet MI' inputs: - ConnectedServiceName: 'ForgeServiceConnection' + ConnectedServiceName: 'ForgeManagedIdentity' UseMSIAuthentication: true AppRegistrationClientId: 'ee5bddcd-7e6d-40c7-a645-8f0be9da4e24' AppRegistrationTenantId: '33e01921-4d64-4f8c-a055-5bdaffd5e33d' @@ -140,4 +140,4 @@ steps: command: push packagesToPush: '$(Build.SourcesDirectory)\Forge.TreeWalker\bin\Release\Microsoft.Forge.TreeWalker*.symbols.nupkg' publishVstsFeed: 'ForgeArtifacts' - allowPackageConflicts: true \ No newline at end of file + allowPackageConflicts: true From d72844abb6d1f02eb31cb524ec467278304f29f9 Mon Sep 17 00:00:00 2001 From: Lakshmipriya Gottipati Date: Thu, 28 Aug 2025 15:13:08 +0530 Subject: [PATCH 02/11] Refactor Azure Pipelines configuration Updated Azure Pipelines configuration to include new resources and extend from a template. Removed obsolete steps and added new variables for container image. --- azure-pipelines.yml | 297 ++++++++++++++++++++++++-------------------- 1 file changed, 159 insertions(+), 138 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 93c6066..bcb318b 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -1,143 +1,164 @@ trigger: - master -pool: - vmImage: 'windows-latest' - timeoutInMinutes: 10 +resources: + repositories: + - repository: onebranchTemplates + type: git + name: OneBranch.Pipelines/GovernedTemplates + ref: refs/heads/main -steps: -- task: NuGetCommand@2 - displayName: 'NuGet restore' - inputs: - restoreSolution: '$(Build.SourcesDirectory)\Forge.sln' + +variables: + WindowsContainerImage: 'onebranch.azurecr.io/windows/ltsc2022/vse2022:latest' # Docker image which is used to build the project https://aka.ms/obpipelines/containers -- task: VSBuild@1 - displayName: 'Build .NET sln for tests' - inputs: - solution: '$(Build.SourcesDirectory)\Forge.sln' - platform: 'Any CPU' - configuration: Release - -- task: VSTest@2 - displayName: 'Run Tests' - inputs: - testAssemblyVer2: | - $(Build.SourcesDirectory)\Forge.TreeWalker.UnitTests\obj\Release\Microsoft.Forge.TreeWalker.UnitTests.dll - runInParallel: True - -- task: VSBuild@1 - displayName: 'Build .NET sln and pack' - inputs: - solution: '$(Build.SourcesDirectory)\Forge.sln' - platform: 'Any CPU' - configuration: Release - msbuildArgs: '-t:pack' - -- task: UseDotNet@2 - inputs: - packageType: 'sdk' - version: '6.0.100' -- task: UseDotNet@2 - inputs: - packageType: 'runtime' - version: '2.1.23' - -- task: EsrpCodeSigning@5 - displayName: 'ESRP CodeSigning - Authenticode MI' - inputs: - ConnectedServiceName: 'ForgeManagedIdentity' - UseMSIAuthentication: true - AppRegistrationClientId: 'ee5bddcd-7e6d-40c7-a645-8f0be9da4e24' - AppRegistrationTenantId: '33e01921-4d64-4f8c-a055-5bdaffd5e33d' - EsrpClientId: 'ec6597cc-b900-43a4-9d2b-ffc5cc4f8c56' - AuthAKVName: 'ForgeKeyVault2' - AuthSignCertName: 'ForgeKeyVault2Certificate' - ServiceEndpointUrl: 'https://api.esrp.microsoft.com/api/v2' - signConfigType: 'inlineSignParams' - FolderPath: '$(Build.SourcesDirectory)\Forge.TreeWalker\bin\Release' - Pattern: 'Microsoft.Forge.TreeWalker.dll' - OpusName: 'Microsoft Forge TreeWalker' - OpusInfo: 'https://www.github.com/microsoft/forge' - inlineOperation: | - [ { - "keyCode": "CP-230012", - "operationSetCode": "SigntoolSign", - "parameters": [ - { - "parameterName": "OpusName", - "parameterValue": "Microsoft" - }, - { - "parameterName": "OpusInfo", - "parameterValue": "http://www.microsoft.com" - }, - { - "parameterName": "Append", - "parameterValue": "/as" - }, - { - "parameterName": "FileDigest", - "parameterValue": "/fd \"SHA256\"" - }, - { - "parameterName": "PageHash", - "parameterValue": "/NPH" - }, - { - "parameterName": "TimeStamp", - "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256" - } - ], - "toolName": "sign", - "toolVersion": "1.0" - }, - { - "keyCode": "CP-230012", - "operationSetCode": "SigntoolVerify", - "parameters": [ ], - "toolName": "sign", - "toolVersion": "1.0" - }] - -- task: EsrpCodeSigning@5 - displayName: 'ESRP CodeSigning - NuGet MI' - inputs: - ConnectedServiceName: 'ForgeManagedIdentity' - UseMSIAuthentication: true - AppRegistrationClientId: 'ee5bddcd-7e6d-40c7-a645-8f0be9da4e24' - AppRegistrationTenantId: '33e01921-4d64-4f8c-a055-5bdaffd5e33d' - EsrpClientId: 'ec6597cc-b900-43a4-9d2b-ffc5cc4f8c56' - AuthAKVName: 'ForgeKeyVault2' - AuthSignCertName: 'ForgeKeyVault2Certificate' - ServiceEndpointUrl: 'https://api.esrp.microsoft.com/api/v2' - signConfigType: 'inlineSignParams' - FolderPath: '$(Build.SourcesDirectory)\Forge.TreeWalker\bin\Release' - Pattern: 'Microsoft.Forge.TreeWalker*.symbols.nupkg' - inlineOperation: | - [ - { - "keyCode": "CP-401405", - "operationSetCode": "NuGetSign", - "parameters": [ ], - "toolName": "sign", - "toolVersion": "1.0" - }, - { - "keyCode": "CP-401405", - "operationSetCode": "NuGetVerify", - "parameters": [ ], - "toolName": "sign", - "toolVersion": "1.0" - } - ] - SessionTimeout: '60' - MaxConcurrency: '50' - MaxRetryAttempts: '5' - -- task: NuGetCommand@2 - displayName: 'NuGet push AzureArtifacts' - inputs: - command: push - packagesToPush: '$(Build.SourcesDirectory)\Forge.TreeWalker\bin\Release\Microsoft.Forge.TreeWalker*.symbols.nupkg' - publishVstsFeed: 'ForgeArtifacts' - allowPackageConflicts: true +extends: + template: v2/OneBranch.Official.CrossPlat.yml@onebranchTemplates + parameters: + stages: + - stage: stage + jobs: + - job: job + pool: + type: windows + variables: + - name: ob_nugetPublishing_enabled + value: true + - name: ob_outputDirectory + value: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT' + steps: + - task: NuGetCommand@2 + displayName: 'NuGet restore' + inputs: + restoreSolution: '$(Build.SourcesDirectory)\Forge.sln' + + - task: VSBuild@1 + displayName: 'Build .NET sln for tests' + inputs: + solution: '$(Build.SourcesDirectory)\Forge.sln' + platform: 'Any CPU' + configuration: Release + + - task: VSTest@2 + displayName: 'Run Tests' + inputs: + testAssemblyVer2: | + $(Build.SourcesDirectory)\Forge.TreeWalker.UnitTests\obj\Release\Microsoft.Forge.TreeWalker.UnitTests.dll + runInParallel: True + + - task: VSBuild@1 + displayName: 'Build .NET sln and pack' + inputs: + solution: '$(Build.SourcesDirectory)\Forge.sln' + platform: 'Any CPU' + configuration: Release + msbuildArgs: '-t:pack' + + - task: UseDotNet@2 + inputs: + packageType: 'sdk' + version: '6.0.100' + - task: UseDotNet@2 + inputs: + packageType: 'runtime' + version: '2.1.23' + + - task: EsrpCodeSigning@5 + displayName: 'ESRP CodeSigning - Authenticode MI' + inputs: + ConnectedServiceName: 'ForgeManagedIdentity' + UseMSIAuthentication: true + AppRegistrationClientId: 'ee5bddcd-7e6d-40c7-a645-8f0be9da4e24' + AppRegistrationTenantId: '33e01921-4d64-4f8c-a055-5bdaffd5e33d' + EsrpClientId: 'ec6597cc-b900-43a4-9d2b-ffc5cc4f8c56' + AuthAKVName: 'ForgeKeyVault2' + AuthSignCertName: 'ForgeKeyVault2Certificate' + ServiceEndpointUrl: 'https://api.esrp.microsoft.com/api/v2' + signConfigType: 'inlineSignParams' + FolderPath: '$(Build.SourcesDirectory)\Forge.TreeWalker\bin\Release' + Pattern: 'Microsoft.Forge.TreeWalker.dll' + OpusName: 'Microsoft Forge TreeWalker' + OpusInfo: 'https://www.github.com/microsoft/forge' + inlineOperation: | + [ { + "keyCode": "CP-230012", + "operationSetCode": "SigntoolSign", + "parameters": [ + { + "parameterName": "OpusName", + "parameterValue": "Microsoft" + }, + { + "parameterName": "OpusInfo", + "parameterValue": "http://www.microsoft.com" + }, + { + "parameterName": "Append", + "parameterValue": "/as" + }, + { + "parameterName": "FileDigest", + "parameterValue": "/fd \"SHA256\"" + }, + { + "parameterName": "PageHash", + "parameterValue": "/NPH" + }, + { + "parameterName": "TimeStamp", + "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256" + } + ], + "toolName": "sign", + "toolVersion": "1.0" + }, + { + "keyCode": "CP-230012", + "operationSetCode": "SigntoolVerify", + "parameters": [ ], + "toolName": "sign", + "toolVersion": "1.0" + }] + + - task: EsrpCodeSigning@5 + displayName: 'ESRP CodeSigning - NuGet MI' + inputs: + ConnectedServiceName: 'ForgeManagedIdentity' + UseMSIAuthentication: true + AppRegistrationClientId: 'ee5bddcd-7e6d-40c7-a645-8f0be9da4e24' + AppRegistrationTenantId: '33e01921-4d64-4f8c-a055-5bdaffd5e33d' + EsrpClientId: 'ec6597cc-b900-43a4-9d2b-ffc5cc4f8c56' + AuthAKVName: 'ForgeKeyVault2' + AuthSignCertName: 'ForgeKeyVault2Certificate' + ServiceEndpointUrl: 'https://api.esrp.microsoft.com/api/v2' + signConfigType: 'inlineSignParams' + FolderPath: '$(Build.SourcesDirectory)\Forge.TreeWalker\bin\Release' + Pattern: 'Microsoft.Forge.TreeWalker*.symbols.nupkg' + inlineOperation: | + [ + { + "keyCode": "CP-401405", + "operationSetCode": "NuGetSign", + "parameters": [ ], + "toolName": "sign", + "toolVersion": "1.0" + }, + { + "keyCode": "CP-401405", + "operationSetCode": "NuGetVerify", + "parameters": [ ], + "toolName": "sign", + "toolVersion": "1.0" + } + ] + SessionTimeout: '60' + MaxConcurrency: '50' + MaxRetryAttempts: '5' + + - task: NuGetCommand@2 + displayName: 'NuGet push AzureArtifacts' + inputs: + command: push + packagesToPush: '$(Build.SourcesDirectory)\Forge.TreeWalker\bin\Release\Microsoft.Forge.TreeWalker*.symbols.nupkg' + publishVstsFeed: 'ForgeArtifacts' + allowPackageConflicts: true From abb39941b00e6db8394b18b5b01890c50b6f41fa Mon Sep 17 00:00:00 2001 From: Lakshmipriya Gottipati Date: Thu, 28 Aug 2025 15:45:40 +0530 Subject: [PATCH 03/11] Add TSA options configuration file --- .config/tsaoptions.json | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 .config/tsaoptions.json diff --git a/.config/tsaoptions.json b/.config/tsaoptions.json new file mode 100644 index 0000000..0301088 --- /dev/null +++ b/.config/tsaoptions.json @@ -0,0 +1,8 @@ +{ + "codebaseName": "Forge", + "instanceUrl": "https://msazure.visualstudio.com", + "projectName": "One", + "areaPath": "One\\Azure Compute\\OneFleet Node\\Availability Platform\\Forge", + "TSADocumentation": "https://aka.ms/OBTSA", + "notificationAliases": ["forge"] +} From 691eb0a68ce84e0132aa83f733720b53156120a0 Mon Sep 17 00:00:00 2001 From: Lakshmipriya Gottipati Date: Thu, 28 Aug 2025 16:29:16 +0530 Subject: [PATCH 04/11] Update notification alias from 'forge' to 'anvil' --- .config/tsaoptions.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.config/tsaoptions.json b/.config/tsaoptions.json index 0301088..b3599f1 100644 --- a/.config/tsaoptions.json +++ b/.config/tsaoptions.json @@ -4,5 +4,5 @@ "projectName": "One", "areaPath": "One\\Azure Compute\\OneFleet Node\\Availability Platform\\Forge", "TSADocumentation": "https://aka.ms/OBTSA", - "notificationAliases": ["forge"] + "notificationAliases": ["anvil"] } From 839277bf514693715e6a1406e1cbb0875b0aaa03 Mon Sep 17 00:00:00 2001 From: Lakshmipriya Gottipati Date: Fri, 29 Aug 2025 01:57:09 +0530 Subject: [PATCH 05/11] Update notification alias in tsaoptions.json --- .config/tsaoptions.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.config/tsaoptions.json b/.config/tsaoptions.json index b3599f1..e71482f 100644 --- a/.config/tsaoptions.json +++ b/.config/tsaoptions.json @@ -4,5 +4,5 @@ "projectName": "One", "areaPath": "One\\Azure Compute\\OneFleet Node\\Availability Platform\\Forge", "TSADocumentation": "https://aka.ms/OBTSA", - "notificationAliases": ["anvil"] + "notificationAliases": ["ForgeTreeWalker@microsoft.com"] } From 1e99ed25e780a4de4208da7f569f05b0e64fb922 Mon Sep 17 00:00:00 2001 From: Lakshmipriya Gottipati Date: Fri, 29 Aug 2025 02:15:53 +0530 Subject: [PATCH 06/11] Change pipeline template to NonOfficial version --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index bcb318b..c5777e3 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -13,7 +13,7 @@ variables: WindowsContainerImage: 'onebranch.azurecr.io/windows/ltsc2022/vse2022:latest' # Docker image which is used to build the project https://aka.ms/obpipelines/containers extends: - template: v2/OneBranch.Official.CrossPlat.yml@onebranchTemplates + template: v2/OneBranch.NonOfficial.CrossPlat.yml@onebranchTemplates parameters: stages: - stage: stage From d6d9c82bf33eb0b8b7240cc721f0923dfbf917d6 Mon Sep 17 00:00:00 2001 From: Lakshmipriya Gottipati Date: Fri, 29 Aug 2025 02:26:09 +0530 Subject: [PATCH 07/11] Update Windows container image version in pipeline --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index c5777e3..ed3cd96 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -10,7 +10,7 @@ resources: variables: - WindowsContainerImage: 'onebranch.azurecr.io/windows/ltsc2022/vse2022:latest' # Docker image which is used to build the project https://aka.ms/obpipelines/containers + WindowsContainerImage: 'onebranch.azurecr.io/windows/ltsc2019/vse2022:latest' # Docker image which is used to build the project https://aka.ms/obpipelines/containers extends: template: v2/OneBranch.NonOfficial.CrossPlat.yml@onebranchTemplates From cd1e92a004c6a568cb3555bcf11662288732e8ee Mon Sep 17 00:00:00 2001 From: Lakshmipriya Gottipati Date: Fri, 29 Aug 2025 23:16:41 +0530 Subject: [PATCH 08/11] Update pipeline template to official version --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index ed3cd96..ef8642a 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -13,7 +13,7 @@ variables: WindowsContainerImage: 'onebranch.azurecr.io/windows/ltsc2019/vse2022:latest' # Docker image which is used to build the project https://aka.ms/obpipelines/containers extends: - template: v2/OneBranch.NonOfficial.CrossPlat.yml@onebranchTemplates + template: v2/OneBranch.Official.CrossPlat.yml@onebranchTemplates parameters: stages: - stage: stage From 2312089debb5b0942ff6302bf5488e9c014ba5fe Mon Sep 17 00:00:00 2001 From: Lakshmipriya Gottipati Date: Sat, 30 Aug 2025 02:21:42 +0530 Subject: [PATCH 09/11] Update areaPath in tsaoptions.json --- .config/tsaoptions.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.config/tsaoptions.json b/.config/tsaoptions.json index e71482f..a16f020 100644 --- a/.config/tsaoptions.json +++ b/.config/tsaoptions.json @@ -2,7 +2,7 @@ "codebaseName": "Forge", "instanceUrl": "https://msazure.visualstudio.com", "projectName": "One", - "areaPath": "One\\Azure Compute\\OneFleet Node\\Availability Platform\\Forge", + "areaPath": "One\\Azure Compute\\OneFleet Node\\Availability Platform\\Anvil", "TSADocumentation": "https://aka.ms/OBTSA", "notificationAliases": ["ForgeTreeWalker@microsoft.com"] } From 0c66ebf927a7633ca49e7803e6d660f295c52a38 Mon Sep 17 00:00:00 2001 From: Lakshmipriya Gottipati Date: Fri, 5 Sep 2025 16:48:48 +0530 Subject: [PATCH 10/11] Update VM image in Azure Pipelines configuration --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index ef8642a..c8b9e02 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -20,7 +20,7 @@ extends: jobs: - job: job pool: - type: windows + vmImage: 'windows-latest' variables: - name: ob_nugetPublishing_enabled value: true From 5e5e80aa7a08dd2320affc082a41ad526e713c2d Mon Sep 17 00:00:00 2001 From: Lakshmipriya Gottipati Date: Fri, 5 Sep 2025 17:02:51 +0530 Subject: [PATCH 11/11] Change stages to customStages in pipeline config --- azure-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index c8b9e02..0d5162e 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -15,7 +15,7 @@ variables: extends: template: v2/OneBranch.Official.CrossPlat.yml@onebranchTemplates parameters: - stages: + customStages: - stage: stage jobs: - job: job