# Documentation: https://aka.ms/obpipelines trigger: none parameters: - name: debug displayName: Enable debug output type: boolean default: false - name: official displayName: Whether to build Official or NonOfficial type: string default: NonOfficial values: - NonOfficial - Official - name: createvpack displayName: Enable vpack creation type: boolean default: false - name: buildPlatforms type: object default: - x86_64-pc-windows-msvc - aarch64-pc-windows-msvc variables: system.debug: ${{parameters.debug}} WindowsContainerImage: onebranch.azurecr.io/windows/ltsc2022/vse2022:latest # CDP_DEFINITION_BUILD_COUNT is needed for onebranch.pipeline.version task. # See: https://aka.ms/obpipelines/versioning CDP_DEFINITION_BUILD_COUNT: $[counter('', 0)] # LOAD BEARING - the vpack task fails without these ROOT: $(Build.SourcesDirectory) REPOROOT: $(Build.SourcesDirectory) OUTPUTROOT: $(REPOROOT)\out NUGET_XMLDOC_MODE: none resources: repositories: - repository: GovernedTemplates type: git name: OneBranch.Pipelines/GovernedTemplates ref: refs/heads/main extends: template: v2/Microsoft.${{parameters.official}}.yml@GovernedTemplates parameters: featureFlags: WindowsHostVersion: Version: 2022 Network: R1 platform: name: windows_undocked product: edit # https://aka.ms/obpipelines/cloudvault cloudvault: enabled: false # https://aka.ms/obpipelines/sdl globalSdl: binskim: # > Due to some legacy reasons, 1ES PT is scanning full sources directory # > for BinSkim tool instead of just scanning the output directory [...] scanOutputDirectoryOnly: true isNativeCode: true tsa: enabled: ${{eq(parameters.official, 'Official')}} configFile: "$(Build.SourcesDirectory)/.pipelines/tsa.json" stages: # Our Build stage will build all three targets in one job, so we don't need # to repeat most of the boilerplate work in three separate jobs. - stage: Build jobs: - job: Windows pool: type: windows variables: # Binaries will go here. # More settings at https://aka.ms/obpipelines/yaml/jobs ob_outputDirectory: "$(Build.SourcesDirectory)/out" # The vPack gets created from stuff in here. # It will have a structure like: # .../vpack/ # - amd64/ # - edit.exe # - i386/ # - edit.exe # - arm64/ # - edit.exe ob_createvpack_enabled: ${{parameters.createvpack}} ob_createvpack_vpackdirectory: "$(ob_outputDirectory)/vpack" ob_createvpack_packagename: "windows_edit.$(Build.SourceBranchName)" ob_createvpack_owneralias: lhecker@microsoft.com ob_createvpack_description: Microsoft Edit ob_createvpack_targetDestinationDirectory: "$(Destination)" ob_createvpack_propsFile: false ob_createvpack_provData: true ob_createvpack_versionAs: string ob_createvpack_version: "$(EditVersion)-$(CDP_DEFINITION_BUILD_COUNT)" ob_createvpack_metadata: "$(Build.SourceVersion)" ob_createvpack_topLevelRetries: 0 ob_createvpack_failOnStdErr: true ob_createvpack_verbose: ${{ parameters.debug }} # For details on this cargo_target_dir setting, see: # https://eng.ms/docs/more/rust/topics/onebranch-workaround CARGO_TARGET_DIR: C:\cargo_target_dir # msrustup only supports stable toolchains, but this project requires nightly. # We were told RUSTC_BOOTSTRAP=1 is a supported workaround. RUSTC_BOOTSTRAP: 1 steps: # NOTE: Step objects have ordered keys and you MUST have "task" as the first key. # Objects with ordered keys... lol - task: RustInstaller@1 displayName: Install Rust toolchain inputs: rustVersion: ms-stable additionalTargets: x86_64-pc-windows-msvc aarch64-pc-windows-msvc # URL of an Azure Artifacts feed configured with a crates.io upstream. Must be within the current ADO collection. # NOTE: Azure Artifacts support for Rust is not yet public, but it is enabled for internal ADO organizations. # https://learn.microsoft.com/en-us/azure/devops/artifacts/how-to/set-up-upstream-sources?view=azure-devops cratesIoFeedOverride: sparse+https://pkgs.dev.azure.com/microsoft/Dart/_packaging/Edit_PublicPackages/Cargo/index/ # URL of an Azure Artifacts NuGet feed configured with the mscodehub Rust feed as an upstream. # * The feed must be within the current ADO collection. # * The CI account, usually "Project Collection Build Service (org-name)", must have at least "Collaborator" permission. # When setting up the upstream NuGet feed, use following Azure Artifacts feed locator: # azure-feed://mscodehub/Rust/Rust@Release toolchainFeed: https://pkgs.dev.azure.com/microsoft/_packaging/RustTools/nuget/v3/index.json - task: CargoAuthenticate@0 displayName: Authenticate with Azure Artifacts inputs: configFile: ".cargo/release-windows-ms.toml" # We recommend making a separate `cargo fetch` step, as some build systems perform # fetching entirely prior to the build, and perform the build with the network disabled. - script: cargo fetch --config .cargo/release-windows-ms.toml displayName: Fetch crates - ${{ each platform in parameters.buildPlatforms }}: - script: cargo build --config .cargo/release-windows-ms.toml --frozen --release --target ${{platform}} displayName: Build ${{platform}} Release - task: CopyFiles@2 displayName: Copy files to vpack (${{platform}}) inputs: sourceFolder: "$(CARGO_TARGET_DIR)/${{platform}}/release" ${{ if eq(platform, 'i686-pc-windows-msvc') }}: targetFolder: "$(ob_createvpack_vpackdirectory)/i386" ${{ elseif eq(platform, 'x86_64-pc-windows-msvc') }}: targetFolder: "$(ob_createvpack_vpackdirectory)/amd64" ${{ else }}: # aarch64-pc-windows-msvc targetFolder: "$(ob_createvpack_vpackdirectory)/arm64" contents: | *.exe *.pdb # Extract the version for `ob_createvpack_version`. - script: |- @echo off for /f "tokens=3 delims=- " %%x in ('findstr /c:"version = " Cargo.toml') do ( echo ##vso[task.setvariable variable=EditVersion]%%~x goto :EOF ) displayName: "Set EditVersion" - task: onebranch.pipeline.signing@1 displayName: "Sign files" inputs: command: "sign" signing_profile: "external_distribution" files_to_sign: "**/edit.exe" search_root: "$(ob_createvpack_vpackdirectory)" use_testsign: false in_container: true