Skip to content

Commit

Permalink
Add CodeQL to build (dotnet#6350)
Browse files Browse the repository at this point in the history
  • Loading branch information
ericstj authored Oct 12, 2022
1 parent 20692fe commit ce0a5ba
Showing 1 changed file with 20 additions and 66 deletions.
86 changes: 20 additions & 66 deletions build/vsts-ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,16 +13,19 @@ resources:
- container: UbuntuCrossArm64Container
image: mcr.microsoft.com/dotnet-buildtools/prereqs:ubuntu-18.04-mlnet-cross-arm64

variables:
BuildConfig: Release
OfficialBuildId: $(BUILD.BUILDNUMBER)
DOTNET_CLI_TELEMETRY_OPTOUT: 1
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1
DOTNET_MULTILEVEL_LOOKUP: 0
Codeql.Enabled: true
Codeql.SkipTaskAutoInjection: True #default to not inject CodeQL tasks, we'll enable it in a single job.

jobs:
################################################################################
- job: Linux_x64
################################################################################
variables:
BuildConfig: Release
OfficialBuildId: $(BUILD.BUILDNUMBER)
DOTNET_CLI_TELEMETRY_OPTOUT: 1
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1
DOTNET_MULTILEVEL_LOOKUP: 0
pool:
name: NetCore1ESPool-Internal
demands: ImageOverride -equals Build.Ubuntu.1804.Amd64
Expand All @@ -49,11 +52,6 @@ jobs:
- job: Linux_arm
################################################################################
variables:
BuildConfig: Release
OfficialBuildId: $(BUILD.BUILDNUMBER)
DOTNET_CLI_TELEMETRY_OPTOUT: 1
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1
DOTNET_MULTILEVEL_LOOKUP: 0
ROOTFS_DIR: '/crossrootfs/arm'
pool:
name: NetCore1ESPool-Internal
Expand Down Expand Up @@ -81,11 +79,6 @@ jobs:
- job: Linux_arm64
################################################################################
variables:
BuildConfig: Release
OfficialBuildId: $(BUILD.BUILDNUMBER)
DOTNET_CLI_TELEMETRY_OPTOUT: 1
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1
DOTNET_MULTILEVEL_LOOKUP: 0
ROOTFS_DIR: '/crossrootfs/arm64'
pool:
name: NetCore1ESPool-Internal
Expand All @@ -112,12 +105,6 @@ jobs:
################################################################################
- job: MacOS
################################################################################
variables:
BuildConfig: Release
OfficialBuildId: $(BUILD.BUILDNUMBER)
DOTNET_CLI_TELEMETRY_OPTOUT: 1
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1
DOTNET_MULTILEVEL_LOOKUP: 0
pool:
vmImage: macOS-12
steps:
Expand All @@ -143,12 +130,6 @@ jobs:
################################################################################
- job: MacOS_Apple_Silicon
################################################################################
variables:
BuildConfig: Release
OfficialBuildId: $(BUILD.BUILDNUMBER)
DOTNET_CLI_TELEMETRY_OPTOUT: 1
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1
DOTNET_MULTILEVEL_LOOKUP: 0
pool:
vmImage: macOS-12
steps:
Expand Down Expand Up @@ -180,11 +161,6 @@ jobs:
- job: Windows_x86
################################################################################
variables:
BuildConfig: Release
OfficialBuildId: $(BUILD.BUILDNUMBER)
DOTNET_CLI_TELEMETRY_OPTOUT: 1
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1
DOTNET_MULTILEVEL_LOOKUP: 0
_SignType: real
_UseEsrpSigning: true
_TeamName: DotNetCore
Expand Down Expand Up @@ -233,11 +209,7 @@ jobs:
- job: Windows_x64
################################################################################
variables:
BuildConfig: Release
OfficialBuildId: $(BUILD.BUILDNUMBER)
DOTNET_CLI_TELEMETRY_OPTOUT: 1
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1
DOTNET_MULTILEVEL_LOOKUP: 0
Codeql.SkipTaskAutoInjection: False # run CodeQL in this job
_SignType: real
_UseEsrpSigning: true
_TeamName: DotNetCore
Expand Down Expand Up @@ -297,37 +269,19 @@ jobs:
- Windows_x64
- MacOS_Apple_Silicon
variables:
- name: BuildConfig
value: Release
- name: OfficialBuildId
value: $(BUILD.BUILDNUMBER)
- name: DotnetVersionKind
value: $[variables.VERSIONKIND] # If no "VERSIONKIND" variable is set when queuing the publishing task, this defaults to empty string.
- name: DOTNET_CLI_TELEMETRY_OPTOUT
value: 1
- name: DOTNET_SKIP_FIRST_TIME_EXPERIENCE
value: 1
- name: DOTNET_MULTILEVEL_LOOKUP
value: 0
- name: NUGET_PACKAGES
value: $(Build.SourcesDirectory)/.packages
- name: _SignType
value: real
- name: _UseEsrpSigning
value: true
- name: _TeamName
value: DotNetCore
- name: _AzureDevopsFeedUrl
value: https://pkgs.dev.azure.com/dnceng/public/_packaging/MachineLearning/nuget/v3/index.json
- name: _SymwebSymbolServerPath
value: https://microsoft.artifacts.visualstudio.com/DefaultCollection
- name: _MsdlSymbolServerPath
value: https://microsoftpublicsymbols.artifacts.visualstudio.com/DefaultCollection
DotnetVersionKind: $[variables.VERSIONKIND] # If no "VERSIONKIND" variable is set when queuing the publishing task, this defaults to empty string.
NUGET_PACKAGES: $(Build.SourcesDirectory)/.packages
_SignType: real
_UseEsrpSigning: true
_TeamName: DotNetCore
_AzureDevopsFeedUrl: https://pkgs.dev.azure.com/dnceng/public/_packaging/MachineLearning/nuget/v3/index.json
_SymwebSymbolServerPath: https://microsoft.artifacts.visualstudio.com/DefaultCollection
_MsdlSymbolServerPath: https://microsoftpublicsymbols.artifacts.visualstudio.com/DefaultCollection

# Only enable publishing in non-public, non PR scenarios.
- ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
# DotNet-Symbol-Server-Pats provides: microsoft-symbol-server-pat symweb-symbol-server-pat
- group: DotNet-Symbol-Server-Pats
group: DotNet-Symbol-Server-Pats

pool:
name: NetCore1ESPool-Internal
Expand Down

0 comments on commit ce0a5ba

Please sign in to comment.