From 9b80082a0b4f3dedb55b6db3aa50ade9d7f9ffeb Mon Sep 17 00:00:00 2001 From: David Barbet Date: Thu, 29 Aug 2024 12:02:34 -0700 Subject: [PATCH] Publish using managed identity --- azure-pipelines/install-node.yml | 5 ++ azure-pipelines/prereqs.yml | 5 +- azure-pipelines/release.yml | 101 +++++++++++++++---------------- 3 files changed, 56 insertions(+), 55 deletions(-) create mode 100644 azure-pipelines/install-node.yml diff --git a/azure-pipelines/install-node.yml b/azure-pipelines/install-node.yml new file mode 100644 index 000000000..72aaac84b --- /dev/null +++ b/azure-pipelines/install-node.yml @@ -0,0 +1,5 @@ +steps: +- task: NodeTool@0 + displayName: 'Install Node.js 20.x' + inputs: + versionSpec: '20.x' \ No newline at end of file diff --git a/azure-pipelines/prereqs.yml b/azure-pipelines/prereqs.yml index 368383244..09285359e 100644 --- a/azure-pipelines/prereqs.yml +++ b/azure-pipelines/prereqs.yml @@ -11,10 +11,7 @@ steps: # The server package is downloaded from NuGet - task: NuGetAuthenticate@1 -- task: NodeTool@0 - displayName: 'Install Node.js 20.x' - inputs: - versionSpec: '20.x' +- template: /azure-pipelines/install-node.yml@self # Some tests use predefined docker images with a specific version of .NET installed. # So we avoid installing .NET in those cases. diff --git a/azure-pipelines/release.yml b/azure-pipelines/release.yml index 9bbf100e9..3f8fa66ab 100644 --- a/azure-pipelines/release.yml +++ b/azure-pipelines/release.yml @@ -7,8 +7,6 @@ parameters: default: true variables: -# This is expected to provide VisualStudioMarketplacePAT to the release (https://code.visualstudio.com/api/working-with-extensions/publishing-extension#get-a-personal-access-token) -- group: vscode-csharp release secrets # This is expected to provide pat to tag release. - group: DncEng-Partners-Tokens @@ -55,59 +53,63 @@ extends: buildVersionToDownload: 'specific' buildId: '$(resources.pipeline.officialBuildCI.runID)' branchName: '$(resources.pipeline.officialBuildCI.sourceBranch)' + - template: /azure-pipelines/install-node.yml@self - pwsh: | - npm install --global vsce + npm install --global @vscode/vsce displayName: 'Install vsce' - - pwsh: | - # Choose whether to upload to prerelease or release based on the artifacts generated by the build pipeline. - $artifactFolder = "" - $uploadPrerelease = $true - if (Test-Path -Path "VSIX_Prerelease") { - $artifactFolder = "VSIX_Prerelease" - $uploadPrerelease = $true - } elseif (Test-Path -Path "VSIX_Release") { - $artifactFolder = "VSIX_Release" - $uploadPrerelease = $false - } else { - throw "No artifacts are downloaded." - } + - task: AzureCLI@2 + displayName: '🚀 Publish to Marketplace' + inputs: + azureSubscription: 'VSCode Marketplace Publishing' + scriptType: "pscore" + scriptLocation: 'inlineScript' + workingDirectory: $(Pipeline.Workspace) + inlineScript: | + # Choose whether to upload to prerelease or release based on the artifacts generated by the build pipeline. + $artifactFolder = "" + $uploadPrerelease = $true + if (Test-Path -Path "VSIX_Prerelease") { + $artifactFolder = "VSIX_Prerelease" + $uploadPrerelease = $true + } elseif (Test-Path -Path "VSIX_Release") { + $artifactFolder = "VSIX_Release" + $uploadPrerelease = $false + } else { + throw "No artifacts are downloaded." + } - Write-Host "Uploading artifacts from $artifactFolder with prerelease=$uploadPrerelease" + Write-Host "Uploading artifacts from $artifactFolder with prerelease=$uploadPrerelease" - # Our build pipeline would generated build based on attempt number. Publishing the latest attempt. - $allArtifacts = Get-ChildItem -Path "$artifactFolder*" | Sort-Object -Descending - if ($allArtifacts.Length -eq 0) { - throw "No artifacts in $artifactFolder" - } + # Our build pipeline would generated build based on attempt number. Publishing the latest attempt. + $allArtifacts = Get-ChildItem -Path "$artifactFolder*" | Sort-Object -Descending + if ($allArtifacts.Length -eq 0) { + throw "No artifacts in $artifactFolder" + } - $publishArtifacts = $allArtifacts[0] - Write-Host "All artifacts: $($allArtifacts). Publishing $($publishArtifacts)." + $publishArtifacts = $allArtifacts[0] + Write-Host "All artifacts: $($allArtifacts). Publishing $($publishArtifacts)." - $basePublishArgs = , "publish" - If ( $uploadPrerelease ) { - $basePublishArgs += "--pre-release" - Write-Host "Publish to pre-release channel." - } Else { - Write-Host "Publish to release channel." - } - $basePublishArgs += '--packagePath' - $publishArgs = $basePublishArgs + (Get-ChildItem $publishArtifacts\*.vsix | Sort-Object Name -Descending |% { $_ }) + $basePublishArgs = , "publish --azure-credential" + If ( $uploadPrerelease ) { + $basePublishArgs += "--pre-release" + Write-Host "Publish to pre-release channel." + } Else { + Write-Host "Publish to release channel." + } + $basePublishArgs += '--packagePath' + $publishArgs = $basePublishArgs + (Get-ChildItem $publishArtifacts\*.vsix | Sort-Object Name -Descending |% { $_ }) - If ("${{ parameters.test }}" -eq "true") { - Write-Host "In test mode, command is printed instead of run." - Write-Host "##[command]vsce $publishArgs" + If ("${{ parameters.test }}" -eq "true") { + Write-Host "In test mode, command is printed instead of run." + Write-Host "##[command]vsce $publishArgs" - Write-Host "🔒 Verify PAT." - vsce verify-pat ms-dotnettools - } - Else { - Write-Host "##[command]vsce $publishArgs" - vsce @publishArgs - } - displayName: 🚀 Publish to Marketplace - workingDirectory: $(Pipeline.Workspace) - env: - VSCE_PAT: $(VSCodeMarketplacePAT) + Write-Host "🔒 Verify PAT." + vsce verify-pat --azure-credential ms-dotnettools + } + Else { + Write-Host "##[command]vsce $publishArgs" + vsce @publishArgs + } - stage: 'TagRelease' displayName: 'Tag release of vscode-csharp' dependsOn: 'PublishStage' @@ -119,15 +121,12 @@ extends: image: 1es-ubuntu-2204 os: linux steps: - - task: NodeTool@0 - displayName: 'Install Node.js 18.x' - inputs: - versionSpec: '18.x' - checkout: self clean: true submodules: true fetchTags: false fetchDepth: 0 + - template: /azure-pipelines/install-node.yml@self - pwsh: | git checkout $(resources.pipeline.officialBuildCI.sourceCommit) displayName: 'Checkout build source branch'