From 7fe63492371a5eeb5871a04ac0663d5e25cbc8d6 Mon Sep 17 00:00:00 2001 From: Matthew Leibowitz Date: Wed, 27 Mar 2024 16:31:22 +0200 Subject: [PATCH] Scan the correct things correctly (#2808) --- scripts/azure-templates-stages.yml | 62 ++++++++++++++++++++---------- 1 file changed, 41 insertions(+), 21 deletions(-) diff --git a/scripts/azure-templates-stages.yml b/scripts/azure-templates-stages.yml index 92863de974..b39f34db49 100644 --- a/scripts/azure-templates-stages.yml +++ b/scripts/azure-templates-stages.yml @@ -545,27 +545,41 @@ stages: buildAgent: ${{ parameters.buildAgentWindows}} target: nuget-normal additionalArgs: --skipExternals="all" + shouldPublish: false requiredArtifacts: - name: native postBuildSteps: - - pwsh: Remove-Item ./output/native/ -Recurse -Force -ErrorAction Continue - displayName: Delete the native folder - pwsh: | - New-Item '$(Build.ArtifactStagingDirectory)\nugets\' -Type Directory -Force | Out-Null - Get-ChildItem '.\output\nugets\' | Copy-Item -Destination '$(Build.ArtifactStagingDirectory)\nugets\' -Recurse -Force - Copy-Item -Path '.\scripts\SignList.xml' -Destination '$(Build.ArtifactStagingDirectory)\nugets\' - Remove-Item '.\output\nugets\' -Recurse -Force - displayName: Move the nugets artifact to the staging directory + Remove-Item ./output/native/ -Recurse -Force -ErrorAction Continue + Move-Item -Path '.\output\' -Destination '$(Build.ArtifactStagingDirectory)\output\' + New-Item '.\output\' -Type Directory -Force | Out-Null + displayName: Re-organize the output folder for publishing + - pwsh: | + Move-Item -Path '$(Build.ArtifactStagingDirectory)\output\nugets\' -Destination '.\output\' + Copy-Item -Path '.\scripts\SignList.xml' -Destination '.\output\nugets\' + displayName: Prepare the nugets artifact for publishing - pwsh: | - New-Item '$(Build.ArtifactStagingDirectory)\nugets-symbols\' -Type Directory -Force | Out-Null - Get-ChildItem '.\output\nugets-symbols\' | Copy-Item -Destination '$(Build.ArtifactStagingDirectory)\nugets-symbols\' -Recurse -Force - Remove-Item '.\output\nugets-symbols\' -Recurse -Force - displayName: Move the nugets-symbols artifact to the staging directory + Move-Item -Path '$(Build.ArtifactStagingDirectory)\output\nugets-symbols\' -Destination '.\output\' + displayName: Prepare the nugets-symbols artifact for publishing + - pwsh: | + Move-Item -Path '$(Build.ArtifactStagingDirectory)\output\' -Destination '.\output\' + displayName: Prepare the build artifact for publishing + - pwsh: | + $nupkgs = (Get-ChildItem ".\output\nugets*\*.*nupkg") + foreach ($nupkg in $nupkgs) { + $filename = $nupkg.Name.TrimEnd('.nupkg') + $dest = ".\output\extracted_nugets\$filename" + Write-Host "Extracting '$nupkg' to '$dest'..." + Expand-Archive $nupkg $dest + } + displayName: Extract all the .nupkg files for scanning publishArtifacts: + - name: package_normal_windows + path: '.\output\output\' - name: nuget - path: '$(Build.ArtifactStagingDirectory)\nugets' + path: '.\output\nugets' - name: nuget_symbols - path: '$(Build.ArtifactStagingDirectory)\nugets-symbols' + path: '.\output\nugets-symbols' - template: /scripts/azure-templates-bootstrapper.yml@self # Package Special NuGets parameters: name: package_special_windows @@ -576,6 +590,7 @@ stages: dependsOn: package_normal_windows target: nuget-special additionalArgs: --skipExternals="all" --exclusive + shouldPublish: false requiredArtifacts: - name: nuget dir: nugets @@ -583,17 +598,22 @@ stages: dir: nugets-symbols postBuildSteps: - pwsh: | - New-Item '$(Build.ArtifactStagingDirectory)\nugets-special\' -Type Directory -Force | Out-Null - Get-ChildItem '.\output\nugets-special\' | Copy-Item -Destination '$(Build.ArtifactStagingDirectory)\nugets-special\' -Recurse -Force - Remove-Item '.\output\nugets-special\' -Recurse -Force - displayName: Move the nugets-special artifact to the staging directory + Remove-Item ./output/nugets/ -Recurse -Force -ErrorAction Continue + Remove-Item ./output/nugets-symbols/ -Recurse -Force -ErrorAction Continue + Move-Item -Path '.\output\' -Destination '$(Build.ArtifactStagingDirectory)\output\' + New-Item '.\output\' -Type Directory -Force | Out-Null + displayName: Re-organize the output folder for publishing + - pwsh: | + Move-Item -Path '$(Build.ArtifactStagingDirectory)\output\nugets-special\' -Destination '.\output\' + displayName: Prepare the nugets-special artifact for publishing - pwsh: | - Remove-Item ./output/nugets/ -Recurse -Force - Remove-Item ./output/nugets-symbols/ -Recurse -Force - displayName: Delete the downloaded artifacts + Move-Item -Path '$(Build.ArtifactStagingDirectory)\output\' -Destination '.\output\' + displayName: Prepare the build artifact for publishing publishArtifacts: + - name: package_special_windows + path: '.\output\output\' - name: nuget_special - path: '$(Build.ArtifactStagingDirectory)\nugets-special' + path: '.\output\nugets-special' - ${{ if ne(parameters.buildPipelineType, 'build') }}: - stage: api_diff