Skip to content

Commit

Permalink
Sync eng/common directory with azure-sdk-tools for PR 8388 (#23015)
Browse files Browse the repository at this point in the history
* Removal of the devops release PAT

* Don't pass in the access token, just use the AzureCLI task and do everything in the scripts

* Updates for feedback

---------

Co-authored-by: James Suplizio <[email protected]>
  • Loading branch information
azure-sdk and JimSuplizio authored Jun 13, 2024
1 parent 534a017 commit fea750b
Show file tree
Hide file tree
Showing 5 changed files with 46 additions and 75 deletions.
27 changes: 14 additions & 13 deletions eng/common/pipelines/templates/steps/validate-all-packages.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,20 +10,21 @@ steps:
displayName: "Set as release build"
condition: and(succeeded(), eq(variables['SetAsReleaseBuild'], ''))
- task: Powershell@2
- task: AzureCLI@2
inputs:
filePath: $(Build.SourcesDirectory)/eng/common/scripts/Validate-All-Packages.ps1
arguments: >
-ArtifactList ('${{ convertToJson(parameters.Artifacts) }}' | ConvertFrom-Json | Select-Object Name)
-ArtifactPath ${{ parameters.ArtifactPath }}
-RepoRoot $(Build.SourcesDirectory)
-APIKey $(azuresdk-apiview-apikey)
-ConfigFileDir '${{ parameters.ConfigFileDir }}'
-BuildDefinition $(System.CollectionUri)$(System.TeamProject)/_build?definitionId=$(System.DefinitionId)
-PipelineUrl $(System.CollectionUri)$(System.TeamProject)/_build/results?buildId=$(Build.BuildId)
-Devops_pat '$(azuresdk-azure-sdk-devops-release-work-item-pat)'
-IsReleaseBuild $$(SetAsReleaseBuild)
pwsh: true
azureSubscription: opensource-api-connection
scriptType: pscore
scriptLocation: inlineScript
inlineScript: |
$(Build.SourcesDirectory)/eng/common/scripts/Validate-All-Packages.ps1 `
-ArtifactList ('${{ convertToJson(parameters.Artifacts) }}' | ConvertFrom-Json | Select-Object Name) `
-ArtifactPath ${{ parameters.ArtifactPath }} `
-RepoRoot $(Build.SourcesDirectory) `
-APIKey $(azuresdk-apiview-apikey) `
-ConfigFileDir '${{ parameters.ConfigFileDir }}' `
-BuildDefinition $(System.CollectionUri)$(System.TeamProject)/_build?definitionId=$(System.DefinitionId) `
-PipelineUrl $(System.CollectionUri)$(System.TeamProject)/_build/results?buildId=$(Build.BuildId) `
-IsReleaseBuild $$(SetAsReleaseBuild)
workingDirectory: $(Pipeline.Workspace)
displayName: Validate packages and update work items
continueOnError: true
Expand Down
29 changes: 8 additions & 21 deletions eng/common/scripts/Helpers/DevOps-WorkItem-Helpers.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -5,19 +5,15 @@ $ReleaseDevOpsCommonParametersWithProject = $ReleaseDevOpsCommonParameters + @("

function Get-DevOpsRestHeaders()
{
$headers = $null
if (Get-Variable -Name "devops_pat" -ValueOnly -ErrorAction "Ignore")
{
$encodedToken = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes([string]::Format("{0}:{1}", "", $devops_pat)))
$headers = @{ Authorization = "Basic $encodedToken" }
}
else
{
# Get a temp access token from the logged in az cli user for azure devops resource
$jwt_accessToken = (az account get-access-token --resource "499b84ac-1321-427f-aa17-267ca6975798" --query "accessToken" --output tsv)
$headers = @{ Authorization = "Bearer $jwt_accessToken" }
# Get a temp access token from the logged in az cli user for azure devops resource
$headerAccessToken = (az account get-access-token --resource "499b84ac-1321-427f-aa17-267ca6975798" --query "accessToken" --output tsv)

if ([System.String]::IsNullOrEmpty($headerAccessToken)) {
throw "Unable to create the DevOpsRestHeader due to access token being null or empty. The caller needs to be logged in with az login to an account with enough permissions to edit work items in the azure-sdk Release team project."
}

$headers = @{ Authorization = "Bearer $headerAccessToken" }

return $headers
}

Expand Down Expand Up @@ -103,15 +99,6 @@ function Invoke-Query($fields, $wiql, $output = $true)
return $workItems
}

function LoginToAzureDevops([string]$devops_pat)
{
if (!$devops_pat) {
return
}
# based on the docs at https://aka.ms/azure-devops-cli-auth the recommendation is to set this env variable to login
$env:AZURE_DEVOPS_EXT_PAT = $devops_pat
}

function BuildHashKeyNoNull()
{
$filterNulls = $args | Where-Object { $_ }
Expand Down Expand Up @@ -374,7 +361,7 @@ function CreateWorkItem($title, $type, $iteration, $area, $fields, $assignedTo,
{
CreateWorkItemRelation $workItemId $parentId "parent" $outputCommand
}

# Add a work item as related if given.
if ($relatedId)
{
Expand Down
15 changes: 4 additions & 11 deletions eng/common/scripts/Update-DevOps-Release-WorkItem.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@ param(
[string]$packageNewLibrary = "true",
[string]$relatedWorkItemId = $null,
[string]$tag = $null,
[string]$devops_pat = $env:DEVOPS_PAT,
[bool]$inRelease = $true
)
#Requires -Version 6.0
Expand All @@ -29,16 +28,10 @@ if (!(Get-Command az -ErrorAction SilentlyContinue)) {
. (Join-Path $PSScriptRoot SemVer.ps1)
. (Join-Path $PSScriptRoot Helpers DevOps-WorkItem-Helpers.ps1)

if (!$devops_pat) {
az account show *> $null
if (!$?) {
Write-Host 'Running az login...'
az login *> $null
}
}
else {
# Login using PAT
LoginToAzureDevops $devops_pat
az account show *> $null
if (!$?) {
Write-Host 'Running az login...'
az login *> $null
}

az extension show -n azure-devops *> $null
Expand Down
4 changes: 1 addition & 3 deletions eng/common/scripts/Validate-All-Packages.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@ Param (
[string]$BuildDefinition,
[string]$PipelineUrl,
[string]$APIViewUri = "https://apiview.dev/AutoReview/GetReviewStatus",
[string]$Devops_pat = $env:DEVOPS_PAT,
[bool] $IsReleaseBuild = $false
)

Expand All @@ -33,8 +32,7 @@ function ProcessPackage($PackageName, $ConfigFileDir)
-APIKey $APIKey `
-BuildDefinition $BuildDefinition `
-PipelineUrl $PipelineUrl `
-ConfigFileDir $ConfigFileDir `
-Devops_pat $Devops_pat
-ConfigFileDir $ConfigFileDir
if ($LASTEXITCODE -ne 0) {
Write-Error "Failed to validate package $PackageName"
exit 1
Expand Down
46 changes: 19 additions & 27 deletions eng/common/scripts/Validate-Package.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -2,20 +2,19 @@

[CmdletBinding()]
param (
[Parameter(Mandatory = $true)]
[Parameter(Mandatory = $true)]
[string] $PackageName,
[Parameter(Mandatory = $true)]
[Parameter(Mandatory = $true)]
[string] $ArtifactPath,
[Parameter(Mandatory=$True)]
[string] $RepoRoot,
[Parameter(Mandatory=$True)]
[string] $APIKey,
[string] $APIKey,
[Parameter(Mandatory=$True)]
[string] $ConfigFileDir,
[string] $BuildDefinition,
[string] $PipelineUrl,
[string] $APIViewUri,
[string] $Devops_pat = $env:DEVOPS_PAT,
[bool] $IsReleaseBuild = $false
)
Set-StrictMode -Version 3
Expand All @@ -24,16 +23,10 @@ Set-StrictMode -Version 3
. ${PSScriptRoot}\Helpers\ApiView-Helpers.ps1
. ${PSScriptRoot}\Helpers\DevOps-WorkItem-Helpers.ps1

if (!$Devops_pat) {
az account show *> $null
if (!$?) {
Write-Host 'Running az login...'
az login *> $null
}
}
else {
# Login using PAT
LoginToAzureDevops $Devops_pat
az account show *> $null
if (!$?) {
Write-Host 'Running az login...'
az login *> $null
}

az extension show -n azure-devops *> $null
Expand All @@ -57,12 +50,12 @@ function ValidateChangeLog($changeLogPath, $versionString, $validationStatus)
Message = ""
}
$changeLogFullPath = Join-Path $RepoRoot $changeLogPath
Write-Host "Path to change log: [$changeLogFullPath]"
Write-Host "Path to change log: [$changeLogFullPath]"
if (Test-Path $changeLogFullPath)
{
Confirm-ChangeLogEntry -ChangeLogLocation $changeLogFullPath -VersionString $versionString -ForRelease $true -ChangeLogStatus $ChangeLogStatus -SuppressErrors $true
$validationStatus.Status = if ($ChangeLogStatus.IsValid) { "Success" } else { "Failed" }
$validationStatus.Message = $ChangeLogStatus.Message
$validationStatus.Message = $ChangeLogStatus.Message
}
else {
$validationStatus.Status = "Failed"
Expand All @@ -83,7 +76,7 @@ function VerifyAPIReview($packageName, $packageVersion, $language)
$APIReviewValidation = [PSCustomObject]@{
Name = "API Review Approval"
Status = "Pending"
Message = ""
Message = ""
}
$PackageNameValidation = [PSCustomObject]@{
Name = "Package Name Approval"
Expand All @@ -101,7 +94,7 @@ function VerifyAPIReview($packageName, $packageVersion, $language)
IsApproved = $false
Details = ""
}
Write-Host "Checking API review status for package $packageName with version $packageVersion. language [$language]."
Write-Host "Checking API review status for package $packageName with version $packageVersion. language [$language]."
Check-ApiReviewStatus $packageName $packageVersion $language $APIViewUri $APIKey $apiStatus $packageNameStatus

Write-Host "API review approval details: $($apiStatus.Details)"
Expand Down Expand Up @@ -132,14 +125,14 @@ function VerifyAPIReview($packageName, $packageVersion, $language)

function IsVersionShipped($packageName, $packageVersion)
{
# This function will decide if a package version is already shipped or not
# This function will decide if a package version is already shipped or not
Write-Host "Checking if a version is already shipped for package $packageName with version $packageVersion."
$parsedNewVersion = [AzureEngSemanticVersion]::new($packageVersion)
$versionMajorMinor = "" + $parsedNewVersion.Major + "." + $parsedNewVersion.Minor
$workItem = FindPackageWorkItem -lang $LanguageDisplayName -packageName $packageName -version $versionMajorMinor -includeClosed $true -outputCommand $false
if ($workItem)
{
# Check if the package version is already shipped
# Check if the package version is already shipped
$shippedVersionSet = ParseVersionSetFromMDField $workItem.fields["Custom.ShippedPackages"]
if ($shippedVersionSet.ContainsKey($packageVersion)) {
return $true
Expand All @@ -163,8 +156,8 @@ function CreateUpdatePackageWorkItem($pkgInfo)
$setReleaseState = $false
$plannedDate = "unknown"
}
# Create or update package work item

# Create or update package work item
&$EngCommonScriptsDir/Update-DevOps-Release-WorkItem.ps1 `
-language $LanguageDisplayName `
-packageName $packageName `
Expand All @@ -175,9 +168,8 @@ function CreateUpdatePackageWorkItem($pkgInfo)
-packageNewLibrary $pkgInfo.IsNewSDK `
-serviceName "unknown" `
-packageDisplayName "unknown" `
-inRelease $IsReleaseBuild `
-devops_pat $Devops_pat

-inRelease $IsReleaseBuild

if ($LASTEXITCODE -ne 0)
{
Write-Host "Update of the Devops Release WorkItem failed."
Expand Down Expand Up @@ -244,7 +236,7 @@ $updatedWi = CreateUpdatePackageWorkItem $pkgInfo
# Update validation status in package work item
if ($updatedWi) {
Write-Host "Updating validation status in package work item."
$updatedWi = UpdateValidationStatus $pkgValidationDetails $BuildDefinition $PipelineUrl
$updatedWi = UpdateValidationStatus $pkgValidationDetails $BuildDefinition $PipelineUrl
}

# Fail the build if any validation is not successful for a release build
Expand All @@ -254,7 +246,7 @@ Write-Host "Package Name status:" $apireviewDetails.PackageNameApproval.Status

if ($IsReleaseBuild)
{
if (!$updatedWi -or $changelogStatus.Status -ne "Success" -or $apireviewDetails.ApiviewApproval.Status -ne "Approved" -or $apireviewDetails.PackageNameApproval.Status -ne "Approved") {
if (!$updatedWi -or $changelogStatus.Status -ne "Success" -or $apireviewDetails.ApiviewApproval.Status -ne "Approved" -or $apireviewDetails.PackageNameApproval.Status -ne "Approved") {
Write-Error "At least one of the Validations above failed for package $pkgName with version $versionString."
exit 1
}
Expand Down

0 comments on commit fea750b

Please sign in to comment.