[Ignore] Move to yml for release (#1034)

* initial move to yml

* iterate

* add codebasename

* whitespace

* whitespace

* jobs

* skip binskim for now

* fix extract script

* fix all env vars

* paths are hard

* better zip

* forgot access token

* move ci to a PSES-CI folder

* delete leftover release build stuff

Author: TylerLeonhardt

.vsts-ci/azure-pipelines-release.yml

@@ -0,0 +1,51 @@
+name: PR-$(System.PullRequest.PullRequestNumber)-$(Date:yyyyMMdd)$(Rev:.rr)
+
+variables:
+  # Don't download unneeded packages
+  - name: DOTNET_SKIP_FIRST_TIME_EXPERIENCE
+    value: 'true'
+  # Improve performance by not sending telemetry
+  - name: DOTNET_CLI_TELEMETRY_OPTOUT
+    value: 'true'
+
+trigger:
+  batch: true
+  branches:
+    include:
+      - master
+      - legacy/1.x
+  paths:
+    exclude:
+      - /.dependabot/*
+      - /.poshchan/*
+      - /.github/**/*
+      - /.vscode/**/*
+      - /.vsts-ci/misc-analysis.yml
+      - /tools/**/*
+      - .editorconfig
+      - .gitattributes
+      - .gitignore
+      - /docs/**/*
+      - /CHANGELOG.md
+      - /CONTRIBUTING.md
+      - /README.md
+      - /LICENSE
+      - /CODE_OF_CONDUCT.md
+
+jobs:
+
+- job: 'ReleaseBuild'
+  displayName: 'Build release'
+  pool:
+    vmImage: 'vs2017-win2016'
+  steps:
+  - template: templates/ci-general.yml
+
+- job: 'SignBuild'
+  displayName: Signing Build
+  dependsOn: 'ReleaseBuild'
+  pool:
+    name: 'Package ES CodeHub Lab E'
+    demands: DotNetFramework
+  steps:
+  - template: templates/release-general.yml

.vsts-ci/templates/ci-general.yml

@@ -21,5 +21,5 @@ steps:
     condition: succeededOrFailed()
   - task: PublishBuildArtifacts@1
     inputs:
-      ArtifactName: PowerShellEditorServices
+      ArtifactName: PowerShellEditorServices-CI
       PathtoPublish: '$(Build.ArtifactStagingDirectory)'

.vsts-ci/templates/release-general.yml

@@ -0,0 +1,133 @@
+steps:
+- pwsh: |
+    Get-ChildItem -Path env:
+  displayName: Capture environment
+  condition: succeededOrFailed()
+
+- task: PkgESSetupBuild@10
+  displayName: 'Package ES - Setup Build'
+  inputs:
+    productName: PowerShellEditorServices
+
+- task: DownloadBuildArtifacts@0
+  displayName: 'Download Build Artifacts'
+  inputs:
+    downloadType: specific
+
+- task: PowerShell@1
+  displayName: 'Extract build zip'
+  inputs:
+    scriptType: inlineScript
+    inlineScript: |
+      $dest = New-Item -ItemType Directory $env:BUILD_ARTIFACTSTAGINGDIRECTORY/release/out/PowerShellEditorServices
+      $psesZip = Get-ChildItem $env:BUILD_ARTIFACTSTAGINGDIRECTORY/PowerShellEditorServices-CI/PowerShellEditorServices*.zip -ErrorAction Stop
+      $psesZip | Expand-Archive -DestinationPath $dest -Force -Verbose
+      $psesZip | Remove-Item -Recurse -Force
+
+- task: PkgESCodeSign@10
+  displayName: 'CodeSign tools/releaseBuild/signing.xml'
+  env:
+    SYSTEM_ACCESSTOKEN: $(System.AccessToken)
+  inputs:
+    signConfigXml: tools/releaseBuild/signing.xml
+    inPathRoot: '$(Build.ArtifactStagingDirectory)'
+    outPathRoot: '$(Build.ArtifactStagingDirectory)\Signed'
+
+- task: PowerShell@1
+  displayName: 'Copy signed items into output'
+  inputs:
+    scriptType: inlineScript
+    inlineScript: |
+     $signed="$(Build.ArtifactStagingDirectory)\Signed\PowerShellEditorServices\*"
+     $notSigned="$(Build.ArtifactStagingDirectory)\release\out\PowerShellEditorServices"
+     Copy-Item $signed $notSigned -Recurse -Force
+
+- task: PowerShell@1
+  displayName: 'Create catalog files'
+  inputs:
+    scriptType: inlineScript
+    inlineScript: |
+     $dir = "$(Build.ArtifactStagingDirectory)\release\out\PowerShellEditorServices\PowerShellEditorServices"
+     New-FileCatalog -CatalogFilePath "$(Build.ArtifactStagingDirectory)\PowerShellEditorServices.cat" -Path $dir
+
+     $dir = "$(Build.ArtifactStagingDirectory)\release\out\PowerShellEditorServices\PowerShellEditorServices.VSCode"
+     New-FileCatalog -CatalogFilePath "$(Build.ArtifactStagingDirectory)\PowerShellEditorServices.VSCode.cat" -Path $dir
+
+- task: PkgESCodeSign@10
+  displayName: 'CodeSign tools/releaseBuild/FileCatalogSigning.xml'
+  env:
+    SYSTEM_ACCESSTOKEN: $(System.AccessToken)
+  inputs:
+    signConfigXml: tools/releaseBuild/FileCatalogSigning.xml
+    inPathRoot: '$(Build.ArtifactStagingDirectory)'
+    outPathRoot: '$(Build.ArtifactStagingDirectory)'
+
+- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
+  displayName: 'Component Detection'
+
+- task: AntiMalware@3
+  inputs:
+    InputType: 'Basic'
+    ScanType: 'CustomScan'
+    FileDirPath: '$(Build.ArtifactStagingDirectory)'
+    EnableServices: false
+    SupportLogOnError: false
+    TreatSignatureUpdateFailureAs: 'Warning'
+    SignatureFreshness: 'UpToDate'
+    TreatStaleSignatureAs: 'Error'
+
+- task: PoliCheck@1
+  condition: succeededOrFailed()
+  inputs:
+    targetType: F
+    optionsFC: 0
+    optionsXS: 0
+    optionsPE: '1|2|3|4'
+    optionsHMENABLE: 0
+    optionsFTPATH: '$(Build.SourcesDirectory)\tools\terms\FileTypeSet.xml'
+    # toolVersion: 5.8.2.1
+
+- task: CredScan@2
+  condition: succeededOrFailed()
+
+# - task: BinSkim@3
+#   condition: succeededOrFailed()
+#   inputs:
+#     InputType: 'Basic'
+#     Function: 'analyze'
+#     AnalyzeRecurse: true
+#     AnalyzeTarget: '$(Build.ArtifactStagingDirectory)\release;$(Build.ArtifactStagingDirectory)\OutGridView*.dll'
+
+# Publish results as artifacts
+- task: PublishSecurityAnalysisLogs@3
+  condition: succeededOrFailed()
+  inputs:
+    ArtifactName: 'CodeAnalysisLogs'
+    ArtifactType: 'Container'
+
+# Publish to TSA server
+- task: TSAUpload@1
+  condition: succeededOrFailed()
+  continueOnError: true
+  inputs:
+    tsaVersion: 'TsaV2'
+    codebase: 'Existing'
+    tsaEnvironment: 'PROD'
+    codeBaseName: 'PowerShell_PowerShellEditorServices_20190917'
+    uploadAPIScan: false
+    uploadBinSkim: false
+    uploadCredScan: true
+    uploadFortifySCA: false
+    uploadFxCop: false
+    uploadModernCop: false
+    uploadPoliCheck: true
+    uploadPREfast: false
+    uploadRoslyn: false
+    uploadTSLint: false
+    uploadAsync: true
+
+- task: PowerShell@1
+  displayName: 'Upload artifacts'
+  inputs:
+    scriptType: inlineScript
+    inlineScript: 'Write-Host "##vso[artifact.upload containerfolder=PowerShellEditorServices;artifactname=PowerShellEditorServices]$(Build.ArtifactStagingDirectory)\release\out\PowerShellEditorServices"'