Use pipeline artifacts instead of build artifacts

Also move the creation of said artifacts into Azure DevOps templates
themselves, instead of in the build system. Finally, download only the
signed pipeline artifacts in the deployment, which by default downloads
all artifacts.

Author: andyleejordan

.vsts-ci/templates/ci-general.yml

@@ -22,22 +22,25 @@ steps:
   - pwsh: Write-Host "##vso[build.updatebuildnumber]$env:BUILD_SOURCEBRANCHNAME-$env:BUILD_SOURCEVERSION-$((get-date).ToString("yyyyMMddhhmmss"))"
     displayName: Set Build Name for Non-PR
     condition: ne(variables['Build.Reason'], 'PullRequest')
+
   - task: PowerShell@2
     inputs:
       filePath: tools/azurePipelinesBuild.ps1
       pwsh: ${{ parameters.pwsh }}
+
+  - publish: module
+    artifact: PowerShellEditorServices-Build-$(System.JobId)
+    displayName: Publish unsigned pipeline artifacts
+    condition: succeededOrFailed()
+
   - task: PublishTestResults@2
     inputs:
       testRunner: VSTest
       testResultsFiles: '**/*.trx'
     condition: succeededOrFailed()
+
   - task: PublishTestResults@2
     inputs:
       testRunner: NUnit
       testResultsFiles: '**/TestResults.xml'
     condition: succeededOrFailed()
-  - task: PublishBuildArtifacts@1
-    inputs:
-      ArtifactName: PowerShellEditorServices-CI
-      PathtoPublish: '$(Build.ArtifactStagingDirectory)'
-    condition: succeededOrFailed()

.vsts-ci/templates/publish-general.yml

@@ -1,6 +1,9 @@
 steps:
 - checkout: self
 - checkout: vscode-powershell
+- download: current
+  artifact: PowerShellEditorServices
+  displayName: Download signed pipeline artifacts
 - pwsh: |
     Set-PSRepository -Name PSGallery -InstallationPolicy Trusted | Out-Null
     Install-Module -Name PowerShellForGitHub -Scope CurrentUser -Force -Confirm:$false

.vsts-ci/templates/release-general.yml

@@ -1,25 +1,18 @@
 steps:
 
-# TODO: Replace build artifacts with pipeline artifacts
-- task: DownloadBuildArtifacts@0
-  displayName: Download build artifacts
+- task: DownloadPipelineArtifact@2
   inputs:
-    downloadType: specific
-
-- task: ExtractFiles@1
-  displayName: Unzip build artifacts
-  inputs:
-    archiveFilePatterns: $(Build.ArtifactStagingDirectory)/PowerShellEditorServices-CI/PowerShellEditorServices*.zip
-    destinationFolder: $(Build.ArtifactStagingDirectory)/Unsigned
+    path: PowerShellEditorServices-Build
+  displayName: Download unsigned pipeline artifacts
 
 - checkout: ComplianceRepo
 
 # NOTE: The signing templates explicitly copy everything along as they run, so
 # the last output path has every signed (and intentionally unsigned) file.
 - template: EsrpSign.yml@ComplianceRepo
   parameters:
-    buildOutputPath: $(Build.ArtifactStagingDirectory)/Unsigned
-    signOutputPath: $(Build.ArtifactStagingDirectory)/FirstPartySigned
+    buildOutputPath: $(Pipeline.Workspace)/PowerShellEditorServices-Build
+    signOutputPath: $(Pipeline.Workspace)/FirstPartySigned
     alwaysCopy: true
     certificateId: CP-230012 # Authenticode certificate
     shouldSign: true # We always want to sign
@@ -37,8 +30,8 @@ steps:
 
 - template: EsrpSign.yml@ComplianceRepo
   parameters:
-    buildOutputPath: $(Build.ArtifactStagingDirectory)/FirstPartySigned
-    signOutputPath: $(Build.ArtifactStagingDirectory)/ThirdPartySigned
+    buildOutputPath: $(Pipeline.Workspace)/FirstPartySigned
+    signOutputPath: $(Pipeline.Workspace)/ThirdPartySigned
     alwaysCopy: true
     certificateId: CP-231522 # Third-party certificate
     shouldSign: true # We always want to sign
@@ -54,14 +47,14 @@ steps:
 - task: ArchiveFiles@2
   displayName: Zip finished assets
   inputs:
-    rootFolderOrFile: $(Build.ArtifactStagingDirectory)/ThirdPartySigned
+    rootFolderOrFile: $(Pipeline.Workspace)/ThirdPartySigned
     includeRootFolder: false
     archiveType: zip
-    archiveFile: $(Build.ArtifactStagingDirectory)/PowerShellEditorServices.zip
+    archiveFile: PowerShellEditorServices.zip
     replaceExistingArchive: true
     verbose: true
 
-- publish: $(Build.ArtifactStagingDirectory)/PowerShellEditorServices.zip
+- publish: PowerShellEditorServices.zip
   artifact: PowerShellEditorServices
   displayName: Publish signed pipeline artifacts
 
@@ -70,18 +63,18 @@ steps:
 - template: assembly-module-compliance.yml@ComplianceRepo
   parameters:
     # binskim
-    AnalyzeTarget: '$(Build.ArtifactStagingDirectory)/*.dll'
+    AnalyzeTarget: $(Pipeline.Workspace)/*.dll
     AnalyzeSymPath: 'SRV*'
     # component-governance
-    sourceScanPath: '$(Build.SourcesDirectory)/PowerShellEditorServices'
+    sourceScanPath: $(Build.SourcesDirectory)/PowerShellEditorServices
     # credscan
     suppressionsFile: ''
     # TermCheck AKA PoliCheck
-    targetArgument: '$(Build.SourcesDirectory)/PowerShellEditorServices'
-    optionsUEPATH: '$(Build.SourcesDirectory)/PowerShellEditorServices/tools/terms/UserExclusions.xml'
+    targetArgument: $(Build.SourcesDirectory)/PowerShellEditorServices
+    optionsUEPATH: $(Build.SourcesDirectory)/PowerShellEditorServices/tools/terms/UserExclusions.xml
     optionsRulesDBPath: ''
-    optionsFTPath: '$(Build.SourcesDirectory)/PowerShellEditorServices/tools/terms/FileTypeSet.xml'
+    optionsFTPath: $(Build.SourcesDirectory)/PowerShellEditorServices/tools/terms/FileTypeSet.xml
     # tsa-upload
-    codeBaseName: 'PowerShell_PowerShellEditorServices_20210201'
+    codeBaseName: PowerShell_PowerShellEditorServices_20210201
     # selections
     APIScan: false

PowerShellEditorServices.build.ps1

@@ -146,31 +146,6 @@ task Clean BinClean,{
     }
 }
 
-task GetProductVersion -Before PackageModule, UploadArtifacts {
-    [xml]$props = Get-Content .\PowerShellEditorServices.Common.props
-
-    $script:BuildNumber = 9999
-    $script:VersionSuffix = $props.Project.PropertyGroup.VersionSuffix
-
-    if ($env:TF_BUILD) {
-        # SYSTEM_PHASENAME is the Job name.
-        # Job names can only include `_` but that's not a valid character for versions.
-        $jobname = $env:SYSTEM_PHASENAME -replace '_', ''
-        $script:BuildNumber = "$jobname-$env:BUILD_BUILDID"
-    }
-
-    if ($script:VersionSuffix -ne $null) {
-        $script:VersionSuffix = "$script:VersionSuffix-$script:BuildNumber"
-    }
-    else {
-        $script:VersionSuffix = "$script:BuildNumber"
-    }
-
-    $script:FullVersion = "$($props.Project.PropertyGroup.VersionPrefix)-$script:VersionSuffix"
-
-    Write-Host "`n### Product Version: $script:FullVersion`n" -ForegroundColor Green
-}
-
 task CreateBuildInfo -Before Build {
     $buildVersion = "<development-build>"
     $buildOrigin = "Development"
@@ -435,17 +410,5 @@ task BuildCmdletHelp {
     New-ExternalHelp -Path $PSScriptRoot\module\PowerShellEditorServices.VSCode\docs -OutputPath $PSScriptRoot\module\PowerShellEditorServices.VSCode\en-US -Force
 }
 
-task PackageModule {
-    [System.IO.Compression.ZipFile]::CreateFromDirectory(
-        "$PSScriptRoot/module/",
-        "$PSScriptRoot/PowerShellEditorServices-$($script:FullVersion).zip",
-        [System.IO.Compression.CompressionLevel]::Optimal,
-        $false)
-}
-
-task UploadArtifacts -If ($null -ne $env:TF_BUILD) {
-    Copy-Item -Path .\PowerShellEditorServices-$($script:FullVersion).zip -Destination $env:BUILD_ARTIFACTSTAGINGDIRECTORY -Force
-}
-
 # The default task is to run the entire CI build
-task . GetProductVersion, Clean, Build, Test, BuildCmdletHelp, PackageModule, UploadArtifacts
+task . Clean, Build, Test, BuildCmdletHelp