This is a follow-up to https://github.com/dotnet/dotnet-docker-internal/issues/8105.
With the introduction of official/unofficial pipelines split, we'd like to exercise publish steps that reach out to GitHub during unofficial builds, if possible.
This includes:
-
Publishing image info:
|
- script: > |
|
$(runImageBuilderCmd) publishImageInfo |
|
'$(imageInfoContainerDir)/full-image-info-new.json' |
|
'$(gitHubVersionsRepoInfo.userName)' |
|
'$(gitHubVersionsRepoInfo.email)' |
|
$(gitHubVersionsRepoInfo.authArgs) |
|
--git-owner '$(gitHubVersionsRepoInfo.org)' |
|
--git-repo '$(gitHubVersionsRepoInfo.repo)' |
|
--git-branch '$(gitHubVersionsRepoInfo.branch)' |
|
--git-path '$(gitHubImageInfoVersionsPath)' |
|
$(dryRunArg) |
|
$(imageBuilder.commonCmdArgs) |
|
condition: and(succeeded(), eq(variables['publishImageInfo'], 'true')) |
|
displayName: Publish Image Info |
-
Build notifications:
|
# Task displayNames names are hardcoded to reference the task prefix used by 1ES official |
|
# pipelines in eng/common/templates/1es-official.yml. |
|
# |
|
# These will fail if they are dependend on by an unofficial pipeline since they use a unique task |
|
# prefix compared to official pipelines (see eng/common/templates/1es-unofficial.yml). This is |
|
# acceptable because unofficial pipelines should not publish images. |
|
# |
|
# https://github.com/dotnet/docker-tools/issues/1698 tracks making this command no longer depend |
|
# on individual step displayNames. |
|
- script: > |
|
$(runImageBuilderCmd) postPublishNotification |
|
'$(publishNotificationRepoName)' |
|
'$(branchName)' |
|
'$(imageInfoContainerDir)/image-info.json' |
|
$(Build.BuildId) |
|
'$(System.AccessToken)' |
|
'$(azdoOrgName)' |
|
'$(System.TeamProject)' |
|
$(gitHubNotificationsRepoInfo.authArgs) |
|
'$(gitHubNotificationsRepoInfo.org)' |
|
'$(gitHubNotificationsRepoInfo.repo)' |
|
--repo-prefix '${{ parameters.publishConfig.publishAcr.repoPrefix }}' |
|
--task "🟪 Copy Images" |
|
--task "🟪 Publish Manifest" |
|
--task "🟪 Wait for Image Ingestion" |
|
--task "🟪 Publish Readmes" |
|
--task "🟪 Wait for MCR Doc Ingestion" |
|
--task "🟪 Publish Image Info" |
|
--task "🟪 Ingest Kusto Image Info" |
|
--task "🟪 Generate EOL Annotation Data" |
|
--task "🟪 Annotate EOL Images" |
|
--task "🟪 Wait for Annotation Ingestion" |
|
$(dryRunArg) |
|
$(imageBuilder.commonCmdArgs) |
|
displayName: Post Publish Notification |
|
condition: and(always(), eq(variables['publishNotificationsEnabled'], 'true')) |
If possible, we should have a separate GitHub identity/App which has access to an internal/non-public repo that we can push these changes to.
