From e1125d6c002fbb6fb3e1418a94baeb9fa9bd6b8f Mon Sep 17 00:00:00 2001 From: Mike Harder Date: Thu, 29 Nov 2018 16:17:56 -0800 Subject: [PATCH 01/12] Pipeline to build and test KeyVault --- .azure-pipelines/client.test.yml | 47 +++++++++++++++++++++++++++ .azure-pipelines/client.yml | 56 ++++++++++++++++++++++++++++++++ .gitignore | 8 ++++- package.json | 4 ++- 4 files changed, 113 insertions(+), 2 deletions(-) create mode 100644 .azure-pipelines/client.test.yml create mode 100644 .azure-pipelines/client.yml diff --git a/.azure-pipelines/client.test.yml b/.azure-pipelines/client.test.yml new file mode 100644 index 0000000000..71e30bb54a --- /dev/null +++ b/.azure-pipelines/client.test.yml @@ -0,0 +1,47 @@ +parameters: + name: '' + vmImage: '' + +jobs: + - job: ${{ format('Test_{0}', parameters.name) }} + dependsOn: + - 'Publish' + + pool: + vmImage: ${{ parameters.vmImage }} + + variables: + path: 'test/services/keyVault' + + strategy: + matrix: + Node8: + node.version: '8.x' + Node10: + node.version: '10.x' + Node11: + node.version: '11.x' + + steps: + - task: NodeTool@0 + inputs: + versionSpec: '$(node.version)' + displayName: 'Install Node.js $(node.version)' + + - task: Npm@1 + inputs: + command: 'install' + displayName: 'npm install' + + - task: Npm@1 + inputs: + command: 'custom' + customCommand: 'run mocha -- $(path) --reporter mocha-junit-reporter' + displayName: 'npm run mocha' + + - task: PublishTestResults@2 + inputs: + testResultsFiles: '**/test-results.xml' + testRunTitle: ${{ format('{0} Node $(node.version)', parameters.name) }} + condition: succeededOrFailed() + displayName: 'Publish test results' diff --git a/.azure-pipelines/client.yml b/.azure-pipelines/client.yml new file mode 100644 index 0000000000..a69a0f1cbe --- /dev/null +++ b/.azure-pipelines/client.yml @@ -0,0 +1,56 @@ +trigger: + - master + +jobs: + - job: 'Publish' + + pool: + vmImage: 'ubuntu-16.04' + + variables: + node.version: '10.x' + path: 'lib/services/keyVault' + + steps: + - task: NodeTool@0 + inputs: + versionSpec: '$(node.version)' + displayName: 'Install Node.js $(node.version)' + + - task: Npm@1 + inputs: + command: 'install' + workingDir: '$(path)' + displayName: 'npm install' + + - task: Npm@1 + inputs: + command: 'custom' + customCommand: 'pack' + workingDir: '$(path)' + displayName: 'npm pack' + + - task: CopyFiles@2 + inputs: + sourceFolder: 'template' + contents: '*.tgz' + targetFolder: $(Build.ArtifactStagingDirectory) + displayName: 'Copy Package' + + - task: PublishBuildArtifacts@1 + displayName: 'Publish Package' + + - template: client.test.yml + parameters: + name: Linux + vmImage: 'ubuntu-16.04' + + - template: client.test.yml + parameters: + name: macOS + vmImage: 'macOS-10.13' + + - template: client.test.yml + parameters: + name: Windows + vmImage: 'vs2017-win2016' diff --git a/.gitignore b/.gitignore index 7b45e47f78..37e0f7715b 100644 --- a/.gitignore +++ b/.gitignore @@ -55,4 +55,10 @@ packages # Coverage report coverage -.nyc_output \ No newline at end of file +.nyc_output + +# Output of 'npm pack' +*.tgz + +# Test Results +test-results.xml diff --git a/package.json b/package.json index 32457f2674..2d2d73b3b2 100644 --- a/package.json +++ b/package.json @@ -139,6 +139,7 @@ "json-stable-stringify": "^1.0.1", "minami": "devigned/minami#master", "mocha": "^5.2.0", + "mocha-junit-reporter": "^1.18.0", "nock": "0.16", "node-forge": "0.6.30", "nyc": "^11.2.1", @@ -168,6 +169,7 @@ "ci": "node scripts/unit.js testlist.txt", "runtime-install": "node scripts/runtime-install.js", "coverage": "node scripts/unit-coverage.js testlistarm.txt testlist.txt", - "debug": "node --inspect scripts/unit-arm.js testlistarm.txt" + "debug": "node --inspect scripts/unit-arm.js testlistarm.txt", + "mocha": "mocha" } } From 9c633becabc7c529e33a35c3de448348233a51d0 Mon Sep 17 00:00:00 2001 From: Mike Harder Date: Thu, 29 Nov 2018 17:00:30 -0800 Subject: [PATCH 02/12] Rename variable "path" to "build.path" - Creating a variable "path" overwrites the PATH env var which breaks the world --- .azure-pipelines/client.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.azure-pipelines/client.yml b/.azure-pipelines/client.yml index a69a0f1cbe..49d6ea1feb 100644 --- a/.azure-pipelines/client.yml +++ b/.azure-pipelines/client.yml @@ -9,7 +9,7 @@ jobs: variables: node.version: '10.x' - path: 'lib/services/keyVault' + build.path: 'lib/services/keyVault' steps: - task: NodeTool@0 @@ -20,14 +20,14 @@ jobs: - task: Npm@1 inputs: command: 'install' - workingDir: '$(path)' + workingDir: '$(build.path)' displayName: 'npm install' - task: Npm@1 inputs: command: 'custom' customCommand: 'pack' - workingDir: '$(path)' + workingDir: '$(build.path)' displayName: 'npm pack' - task: CopyFiles@2 From ba9f3f1c8ee07236bcb949eee7de77bcb0312753 Mon Sep 17 00:00:00 2001 From: Mike Harder Date: Thu, 29 Nov 2018 17:06:45 -0800 Subject: [PATCH 03/12] Fix sourceFolder in "Copy Package" step --- .azure-pipelines/client.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azure-pipelines/client.yml b/.azure-pipelines/client.yml index 49d6ea1feb..018f41a11f 100644 --- a/.azure-pipelines/client.yml +++ b/.azure-pipelines/client.yml @@ -32,7 +32,7 @@ jobs: - task: CopyFiles@2 inputs: - sourceFolder: 'template' + sourceFolder: '$(build.path)' contents: '*.tgz' targetFolder: $(Build.ArtifactStagingDirectory) displayName: 'Copy Package' From 16c39b6c4f22c92148cefcef3f6502f4b27dad34 Mon Sep 17 00:00:00 2001 From: Mike Harder Date: Thu, 29 Nov 2018 17:12:02 -0800 Subject: [PATCH 04/12] Rename variable "path" to "build.path" --- .azure-pipelines/client.test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.azure-pipelines/client.test.yml b/.azure-pipelines/client.test.yml index 71e30bb54a..1505b53e7b 100644 --- a/.azure-pipelines/client.test.yml +++ b/.azure-pipelines/client.test.yml @@ -11,7 +11,7 @@ jobs: vmImage: ${{ parameters.vmImage }} variables: - path: 'test/services/keyVault' + build.path: 'test/services/keyVault' strategy: matrix: @@ -36,7 +36,7 @@ jobs: - task: Npm@1 inputs: command: 'custom' - customCommand: 'run mocha -- $(path) --reporter mocha-junit-reporter' + customCommand: 'run mocha -- $(build.path) --reporter mocha-junit-reporter' displayName: 'npm run mocha' - task: PublishTestResults@2 From 9fa549325508f029e458950fc36bc00547d4a4f4 Mon Sep 17 00:00:00 2001 From: Mike Harder Date: Thu, 29 Nov 2018 17:31:16 -0800 Subject: [PATCH 05/12] Test ComponentGovernance task --- .azure-pipelines/client.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.azure-pipelines/client.yml b/.azure-pipelines/client.yml index 018f41a11f..e073bf5134 100644 --- a/.azure-pipelines/client.yml +++ b/.azure-pipelines/client.yml @@ -17,6 +17,9 @@ jobs: versionSpec: '$(node.version)' displayName: 'Install Node.js $(node.version)' + - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 + displayName: 'Component Detection' + - task: Npm@1 inputs: command: 'install' From 537852efe05832e0b81c4303e1bab7e277fb8040 Mon Sep 17 00:00:00 2001 From: Mike Harder Date: Thu, 29 Nov 2018 17:49:53 -0800 Subject: [PATCH 06/12] Move audit steps into separate job --- .azure-pipelines/client.yml | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/.azure-pipelines/client.yml b/.azure-pipelines/client.yml index e073bf5134..29020711f2 100644 --- a/.azure-pipelines/client.yml +++ b/.azure-pipelines/client.yml @@ -17,9 +17,6 @@ jobs: versionSpec: '$(node.version)' displayName: 'Install Node.js $(node.version)' - - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection' - - task: Npm@1 inputs: command: 'install' @@ -57,3 +54,23 @@ jobs: parameters: name: Windows vmImage: 'vs2017-win2016' + + - job: 'Audit' + + pool: + vmImage: 'ubuntu-16.04' + + variables: + node.version: '10.x' + + steps: + - task: NodeTool@0 + inputs: + versionSpec: '$(node.version)' + displayName: 'Install Node.js $(node.version)' + + - powershell: "cd template; npm audit --json | ConvertFrom-Json | Select-Object -expandProperty 'metadata' | select-object -expandproperty 'vulnerabilities' | %{ if ($_.low + $_.moderate + $_.high + $_.critical -ne 0) { write-error 'FAILED! Your package has vulnerabilities. Check npm audit' }}" + displayName: 'npm audit' + + - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 + displayName: 'Component Detection' From 56373d34f0d2f12d24100b6b1907fa8e412ca978 Mon Sep 17 00:00:00 2001 From: Mike Harder Date: Thu, 29 Nov 2018 17:54:18 -0800 Subject: [PATCH 07/12] Run "npm audit" in $(build.path) --- .azure-pipelines/client.yml | 44 ++++++++++++++++++------------------- 1 file changed, 21 insertions(+), 23 deletions(-) diff --git a/.azure-pipelines/client.yml b/.azure-pipelines/client.yml index 29020711f2..104fc8fa41 100644 --- a/.azure-pipelines/client.yml +++ b/.azure-pipelines/client.yml @@ -1,16 +1,16 @@ trigger: - master +variables: + node.version: '10.x' + build.path: 'lib/services/keyVault' + jobs: - job: 'Publish' pool: vmImage: 'ubuntu-16.04' - variables: - node.version: '10.x' - build.path: 'lib/services/keyVault' - steps: - task: NodeTool@0 inputs: @@ -40,37 +40,35 @@ jobs: - task: PublishBuildArtifacts@1 displayName: 'Publish Package' - - template: client.test.yml - parameters: - name: Linux - vmImage: 'ubuntu-16.04' - - - template: client.test.yml - parameters: - name: macOS - vmImage: 'macOS-10.13' - - - template: client.test.yml - parameters: - name: Windows - vmImage: 'vs2017-win2016' - - job: 'Audit' pool: vmImage: 'ubuntu-16.04' - variables: - node.version: '10.x' - steps: - task: NodeTool@0 inputs: versionSpec: '$(node.version)' displayName: 'Install Node.js $(node.version)' - - powershell: "cd template; npm audit --json | ConvertFrom-Json | Select-Object -expandProperty 'metadata' | select-object -expandproperty 'vulnerabilities' | %{ if ($_.low + $_.moderate + $_.high + $_.critical -ne 0) { write-error 'FAILED! Your package has vulnerabilities. Check npm audit' }}" + - powershell: "cd $(build.path); npm audit --json | ConvertFrom-Json | Select-Object -expandProperty 'metadata' | select-object -expandproperty 'vulnerabilities' | %{ if ($_.low + $_.moderate + $_.high + $_.critical -ne 0) { write-error 'FAILED! Your package has vulnerabilities. Check npm audit' }}" displayName: 'npm audit' - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 displayName: 'Component Detection' + + - template: client.test.yml + parameters: + name: Linux + vmImage: 'ubuntu-16.04' + + - template: client.test.yml + parameters: + name: macOS + vmImage: 'macOS-10.13' + + - template: client.test.yml + parameters: + name: Windows + vmImage: 'vs2017-win2016' + From 77b2edd60a84a1a96cd84183219096ea28edc419 Mon Sep 17 00:00:00 2001 From: Mike Harder Date: Thu, 29 Nov 2018 17:58:24 -0800 Subject: [PATCH 08/12] Run component governance even if "npm audit" fails --- .azure-pipelines/client.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.azure-pipelines/client.yml b/.azure-pipelines/client.yml index 104fc8fa41..d0585aa815 100644 --- a/.azure-pipelines/client.yml +++ b/.azure-pipelines/client.yml @@ -56,6 +56,7 @@ jobs: - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 displayName: 'Component Detection' + condition: succeededOrFailed() - template: client.test.yml parameters: From e646bdc0d333f9a29abfed727569e00017d77638 Mon Sep 17 00:00:00 2001 From: Mike Harder Date: Thu, 29 Nov 2018 18:04:28 -0800 Subject: [PATCH 09/12] Run "npm i --package-lock-only" before "npm audit" --- .azure-pipelines/client.yml | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/.azure-pipelines/client.yml b/.azure-pipelines/client.yml index d0585aa815..7d1189ce62 100644 --- a/.azure-pipelines/client.yml +++ b/.azure-pipelines/client.yml @@ -51,12 +51,21 @@ jobs: versionSpec: '$(node.version)' displayName: 'Install Node.js $(node.version)' - - powershell: "cd $(build.path); npm audit --json | ConvertFrom-Json | Select-Object -expandProperty 'metadata' | select-object -expandproperty 'vulnerabilities' | %{ if ($_.low + $_.moderate + $_.high + $_.critical -ne 0) { write-error 'FAILED! Your package has vulnerabilities. Check npm audit' }}" + - task: Npm@1 + inputs: + command: 'custom' + customCommand: 'i --package-lock-only' + workingDir: '$(build.path)' + displayName: 'npm i --package-lock-only' + + - powershell: "npm audit --json | ConvertFrom-Json | Select-Object -expandProperty 'metadata' | select-object -expandproperty 'vulnerabilities' | %{ if ($_.low + $_.moderate + $_.high + $_.critical -ne 0) { write-error 'FAILED! Your package has vulnerabilities. Check npm audit' }}" + inputs: + workingDir: '$(build.path)' displayName: 'npm audit' - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 - displayName: 'Component Detection' condition: succeededOrFailed() + displayName: 'Component Detection' - template: client.test.yml parameters: From 3bef302da0f503e10e3f9f652663768c7c004f40 Mon Sep 17 00:00:00 2001 From: Mike Harder Date: Thu, 29 Nov 2018 18:05:56 -0800 Subject: [PATCH 10/12] Fix powershell working directory parameter --- .azure-pipelines/client.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azure-pipelines/client.yml b/.azure-pipelines/client.yml index 7d1189ce62..9e77410ee3 100644 --- a/.azure-pipelines/client.yml +++ b/.azure-pipelines/client.yml @@ -60,7 +60,7 @@ jobs: - powershell: "npm audit --json | ConvertFrom-Json | Select-Object -expandProperty 'metadata' | select-object -expandproperty 'vulnerabilities' | %{ if ($_.low + $_.moderate + $_.high + $_.critical -ne 0) { write-error 'FAILED! Your package has vulnerabilities. Check npm audit' }}" inputs: - workingDir: '$(build.path)' + workingDirectory: '$(build.path)' displayName: 'npm audit' - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 From b5756db0118a519ed60de55d796eb85191213b72 Mon Sep 17 00:00:00 2001 From: Mike Harder Date: Thu, 29 Nov 2018 18:06:35 -0800 Subject: [PATCH 11/12] Fix powershell working directory --- .azure-pipelines/client.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.azure-pipelines/client.yml b/.azure-pipelines/client.yml index 9e77410ee3..7cb32093d4 100644 --- a/.azure-pipelines/client.yml +++ b/.azure-pipelines/client.yml @@ -59,8 +59,7 @@ jobs: displayName: 'npm i --package-lock-only' - powershell: "npm audit --json | ConvertFrom-Json | Select-Object -expandProperty 'metadata' | select-object -expandproperty 'vulnerabilities' | %{ if ($_.low + $_.moderate + $_.high + $_.critical -ne 0) { write-error 'FAILED! Your package has vulnerabilities. Check npm audit' }}" - inputs: - workingDirectory: '$(build.path)' + workingDirectory: '$(build.path)' displayName: 'npm audit' - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 From 52706fde234496ea6773f22f343e9229dc915d74 Mon Sep 17 00:00:00 2001 From: Mike Harder Date: Fri, 30 Nov 2018 10:53:24 -0800 Subject: [PATCH 12/12] Add Node 6.x --- .azure-pipelines/client.test.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.azure-pipelines/client.test.yml b/.azure-pipelines/client.test.yml index 1505b53e7b..1c1fd14118 100644 --- a/.azure-pipelines/client.test.yml +++ b/.azure-pipelines/client.test.yml @@ -15,6 +15,8 @@ jobs: strategy: matrix: + Node6: + node.version: '6.x' Node8: node.version: '8.x' Node10: