Azure dev-ops YML pipelines (#634)

CredScanSuppressions.json

@@ -0,0 +1,9 @@
+{
+  "tool": "Credential Scanner",
+  "suppressions": [
+    {
+      "file": "\\Microsoft.Azure.Cosmos\\tests\\Microsoft.Azure.Cosmos.Tests\\TestJsons\\runsCollection.json",
+      "_justification": "folder to be suppressed for debugging purpose"
+    }
+  ]
+}

azure-pipelines.yml

@@ -0,0 +1,87 @@
+variables:
+  DebugArguments: ' --filter "TestCategory!=Quarantine" --verbosity detailed'
+  RetailArguments: ' -p:Platform=x64 --filter "TestCategory!=Quarantine" --verbosity detailed '
+  VmImage: windows-latest # https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/hosted?view=azure-devops
+
+
+jobs: 
+- job: 
+  displayName: Static Analysis
+  pool:
+    vmImage: '$(VmImage)' # https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/hosted?view=azure-devops
+
+  steps:
+  - checkout: self  # self represents the repo where the initial Pipelines YAML file was found
+    clean: true  # if true, execute `execute git clean -ffdx && git reset --hard HEAD` before fetching
+    lfs: true  # whether to download Git-LFS files; defaults to false
+
+  #Analyze source code for type of content and target types to help determine which tools to run 
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-autoapplicability.AutoApplicability@1
+    displayName: 'AutoApplicability'
+    inputs:
+      VerboseWriter: true
+      ExternalRelease: true
+      InternalRelease: true
+      IsService: true
+      IsSoftware: true    
+
+  # Analyze source and build output text files for credentials
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2
+    displayName: 'CredScan'
+    inputs:
+      scanFolder: $(Build.SourcesDirectory)
+      suppressionsFile: CredScanSuppressions.json 
+      debugMode: true
+
+  # Scan text elements including code, code comments, and content/web pages, for sensitive terms based on legal, cultural, or geopolitical reasons
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@1
+    displayName: 'PoliCheck'
+    inputs:
+      targetType: F
+
+  # AntiMalware scan
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-antimalware.AntiMalware@3
+    displayName: 'AntiMalware'
+    inputs:
+      EnableServices: true
+
+  # Run checks for recently discovered vulnerabilities which are not yet incorporated to another tool
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-vulnerabilityassessment.VulnerabilityAssessment@0
+    displayName: 'Vulnerability Assessment'
+
+  - task: DotNetCoreCLI@2
+    displayName: Build Microsoft.Azure.Cosmos.sln
+    inputs:
+      command: build 
+      projects: 'Microsoft.Azure.Cosmos.sln'
+      configuration: '$(BuildConfiguration)'
+      publishTestResults: true 
+
+#  - task: securedevelopmentteam.vss-secure-development-tools.build-task-binskim.BinSkim@3
+#    displayName: 'BinSkim'
+#    inputs:
+#      InputType: Basic
+
+  # Publish Analysis Results (position after all tools ran)
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@2
+    displayName: 'Publish Security Analysis Logs'
+
+  # The Post-Analysis build task will analyze the log files produced by the tools, and introduce a build break
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@1
+    displayName: 'Post Analysis'
+    inputs:
+      AllTools: true
+
+
+#- template:  templates/build-test.yml
+#  parameters:
+#    BuildConfiguration: Debug
+#    Arguments: $(DebugArguments)
+#    VmImage: $(VmImage)
+
+- template:  templates/build-test.yml
+  parameters:
+    BuildConfiguration: Retail
+    Arguments: $(RetailArguments)
+    VmImage: $(VmImage)
+

templates/build-test.yml

@@ -0,0 +1,73 @@
+# File: templates/build-test.yml
+
+parameters:
+  BuildConfiguration: Debug
+  Arguments: ''
+  VmImage: windows-latest # https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/hosted?view=azure-devops
+
+jobs: 
+- job: 
+  displayName: ${{ parameters.BuildConfiguration }} Microsoft.Azure.Cosmos.Tests
+  pool:
+    vmImage: ${{ parameters.VmImage }}
+
+  steps:
+  - checkout: self  # self represents the repo where the initial Pipelines YAML file was found
+    clean: true  # if true, execute `execute git clean -ffdx && git reset --hard HEAD` before fetching
+    lfs: true  # whether to download Git-LFS files; defaults to false
+
+  - task: DotNetCoreCLI@2
+    displayName: Microsoft.Azure.Cosmos.Tests
+    condition: succeeded() 
+    inputs:
+      command: test 
+      projects: 'Microsoft.Azure.Cosmos/tests/Microsoft.Azure.Cosmos.Tests/*.csproj'
+      arguments: ${{ parameters.Arguments }}
+      configuration: ${{ parameters.BuildConfiguration }}
+      publishTestResults: true 
+
+- job: 
+  displayName: ${{ parameters.BuildConfiguration }} Microsoft.Azure.NetFramework.Tests
+  pool:
+    vmImage: ${{ parameters.VmImage }}
+
+  steps:
+  - checkout: self  # self represents the repo where the initial Pipelines YAML file was found
+    clean: true  # if true, execute `execute git clean -ffdx && git reset --hard HEAD` before fetching
+    lfs: true  # whether to download Git-LFS files; defaults to false
+
+  - template:  emulator-setup.yml
+
+  - task: DotNetCoreCLI@2
+    displayName: Test Microsoft.Azure.Cosmos.NetFramework.Tests
+    condition: succeeded() 
+    inputs:
+      command: test 
+      projects: 'Microsoft.Azure.Cosmos/tests/Microsoft.Azure.Cosmos.NetFramework.Tests/*.csproj'
+      arguments: ${{ parameters.Arguments }}
+      configuration: ${{ parameters.BuildConfiguration }}
+      publishTestResults: true 
+
+
+- job: 
+  displayName: ${{ parameters.BuildConfiguration }} Microsoft.Azure.Cosmos.EmulatorTests
+  pool:
+    vmImage: ${{ parameters.VmImage }}
+
+  steps:
+  - checkout: self  # self represents the repo where the initial Pipelines YAML file was found
+    clean: true  # if true, execute `execute git clean -ffdx && git reset --hard HEAD` before fetching
+    lfs: true  # whether to download Git-LFS files; defaults to false
+
+  - template:  emulator-setup.yml
+
+  - task: DotNetCoreCLI@2
+    displayName: Test Microsoft.Azure.Cosmos.EmulatorTests
+    condition: succeeded() 
+    inputs:
+      command: test 
+      projects: 'Microsoft.Azure.Cosmos/tests/Microsoft.Azure.Cosmos.EmulatorTests/*.csproj'
+      arguments: ${{ parameters.Arguments }}
+      configuration: ${{ parameters.BuildConfiguration }}
+      publishTestResults: true 
+

templates/emulator-setup.yml

@@ -0,0 +1,32 @@
+# File: templates/emulator-setup.yml
+
+parameters:
+  EmulatorMsiUrl: https://acpedaily1.blob.core.windows.net/emulator/azure-cosmos-emulator.msi
+
+steps:
+  - pwsh:  |
+        Write-Host "Downloading Cosmos Emulator - $env:EMULATORMSIURL" -ForegroundColor green 
+        Invoke-WebRequest "$env:EMULATORMSIURL" -OutFile "$env:temp\azure-cosmosdb-emulator.msi"
+        Write-Host "Finished Downloading Cosmos Emulator - $env:temp\azure-cosmosdb-emulator.msi" -ForegroundColor green 
+        dir "$env:temp" 
+        choco install lessmsi
+        choco upgrade lessmsi
+        mkdir "$env:temp\Azure Cosmos DB Emulator"
+        lessmsi x "$env:temp\azure-cosmosdb-emulator.msi" "$env:temp\Azure Cosmos DB Emulator\"
+        Write-Host "Starting Comsos DB Emulator" -ForegroundColor green 
+        Start-Process "$env:temp\Azure Cosmos DB Emulator\SourceDir\Azure Cosmos DB Emulator\CosmosDB.Emulator.exe" "/NoExplorer /NoUI /DisableRateLimiting /PartitionCount=100 /Consistency=Strong /enableRio" -Verb RunAs
+        Import-Module "$env:temp\Azure Cosmos DB Emulator\SourceDir\Azure Cosmos DB Emulator\PSModules\Microsoft.Azure.CosmosDB.Emulator"
+        Get-Item env:* | Sort-Object -Property Name
+        for ($i=0; $i -lt 10; $i++) {
+          $status=Get-CosmosDbEmulatorStatus 
+          if ($status -ne "Running") {
+            sleep 30;
+            Write-Host "Cosmos DB Emulator Status: $status" -ForegroundColor yellow
+          } else {
+            break;
+          }
+        }
+      
+    displayName:  Install Public Cosmos DB Emulator
+    failOnStderr:  true
+    errorActionPreference:  stop