diff --git a/.azure-pipelines/ci-build.yml b/.azure-pipelines/ci-build.yml index 5be85b784b8..334c9e32e82 100644 --- a/.azure-pipelines/ci-build.yml +++ b/.azure-pipelines/ci-build.yml @@ -37,9 +37,9 @@ extends: jobs: - job: build pool: - name: Azure-Pipelines-1ESPT-ExDShared + name: 1es-ubuntu-latest-m os: linux - image: ubuntu-latest + #TODO maybe missing template context with sdl baselines? steps: - checkout: self @@ -65,19 +65,19 @@ extends: Copy-Item $(downloadLocalProperties.secureFilePath) local.properties -Verbose displayName: Copy secring and 'local.properties' - - script: ./gradlew --no-daemon publishToMavenLocal -PmavenCentralPublishingEnabled=true -PmavenCentralSnapshotArtifactSuffix="" + - script: ./gradlew publishToMavenLocal -PmavenCentralPublishingEnabled=true -PmavenCentralSnapshotArtifactSuffix="" displayName: Publish to local Maven for verification condition: contains(variables['build.sourceBranch'], 'refs/tags/v') - - script: ./gradlew --no-daemon publishToMavenLocal -PmavenCentralPublishingEnabled=true + - script: ./gradlew publishToMavenLocal -PmavenCentralPublishingEnabled=true displayName: Publish to local Maven for verification condition: not(contains(variables['build.sourceBranch'], 'refs/tags/v')) - - script: ./gradlew --no-daemon publishMavenPublicationToADORepository -PmavenCentralPublishingEnabled=true -PmavenCentralSnapshotArtifactSuffix="" + - script: ./gradlew publishMavenPublicationToADORepository -PmavenCentralPublishingEnabled=true -PmavenCentralSnapshotArtifactSuffix="" displayName: Publish to local Maven ADO for ESRP condition: contains(variables['build.sourceBranch'], 'refs/tags/v') - - script: ./gradlew --no-daemon publishMavenPublicationToADORepository -PmavenCentralPublishingEnabled=true + - script: ./gradlew publishMavenPublicationToADORepository -PmavenCentralPublishingEnabled=true displayName: Publish to local Maven ADO for ESRP condition: not(contains(variables['build.sourceBranch'], 'refs/tags/v')) @@ -227,4 +227,4 @@ extends: approvers: mmainer@microsoft.com serviceendpointurl: "https://api.esrp.microsoft.com" mainpublisher: "ESRPRELPACMAN" - domaintenantid: "cdc5aeea-15c5-4db6-b079-fcadd2505dc2" \ No newline at end of file + domaintenantid: "cdc5aeea-15c5-4db6-b079-fcadd2505dc2" diff --git a/.github/workflows/gradle-build.yml b/.github/workflows/gradle-build.yml index 5ef87a9292f..012b889102b 100644 --- a/.github/workflows/gradle-build.yml +++ b/.github/workflows/gradle-build.yml @@ -21,10 +21,6 @@ jobs: java-version: 21 distribution: 'temurin' cache: gradle - - name: Detect secrets - run: | - pip install detect-secrets - git ls-files -z | xargs -0 detect-secrets-hook --baseline .secrets.baseline - name: Move generated sources to correct package run: .\scripts\copyFilesOnBuild.ps1 -inputPath '.\src\main\java\com\microsoft\graph\beta\generated' shell: pwsh diff --git a/.secrets.baseline b/.secrets.baseline deleted file mode 100644 index 7de1b645559..00000000000 --- a/.secrets.baseline +++ /dev/null @@ -1,115 +0,0 @@ -{ - "version": "1.5.0", - "plugins_used": [ - { - "name": "ArtifactoryDetector" - }, - { - "name": "AWSKeyDetector" - }, - { - "name": "AzureStorageKeyDetector" - }, - { - "name": "Base64HighEntropyString", - "limit": 4.5 - }, - { - "name": "BasicAuthDetector" - }, - { - "name": "CloudantDetector" - }, - { - "name": "HexHighEntropyString", - "limit": 3.0 - }, - { - "name": "IbmCloudIamDetector" - }, - { - "name": "IbmCosHmacDetector" - }, - { - "name": "JwtTokenDetector" - }, - { - "name": "KeywordDetector", - "keyword_exclude": "" - }, - { - "name": "MailchimpDetector" - }, - { - "name": "NpmDetector" - }, - { - "name": "PrivateKeyDetector" - }, - { - "name": "SlackDetector" - }, - { - "name": "SoftlayerDetector" - }, - { - "name": "SquareOAuthDetector" - }, - { - "name": "StripeDetector" - }, - { - "name": "TwilioKeyDetector" - } - ], - "filters_used": [ - { - "path": "detect_secrets.filters.allowlist.is_line_allowlisted" - }, - { - "path": "detect_secrets.filters.common.is_baseline_file", - "filename": ".secrets.baseline" - }, - { - "path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies", - "min_level": 2 - }, - { - "path": "detect_secrets.filters.heuristic.is_indirect_reference" - }, - { - "path": "detect_secrets.filters.heuristic.is_likely_id_string" - }, - { - "path": "detect_secrets.filters.heuristic.is_lock_file" - }, - { - "path": "detect_secrets.filters.heuristic.is_not_alphanumeric_string" - }, - { - "path": "detect_secrets.filters.heuristic.is_potential_uuid" - }, - { - "path": "detect_secrets.filters.heuristic.is_prefixed_with_dollar_sign" - }, - { - "path": "detect_secrets.filters.heuristic.is_sequential_string" - }, - { - "path": "detect_secrets.filters.heuristic.is_swagger_file" - }, - { - "path": "detect_secrets.filters.heuristic.is_templated_secret" - }, - { - "path": "detect_secrets.filters.regex.should_exclude_file", - "pattern": [ - "src/main/java/com/microsoft/graph/beta/generated/.*", - "release-please-config.json", - "kiota-lock.json" - ] - } - ], - "results": {}, - "generated_at": "2024-08-13T13:13:56Z" -}