Umbraco.Commerce.PaymentProviders.PayPal/azure-pipelines.yml at main · umbraco/Umbraco.Commerce.PaymentProviders.PayPal · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
name: $(TeamProject)_$(Build.DefinitionName)_$(SourceBranchName)_$(Date:yyyyMMdd)$(Rev:.r)

trigger:
  branches:
    include:
      - dev
      - release/*
      - hotfix/*
      - support/*
  tags:
    include:
      - release-*

parameters:
  - name: cache_nuget
    displayName: Cache NuGet packages
    type: boolean
    default: false

variables:
  nodeVersion: 22.x
  solution: Umbraco.Commerce.PaymentProviders.PayPal.sln
  buildConfiguration: Release
  DOTNET_NOLOGO: true
  DOTNET_GENERATE_ASPNET_CERTIFICATE: false
  DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
  DOTNET_CLI_TELEMETRY_OPTOUT: true

stages:
  - stage: Build
    variables:
      NUGET_PACKAGES: $(Pipeline.Workspace)/.nuget/packages
    jobs:
      - job: Build
        variables:
        - group: "dependency-track"

        pool:
          vmImage: ubuntu-latest
        steps:
          # Checkout source (avoid shallow clone to calculate version height)
          - checkout: self
            fetchDepth: 0

          # Setup build environment
          - task: NuGetAuthenticate@1
            displayName: Authenticate NuGet

          - task: UseDotNet@2
            displayName: Use .NET SDK from global.json
            inputs:
              useGlobalJson: true

          # Cache and restore NuGet packages
          - task: Cache@2
            condition: ${{ parameters.cache_nuget }}
            displayName: Cache NuGet packages
            inputs:
              key: 'nuget | "$(Agent.OS)" | **/packages.lock.json, !**/bin/**, !**/obj/**'
              restoreKeys: |
                nuget | "$(Agent.OS)"
                nuget
              path: $(NUGET_PACKAGES)

          - script: dotnet restore $(solution) --locked-mode
            displayName: Restore NuGet packages

          # Build
          - script: dotnet build $(solution) --configuration $(buildConfiguration) --no-restore -p:ContinuousIntegrationBuild=true
            displayName: Run dotnet build

          # Pack
          - script: dotnet pack $(solution) --configuration $(buildConfiguration) --no-build --output $(Build.ArtifactStagingDirectory)/nupkg
            displayName: Run dotnet pack

          # Publish
          - task: PublishPipelineArtifact@1
            displayName: Publish NuGet packages
            inputs:
              targetPath: $(Build.ArtifactStagingDirectory)/nupkg
              artifactName: nupkg

          - task: PublishPipelineArtifact@1
            displayName: Publish build output
            inputs:
              targetPath: $(Build.SourcesDirectory)
              artifactName: build_output

          # Generate/upload SBOM with cdxgen
          - script: |
              cd $(Build.SourcesDirectory)
              npm install --global @cyclonedx/cdxgen
            displayName: 'Install cdxgen'

          - task: PowerShell@2
            displayName: 'Generate & upload SBOM with cdxgen (pwsh)'
            inputs:
              targetType: 'inline'
              pwsh: true
              script: |
                mkdir -Force "$(Build.ArtifactStagingDirectory)/bom"
                Set-Location "$(Build.SourcesDirectory)"

                # version
                $VERSION = 'vUNKNOWN'
                if (Test-Path 'version.json') {
                  try {
                    $rawVersion = (Get-Content 'version.json' -Raw | ConvertFrom-Json).version
                  } catch {
                    if ((Get-Content 'version.json' -Raw) -match '"version"\s*:\s*"([^"]+)"') {
                      $rawVersion = $matches[1]
                    }
                  }

                  if ($rawVersion) {
                    # Extract major part (e.g. "1" from "1.2.3") and add "v" prefix
                    if ($rawVersion -match '^(\d+)\.') {
                      $VERSION = "v$($matches[1])"
                    } elseif ($rawVersion -match '^\d+$') {
                      $VERSION = "v$rawVersion"
                    } else {
                      $VERSION = "vUNKNOWN"
                    }
                  }
                }

                Write-Host "Project version: $VERSION"

                # derive project name
                $PROJECT_NAME = [System.IO.Path]::GetFileNameWithoutExtension("$(solution)")
                Write-Host "Project name: $PROJECT_NAME"

                # short debug (last 5 chars)
                foreach ($name in 'DT_BASE_URL','DT_API_KEY') {
                  $v = (Get-Item "Env:$name").Value
                  if ($v) {
                    $last = if ($v.Length -gt 5) { $v.Substring($v.Length-5) } else { $v }
                    Write-Host "$name (last5): ...$last"
                  } else {
                    Write-Host "$name is empty"
                  }
                }

                Write-Host 'Running cdxgen ...'
                & cdxgen '--recurse' '--output' "$(Build.ArtifactStagingDirectory)/bom/bom.json" '--json-pretty' '--project-group' 'DXP' '--project-name' $PROJECT_NAME '--project-version' $VERSION '--server-url' $env:DT_BASE_URL '--api-key' $env:DT_API_KEY
            env:
              DT_API_KEY: $(DT_API_KEY)
              DT_BASE_URL: $(DT_BASE_URL)

          - task: PublishPipelineArtifact@1
            displayName: 'Publish SBOM Artifact'
            inputs:
              targetPath: $(Build.ArtifactStagingDirectory)/bom
              artifactName: SBOM