Merge pull request #623 from microsoft/ci/alignment-to-v1

ci: aligns v1 ci with latest main changes

Author: baywet

.azure-pipelines/ci-build.yml

@@ -6,11 +6,13 @@ name: $(BuildDefinitionName)_$(SourceBranchName)_$(Date:yyyyMMdd)$(Rev:.r)
 trigger:
   branches:
     include:
-      - master
+      - main
+      - support/v1
 pr:
   branches:
     include:
-      - master
+      - main
+      - support/v1
 
 variables:
   buildPlatform: 'Any CPU'
@@ -60,10 +62,10 @@ extends:
               version: 8.x
 
           # Install the nuget tool.
-          - task: NuGetToolInstaller@0
-            displayName: 'Use NuGet >=5.2.0'
+          - task: NuGetToolInstaller@1
+            displayName: 'Use NuGet >=6.11.0'
             inputs:
-              versionSpec: '>=5.2.0'
+              versionSpec: '>=6.11.0'
               checkLatest: true
 
           # Build the Product project
@@ -81,11 +83,16 @@ extends:
               projects: '$(Build.SourcesDirectory)\Microsoft.OpenApi.OData.sln'
               arguments: '--configuration $(BuildConfiguration) --no-build'
 
-          - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@3
+          - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
             displayName: 'ESRP CodeSigning'
             inputs:
-              ConnectedServiceName: 'microsoftgraph ESRP CodeSign DLL and NuGet (AKV)'
-              FolderPath: src
+              ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection'
+              FolderPath: 'src'
+              AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8'
+              AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2'
+              AuthAKVName: 'akv-prod-eastus'
+              AuthCertName: 'ReferenceLibraryPrivateCert'
+              AuthSignCertName: 'ReferencePackagePublisherCertificate'
               signConfigType: inlineSignParams
               inlineOperation: |
                 [
@@ -125,7 +132,10 @@ extends:
                         "toolVersion": "1.0"
                     }
                 ]
-              SessionTimeout: 20
+              SessionTimeout: '20'
+              MaxConcurrency: '50'
+              MaxRetryAttempts: '5'
+              PendingAnalysisWaitTimeoutMinutes: '5'
 
           # Pack
           - task: DotNetCoreCLI@2
@@ -137,17 +147,22 @@ extends:
 
           - task: PowerShell@2
             displayName: 'Validate project version has been incremented'
-            condition: and(contains(variables['build.sourceBranch'], 'refs/heads/master'), succeeded())
+            condition: and(or(contains(variables['build.sourceBranch'], 'refs/heads/main'), contains(variables['build.sourceBranch'], 'refs/heads/support/v1')), succeeded())
             inputs:
               targetType: 'filePath'
               filePath: $(System.DefaultWorkingDirectory)\scripts\ValidateProjectVersionUpdated.ps1
               pwsh: true
 
-          - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@3
+          - task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
             displayName: 'ESRP CodeSigning Nuget Packages'
             inputs:
-              ConnectedServiceName: 'microsoftgraph ESRP CodeSign DLL and NuGet (AKV)'
+              ConnectedServiceName: 'Federated DevX ESRP Managed Identity Connection'
               FolderPath: '$(Build.ArtifactStagingDirectory)'
+              AppRegistrationClientId: '65035b7f-7357-4f29-bf25-c5ee5c3949f8'
+              AppRegistrationTenantId: 'cdc5aeea-15c5-4db6-b079-fcadd2505dc2'
+              AuthAKVName: 'akv-prod-eastus'
+              AuthCertName: 'ReferenceLibraryPrivateCert'
+              AuthSignCertName: 'ReferencePackagePublisherCertificate'              
               Pattern: '*.nupkg'
               signConfigType: inlineSignParams
               inlineOperation: |
@@ -167,30 +182,78 @@ extends:
                         "toolVersion": "1.0"
                     }
                 ]
-              SessionTimeout: 20
+              SessionTimeout: '60'
+              MaxConcurrency: '50'
+              MaxRetryAttempts: '5'
+              PendingAnalysisWaitTimeoutMinutes: '5'
 
     - stage: deploy
-      condition: and(contains(variables['build.sourceBranch'], 'refs/heads/master'), succeeded())
+      condition: and(or(contains(variables['build.sourceBranch'], 'refs/heads/main'), contains(variables['build.sourceBranch'], 'refs/heads/support/v1')), succeeded())
       dependsOn: build
       jobs:
         - deployment: deploy
+          templateContext:
+            type: releaseJob
+            isProduction: true
+            inputs:
+            - input: pipelineArtifact
+              artifactName: Nugets
+              targetPath: '$(Pipeline.Workspace)'
           environment: nuget-org
           strategy:
             runOnce:
               deploy:
                 pool:
                   vmImage: ubuntu-latest
                 steps:
-                - task: DownloadPipelineArtifact@2
-                  displayName: Download nupkg from artifacts
-                  inputs:
-                    artifact: Nugets
-                    source: current
                 - task: 1ES.PublishNuget@1
                   displayName: 'NuGet push'
                   inputs:
-                    packagesToPush: '$(Pipeline.Workspace)/Nugets/Microsoft.OpenApi.OData.*.nupkg'
+                    packagesToPush: '$(Pipeline.Workspace)/Microsoft.OpenApi.OData.*.nupkg'
                     nuGetFeedType: external
                     publishFeedCredentials: 'OpenAPI Nuget Connection'
                     packageParentPath: '$(Pipeline.Workspace)'
+
+        - deployment: create_github_release
+          templateContext:
+            type: releaseJob
+            isProduction: true
+            inputs:
+            - input: pipelineArtifact
+              artifactName: Nugets
+              targetPath: '$(Pipeline.Workspace)'
+          dependsOn: []
+          environment: kiota-github-releases
+          strategy:
+            runOnce:
+              deploy:
+                pool:
+                  vmImage: ubuntu-latest
+                steps:
+                - pwsh: |
+                    $artifactName = Get-ChildItem -Path $(Pipeline.Workspace) -Filter Microsoft.OpenApi.*.nupkg -recurse | select -First 1
+                    $artifactVersion= $artifactName.Name -replace "Microsoft.OpenApi.OData", "" -replace ".nupkg", ""
+                    #Set Variable $artifactName and $artifactVersion
+                    Write-Host "##vso[task.setvariable variable=artifactVersion; isSecret=false;]$artifactVersion"
+                    echo "$artifactVersion"
+                  displayName: 'Fetch Artifact Name'
+                - task: GitHubRelease@1
+                  displayName: 'GitHub release'
+                  condition: succeededOrFailed()
+                  inputs:
+                    gitHubConnection: 'Github-MaggieKimani1'
+                    action: create
+                    tagSource: userSpecifiedTag
+                    tag: 'v$(artifactVersion)'
+                    title: 'v$(artifactVersion)'
+                    releaseNotesSource: inline
+                    assets: '$(Pipeline.Workspace)\**\*.nupkg'
+                    changeLogType: issueBased
+                    changeLogLabels: '[ 
+                      { "label" : "feature-work", "feature", "displayName" : "New Features", "state" : "closed" }, 
+                      { "label" : "enhancement", "V2-Enhancement", "displayName" : "Enhancements", "state" : "closed" }, 
+                      { "label" : "bug", "bug-fix", "displayName" : "Bugs", "state" : "closed" }, 
+                      { "label" : "documentation", "doc", "displayName" : "Documentation", "state" : "closed"}, 
+                      { "label" : "dependencies", "displayName" : "Package Updates", "state" : "closed" }
+                      ]'
 

.github/policies/OpenAPI.NET.OData-branch-protection.yml

@@ -0,0 +1,82 @@
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+
+# File initially created using https://github.com/MIchaelMainer/policyservicetoolkit/blob/main/branch_protection_export.ps1.
+
+name: OpenAPI.NET.OData-branch-protection
+description: Branch protection policy for the OpenAPI.NET.OData repository
+resource: repository
+configuration:
+  branchProtectionRules:
+
+  - branchNamePattern: main
+    # This branch pattern applies to the following branches as of 06/09/2024 20:45:44:
+    # main
+
+    # Specifies whether this branch can be deleted. boolean
+    allowsDeletions: false
+    # Specifies whether forced pushes are allowed on this branch. boolean
+    allowsForcePushes: false
+    # Specifies whether new commits pushed to the matching branches dismiss pull request review approvals. boolean
+    dismissStaleReviews: true
+    # Specifies whether admins can overwrite branch protection. boolean
+    isAdminEnforced: false
+    # Indicates whether "Require a pull request before merging" is enabled. boolean
+    requiresPullRequestBeforeMerging: true
+    # Specifies the number of pull request reviews before merging. int (0-6). Should be null/empty if PRs are not required
+    requiredApprovingReviewsCount: 1
+    # Require review from Code Owners. Requires requiredApprovingReviewsCount. boolean
+    requireCodeOwnersReview: true
+    # Are commits required to be signed. boolean. TODO: all contributors must have commit signing on local machines.
+    requiresCommitSignatures: false
+    # Are conversations required to be resolved before merging? boolean
+    requiresConversationResolution: true
+    # Are merge commits prohibited from being pushed to this branch. boolean
+    requiresLinearHistory: false
+    # Required status checks to pass before merging. Values can be any string, but if the value does not correspond to any existing status check, the status check will be stuck on pending for status since nothing exists to push an actual status
+    requiredStatusChecks:
+    - license/cla
+    - Continuous Integration
+    - CodeQL
+    # Require branches to be up to date before merging. This should be false since the repo contains autogenerated files. boolean
+    requiresStrictStatusChecks: false
+    # Indicates whether there are restrictions on who can push. boolean. Should be set with whoCanPush.
+    restrictsPushes: false
+    # Restrict who can dismiss pull request reviews. boolean
+    restrictsReviewDismissals: false
+
+  - branchNamePattern: support/v1
+    # This branch pattern applies to the following branches as of 06/09/2024 20:45:44:
+    # support/v1
+
+    # Specifies whether this branch can be deleted. boolean
+    allowsDeletions: false
+    # Specifies whether forced pushes are allowed on this branch. boolean
+    allowsForcePushes: false
+    # Specifies whether new commits pushed to the matching branches dismiss pull request review approvals. boolean
+    dismissStaleReviews: true
+    # Specifies whether admins can overwrite branch protection. boolean
+    isAdminEnforced: false
+    # Indicates whether "Require a pull request before merging" is enabled. boolean
+    requiresPullRequestBeforeMerging: true
+    # Specifies the number of pull request reviews before merging. int (0-6). Should be null/empty if PRs are not required
+    requiredApprovingReviewsCount: 1
+    # Require review from Code Owners. Requires requiredApprovingReviewsCount. boolean
+    requireCodeOwnersReview: true
+    # Are commits required to be signed. boolean. TODO: all contributors must have commit signing on local machines.
+    requiresCommitSignatures: false
+    # Are conversations required to be resolved before merging? boolean
+    requiresConversationResolution: true
+    # Are merge commits prohibited from being pushed to this branch. boolean
+    requiresLinearHistory: false
+    # Required status checks to pass before merging. Values can be any string, but if the value does not correspond to any existing status check, the status check will be stuck on pending for status since nothing exists to push an actual status
+    requiredStatusChecks:
+    - license/cla
+    - Continuous Integration
+    - CodeQL
+    # Require branches to be up to date before merging. This should be false since the repo contains autogenerated files. boolean
+    requiresStrictStatusChecks: false
+    # Indicates whether there are restrictions on who can push. boolean. Should be set with whoCanPush.
+    restrictsPushes: false
+    # Restrict who can dismiss pull request reviews. boolean
+    restrictsReviewDismissals: false

.github/workflows/codeql-analysis.yml

@@ -13,10 +13,10 @@ name: "CodeQL"
 
 on:
   push:
-    branches: [ master ]
+    branches: [ main, support/v1 ]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ master ]
+    branches: [ main, support/v1 ]
   schedule:
     - cron: '32 2 * * 6'
   workflow_dispatch:

.github/workflows/sonarcloud.yml

@@ -4,6 +4,7 @@ on:
   push:
     branches:
       - main
+      - support/v1
     paths-ignore: ['.vscode/**']
   pull_request:
     types: [opened, synchronize, reopened]
@@ -60,8 +61,8 @@ jobs:
           CoverletOutputFormat: 'opencover' # https://github.com/microsoft/vstest/issues/4014#issuecomment-1307913682
         shell: pwsh
         run: |
-          dotnet tool run dotnet-sonarscanner begin /k:"microsoft_OpenAPI.NET.OData" /o:"microsoft" /d:sonar.token="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.opencover.reportsPaths="test/**/coverage.net7.0.opencover.xml"
+          dotnet tool run dotnet-sonarscanner begin /k:"microsoft_OpenAPI.NET.OData" /o:"microsoft" /d:sonar.token="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.opencover.reportsPaths="test/**/coverage.net8.0.opencover.xml"
           dotnet workload restore
           dotnet build
           dotnet test Microsoft.OpenApi.OData.sln --no-build --verbosity normal /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
-          dotnet tool run dotnet-sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}"
+          dotnet tool run dotnet-sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}"

.gitignore

@@ -1,7 +1,7 @@
 ## Ignore Visual Studio temporary files, build results, and
 ## files generated by popular Visual Studio add-ons.
 ##
-## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
+## Get latest from https://github.com/github/gitignore/blob/main/VisualStudio.gitignore
 
 # User-specific files
 *.suo

.vscode/settings.json

@@ -5,5 +5,6 @@
         "MD025": {
             "front_matter_title": ""
         }
-    }
+    },
+    "azure-pipelines.1ESPipelineTemplatesSchemaFile": true
 }

README.md

@@ -8,15 +8,15 @@ The **Microsoft.OpenAPI.OData.Reader** library helps represent an OData service
 
 The conversion is based on the mapping doc from [OASIS OData OpenAPI v1.0](https://www.oasis-open.org/committees/document.php?document_id=61852&wg_abbrev=odata) and uses the following :
 
-1. [Capabilities vocabulary annotation](https://github.com/oasis-tcs/odata-vocabularies/blob/master/vocabularies/Org.OData.Capabilities.V1.xml)
-2. [Authorization vocabulary annotation](https://github.com/oasis-tcs/odata-vocabularies/blob/master/vocabularies/Org.OData.Authorization.V1.xml)
-3. [Core vocabulary annotation](https://github.com/oasis-tcs/odata-vocabularies/blob/master/vocabularies/Org.OData.Core.V1.xml)
+1. [Capabilities vocabulary annotation](https://github.com/oasis-tcs/odata-vocabularies/blob/main/vocabularies/Org.OData.Capabilities.V1.xml)
+2. [Authorization vocabulary annotation](https://github.com/oasis-tcs/odata-vocabularies/blob/main/vocabularies/Org.OData.Authorization.V1.xml)
+3. [Core vocabulary annotation](https://github.com/oasis-tcs/odata-vocabularies/blob/main/vocabularies/Org.OData.Core.V1.xml)
 4. Navigation property path
 5. Edm operation and operation import path
 
 ## Overview
 
-The image below is generic overview of how this library can convert the EDM model to an [OpenAPI.NET document](https://github.com/Microsoft/OpenAPI.NET/blob/master/src/Microsoft.OpenApi/Models/OpenApiDocument.cs) object.
+The image below is generic overview of how this library can convert the EDM model to an [OpenAPI.NET document](https://github.com/Microsoft/OpenAPI.NET/blob/main/src/Microsoft.OpenApi/Models/OpenApiDocument.cs) object.
 
 ![Convert OData CSDL to OpenAPI](docs/images/odata-2-openapi.png "Map /// OData CSDL --> OpenAPI.NET")
 

src/OoasUtil/README.md

@@ -70,7 +70,7 @@ Indicate to output file name.
 
 `OoasUtil.exe -j -k -drs -drq -p -u -s 3 -i http://services.odata.org/TrippinRESTierService -o trip.json`
 
-The content of `trip.json` is similar at https://github.com/xuzhg/OData.OpenAPI/blob/master/Microsoft.OData.OpenAPI/Microsoft.OData.OpenAPI.Tests/Resources/TripService.OpenApi.json
+The content of `trip.json` is similar at https://github.com/xuzhg/OData.OpenAPI/blob/main/Microsoft.OData.OpenAPI/Microsoft.OData.OpenAPI.Tests/Resources/TripService.OpenApi.json
 
 # Alternative Tool - Hidi
 

tool/PoliCheck/RunPoliCheck.ps1

@@ -10,7 +10,7 @@ param(
 #Example: 
 # RunPoliCheck.ps1 -BuildSourceDir "C:\BuildAgent\_work\32\s" 
 #                  -folderName "src" 
-#                  -branchName "odata.net-master" 
+#                  -branchName "odata.net-main" 
 #                  -resultRoot "C:\Users\ODatabld\Documents\PoliCheck\LatestRunResult" 
 #                  -PoliCheckPath "C:\Program Files (x86)\Microsoft\PoliCheck\"
 #