[release/v7.4] Hardcode Official templates (#26928)#26962
[release/v7.4] Hardcode Official templates (#26928)#26962jshigetomi merged 1 commit intoPowerShell:release/v7.4.14from
Conversation
jshigetomi
added
the
CL-BuildPackaging
There was a problem hiding this comment.
Pull request overview
This PR backports the change to hardcode OneBranch Official governed templates in the release/v7.4 “Official” Azure Pipelines definitions, removing the queue-time OfficialBuild switch and forcing Production/Official template paths.
Changes:
- Remove the
OfficialBuildboolean parameter and associated conditional template selection in multiple “Official” pipelines. - Hardcode pipeline naming to include
prod.trueand hardcodeextends.templateto the Official OneBranch templates. - In the coordinated binaries pipeline, add a
FORCE_CODEQLparameter and set related variables while also forcingps_official_build: true.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
.pipelines/PowerShell-vPack-Official.yml |
Removes OfficialBuild parameter and hardcodes Official governed template usage. |
.pipelines/PowerShell-Release-Official.yml |
Forces Production/Official template and removes OfficialBuild toggle. |
.pipelines/PowerShell-Release-Official-Azure.yml |
Forces Official template and removes OfficialBuild toggle. |
.pipelines/PowerShell-Packages-Official.yml |
Forces Official template usage and hardcodes OfficialBuild: true when invoking MSIX bundle creation template. |
.pipelines/PowerShell-Coordinated_Packages-Official.yml |
Forces Official template usage, forces ps_official_build: true, and introduces FORCE_CODEQL parameter/variables. |
| - ${{ if eq(parameters['FORCE_CODEQL'],'true') }}: | ||
| # Cadence is hours before CodeQL will allow a re-upload of the database | ||
| - name: CodeQL.Cadence | ||
| value: 1 | ||
| - name: CODEQL_ENABLED |
There was a problem hiding this comment.
FORCE_CODEQL is described as enabling CodeQL, but this pipeline only sets CodeQL.Cadence/CODEQL_ENABLED here; the build templates it invokes (e.g. .pipelines/templates/windows-hosted-build.yml and linux.yml) gate CodeQL3000Init/Finalize strictly on Build.SourceBranch == refs/heads/master. That means FORCE_CODEQL: true won’t actually enable CodeQL runs on non-master branches. Consider wiring the CodeQL task conditions in those templates to variables['CODEQL_ENABLED'] (or similar), or rename/remove this parameter to avoid implying behavior it can’t provide.
Backport #26956