Wind010/azure-pipelines.yml

## azure-pipelines.yml
# .NET Core Function App to Windows on Azure
# Build a .NET Core function app and deploy it to Azure as a Windows function App.
# Add steps that analyze code, save build artifacts, deploy, and more:
# https://docs.microsoft.com/en-us/azure/devops/pipelines/languages/dotnet-core

name: $(Date:yyyyMMdd)$(Rev:.r)-$(SourceBranchName)

trigger:
- master
- develop

variables:
  # Azure Resource Manager connection created during pipeline creation
  azureSubscription: 'YOUR_SUBSCRIPTION_ID'

  # Agent VM image name
  vmImageName: 'ubuntu-latest'

  # Working Directory
  workingDirectory: ''

  projectName: 'payments-address'
  mainProject: 'Some.API.csproj'
  projectImageName: 'some.api'
  containerRepository: 'YOUR_AZURE_CONTAINER_REPOSITORY'
  tag: $(Build.BuildId)'

  # Snyk
  snykServiceConnectionName: 'YOUR Snyk Service Connection'
  snykOrgId: '4ba743f7-3efd-4a36-8476-2a9dc010abc9'

  buildPlatform: 'Any CPU'
  buildConfiguration: 'Release'
  runtime: 'win-x64'
  Version.MajorMinor: 1.0
  Version.Revision: $[counter(variables['Version.MajorMinor'], 0)]
  artifactName: $(Build.BuildId)-$(Build.SourceBranchName).zip

  # Artifact Name
  ${{ if eq(variables['Build.SourceBranchName'], 'master') }}:
    artifactName: $(Build.BuildId).zip

  # Artifact feed credentials
  AZURE_USERNAME: $(AccessTokenName)
  AZURE_ARTIFACT_TOKEN: $(AccessTokenValue)

stages:
- stage: Build
  displayName: Build Stage

  jobs:
  - job: Build
    displayName: Build
    pool:
      vmImage: 'windows-latest'

    steps:
    - task: DotNetCoreCLI@2
      displayName: Restore
      inputs:
        command: 'restore'
        projects: '**/*.csproj'
        feedsToUse: 'select'
        vstsFeed: 'YOUR_PACKAGE_FEED_ID'
        verbosityRestore: 'Minimal'

    - task: DotNetCoreCLI@2
      displayName: 'Build'
      inputs:
        command: 'build'
        projects: |
          **/*.csproj
        arguments: '--configuration $(buildConfiguration) '

    - task: DotNetCoreCLI@2
      displayName: 'Run Tests'
      inputs:
        command: test
        projects: '**/*[Tt]ests/**/*.csproj'
        #arguments: '--configuration $(buildConfiguration) --filter TestCategory!=Integration&TestCategory!=E2E --collect "Code coverage"'
        arguments: '--configuration $(buildConfiguration) --filter TestCategory!=Integration&TestCategory!=E2E --collect:"XPlat Code Coverage" /p:CollectCoverage=true /p:CoverletOutputFormat=cobertura'
        publishTestResults: true

    - task: reportgenerator@4
      displayName: 'Generate Code Coverage Report'
      inputs:
        reports: '$(Agent.TempDirectory)\**\coverage.cobertura.xml'
        targetdir: '$(Build.SourcesDirectory)\TestResults\CoverageReport'
        sourcedirs: '$(Build.SourcesDirectory)'

    - task: PublishCodeCoverageResults@1
      displayName: 'Publish Code Coverage Results'
      inputs:
        codeCoverageTool: 'Cobertura'
        summaryFileLocation: '$(Agent.TempDirectory)\**\coverage.cobertura.xml'
        #reportDirectory: '$(Build.SourcesDirectory)/**/Coverage'


    - task: SnykSecurityScan@0
      displayName: 'Snyk Scan Source Code'
      inputs:
        serviceConnectionEndpoint: $(snykServiceConnectionName)
        testType: 'app'
        severityThreshold: 'high'
        monitorOnBuild: true
        failOnIssues: false
        organization: $(snykOrgId)
        additionalArguments: '--all-projects --exclude=tests --detection-depth=8'

    - task: DotNetCoreCLI@2
      displayName: 'Dotnet Publish'
      inputs:
        command: publish
        publishWebProjects: True
        arguments: '--configuration $(BuildConfiguration) --output $(Build.ArtifactStagingDirectory)'
        zipAfterPublish: true

    - task: PublishBuildArtifacts@1
      inputs:
        PathtoPublish: '$(Build.ArtifactStagingDirectory)'
        ArtifactName: 'drop'
        publishLocation: 'Container'

    # Alternative working previously
    # - task: ArchiveFiles@2
    #   displayName: 'Archive files'
    #   inputs:
    #     rootFolderOrFile: '$(System.ArtifactStagingDirectory)'
    #     includeRootFolder: false
    #     archiveType: zip
    #     archiveFile: $(Build.ArtifactStagingDirectory)/$(artifactName)
    #     replaceExistingArchive: true


- stage: DockerBuild
  displayName: Docker Build Stage
  dependsOn: Build

  jobs:
  - job: DockerBuild
    displayName: 'Docker Image Build and Push'
    pool:
      vmImage: 'ubuntu-latest'

    steps:

    # https://github.com/Azure/azure-cli/issues/8305
    # - task: Docker@2
    #   displayName: 'Docker Image Build'
    #   inputs:
    #     containerRegistry: 'Cassa_Azure_Container_Registry'
    #     repository: 's00374acrcassa'
    #     command: 'build'
    #     Dockerfile: '$(Build.SourcesDirectory)/Dockerfile'
    #     arguments: AZURE_ARTIFACT_TOKEN=$(AccessTokenName),AZURE_USERNAME=$(- task: CmdLine@2
    #     tags: $(Build.BuildId)

    # - task: Docker@2
    #   displayName: 'Docker Image Push'
    #   inputs:
    #     containerRegistry: 'Cassa_Azure_Container_Registry'
    #     repository: 's00374acrcassa'
    #     command: 'push'
    #     tags: $(Build.BuildId)

    - task: Docker@2
      displayName: 'Azure Container Registry Login'
      inputs:
        containerRegistry: 'Cassa Azure Container Registry'
        command: 'login'

    - task: CmdLine@2
      displayName: 'Docker Build'
      inputs:
        script: 'docker build -t $(containerRepository)/$(projectImageName):$(tag) --build-arg AZURE_ARTIFACT_TOKEN=$(AccessTokenName) --build-arg AZURE_USERNAME=$(AccessTokenValue) .'
        #script: 'docker build -t s00374acrcassa.azurecr.io/payments-address.api:$(Build.BuildId) --build-arg AZURE_ARTIFACT_TOKEN=$(AccessTokenName) --build-arg AZURE_USERNAME=$(AccessTokenValue) .'

    - task: SnykSecurityScan@0
      displayName: 'Snyk Scan Container Image'
      inputs:
        serviceConnectionEndpoint: 'Snyk Service Connection'
        testType: 'container'
        dockerImageName: '$(containerRepository)/$(projectImageName):$(tag)'
        severityThreshold: 'high'
        monitorOnBuild: true
        failOnIssues: false
        organization: $(snykOrgId)

    - task: CmdLine@2
      displayName: 'Docker Push'
      inputs:
        script: 'docker push $(containerRepository)/$(projectImageName):$(tag)'
	# .NET Core Function App to Windows on Azure
	# Build a .NET Core function app and deploy it to Azure as a Windows function App.
	# Add steps that analyze code, save build artifacts, deploy, and more:
	# https://docs.microsoft.com/en-us/azure/devops/pipelines/languages/dotnet-core

	name: $(Date:yyyyMMdd)$(Rev:.r)-$(SourceBranchName)

	trigger:
	- master
	- develop

	variables:
	# Azure Resource Manager connection created during pipeline creation
	azureSubscription: 'YOUR_SUBSCRIPTION_ID'

	# Agent VM image name
	vmImageName: 'ubuntu-latest'

	# Working Directory
	workingDirectory: ''

	projectName: 'payments-address'
	mainProject: 'Some.API.csproj'
	projectImageName: 'some.api'
	containerRepository: 'YOUR_AZURE_CONTAINER_REPOSITORY'
	tag: $(Build.BuildId)'

	# Snyk
	snykServiceConnectionName: 'YOUR Snyk Service Connection'
	snykOrgId: '4ba743f7-3efd-4a36-8476-2a9dc010abc9'

	buildPlatform: 'Any CPU'
	buildConfiguration: 'Release'
	runtime: 'win-x64'
	Version.MajorMinor: 1.0
	Version.Revision: $[counter(variables['Version.MajorMinor'], 0)]
	artifactName: $(Build.BuildId)-$(Build.SourceBranchName).zip

	# Artifact Name
	${{ if eq(variables['Build.SourceBranchName'], 'master') }}:
	artifactName: $(Build.BuildId).zip

	# Artifact feed credentials
	AZURE_USERNAME: $(AccessTokenName)
	AZURE_ARTIFACT_TOKEN: $(AccessTokenValue)

	stages:
	- stage: Build
	displayName: Build Stage

	jobs:
	- job: Build
	displayName: Build
	pool:
	vmImage: 'windows-latest'

	steps:
	- task: DotNetCoreCLI@2
	displayName: Restore
	inputs:
	command: 'restore'
	projects: '*/.csproj'
	feedsToUse: 'select'
	vstsFeed: 'YOUR_PACKAGE_FEED_ID'
	verbosityRestore: 'Minimal'

	- task: DotNetCoreCLI@2
	displayName: 'Build'
	inputs:
	command: 'build'
	projects: \|
	*/.csproj
	arguments: '--configuration $(buildConfiguration) '

	- task: DotNetCoreCLI@2
	displayName: 'Run Tests'
	inputs:
	command: test
	projects: '*/[Tt]ests/*/.csproj'
	#arguments: '--configuration $(buildConfiguration) --filter TestCategory!=Integration&TestCategory!=E2E --collect "Code coverage"'
	arguments: '--configuration $(buildConfiguration) --filter TestCategory!=Integration&TestCategory!=E2E --collect:"XPlat Code Coverage" /p:CollectCoverage=true /p:CoverletOutputFormat=cobertura'
	publishTestResults: true

	- task: reportgenerator@4
	displayName: 'Generate Code Coverage Report'
	inputs:
	reports: '$(Agent.TempDirectory)\**\coverage.cobertura.xml'
	targetdir: '$(Build.SourcesDirectory)\TestResults\CoverageReport'
	sourcedirs: '$(Build.SourcesDirectory)'

	- task: PublishCodeCoverageResults@1
	displayName: 'Publish Code Coverage Results'
	inputs:
	codeCoverageTool: 'Cobertura'
	summaryFileLocation: '$(Agent.TempDirectory)\**\coverage.cobertura.xml'
	#reportDirectory: '$(Build.SourcesDirectory)/**/Coverage'


	- task: SnykSecurityScan@0
	displayName: 'Snyk Scan Source Code'
	inputs:
	serviceConnectionEndpoint: $(snykServiceConnectionName)
	testType: 'app'
	severityThreshold: 'high'
	monitorOnBuild: true
	failOnIssues: false
	organization: $(snykOrgId)
	additionalArguments: '--all-projects --exclude=tests --detection-depth=8'

	- task: DotNetCoreCLI@2
	displayName: 'Dotnet Publish'
	inputs:
	command: publish
	publishWebProjects: True
	arguments: '--configuration $(BuildConfiguration) --output $(Build.ArtifactStagingDirectory)'
	zipAfterPublish: true

	- task: PublishBuildArtifacts@1
	inputs:
	PathtoPublish: '$(Build.ArtifactStagingDirectory)'
	ArtifactName: 'drop'
	publishLocation: 'Container'

	# Alternative working previously
	# - task: ArchiveFiles@2
	# displayName: 'Archive files'
	# inputs:
	# rootFolderOrFile: '$(System.ArtifactStagingDirectory)'
	# includeRootFolder: false
	# archiveType: zip
	# archiveFile: $(Build.ArtifactStagingDirectory)/$(artifactName)
	# replaceExistingArchive: true


	- stage: DockerBuild
	displayName: Docker Build Stage
	dependsOn: Build

	jobs:
	- job: DockerBuild
	displayName: 'Docker Image Build and Push'
	pool:
	vmImage: 'ubuntu-latest'

	steps:

	# https://github.com/Azure/azure-cli/issues/8305
	# - task: Docker@2
	# displayName: 'Docker Image Build'
	# inputs:
	# containerRegistry: 'Cassa_Azure_Container_Registry'
	# repository: 's00374acrcassa'
	# command: 'build'
	# Dockerfile: '$(Build.SourcesDirectory)/Dockerfile'
	# arguments: AZURE_ARTIFACT_TOKEN=$(AccessTokenName),AZURE_USERNAME=$(- task: CmdLine@2
	# tags: $(Build.BuildId)

	# - task: Docker@2
	# displayName: 'Docker Image Push'
	# inputs:
	# containerRegistry: 'Cassa_Azure_Container_Registry'
	# repository: 's00374acrcassa'
	# command: 'push'
	# tags: $(Build.BuildId)

	- task: Docker@2
	displayName: 'Azure Container Registry Login'
	inputs:
	containerRegistry: 'Cassa Azure Container Registry'
	command: 'login'

	- task: CmdLine@2
	displayName: 'Docker Build'
	inputs:
	script: 'docker build -t $(containerRepository)/$(projectImageName):$(tag) --build-arg AZURE_ARTIFACT_TOKEN=$(AccessTokenName) --build-arg AZURE_USERNAME=$(AccessTokenValue) .'
	#script: 'docker build -t s00374acrcassa.azurecr.io/payments-address.api:$(Build.BuildId) --build-arg AZURE_ARTIFACT_TOKEN=$(AccessTokenName) --build-arg AZURE_USERNAME=$(AccessTokenValue) .'

	- task: SnykSecurityScan@0
	displayName: 'Snyk Scan Container Image'
	inputs:
	serviceConnectionEndpoint: 'Snyk Service Connection'
	testType: 'container'
	dockerImageName: '$(containerRepository)/$(projectImageName):$(tag)'
	severityThreshold: 'high'
	monitorOnBuild: true
	failOnIssues: false
	organization: $(snykOrgId)

	- task: CmdLine@2
	displayName: 'Docker Push'
	inputs:
	script: 'docker push $(containerRepository)/$(projectImageName):$(tag)'