adopt governed template in release pipeline#372
Conversation
There was a problem hiding this comment.
Pull request overview
This PR migrates the release pipeline to use the 1ES governed pipeline template, aligning with Microsoft's security and compliance requirements for official build pipelines.
Key changes:
- Adopts the 1ES Official Pipeline Template (v1) with the extends pattern
- Adds network isolation policy configuration set to "Permissive,CFSClean"
- Restructures the pipeline to nest all stages under the template extension while preserving existing job logic
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| - download: microsoft_MSBuildLocator | ||
| displayName: 'Download Symbols Artifact' | ||
| artifact: Symbols | ||
| name: VSEngSS-MicroBuild2022-1ES |
There was a problem hiding this comment.
Trailing whitespace detected at the end of this line. This should be removed to maintain consistent formatting.
| name: VSEngSS-MicroBuild2022-1ES | |
| name: VSEngSS-MicroBuild2022-1ES |
| - job: PushToNuGet | ||
| displayName: 'Push to nuget.org' | ||
| steps: |
There was a problem hiding this comment.
The pool specification has been removed from the PushToNuGet job. While a default pool is configured at the template level (line 26-27), verify that this job should use the default pool rather than having an explicit pool specification. The RetainBuildJob and PublicNuGetRelease jobs previously used the same pool, but PushToNuGet had its own pool definition that is now removed.
2 participants
s360 item