From 8ce51fa02e4b4de166ad723db5c21ac8d2039804 Mon Sep 17 00:00:00 2001
From: Miha Zupan <mihazupan.zupan1@gmail.com>
Date: Mon, 8 Apr 2024 13:43:41 +0200
Subject: [PATCH 1/2] Remove CodeQL scheduled runs

---
 azure-pipelines.yml | 138 +++++++++++++++-----------------------------
 1 file changed, 46 insertions(+), 92 deletions(-)

diff --git a/azure-pipelines.yml b/azure-pipelines.yml
index d9a5d9078..c85d23ed7 100644
--- a/azure-pipelines.yml
+++ b/azure-pipelines.yml
@@ -1,19 +1,3 @@
-schedules:
-- cron: 0 9 * * 1
-  displayName: "Run CodeQL3000 weekly, Monday at 2:00 AM PDT"
-  branches:
-    include:
-    - release/*
-    - main
-    exclude:
-    - release/1.*
-  always: true
-
-parameters:
-- name: runCodeQL3000
-  default: false
-  displayName: Run CodeQL3000 tasks
-  type: boolean
 variables:
   # Needed for Arcade template
 - name: _TeamName
@@ -27,15 +11,9 @@ variables:
   value: true
 - name: _BuildConfig
   value: Release
-- name: runCodeQL3000
-  value: ${{ and(ne(variables['System.TeamProject'], 'public'), or(eq(variables['Build.Reason'], 'Schedule'), and(eq(variables['Build.Reason'], 'Manual'), eq(parameters.runCodeQL3000, 'true')))) }}
 - template: /eng/common/templates/variables/pool-providers.yml@self
 - name: skipComponentGovernanceDetection
   value: true
-- name: Codeql.SkipTaskAutoInjection
-  value: true
-- ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest'), ne(variables.runCodeQL3000, 'true')) }}:
-  - group: YARP-SDLValidation-Params
 
 trigger:
   batch: true
@@ -74,10 +52,10 @@ extends:
       jobs:
       - template: /eng/common/templates-official/jobs/jobs.yml@self
         parameters:
-          enableMicrobuild: ${{ ne(variables.runCodeQL3000, 'true') }}
+          enableMicrobuild: true
           enablePublishBuildArtifacts: true
-          enablePublishTestResults: ${{ ne(variables.runCodeQL3000, 'true') }}
-          enablePublishBuildAssets: ${{ ne(variables.runCodeQL3000, 'true') }}
+          enablePublishTestResults: true
+          enablePublishBuildAssets: true
           enablePublishUsingPipelines: ${{ variables._PublishUsingPipelines }}
           enableTelemetry: true
           mergeTestResults: true
@@ -87,76 +65,52 @@ extends:
               name: $(DncEngInternalBuildPool)
               image: 1es-windows-2022-pt
               os: windows
-            ${{ if eq(variables.runCodeQL3000, 'true') }}:
-              disableComponentGovernance: true
-              enableSbom: false
             variables:
-            - ${{ if eq(variables.runCodeQL3000, 'true') }}:
-              - _OfficialBuildArgs: /p:Test=false /p:Sign=false /p:Pack=false /p:Publish=false /p:UseSharedCompilation=false
-              - _SignType: none
-              - skipNugetSecurityAnalysis: true
-              - Codeql.Cadence: 0
-              - Codeql.Enabled: true
-              - Codeql.SourceRoot: src
-              - Codeql.TSAEnabled: ${{ eq(variables['Build.Reason'], 'Schedule') }}
-              - Codeql.TSAOptionsPath: '$(Build.SourcesDirectory)/.config/tsaoptions.json'
-            - ${{ if ne(variables.runCodeQL3000, 'true') }}:
-              - group: Publish-Build-Assets
-              - name: _OfficialBuildArgs
-                value: /p:DotNetSignType=$(_SignType) 
-                       /p:TeamName=$(_TeamName) 
-                       /p:DotNetPublishUsingPipelines=$(_PublishUsingPipelines) 
-                       /p:OfficialBuildId=$(BUILD.BUILDNUMBER)
-              - name: _SignType
-                value: real
+            - group: Publish-Build-Assets
+            - name: _OfficialBuildArgs
+              value: /p:DotNetSignType=$(_SignType) 
+                     /p:TeamName=$(_TeamName) 
+                     /p:DotNetPublishUsingPipelines=$(_PublishUsingPipelines) 
+                     /p:OfficialBuildId=$(BUILD.BUILDNUMBER)
+            - name: _SignType
+              value: real
             steps:
             - checkout: self
               clean: true
-            - ${{ if eq(variables.runCodeQL3000, 'true') }}:
-              - task: CodeQL3000Init@0
-                displayName: CodeQL Initialize
-              - script: "echo ##vso[build.addbuildtag]CodeQL3000"
-                displayName: 'Set CI CodeQL3000 tag'
-                condition: ne(variables.CODEQL_DIST,'')
             - script: eng\common\cibuild.cmd -configuration $(_BuildConfig) -prepareMachine $(_OfficialBuildArgs)
               displayName: Build and Publish
-            - ${{ if eq(variables.runCodeQL3000, 'true') }}:
-              - task: CodeQL3000Finalize@0
-                displayName: CodeQL Finalize
-            - ${{ else }}:
-              - task: 1ES.PublishBuildArtifacts@1
-                displayName: Upload TestResults
-                condition: always()
-                continueOnError: true
-                inputs:
-                  PathtoPublish: artifacts/TestResults/$(_BuildConfig)/
-                  ArtifactName: $(Agent.Os)_$(Agent.JobName) TestResults
-                  PublishLocation: Container
-              - task: 1ES.PublishBuildArtifacts@1
-                displayName: Upload package artifacts
-                condition: and(succeeded(), eq(variables['system.pullrequest.isfork'], false), eq(variables['_BuildConfig'], 'Release'))
-                inputs:
-                  PathtoPublish: artifacts/packages/
-                  ArtifactName: artifacts
-                  PublishLocation: Container
-    - ${{ if ne(variables.runCodeQL3000, 'true') }}:
-      - template: /eng/common/templates-official/post-build/post-build.yml@self
-        parameters:
-          publishingInfraVersion: 3
-          enableSymbolValidation: false
-          enableSourceLinkValidation: false
-          enableSigningValidation: false
-          enableNugetValidation: false
-          SDLValidationParameters:
-            enable: true
-            continueOnError: false
-            params: ' -SourceToolsList @("policheck","credscan") 
-            -TsaInstanceURL $(_TsaInstanceURL) 
-            -TsaProjectName $(_TsaProjectName) 
-            -TsaNotificationEmail $(_TsaNotificationEmail) 
-            -TsaCodebaseAdmin $(_TsaCodebaseAdmin) 
-            -TsaBugAreaPath $(_TsaBugAreaPath) 
-            -TsaIterationPath $(_TsaIterationPath) 
-            -TsaRepositoryName "ReverseProxy" 
-            -TsaCodebaseName "ReverseProxy" 
-            -TsaPublish $True -PoliCheckAdditionalRunConfigParams @("UserExclusionPath < $(Build.SourcesDirectory)/eng/PoliCheckExclusions.xml")'
\ No newline at end of file
+            - task: 1ES.PublishBuildArtifacts@1
+              displayName: Upload TestResults
+              condition: always()
+              continueOnError: true
+              inputs:
+                PathtoPublish: artifacts/TestResults/$(_BuildConfig)/
+                ArtifactName: $(Agent.Os)_$(Agent.JobName) TestResults
+                PublishLocation: Container
+            - task: 1ES.PublishBuildArtifacts@1
+              displayName: Upload package artifacts
+              condition: and(succeeded(), eq(variables['system.pullrequest.isfork'], false), eq(variables['_BuildConfig'], 'Release'))
+              inputs:
+                PathtoPublish: artifacts/packages/
+                ArtifactName: artifacts
+                PublishLocation: Container
+    - template: /eng/common/templates-official/post-build/post-build.yml@self
+      parameters:
+        publishingInfraVersion: 3
+        enableSymbolValidation: false
+        enableSourceLinkValidation: false
+        enableSigningValidation: false
+        enableNugetValidation: false
+        SDLValidationParameters:
+          enable: true
+          continueOnError: false
+          params: ' -SourceToolsList @("policheck","credscan") 
+          -TsaInstanceURL $(_TsaInstanceURL) 
+          -TsaProjectName $(_TsaProjectName) 
+          -TsaNotificationEmail $(_TsaNotificationEmail) 
+          -TsaCodebaseAdmin $(_TsaCodebaseAdmin) 
+          -TsaBugAreaPath $(_TsaBugAreaPath) 
+          -TsaIterationPath $(_TsaIterationPath) 
+          -TsaRepositoryName "ReverseProxy" 
+          -TsaCodebaseName "ReverseProxy" 
+          -TsaPublish $True -PoliCheckAdditionalRunConfigParams @("UserExclusionPath < $(Build.SourcesDirectory)/eng/PoliCheckExclusions.xml")'
\ No newline at end of file

From 439037105a9f5c6c67423b7b95dc37579d911683 Mon Sep 17 00:00:00 2001
From: Miha Zupan <mihazupan.zupan1@gmail.com>
Date: Wed, 10 Apr 2024 14:26:36 +0200
Subject: [PATCH 2/2] Remove trailing spaces

---
 azure-pipelines.yml | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/azure-pipelines.yml b/azure-pipelines.yml
index c85d23ed7..9379bf3f6 100644
--- a/azure-pipelines.yml
+++ b/azure-pipelines.yml
@@ -28,7 +28,7 @@ pr:
   branches:
     include:
     - '*'
-    
+
 resources:
   repositories:
   - repository: MicroBuildTemplate
@@ -68,9 +68,9 @@ extends:
             variables:
             - group: Publish-Build-Assets
             - name: _OfficialBuildArgs
-              value: /p:DotNetSignType=$(_SignType) 
-                     /p:TeamName=$(_TeamName) 
-                     /p:DotNetPublishUsingPipelines=$(_PublishUsingPipelines) 
+              value: /p:DotNetSignType=$(_SignType)
+                     /p:TeamName=$(_TeamName)
+                     /p:DotNetPublishUsingPipelines=$(_PublishUsingPipelines)
                      /p:OfficialBuildId=$(BUILD.BUILDNUMBER)
             - name: _SignType
               value: real
@@ -104,13 +104,13 @@ extends:
         SDLValidationParameters:
           enable: true
           continueOnError: false
-          params: ' -SourceToolsList @("policheck","credscan") 
-          -TsaInstanceURL $(_TsaInstanceURL) 
-          -TsaProjectName $(_TsaProjectName) 
-          -TsaNotificationEmail $(_TsaNotificationEmail) 
-          -TsaCodebaseAdmin $(_TsaCodebaseAdmin) 
-          -TsaBugAreaPath $(_TsaBugAreaPath) 
-          -TsaIterationPath $(_TsaIterationPath) 
-          -TsaRepositoryName "ReverseProxy" 
-          -TsaCodebaseName "ReverseProxy" 
+          params: ' -SourceToolsList @("policheck","credscan")
+          -TsaInstanceURL $(_TsaInstanceURL)
+          -TsaProjectName $(_TsaProjectName)
+          -TsaNotificationEmail $(_TsaNotificationEmail)
+          -TsaCodebaseAdmin $(_TsaCodebaseAdmin)
+          -TsaBugAreaPath $(_TsaBugAreaPath)
+          -TsaIterationPath $(_TsaIterationPath)
+          -TsaRepositoryName "ReverseProxy"
+          -TsaCodebaseName "ReverseProxy"
           -TsaPublish $True -PoliCheckAdditionalRunConfigParams @("UserExclusionPath < $(Build.SourcesDirectory)/eng/PoliCheckExclusions.xml")'
\ No newline at end of file