Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 12 additions & 6 deletions pipelines/azure-smoke-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,15 @@
# principal must hold the 'Key Vault Secrets User' RBAC role on the
# 'build-pipeline-kv' vault (the vault uses RBAC authorization, not access
# policies). Authorize the pipeline to use the connection on first run.
# * Pipeline variables (define in the pipeline UI or a linked variable group):
# - REGISTRY npm registry URL used by include-prepare-repo.yml to
# restore dependencies (internal Azure Artifacts feed).
#
# Dependency restore uses the PUBLIC npm registry (registry.npmjs.org), the same
# as the GitHub Actions build lanes (build_ts / build_package_shell) and local
# dev. This keeps the package source consistent across all CI and avoids failures
# where a freshly-published transitive version (e.g. from a Dependabot lockfile
# bump) is not yet present in an internal Azure Artifacts feed. The smoke tests
# only need the WIF service connection for Azure OpenAI secrets, which is
# independent of the npm registry — so no internal feed (or REGISTRY variable) is
# required here.

trigger:
branches:
Expand Down Expand Up @@ -86,13 +92,13 @@ jobs:
pool:
vmImage: $(image)
steps:
# Checkout + internal npm registry auth + Node + pnpm install
# (--frozen-lockfile --strict-peer-dependencies).
# Checkout + Node + pnpm install (--frozen-lockfile --strict-peer-dependencies).
# No 'registry' is passed, so install uses the default public npm registry —
# matching the GitHub Actions lanes and local dev.
- template: include-prepare-repo.yml
parameters:
buildDirectory: $(buildDirectory)
nodeVersion: $(nodeVersion)
registry: $(REGISTRY)

# keytar links against libsecret at runtime on Linux; install before any
# TypeAgent process (CLI / shell) loads the native module.
Expand Down
27 changes: 18 additions & 9 deletions pipelines/include-prepare-repo.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,13 @@ parameters:
type: string
- name: nodeVersion
type: string
# Optional npm registry. When set (e.g. an internal Azure Artifacts feed URL),
# an .npmrc is written and authenticated so pnpm restores from that feed. When
# omitted (empty), the build uses the default public npm registry
# (registry.npmjs.org) with no auth — matching the GitHub Actions lanes.
- name: registry
type: string
default: ""
# Set false to skip pnpm-store caching. Useful for manual/scheduled pipelines
# where the Windows post-job cache save can exceed its timeout and fail the job.
- name: enableCache
Expand All @@ -19,16 +24,20 @@ steps:
displayName: "Checkout TypeAgent Repository"
path: typeagent

- bash: |
echo "registry=${{ parameters.registry }}" > .npmrc
cat .npmrc
displayName: Set npm registry
workingDirectory: ${{ parameters.buildDirectory }}
# Only configure and authenticate a custom registry when one is supplied.
# When 'registry' is empty, these steps are skipped and pnpm uses the default
# public npm registry (no .npmrc, no auth) — same as the GitHub Actions lanes.
- ${{ if ne(parameters.registry, '') }}:
Comment thread
TalZaccai marked this conversation as resolved.
- bash: |
echo "registry=${{ parameters.registry }}" > .npmrc
cat .npmrc
displayName: Set npm registry
workingDirectory: ${{ parameters.buildDirectory }}

- task: npmAuthenticate@0
displayName: Authenticate to npm registry
inputs:
workingFile: ${{ parameters.buildDirectory }}/.npmrc
- task: npmAuthenticate@0
displayName: Authenticate to npm registry
inputs:
workingFile: ${{ parameters.buildDirectory }}/.npmrc

- task: UseNode@1
displayName: Setup Node.js v${{ parameters.nodeVersion }}
Expand Down
Loading