[release/v7.4.15] Separate Official and NonOfficial templates for ADO pipelines#27140
Merged
adityapatwardhan merged 1 commit intoPowerShell:release/v7.4.15from Apr 3, 2026
Conversation
…hell#26897) Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
adityapatwardhan
added
the
CL-BuildPackaging
Contributor
There was a problem hiding this comment.
Pull request overview
Backport to release/v7.4.15 that restructures Azure DevOps pipeline definitions to split Official vs NonOfficial pipelines, using shared variable/stage templates to reduce drift and standardize artifact dependency wiring.
Changes:
- Extracted repeated
variables:andstages:blocks into reusable templates and updated Official pipelines to reference them. - Added new
.pipelines/NonOfficial/*pipeline definitions that hardcode NonOfficial governed templates and point to NonOfficial pipeline dependencies. - Introduced a shared release variable template and updated release publishing templates to reference the corrected path.
Reviewed changes
Copilot reviewed 22 out of 23 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
.pipelines/templates/variables/release-shared.yml |
New shared variable template for release jobs (signing/SDL toggles, groups, tag/version wiring). |
.pipelines/templates/variables/PowerShell-vPack-Variables.yml |
New shared variables template for vPack pipelines. |
.pipelines/templates/variables/PowerShell-Release-Variables.yml |
New shared variables template for release pipeline jobs. |
.pipelines/templates/variables/PowerShell-Release-Azure-Variables.yml |
New shared variables template for EV2/Azure release pipeline jobs. |
.pipelines/templates/variables/PowerShell-Packages-Variables.yml |
New shared variables template for packages pipeline jobs. |
.pipelines/templates/variables/PowerShell-Coordinated_Packages-Variables.yml |
New shared variables template for coordinated packages pipeline jobs. |
.pipelines/templates/stages/PowerShell-vPack-Stages.yml |
New shared stages template for vPack build/sign/repackage flow. |
.pipelines/templates/stages/PowerShell-Release-Stages.yml |
New shared stages template encapsulating the full release orchestration. |
.pipelines/templates/stages/PowerShell-Packages-Stages.yml |
New shared stages template for packaging build/sign/upload/validation. |
.pipelines/templates/stages/PowerShell-Coordinated_Packages-Stages.yml |
New shared stages template for coordinated builds (prep/mac/linux/windows/test+release json). |
.pipelines/templates/release-MSIX-Publish.yml |
Fix template reference path to ./variables/release-shared.yml. |
.pipelines/templates/release-githubNuget.yml |
Fix template reference path to ./variables/release-shared.yml in both jobs. |
.pipelines/PowerShell-vPack-Official.yml |
Refactored Official vPack pipeline to consume shared variables/stages templates. |
.pipelines/PowerShell-Release-Official.yml |
Refactored Official release pipeline to consume shared variables/stages templates. |
.pipelines/PowerShell-Release-Official-Azure.yml |
Refactored Official Azure release pipeline to consume shared variables template. |
.pipelines/PowerShell-Packages-Official.yml |
Refactored Official packages pipeline to consume shared variables/stages templates. |
.pipelines/PowerShell-Coordinated_Packages-Official.yml |
Refactored Official coordinated packages pipeline to consume shared variables/stages templates and updated CodeQL config block. |
.pipelines/NonOfficial/PowerShell-vPack-NonOfficial.yml |
New NonOfficial vPack pipeline definition referencing shared templates. |
.pipelines/NonOfficial/PowerShell-Release-NonOfficial.yml |
New NonOfficial release pipeline definition referencing shared templates and NonOfficial pipeline resources. |
.pipelines/NonOfficial/PowerShell-Release-Azure-NonOfficial.yml |
New NonOfficial Azure release pipeline definition using NonOfficial governed template. |
.pipelines/NonOfficial/PowerShell-Packages-NonOfficial.yml |
New NonOfficial packages pipeline definition referencing shared templates and NonOfficial dependencies. |
.pipelines/NonOfficial/PowerShell-Coordinated_Packages-NonOfficial.yml |
New NonOfficial coordinated packages pipeline definition referencing shared templates and NonOfficial governed template. |
.github/agents/SplitADOPipelines.agent.md |
New agent doc describing the standard refactor approach for splitting pipelines and extracting templates. |
Comment on lines
+204
to
+206
| inputs: | ||
| sourceScanPath: '$(repoRoot)\src' | ||
| ob_restore_phase: true |
There was a problem hiding this comment.
ob_restore_phase is being passed as an input to the Component Detection task, but it should be an environment variable (like other tasks above) or omitted. Leaving it under inputs may cause task validation failures due to an unexpected input.
Suggested change
| inputs: | |
| sourceScanPath: '$(repoRoot)\src' | |
| ob_restore_phase: true | |
| env: | |
| ob_restore_phase: true | |
| inputs: | |
| sourceScanPath: '$(repoRoot)\src' |
| - name: BuildConfiguration | ||
| value: Release | ||
| - name: WindowsContainerImage | ||
| value: 'onebranch.azurecr.io/windows/ltsc2019/vse2022:latest' |
There was a problem hiding this comment.
This refactor changes WindowsContainerImage from ltsc2022 to ltsc2019 for the vPack pipeline. If that wasn’t intentional, it can introduce toolset/compat differences and break builds compared to the previous pipeline behavior. Consider keeping the prior ltsc2022/vse2022 image (or document why vPack must stay on ltsc2019).
Suggested change
| value: 'onebranch.azurecr.io/windows/ltsc2019/vse2022:latest' | |
| value: 'onebranch.azurecr.io/windows/ltsc2022/vse2022:latest' |
| - name: LinuxContainerImage | ||
| value: mcr.microsoft.com/onebranch/azurelinux/build:3.0 | ||
| - name: WindowsContainerImage | ||
| value: onebranch.azurecr.io/windows/ltsc2019/vse2022:latest |
There was a problem hiding this comment.
This refactor changes WindowsContainerImage from ltsc2022 to ltsc2019 for coordinated packages. If unintentional, it can cause drift from the prior official pipeline configuration and impact build reliability/tooling availability. Consider restoring the previous ltsc2022/vse2022 image (or add context for why ltsc2019 is required here).
Suggested change
| value: onebranch.azurecr.io/windows/ltsc2019/vse2022:latest | |
| value: onebranch.azurecr.io/windows/ltsc2022/vse2022:latest |
| throw "No files found in $(Pipeline.Workspace)\Symbols_$(Architecture)" | ||
| } | ||
| $vpackFiles | ||
| displayName: Debug Output Directory and Version |
There was a problem hiding this comment.
There are two steps with the same displayName "Debug Output Directory and Version" in this stage, which can make logs harder to interpret when troubleshooting. Consider giving the later one a distinct display name (or removing redundancy).
Suggested change
| displayName: Debug Output Directory and Version | |
| displayName: Validate vPack Output Directory Contents |
daxian-dbw
approved these changes
Apr 2, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Backport of #26897 to release/v7.4.15
Triggered by @adityapatwardhan on behalf of @jshigetomi
Original CL Label: CL-BuildPackaging
/cc @PowerShell/powershell-maintainers
Impact
REQUIRED: Choose either Tooling Impact or Customer Impact (or both). At least one checkbox must be selected.
Tooling Impact
Aligns release/v7.4.15 ADO pipeline definitions with the updated Official/NonOfficial template split needed for 1ES drift management and consistent artifact dependency wiring.
Customer Impact
Regression
REQUIRED: Check exactly one box.
This is not a regression.
Testing
Verified clean cherry-pick onto release/v7.4.15. Resolved two template-conflict files by applying the PR's template-based stage indirection, preserving intended pipeline behavior while keeping release branch compatibility. Backport commit completed successfully and is ready for CI validation on the backport PR.
Risk
REQUIRED: Check exactly one box.
This change updates release pipeline definitions and stage orchestration. Scope is broad across packaging/release YAML, but it is a direct backport of a merged main-branch change and conflict resolution was limited to adopting the same template indirection approach from the original PR.
Merge Conflicts
Conflicts occurred in .pipelines/PowerShell-Coordinated_Packages-Official.yml and .pipelines/PowerShell-Release-Official.yml where release/v7.4.15 had expanded inline stage blocks. Resolved by taking the incoming template-based stage references from PR #26897 to maintain the intended Official/NonOfficial split and avoid partial refactor state.