Merge pull request #23482 from microsoftgraph/1esconversion

Make API Doctor validation pipeline 1ES compliant

.azure-pipelines/.config/CredScanSuppressions.json

@@ -0,0 +1,57 @@
+{
+  "tool": "Credential Scanner",
+  "suppressions": [
+    {
+      "hash": "4HFMaPyHf2Oq0UHssXYQ+IzVZIRgG18pB/v4dtou7sw=",
+      "_justification": "authenticationmethod-resetpassword.md line 184 Sample password in JSON example"
+    },
+    {
+      "hash": "Dl8lVS64t7J9YPKUCrs6IvmGgwA9lkG/9TTJvKLyIfw=",
+      "_justification": "externallyaccessibleawsstoragebucketfinding-list.md line 118 Sample Azure storage account access key in JSON example"
+    },
+    {
+      "hash": "6uNofS5cYXMBA0lB/CvV80FLhrnf5Pgi8z1A4ouVNzE=",
+      "_justification": "security-passivednsrecord-get.md line 66 Sample general symmetric key in HTTP request example"
+    },
+    {
+      "hash": "DqnzqSuPoql8CRa0NwVQjvMWVEdB/1JVZhMLf5a7caw=",
+      "_justification": "serviceprincipal-createpasswordsinglesignoncredentials.md line 90 Sample common default password in JSON example"
+    },
+    {
+      "hash": "YGEAcd2dkpni4zKf2vds0XCBd4ETjyy6VSqP6wF8K4Y=",
+      "_justification": "security-whoishistoryrecord-get.md line 64 Sample symmetric key in HTTP request example"
+    },
+    {
+      "hash": "yuNZ6vrD0RfK/gi2biOeRwncQ7QBOUsptruQ9gF4fGE=",
+      "_justification": "user-changepassword.md line 67 Sample password in JSON example"
+    },
+    {
+      "hash": "XQQz4syNsXVwCQBB+ROKXms/PeYf1xxMiu93rtFGQzE=",
+      "_justification": "user-validatepassword.md line 69 Sample password in JSON example"
+    },
+    {
+      "hash": "449XS9qz2RDCs4hRlMopVw7CCRxp01qRBUh152CBj1w=",
+      "_justification": "send-sharing-invite-go-snippets.md line 40 Sample password in JSON example"
+    },
+    {
+      "hash": "ezuuJrz3tJVuhDI3QayaAQnoJmJ7OdePNofJCf9yRos=",
+      "_justification": "update-planneruser-go-snippets.md line 22 Sample general symmetric key in code snippets"
+    },
+    {
+      "hash": "4HFMaPyHf2Oq0UHssXYQ+IzVZIRgG18pB/v4dtou7sw=",
+      "_justification": "passwordauthenticationmethod-resetpassword-adminprovided-java-snippets.md line 9 Sample password in code snippets"
+    },
+    {
+      "hash": "pFG5S9mElRlcOZ+ByQRi1yN4nzkV+sW0DBJStZwB13I=",
+      "_justification": "application-saml-sso-configure-api.md line 1004 Sample general symmetric key in JSON example"
+    },
+    {
+      "hash": "lrucAcVPXoYUsoNE7NH+dQDxA5dKVl04BhLUkL2i+k8=",
+      "_justification": "auth-v2-service.md line 166 Sample Azure AD client secret in cURL example"
+    },
+    {
+      "hash": "Yq6kyr67P2hd5i71eNVIOL8EHosrVwv9Mg0R6PdiF6c=",
+      "_justification": "authenticationmethods-get-started.md line 451 Sample general password in JSON example"
+    }
+  ]
+}

Test-Docs.ps1

@@ -8,25 +8,35 @@ $apiDoctorNuGetVersion = $env:API_DOCTOR_NUGET_VERSION
 $apiDoctorGitRepoUrl = $env:API_DOCTOR_GIT_REPO_URL
 $apiDoctorGitBranch = $env:API_DOCTOR_GIT_BRANCH
 $docsRepoPath = (Get-Location).Path
-$docsSubPath = $env:APIDOCTOR_DOCSUBPATH
+$docsSubPath = $env:DOCS_SUB_PATH
 $downloadedApiDoctor = $false
 $downloadedNuGet = $false
 
-Write-Host "Repository location: ", $docsRepoPath
+if ($useNuGetPackage -eq $true) {
+	Write-Host "API Doctor NuGet Version: ", $apiDoctorNuGetVersion
+}
+else {
+	Write-Host "API Doctor Git Repo:"
+    Write-Host "- URL: $apiDoctorGitRepoUrl"
+    Write-Host "- Branch: $apiDoctorGitBranch"
+}
+
+Write-Host "Repository Location: ", $docsRepoPath
+Write-Host "Docs Subpath: ", $docsSubPath
 
 # Check if API Doctor source has been set
-if ($useNuGetPackage -and [string]::IsNullOrWhiteSpace($apiDoctorNuGetVersion)) {
+if ($useNuGetPackage -eq $true -and [string]::IsNullOrWhiteSpace($apiDoctorNuGetVersion)) {
 	Write-Host "API Doctor NuGet package version has not been set. Aborting..."
 	exit 1
 }
-elseif (!$useNuGetPackage -and [string]::IsNullOrWhiteSpace($apiDoctorGitRepoUrl)) {
+elseif ($useNuGetPackage -eq $false -and [string]::IsNullOrWhiteSpace($apiDoctorGitRepoUrl)) {
 	Write-Host "API Doctor Git Repo URL has not been set. Aborting..."
 	exit 1
 }
 
 # Check if docs subpath has been set
 if ([string]::IsNullOrWhiteSpace($docsSubPath)) {
-	Write-Host "API Doctor subpath has not been set. Aborting..."
+	Write-Host "Docs subpath has not been set. Aborting..."
 	exit 1
 }
 
@@ -56,15 +66,15 @@ else {
 	$apidocPath = Join-Path $docsRepoPath -ChildPath "apidoctor"
 	New-Item -ItemType Directory -Force -Path $apidocPath
 
-	if ($useNuGetPackage) {		
+	if ($useNuGetPackage -eq $true) {		
 		# Install API Doctor from NuGet
 		Write-Host "Running nuget.exe from ", $nugetPath
 		$nugetParams = "install", "ApiDoctor", "-Version", $apiDoctorNuGetVersion, "-OutputDirectory", $apidocPath, "-NonInteractive", "-DisableParallelProcessing"
 		& $nugetPath $nugetParams
 
 		if ($LastExitCode -ne 0) { 
 			# NuGet error, so we can't proceed
-			Write-Host "Error installing API Doctor from NuGet. Aborting."
+			Write-Host "Error installing API Doctor from NuGet. Aborting..."
 			Remove-Item $nugetPath
 			exit $LastExitCode
 		}

apidoctor.validation.yml

@@ -6,72 +6,112 @@
 trigger:
   branches:
     include:
-    - live
-    - main
+      - live
+      - main
   paths:
     include:
-    - api-reference/*
-    
+      - api-reference/*
+
 pr:
   branches:
     include:
-    - live
-    - main
+      - live
+      - main
   paths:
     include:
-    - api-reference/*
-
-pool:
-    vmImage: 'windows-latest'
-
+      - api-reference/*
+
 parameters:
   - name: useNuGetPackage
     displayName: "Use API Doctor NuGet Package (If disabled, source code from GitHub will be used)?"
     type: boolean
     default: true
-    
+
   - name: apiDoctorNuGetVersion
     default: "1.2.2312.152"
     displayName: "API Doctor NuGet Package Version"
-    
+
   - name: apiDoctorGitRepoUrl
     default: "https://github.com/OneDrive/apidoctor.git"
     displayName: "API Doctor Git Repo URL"
-    
+
   - name: apiDoctorGitBranch
     default: "master"
     displayName: "API Doctor Git branch"
 
-steps:
-  - checkout: self
-    displayName: 'Checkout Microsoft Graph docs'
-    clean: true
-    fetchDepth: 1
-
-  - task: UseDotNet@2
-    displayName: 'Use .NET Core SDK 6.x'
-    inputs:
-      version: 6.x
-
-  - task: PowerShell@2
-    displayName: 'Run API Doctor Script'
-    env:
-      USE_NUGET_PACKAGE: ${{ parameters.useNuGetPackage }}
-      API_DOCTOR_NUGET_VERSION: ${{ parameters.apiDoctorNuGetVersion }}
-      API_DOCTOR_GIT_REPO_URL: ${{ parameters.apiDoctorGitRepoUrl }}
-      API_DOCTOR_GIT_BRANCH: ${{ parameters.apiDoctorGitBranch }}
-    inputs:
-      filePath: Test-Docs.ps1
-      arguments: -cleanUp
-      script: |
-        Write-Host "Executing API Doctor script with the following parameters:"       
-        
-        if($env:USE_NUGET_PACKAGE -eq 'True') {
-            Write-Host " - API Doctor NuGet Version: $($env:API_DOCTOR_NUGET_VERSION)"
-        }
-        else 
-        {   
-            Write-Host "API Doctor Git Repo:"
-            Write-Host "- URL: $($env:API_DOCTOR_GIT_REPO_URL)"
-            Write-Host "- Branch: $($env:API_DOCTOR_GIT_BRANCH)"
-        }
+resources:
+  repositories:
+    - repository: 1ESPipelineTemplates
+      type: git
+      name: 1ESPipelineTemplates/1ESPipelineTemplates
+      ref: refs/tags/release
+
+extends:
+  template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates
+  parameters:
+    pool:
+      name: Azure-Pipelines-1ESPT-ExDShared
+      image: windows-2022
+      os: windows
+    sdl:
+      credscan:
+        suppressionsFile: $(Build.SourcesDirectory)\.azure-pipelines\.config\CredScanSuppressions.json
+    customBuildTags:
+      - ES365AIMigrationTooling
+
+    stages:
+      - stage: ValidateDocs
+        displayName: "Validate docs"
+        jobs:
+          - job: RunAPIDoctorScript
+            displayName: "Run API Doctor script"
+            variables:
+              USE_NUGET_PACKAGE: ${{ parameters.useNuGetPackage }}
+              API_DOCTOR_NUGET_VERSION: ${{ parameters.apiDoctorNuGetVersion }}
+              API_DOCTOR_GIT_REPO_URL: ${{ parameters.apiDoctorGitRepoUrl }}
+              API_DOCTOR_GIT_BRANCH: ${{ parameters.apiDoctorGitBranch }}
+            steps:
+              - pwsh: |
+                  Write-Host "Executing API Doctor script with the following parameters:"  
+                  if ($env:USE_NUGET_PACKAGE -eq $true) {
+                    if ([string]::IsNullOrWhiteSpace($env:USE_NUGET_PACKAGE)) {
+                      Write-Host "API Doctor NuGet package version has not been set. Aborting..."
+                      exit 1
+                    }
+                    Write-Host " - API Doctor NuGet Version: $($env:API_DOCTOR_NUGET_VERSION)"
+                  }
+                  else {
+                    if ([string]::IsNullOrWhiteSpace($env:API_DOCTOR_GIT_REPO_URL)) {
+                      Write-Host "API Doctor Git Repo URL has not been set. Aborting..."
+                      exit 1
+                    }              
+                    Write-Host " - API Doctor Git Repo URL: $($env:API_DOCTOR_GIT_REPO_URL)"
+                    Write-Host " - API Doctor Git Branch: $($env:API_DOCTOR_GIT_BRANCH)"
+                  }
+                displayName: "Evaluate pipeline parameters"
+
+              - checkout: self
+                displayName: "Checkout Microsoft Graph docs"
+                clean: true
+                fetchDepth: 1
+
+              - task: UseDotNet@2
+                displayName: "Use .NET Core SDK 6.x"
+                inputs:
+                  version: 6.x
+
+              - task: PowerShell@2
+                displayName: "Validate v1.0 docs"
+                env:
+                  DOCS_SUB_PATH: \api-reference\v1.0
+                inputs:
+                  filePath: Test-Docs.ps1
+                  arguments: -cleanUp
+
+              - task: PowerShell@2
+                displayName: "Validate beta docs"
+                env:
+                  DOCS_SUB_PATH: \api-reference\beta
+                inputs:
+                  filePath: Test-Docs.ps1
+                  arguments: -cleanUp