mirror of
https://github.com/saymrwulf/onnxruntime.git
synced 2026-05-24 22:17:32 +00:00
3641d184f8
### Description 1. Add pipauth to more ADO pipeline. (We will use a private ADO feed to fetch python packages in these pipeline, to improve security) 2. Enforce codeSignValidation(CSV). ### Motivation and Context Fulfill some internal compliance requirements.
41 lines
1.2 KiB
YAML
41 lines
1.2 KiB
YAML
trigger: none
|
|
resources:
|
|
repositories:
|
|
- repository: 1esPipelines
|
|
type: git
|
|
name: 1ESPipelineTemplates/1ESPipelineTemplates
|
|
ref: refs/tags/release
|
|
parameters:
|
|
- name: cmake_build_type
|
|
type: string
|
|
default: 'Release'
|
|
values:
|
|
- Debug
|
|
- Release
|
|
- RelWithDebInfo
|
|
- MinSizeRel
|
|
extends:
|
|
# The pipeline extends the 1ES PT which will inject different SDL and compliance tasks.
|
|
# For non-production pipelines, use "Unofficial" as defined below.
|
|
# For productions pipelines, use "Official".
|
|
template: v1/1ES.Official.PipelineTemplate.yml@1esPipelines
|
|
parameters:
|
|
sdl:
|
|
tsa:
|
|
enabled: true
|
|
codeSignValidation:
|
|
enabled: true
|
|
break: true
|
|
policheck:
|
|
enabled: true
|
|
exclusionsFile: '$(Build.SourcesDirectory)\tools\ci_build\policheck_exclusions.xml'
|
|
|
|
pool:
|
|
name: 'onnxruntime-Win-CPU-2022' # Name of your hosted pool
|
|
os: windows # OS of the image. This value cannot be a variable. Allowed values: windows, linux, macOS
|
|
|
|
stages:
|
|
- template: stages/py-gpu-packaging-stage.yml
|
|
parameters:
|
|
enable_windows_dml: true
|
|
cmake_build_type: ${{ parameters.cmake_build_type }}
|