Add ADO CI, SDL, and release pipelines with e2e test enablement#890
Add ADO CI, SDL, and release pipelines with e2e test enablement#890
Conversation
gladjohn
left a comment
gladjohn
left a comment
There was a problem hiding this comment.
Approved with comments. Please Add Python 3.14 to the matrix in .Pipelines/pipeline-publish.yml
There was a problem hiding this comment.
Pull request overview
Adds a manually triggered Azure DevOps publish pipeline (via .Pipelines/) intended to validate the release version, run the existing test matrix, build sdist/wheel, and publish msal to either test.pypi.org or pypi.org with environment-based approval gating for production releases.
Changes:
- Added a new multi-stage ADO pipeline (
pipeline-publish.yml) composed of reusable step templates for test, build, and publish. - Added documentation (
ADO-PUBLISH-SETUP.md) describing one-time Azure DevOps setup and release walkthrough steps. - Bumped
msalpackage version inmsal/sku.pyto1.35.2rc1.
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 8 comments.
Show a summary per file
| File | Description |
|---|---|
msal/sku.py |
Updates the library version used by packaging metadata (setup.cfg reads msal.__version__). |
.Pipelines/pipeline-publish.yml |
Defines Validate → CI → Build → Publish stages and routes publish target via a parameter. |
.Pipelines/template-run-tests.yml |
Installs dependencies and runs pytest, publishing JUnit results. |
.Pipelines/template-build-package.yml |
Builds sdist/wheel, runs twine check, and publishes dist/ as a pipeline artifact. |
.Pipelines/template-publish-package.yml |
Authenticates to a PyPI-compatible feed and uploads built artifacts via twine. |
.Pipelines/template-install-lab-cert.yml |
Retrieves and materializes a lab certificate from Key Vault (currently always invoked by test template). |
.Pipelines/ADO-PUBLISH-SETUP.md |
Documents required ADO service connections/environments and how to run the manual publish pipeline. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 7 out of 7 changed files in this pull request and generated 6 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 7 out of 7 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 4 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 5 out of 5 changed files in this pull request and generated 6 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 5 out of 5 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 6 out of 6 changed files in this pull request and generated 5 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 8 out of 8 changed files in this pull request and generated 10 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 8 out of 8 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
RyAuld
force-pushed
the
RyAuld/PyPI-ADO-PackagePublish
branch
from
70c7ec2 to
3821a67
Compare
RyAuld
changed the title
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 8 out of 8 changed files in this pull request and generated 2 comments.
Comments suppressed due to low confidence (1)
tests/test_e2e.py:62
_clean_env()is implemented here and also in tests/lab_config.py with nearly identical logic. To avoid drift and inconsistent behavior, consider centralizing this helper (e.g., make it a shared utility in tests/ or expose a single public helper from lab_config and reuse it here).
def _get_app_and_auth_code(
client_id,
client_secret=None,
authority="https://login.microsoftonline.com/common",
port=44331,
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
… undefined variable
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 8 out of 8 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 8 out of 8 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
… fix doc diagram, drop redundant import os
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 8 out of 8 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Summary
Sets up the full ADO CI/release pipeline infrastructure for the \msal\ Python package in IDDP. Previously, releases were managed manually. This PR covers three objectives:
Following the same template convention as MSAL.NET, shared stages live in \ emplate-pipeline-stages.yml\ and are called from thin top-level wrappers.
Pipeline Files
ADO Pipelines in IDDP
Latest successful builds:
Stage Flow
PR / CI build (\�zure-pipelines.yml)
\
PreBuildCheck (SDL) ─► CI (Python 3.9–3.14)
\\
Release build (\pipeline-publish.yml)
\
PreBuildCheck (SDL) ─► Validate ─► CI ─► Build ─┬─► PublishMSALPython (test.pypi.org)
└─► PublishPyPI (pypi.org via ESRP)
\\
Other Changes
Pending Before Release Can Publish
The pipeline infrastructure is complete. The following external approvals are still needed before a release can fully publish packages:
test.pypi.org (Preview / RC path)
pypi.org (ESRP Production path)
Post-Merge Actions (after this PR merges to \dev)