From a3770e189ffb878209c4614039856d2c30f3a412 Mon Sep 17 00:00:00 2001 From: ramsessanchez <63934382+ramsessanchez@users.noreply.github.com> Date: Thu, 23 Apr 2026 16:01:50 -0700 Subject: [PATCH] fix: remove public npm registry calls for network isolation compliance - Change networkIsolationPolicy from Permissive to Restricted in sdk-release.yml - Add customRegistry: useNpmrc to all Npm@1 tasks in install-tools.yml so AutoRest, AutorestCore, and Rush installs route through the private Azure Artifacts feed instead of the public npm registry Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .azure-pipelines/common-templates/install-tools.yml | 6 ++++++ .azure-pipelines/sdk-release.yml | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/.azure-pipelines/common-templates/install-tools.yml b/.azure-pipelines/common-templates/install-tools.yml index a4c9c40cc8..1c5f387d6d 100644 --- a/.azure-pipelines/common-templates/install-tools.yml +++ b/.azure-pipelines/common-templates/install-tools.yml @@ -53,18 +53,24 @@ steps: inputs: command: custom customCommand: install -g autorest@3.7.2 + customRegistry: useNpmrc + customEndpoint: '' - task: Npm@1 displayName: Install AutorestCore inputs: command: custom customCommand: install -g @autorest/core@3.10.4 + customRegistry: useNpmrc + customEndpoint: '' - task: Npm@1 displayName: Install Rush inputs: command: custom customCommand: install -g @microsoft/rush + customRegistry: useNpmrc + customEndpoint: '' - task: PowerShell@2 displayName: Rush Build diff --git a/.azure-pipelines/sdk-release.yml b/.azure-pipelines/sdk-release.yml index 6b7e8a0b8b..4a4ca999be 100644 --- a/.azure-pipelines/sdk-release.yml +++ b/.azure-pipelines/sdk-release.yml @@ -47,7 +47,7 @@ extends: parameters: pool: $(BuildAgent) settings: - networkIsolationPolicy: Permissive + networkIsolationPolicy: Restricted sdl: binskim: enabled: false