[CI] Route Unofficial/fork-PR crate downloads through Mxc-Azure-Feed#541
Closed
bbonaby wants to merge 1 commit into
Closed
[CI] Route Unofficial/fork-PR crate downloads through Mxc-Azure-Feed#541bbonaby wants to merge 1 commit into
bbonaby wants to merge 1 commit into
Conversation
Switch Cargo.Setup.Public.yml to append the internal Mxc-Azure-Feed config (.azure-pipelines/.cargo/config.toml) to the workspace .cargo/config.toml instead of the public MxcDependencies feed (config.public.toml), to test whether the private feed removes the dependency on the public feed. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR changes the Azure Pipelines “Unofficial / fork-PR” Cargo setup step to append the internal Mxc-Azure-Feed Cargo registry config (instead of the anonymous public MxcDependencies feed), with the goal of routing crate downloads through the private feed under 1ES network isolation.
Changes:
- Update the Cargo setup template to append
.azure-pipelines/.cargo/config.toml(internal feed) into the workspace.cargo/config.toml. - Update the template’s description/display name to refer to Mxc-Azure-Feed rather than the public feed.
Comment on lines
+4
to
7
| # Appends the internal Mxc-Azure-Feed cargo feed (config.toml) to the | ||
| # workspace .cargo/config.toml. Used by Unofficial / fork-PR Rust steps so | ||
| # crate downloads work under 1ES pool network isolation (crates.io is not on | ||
| # the allowlist). Mirrors the Official setup step in Rust.Build.Steps.Official.yml. |
Comment on lines
+11
to
+12
| Add-Content -Path "$(Build.SourcesDirectory)/.cargo/config.toml" -Value ("`n" + (Get-Content -Raw "$(Build.SourcesDirectory)/.azure-pipelines/.cargo/config.toml")) | ||
| displayName: Setup Cargo Config (Mxc-Azure-Feed) |
Collaborator
Author
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Collaborator
Author
|
confirmed via the failures that we have to use the public feed |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
📖 Description
Updating azure PR builds to use the private feed instead of the public anonymous feed.
Only way for us to see if this is a viable option is try it out. Otherwise we need to add new dependencies to https://dev.azure.com/shine-oss/mxc/_artifacts/feed/MxcDependencies for PRs that update them.
🔗 References
🔍 Validation
✅ Checklist
📋 Issue Type
GitHub Actions runs the PR validation build automatically. The ADO pipeline
(
MXC-PR-Build) is the official build pipeline that signs the binaries; itruns on merge to
mainand nightly, and Microsoft reviewers can trigger iton a PR with
/azp run. See docs/pull-requests.md.Microsoft Reviewers: Open in CodeFlow