Skip to content

Remove OneBranchType parameter and use Official type only#3913

Merged
cheenamalhotra merged 5 commits intomainfrom
dev/cheena/fix-onebranch-templates
Feb 18, 2026
Merged

Remove OneBranchType parameter and use Official type only#3913
cheenamalhotra merged 5 commits intomainfrom
dev/cheena/fix-onebranch-templates

Conversation

@cheenamalhotra
Copy link
Member

@cheenamalhotra cheenamalhotra commented Jan 24, 2026
edited
Loading

Description

Updates ADO pipelines to use hardcoded OneBranch Official templates instead of parameterized template selection to meet 1ES governance and PRC compliance requirements.

Modified files

  • dotnet-sqlclient-signing-pipeline.yml
  • akv-official-pipeline.yml

Why

The parameterized approach (OneBranch.${{ parameters.oneBranchType }}.CrossPlat.yml) cannot be statically verified by Production Readiness Check and violates the requirement that production pipelines must always use Official templates.

NOTE: If Non-Official pipelines are needed, they should be created as separate pipelines.

@cheenamalhotra cheenamalhotra requested a review from a team as a code owner January 24, 2026 02:35
Copilot AI review requested due to automatic review settings January 24, 2026 02:35
@cheenamalhotra cheenamalhotra added the Area\Engineering Use this for issues that are targeted for changes in the 'eng' folder or build systems. label Jan 24, 2026
@cheenamalhotra cheenamalhotra added this to the 7.0.0-preview4 milestone Jan 24, 2026
Copilot AI reviewed Jan 24, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the governed OneBranch pipeline usage to always extend the Official CrossPlat template (removing runtime-selectable template choice) to satisfy 1ES/PRC compliance requirements.

Changes:

  • Removed the oneBranchType queue-time parameter from the affected pipelines.
  • Hardcoded extends.template to v2/OneBranch.Official.CrossPlat.yml@templates.
  • Simplified SDL configuration by removing conditional logic that only applied to non-official template selection.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
eng/pipelines/dotnet-sqlclient-signing-pipeline.yml Removes oneBranchType parameter, hardcodes Official template, and deletes non-official-only APIScan override logic.
eng/pipelines/akv-official-pipeline.yml Removes oneBranchType parameter, hardcodes Official template, and makes TSA always enabled (consistent with Official-only usage).

@codecov
Copy link

codecov bot commented Jan 24, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 67.56%. Comparing base (a4ccd62) to head (ab2c497).

❗ There is a different number of reports uploaded between BASE (a4ccd62) and HEAD (ab2c497). Click for more details.

HEAD has 1 upload less than BASE
Flag BASE (a4ccd62) HEAD (ab2c497)
addons 1 0
Additional details and impacted files 
@@             Coverage Diff             @@
##             main    #3913       +/-   ##
===========================================
- Coverage   90.82%   67.56%   -23.27%     
===========================================
  Files           6      263      +257     
  Lines         316    66170    +65854     
===========================================
+ Hits          287    44705    +44418     
- Misses         29    21465    +21436
Flag Coverage Δ
addons ?
netcore 67.56% <ø> (?)
netfx 66.55% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@paulmedynski
Copy link
Contributor

paulmedynski commented Jan 26, 2026

We definitely need NonOfficial versions of these pipelines. That is the only way we can run the pipelines from topic branches. Can you create them as part of this PR?

benrr101
benrr101 requested changes Jan 26, 2026
View reviewed changes
Copy link
Contributor

@benrr101 benrr101 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This needs to address nonofficial template builds

paulmedynski
paulmedynski reviewed Jan 27, 2026
View reviewed changes
Copy link
Contributor

@paulmedynski paulmedynski left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agree with @benrr101 - Need decidcated NonOfficial pipelines added.

@paulmedynski paulmedynski self-assigned this Jan 27, 2026
paulmedynski
paulmedynski previously approved these changes Jan 29, 2026
View reviewed changes
Copy link
Contributor

@paulmedynski paulmedynski left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we rename dotnet-sqlclient-signing-pipeline.yml to dotnet-sqlclient-official-pipeline.yml ?

Copilot AI review requested due to automatic review settings February 9, 2026 22:14
Copilot AI reviewed Feb 9, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 7 comments.

@cheenamalhotra cheenamalhotra requested review from a team, benrr101 and paulmedynski February 9, 2026 22:31
mdaigle
mdaigle previously approved these changes Feb 11, 2026
View reviewed changes
benrr101
benrr101 previously approved these changes Feb 11, 2026
View reviewed changes
Copy link
Contributor

@benrr101 benrr101 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks to be good - can you link to passing test runs of these pipelines in ADO?

samsharma2700
samsharma2700 previously approved these changes Feb 11, 2026
View reviewed changes
Copilot AI review requested due to automatic review settings February 17, 2026 18:28
@cheenamalhotra cheenamalhotra force-pushed the dev/cheena/fix-onebranch-templates branch from 23c4b58 to 6acf4ba Compare February 17, 2026 18:28
Copilot AI reviewed Feb 17, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 5 comments.

mdaigle
mdaigle approved these changes Feb 17, 2026
View reviewed changes
Copy link
Contributor

@mdaigle mdaigle left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We'll need to backport to 6.1 and 6.0

@cheenamalhotra cheenamalhotra merged commit 7d8c78f into main Feb 18, 2026
288 of 293 checks passed
@cheenamalhotra cheenamalhotra deleted the dev/cheena/fix-onebranch-templates branch February 18, 2026 10:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@mdaigle mdaigle mdaigle approved these changes

@benrr101 benrr101 benrr101 left review comments

@samsharma2700 samsharma2700 samsharma2700 left review comments

@paulmedynski paulmedynski Awaiting requested review from paulmedynski

Assignees

@paulmedynski paulmedynski

Labels

Area\Engineering Use this for issues that are targeted for changes in the 'eng' folder or build systems.

Projects

None yet

Milestone

7.0.0-preview4

Development

Successfully merging this pull request may close these issues.

5 participants

@cheenamalhotra @paulmedynski @benrr101 @mdaigle @samsharma2700

Comments