check to see if the SBOM needs to be regenerated before running the p…

…ipeline again
Azure · Feb 17, 2022 · 34c465d · 34c465d
1 parent 0219828
commit 34c465d
Showing 1 changed file with 53 additions and 2 deletions.
diff --git a/.azure-devops/prbuild/mlz-pr-sbom-pipelines.yml b/.azure-devops/prbuild/mlz-pr-sbom-pipelines.yml
@@ -14,12 +14,63 @@ pool:
   vmImage: ubuntu-latest
 
 jobs:
+- job: shouldGenerateSbom
+  displayName: 'Determine if SBOM needs to be generated'
+  steps:
+  - checkout: self
+
+  - bash: |
+      only_manifest_files=(
+        _manifest/manifest.json
+        _manifest/manifest.json.sha256
+        _manifest/spdx_2.2/manifest.spdx.json
+        _manifest/spdx_2.2/manifest.spdx.json.sha256
+      )
+
+      the_last_diff=( $(git log -1 --no-merges --name-only --pretty="") )
+
+      echo "only manifest files:"
+      echo ${only_manifest_files[*]}
+      echo ""
+
+      echo "the last git diff:"
+      echo ${the_last_diff[*]}
+      echo ""
+
+      BUILD_SBOM=true
+
+      if [[ "${the_last_diff[*]}" == "${only_manifest_files[*]}" ]]; then
+          BUILD_SBOM=false
+          echo "These changes are just the manifest files."
+      fi
+
+      echo "##vso[task.setvariable variable=BUILD_SBOM;isOutput=true]$BUILD_SBOM"
+      echo "BUILD_SBOM is $BUILD_SBOM"
+    name: determineSbom
+    displayName: 'Determine if SBOM needs to be built'
+
 - job: generateSbom
+  dependsOn: shouldGenerateSbom
+  condition: eq(dependencies.shouldGenerateSbom.outputs['determineSbom.BUILD_SBOM'], 'true')
   displayName: 'Generate SBOM'
   steps:
   - checkout: self
     persistCredentials: true
 
+  - bash: |
+      if [[ "$(Build.Reason)" == "Manual" ]]; then
+        SOURCE_BRANCH=$(Build.SourceBranch)
+      elif [[ "$(Build.Reason)" == "PullRequest" ]]; then
+        SOURCE_BRANCH=$(System.PullRequest.SourceBranch)
+      else
+        echo "This pipeline can only be invoked manually or on PR."
+        echo "Exiting."
+        exit 1
+      fi
+      echo "The source branch is $SOURCE_BRANCH"
+      echo "##vso[task.setvariable variable=SOURCE_BRANCH;]$SOURCE_BRANCH"
+    displayName: 'Determine the branch name'
+
   - bash: |
       cd $(Build.SourcesDirectory)
       rm -rf _manifest
@@ -59,11 +110,11 @@ jobs:
   - bash: |
       git config --global user.email "$BUILD_REQUESTEDFOREMAIL"
       git config --global user.name "$BUILD_REQUESTEDFOR"
-      git checkout -t origin $(Build.SourceBranch)
+      git checkout -t origin $(SOURCE_BRANCH)
       git add '_manifest/*'
       git status
       git commit -m "Update Software Bill of Materials (SBOM)"
-      git push --set-upstream origin HEAD:$(Build.SourceBranch)
+      git push --set-upstream origin HEAD:$(SOURCE_BRANCH)
     displayName: 'Commit SBOM changes back to source branch'
 
   - task: PublishBuildArtifacts@1