removed codeql from pipeline, new one for codeql (#2107)

2022-11-16 13:02:17 -08:00 · 2022-11-16 13:02:17 -08:00 · 39a65cc338
--- a/azure-pipelines-codeql.yml
+++ b/azure-pipelines-codeql.yml
@ -0,0 +1,64 @@
+parameters:
+  # Optionally do not publish to TSA. Useful for e.g. verifying fixes before PR.
+- name: TSAEnabled
+  displayName: Publish results to TSA
+  type: boolean
+  default: true
+
+variables:
+- template: eng/common-variables.yml
+- template: eng/common/templates/variables/pool-providers.yml
+  # CG is handled in the primary CI pipeline
+- name: skipComponentGovernanceDetection
+  value: true
+  # Force CodeQL enabled so it may be run on any branch
+- name: Codeql.Enabled
+  value: true
+  # Do not let CodeQL 3000 Extension gate scan frequency
+- name: Codeql.Cadence
+  value: 0
+  # CodeQL needs this plumbed along as a variable to enable TSA
+- name: Codeql.TSAEnabled
+  value: ${{ parameters.TSAEnabled }}
+
+  # Build variables
+- name: _BuildConfig
+  value: Release
+
+trigger: none
+
+schedules:
+  - cron: 0 12 * * 1
+    displayName: Weekly Monday CodeQL run
+    branches:
+      include:
+      - main
+      - release/6.0
+      - release/7.0
+    always: true
+
+jobs:
+- job: codeql
+  displayName: CodeQL
+  pool:
+    name: $(DncEngInternalBuildPool)
+    demands: ImageOverride -equals 1es-windows-2022
+  timeoutInMinutes: 90
+
+  steps:
+
+  - task: UseDotNet@2
+    inputs:
+      useGlobalJson: true
+
+  - task: CodeQL3000Init@0
+    displayName: CodeQL Initialize
+
+  - script: eng\common\cibuild.cmd
+      -configuration $(_BuildConfig)
+      -prepareMachine
+      /p:Test=false
+    displayName: Windows Build
+
+  - task: CodeQL3000Finalize@0
+    displayName: CodeQL Finalize
--- a/azure-pipelines.yml
+++ b/azure-pipelines.yml
@ -17,8 +17,6 @@ variables:
    value: true
  - name: _DotNetArtifactsCategory
    value: .NETCore
-  - name: Codeql.Enabled
-    value: true

  # used for post-build phases, internal builds only
  - ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}:
@ -40,7 +38,7 @@ stages:
      codeSign: true
      jobs:
      - job: Windows_NT
-        timeoutInMinutes: 180
+        timeoutInMinutes: 120
        pool:
          # For public or PR jobs, use the hosted pool.  For internal jobs use the internal pool.
          # Will eventually change this to two BYOC pools.