# Copyright (c) Microsoft Corporation. All rights reserved.
# Licensed under the MIT License.

# This pipeline was generated from the classic pipeline "Accessibility Insights Web SDT - CI" on 2023-12-08 with https://aka.ms/1ESPTMigration (v1.1.0): https://dev.azure.com/accessibility-insights-private/Accessibility%20Insights%20(private)/_build?definitionId=3

name: Accessibility Insights Web SDT - CI
resources:
    repositories:
        - repository: self
          type: git
          ref: refs/heads/main
        - repository: 1esPipelines
          type: git
          name: 1ESPipelineTemplates/1ESPipelineTemplates
          ref: refs/tags/release
trigger:
    branches:
        include:
            - main
extends:
    template: v1/1ES.Unofficial.PipelineTemplate.yml@1esPipelines
    parameters:
        pool:
            os: windows
            image: windows-2022-secure
            name: $(a11yInsightsPool)
        sdl:
            codeql:
                compiled:
                    enabled: true
        customBuildTags:
            - MigrationTooling-accessibility-insights-private-Accessibility Insights (private)-3-Tool
        stages:
            - stage: Stage
              jobs:
                  - job: Job_1
                    displayName: Agent job 1
                    steps:
                        - checkout: self
                          fetchTags: true
                        - task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@3
                          displayName: 'Run Credential Scanner'
                          inputs:
                              outputFormat: pre
                              debugMode: false
                        - task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@2
                          displayName: Run PoliCheck
                        - task: securedevelopmentteam.vss-secure-development-tools.build-task-report.SdtReport@2
                          displayName: Guardian Export
                          inputs:
                              GdnExportTsvFile: true
                              GdnExportHtmlFile: true
                              GdnExportAllTools: false
                              GdnExportGdnToolCredScan: true
                              GdnExportGdnToolCredScanSeverity: Warning
                              GdnExportGdnToolPoliCheck: true
                              GdnExportGdnToolPoliCheckSeverity: Warning
                        - task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@3
                          displayName: Publish Guardian Artifacts
                          inputs:
                              AllTools: false
                              CredScan: true
                              PoliCheck: true
                        - task: PowerShell@2
                          displayName: Create tsa.config
                          inputs:
                              targetType: filePath
                              filePath: tools\create-tsa-options.ps1
                              arguments: '-InstanceUrl "$(TSAInstanceUrl)" -ProjectName "$(TSAV2ProjectName)" -CodeBaseAdmins "$(TSACodeBaseAdmins)" -AreaPath "$(TSAV2AreaPath)" -IterationPath "$(TSAV2IterationPath)" -NotificationAliases "$(TSANotificationAlias)" -Tools "CredScan;PoliCheck" -OutputFile "$(Build.SourcesDirectory)\tsa.config"'
                        - task: securedevelopmentteam.vss-secure-development-tools.build-task-uploadtotsa.TSAUpload@2
                          displayName: TSA upload
                          inputs:
                              GdnPublishTsaOnboard: true
                              GdnPublishTsaConfigFile: $(Build.SourcesDirectory)\tsa.config