75 строки
3.7 KiB
YAML
75 строки
3.7 KiB
YAML
# Copyright (c) Microsoft Corporation. All rights reserved.
|
|
# Licensed under the MIT License.
|
|
|
|
# This pipeline was generated from the classic pipeline "Accessibility Insights Web SDT - CI" on 2023-12-08 with https://aka.ms/1ESPTMigration (v1.1.0): https://dev.azure.com/accessibility-insights-private/Accessibility%20Insights%20(private)/_build?definitionId=3
|
|
|
|
name: Accessibility Insights Web SDT - CI
|
|
resources:
|
|
repositories:
|
|
- repository: self
|
|
type: git
|
|
ref: refs/heads/main
|
|
- repository: 1esPipelines
|
|
type: git
|
|
name: 1ESPipelineTemplates/1ESPipelineTemplates
|
|
ref: refs/tags/release
|
|
trigger:
|
|
branches:
|
|
include:
|
|
- main
|
|
extends:
|
|
template: v1/1ES.Unofficial.PipelineTemplate.yml@1esPipelines
|
|
parameters:
|
|
pool:
|
|
os: windows
|
|
image: windows-2022-secure
|
|
name: $(a11yInsightsPool)
|
|
sdl:
|
|
codeql:
|
|
compiled:
|
|
enabled: true
|
|
customBuildTags:
|
|
- MigrationTooling-accessibility-insights-private-Accessibility Insights (private)-3-Tool
|
|
stages:
|
|
- stage: Stage
|
|
jobs:
|
|
- job: Job_1
|
|
displayName: Agent job 1
|
|
steps:
|
|
- checkout: self
|
|
fetchTags: true
|
|
- task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@3
|
|
displayName: 'Run Credential Scanner'
|
|
inputs:
|
|
outputFormat: pre
|
|
debugMode: false
|
|
- task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@2
|
|
displayName: Run PoliCheck
|
|
- task: securedevelopmentteam.vss-secure-development-tools.build-task-report.SdtReport@2
|
|
displayName: Guardian Export
|
|
inputs:
|
|
GdnExportTsvFile: true
|
|
GdnExportHtmlFile: true
|
|
GdnExportAllTools: false
|
|
GdnExportGdnToolCredScan: true
|
|
GdnExportGdnToolCredScanSeverity: Warning
|
|
GdnExportGdnToolPoliCheck: true
|
|
GdnExportGdnToolPoliCheckSeverity: Warning
|
|
- task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@3
|
|
displayName: Publish Guardian Artifacts
|
|
inputs:
|
|
AllTools: false
|
|
CredScan: true
|
|
PoliCheck: true
|
|
- task: PowerShell@2
|
|
displayName: Create tsa.config
|
|
inputs:
|
|
targetType: filePath
|
|
filePath: tools\create-tsa-options.ps1
|
|
arguments: '-InstanceUrl "$(TSAInstanceUrl)" -ProjectName "$(TSAV2ProjectName)" -CodeBaseAdmins "$(TSACodeBaseAdmins)" -AreaPath "$(TSAV2AreaPath)" -IterationPath "$(TSAV2IterationPath)" -NotificationAliases "$(TSANotificationAlias)" -Tools "CredScan;PoliCheck" -OutputFile "$(Build.SourcesDirectory)\tsa.config"'
|
|
- task: securedevelopmentteam.vss-secure-development-tools.build-task-uploadtotsa.TSAUpload@2
|
|
displayName: TSA upload
|
|
inputs:
|
|
GdnPublishTsaOnboard: true
|
|
GdnPublishTsaConfigFile: $(Build.SourcesDirectory)\tsa.config
|