Add compliance build pipeline yml file · microsoft/VSConfigFinder@0a87c39 (original) (raw)

3 files changed

lines changed

Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
1 +# Copyright (C) Microsoft Corporation. All rights reserved.
2 +# Licensed under the MIT license. See LICENSE.txt in the project root for license information.
3 +
4 +parameters:
5 +BuildConfiguration: Release
6 +
7 +steps:
8 +- task: UseDotNet@2
9 +displayName: 'Install .NET Core SDK'
10 +inputs:
11 +useGlobalJson: true
12 +
13 +- task: DotNetCoreCLI@2
14 +displayName: Build
15 +inputs:
16 +command: 'build'
17 +projects: 'VSConfigFinder'
18 +arguments: '--configuration $(BuildConfiguration)'
19 +
20 +- task: DotNetCoreCLI@2
21 +displayName: Test
22 +inputs:
23 +command: 'test'
24 +projects: 'VSConfigFinder.Test'
25 +arguments: '--configuration $(BuildConfiguration)'
26 +
27 +- task: DotNetCoreCLI@2
28 +displayName: Publish
29 +inputs:
30 +command: 'publish'
31 +arguments: '--no-build --configuration $(BuildConfiguration)'
32 +publishWebProjects: false
33 +zipAfterPublish: false
34 +
35 +- task: CopyFiles@2
36 +displayName: 'Copy build artifacts from: (Build.SourcesDirectory)VSConfigFinderbin(Build.SourcesDirectory)\VSConfigFinder\bin\(Build.SourcesDirectory)VSConfigFinderbin(BuildConfiguration)\** to $(Build.ArtifactStagingDirectory)\out'
37 +inputs:
38 +SourceFolder: $(Build.SourcesDirectory)\VSConfigFinder
39 +Contents: |
40 + bin\$(BuildConfiguration)\**
41 + TargetFolder: $(Build.ArtifactStagingDirectory)\out
42 +
43 +- task: PublishBuildArtifacts@1
44 +displayName: 'Publish build artifacts from: $(Build.ArtifactStagingDirectory)\out'
45 +inputs:
46 +PathtoPublish: $(Build.ArtifactStagingDirectory)\out
47 +ArtifactName: drop
48 +publishLocation: Container
Original file line number Diff line number Diff line change
@@ -32,44 +32,6 @@ steps:
32 32 env:
33 33 TeamName: '$(TeamName)'
34 34
35 -- task: UseDotNet@2
36 -displayName: 'Install .NET Core SDK'
37 -inputs:
38 -useGlobalJson: true
39 -
40 -- task: DotNetCoreCLI@2
41 -displayName: Build
42 -inputs:
43 -command: 'build'
44 -projects: 'VSConfigFinder'
45 -arguments: '--configuration $(BuildConfiguration)'
46 -
47 -- task: DotNetCoreCLI@2
48 -displayName: Test
49 -inputs:
50 -command: 'test'
51 -projects: 'VSConfigFinder.Test'
52 -arguments: '--configuration $(BuildConfiguration)'
53 -
54 -- task: DotNetCoreCLI@2
55 -displayName: Publish
56 -inputs:
57 -command: 'publish'
58 -arguments: '--no-build --configuration $(BuildConfiguration)'
59 -publishWebProjects: false
60 -zipAfterPublish: false
61 -
62 -- task: CopyFiles@2
63 -displayName: 'Copy build artifacts'
64 -inputs:
65 -SourceFolder: $(Build.SourcesDirectory)\VSConfigFinder
66 -Contents: |
67 - bin\$(BuildConfiguration)\**\publish\*
68 - TargetFolder: $(Build.ArtifactStagingDirectory)\out
69 -
70 -- task: PublishBuildArtifacts@1
71 -displayName: 'Publish build artifacts'
72 -inputs:
73 -PathtoPublish: $(Build.ArtifactStagingDirectory)\out
74 -ArtifactName: drop
75 -publishLocation: Container
35 +- template: build.yml
36 +parameters:
37 +BuildConfiguration: $(BuildConfiguration)
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
1 +# Copyright (C) Microsoft Corporation. All rights reserved.
2 +# Licensed under the MIT license. See LICENSE.txt in the project root for license information.
3 +
4 +variables:
5 +BuildConfiguration: Release
6 +TeamName: vssetup
7 +
8 +trigger:
9 +batch: true
10 +branches:
11 +include:
12 + - main
13 +paths:
14 +exclude:
15 + - README.md
16 +
17 +pr: none
18 +
19 +queue:
20 +name: VSEngSS-MicroBuild2019-1ES
21 +timeoutInMinutes: 120
22 +
23 +steps:
24 +- template: build.yml
25 +parameters:
26 +BuildConfiguration: $(BuildConfiguration)
27 +
28 +- task: BinSkim@4
29 +displayName: 'Run BinSkim'
30 +inputs:
31 +InputType: Basic
32 +Function: analyze
33 +TargetPattern: guardianGlob
34 +AnalyzeTargetGlob: '$(Build.ArtifactStagingDirectory)\**.dll;$(Build.ArtifactStagingDirectory)\**.exe;-:f|$(Build.ArtifactStagingDirectory)\**clrjit.dll;-:f
35 +AnalyzeVerbose: true
36 +AnalyzeHashes: true
37 +continueOnError: true
38 +
39 +- task: ComponentGovernanceComponentDetection@0
40 +displayName: 'Run Component Detection'
41 +inputs:
42 +sourceScanPath: $(Build.SourcesDirectory)
43 +continueOnError: True
44 +
45 +- task: RoslynAnalyzers@3
46 +displayName: 'Run Roslyn Analyzers'
47 +inputs:
48 +userProvideBuildInfo: auto
49 +rulesetName: Recommended
50 +rulesetVersion: Latest
51 +condition: succeededOrFailed()
52 +continueOnError: True
53 +env:
54 +system_accesstoken: $(System.AccessToken)
55 +
56 +- task: PoliCheck@2
57 +displayName: 'Run PoliCheck'
58 +inputs:
59 +targetType: F
60 +targetArgument: '$(Build.SourcesDirectory)'
61 +optionsFC: 0
62 +optionsXS: 1
63 +optionsHMENABLE: 0
64 +continueOnError: true
65 +
66 +- task: CredScan@2
67 +displayName: 'Run CredScan'
68 +inputs:
69 +debugMode: false
70 +
71 +- task: PublishSecurityAnalysisLogs@2
72 +displayName: 'Publish Security Analysis Logs'
73 +
74 +- task: PostAnalysis@1
75 +displayName: 'Check SDL results'
76 +inputs:
77 +AllTools: true
78 +
79 +- task: MicroBuildCleanup@1
80 +displayName: 'Clean up'
81 +condition: succeededOrFailed()