| @@ -0,0 +1,79 @@ |
|
|
|
1 |
+# Copyright (C) Microsoft Corporation. All rights reserved. |
|
2 |
+# Licensed under the MIT license. See LICENSE.txt in the project root for license information. |
|
3 |
+ |
|
4 |
+trigger: |
|
5 |
+batch: true |
|
6 |
+branches: |
|
7 |
+include: |
|
8 |
+ - master |
|
9 |
+ - develop |
|
10 |
+paths: |
|
11 |
+exclude: |
|
12 |
+ - README.md |
|
13 |
+ |
|
14 |
+pr: none |
|
15 |
+ |
|
16 |
+queue: |
|
17 |
+name: VSEngSS-MicroBuild2019-1ES |
|
18 |
+timeoutInMinutes: 120 |
|
19 |
+demands: |
|
20 |
+ - MSBuild |
|
21 |
+ - VisualStudio |
|
22 |
+ - VSTest |
|
23 |
+ |
|
24 |
+steps: |
|
25 |
+- template: build/build.yml |
|
26 |
+parameters: |
|
27 |
+BuildConfiguration: $(BuildConfiguration) |
|
28 |
+BuildPlatform: $(BuildPlatform) |
|
29 |
+Sign: false |
|
30 |
+ |
|
31 |
+- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0 |
|
32 |
+displayName: Detect components |
|
33 |
+inputs: |
|
34 |
+sourceScanPath: $(Build.SourcesDirectory) |
|
35 |
+ |
|
36 |
+- task: RoslynAnalyzers@3 |
|
37 |
+inputs: |
|
38 |
+userProvideBuildInfo: 'autoMsBuildInfo' |
|
39 |
+env: |
|
40 |
+SYSTEM_ACCESSTOKEN: $(System.AccessToken) |
|
41 |
+ |
|
42 |
+- task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@1 |
|
43 |
+displayName: 'Run PoliCheck' |
|
44 |
+inputs: |
|
45 |
+targetType: F |
|
46 |
+targetArgument: '$(Build.SourcesDirectory)' |
|
47 |
+optionsFC: 0 |
|
48 |
+optionsXS: 1 |
|
49 |
+optionsHMENABLE: 0 |
|
50 |
+continueOnError: true |
|
51 |
+ |
|
52 |
+- task: securedevelopmentteam.vss-secure-development-tools.build-task-binskim.BinSkim@3 |
|
53 |
+displayName: 'Run BinSkim' |
|
54 |
+inputs: |
|
55 |
+InputType: Basic |
|
56 |
+Function: analyze |
|
57 |
+AnalyzeTarget: '$(Build.SourcesDirectory)\src\VSSetup.PowerShell\bin\$(BuildConfiguration)\*.dll' |
|
58 |
+AnalyzeSymPath: '$(Build.SourcesDirectory)\src\VSSetup.PowerShell\bin\$(BuildConfiguration)' |
|
59 |
+AnalyzeVerbose: true |
|
60 |
+AnalyzeHashes: true |
|
61 |
+continueOnError: true |
|
62 |
+ |
|
63 |
+- task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2 |
|
64 |
+displayName: 'Run CredScan' |
|
65 |
+inputs: |
|
66 |
+debugMode: false |
|
67 |
+ |
|
68 |
+# Publish compliance results |
|
69 |
+- task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@2 |
|
70 |
+displayName: 'Publish Security Analysis Logs' |
|
71 |
+ |
|
72 |
+- task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@1 |
|
73 |
+displayName: Check SDL results |
|
74 |
+inputs: |
|
75 |
+AllTools: true |
|
76 |
+ |
|
77 |
+- task: ms-vseng.MicroBuildTasks.521a94ea-9e68-468a-8167-6dcf361ea776.MicroBuildCleanup@1 |
|
78 |
+displayName: Clean up |
|
79 |
+condition: succeededOrFailed() |