diff options
author | CartBlanche <savagesoftware@gmail.com> | 2020-08-02 15:23:32 +0300 |
---|---|---|
committer | CartBlanche <savagesoftware@gmail.com> | 2020-08-02 15:23:32 +0300 |
commit | ba2a788405d33f8dc6e9bda8ed26826d4bc949db (patch) | |
tree | a21921f0697e73fd79875258ac6ece1f6c6e9e02 /azure-pipelines.yaml | |
parent | bf6ffc813270a42136d223f3d7f3f0d06d7d988f (diff) |
Add TSA compliance check, as per work done by Michael for Designer repo.
Diffstat (limited to 'azure-pipelines.yaml')
-rw-r--r-- | azure-pipelines.yaml | 43 |
1 files changed, 33 insertions, 10 deletions
diff --git a/azure-pipelines.yaml b/azure-pipelines.yaml index 4f8895a..5a6113c 100644 --- a/azure-pipelines.yaml +++ b/azure-pipelines.yaml @@ -24,16 +24,7 @@ stages: - stage: code_analysis displayName: Code Analysis jobs: - # Check - "PoliCheck" - - job: run_policheck_compliance - displayName: 'Policheck Compliance' - pool: $(HostedWinVS2019) - timeoutInMinutes: 60 - cancelTimeoutInMinutes: 5 - steps: - - checkout: self - - template: security/policheck/v1.yml@templates - # Check - "Xamarin PropertyEditing (Code Analysis CredScan)" + # Check - "Code Analysis CredScan" - job: run_static_analysis displayName: CredScan pool: $(HostedWinVS2019) @@ -45,6 +36,38 @@ stages: parameters: credScanSuppressionsFile: $(System.DefaultWorkingDirectory)/CredScanSuppressions.json + # Check - "Code Analysis Policheck Compliance" + - job: run_policheck_compliance + displayName: 'Policheck Compliance' + pool: $(HostedWinVS2019) + timeoutInMinutes: 60 + cancelTimeoutInMinutes: 5 + steps: + - checkout: self + - template: security/policheck/v1.yml@templates + + - task: securedevelopmentteam.vss-secure-development-tools.build-task-uploadtotsa.TSAUpload@1 + displayName: 'TSA V2 upload to designer_master' + inputs: + tsaVersion: TsaV2 + codeBaseName: 'designer_master' + uploadAPIScan: false + uploadBinSkim: false + uploadCredScan: false + uploadFortifySCA: false + uploadFxCop: false + uploadModernCop: false + uploadPREfast: false + uploadRoslyn: false + uploadTSLint: false + validateCompatibility: Warning + enabled: false + + - task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@1 + displayName: 'Post Analysis' + inputs: + AllTools: true + - stage: Windows dependsOn: [] jobs: |