Change variable used to bypass nuget security scanning (#19953)

PowerShell · Jul 12, 2023 · 67025f1 · 67025f1
1 parent 351092f
commit 67025f1
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 4 deletions.
diff --git a/tools/releaseBuild/azureDevOps/compliance.yml b/tools/releaseBuild/azureDevOps/compliance.yml
@@ -24,6 +24,8 @@ variables:
     value: 1
   - name: POWERSHELL_TELEMETRY_OPTOUT
     value: 1
+  - name: nugetMultiFeedWarnLevel
+    value: none
   - name: NugetSecurityAnalysisWarningLevel
     value: none
   # Defines the variables AzureFileCopySubscription, StorageAccount, StorageAccountKey, StorageResourceGroup, StorageSubscriptionName

diff --git a/tools/releaseBuild/azureDevOps/releaseBuild.yml b/tools/releaseBuild/azureDevOps/releaseBuild.yml
@@ -32,6 +32,8 @@ variables:
     value: 1
   - name: POWERSHELL_TELEMETRY_OPTOUT
     value: 1
+  - name: nugetMultiFeedWarnLevel
+    value: none
   - name: NugetSecurityAnalysisWarningLevel
     value: none
   # Prevents auto-injection of nuget-security-analysis@0

diff --git a/tools/releaseBuild/azureDevOps/templates/insert-nuget-config-azfeed.yml b/tools/releaseBuild/azureDevOps/templates/insert-nuget-config-azfeed.yml
@@ -4,25 +4,34 @@ parameters:
 
 steps:
 - pwsh: |
+      $configPath = "${env:NugetConfigDir}/nuget.config"
       Import-Module ${{ parameters.repoRoot }}/build.psm1 -Force
-      New-NugetConfigFile -NugetFeedUrl $(AzDevOpsFeed) -UserName $(AzDevOpsFeedUserName) -ClearTextPAT $(AzDevOpsFeedPAT2) -FeedName AzDevOpsFeed -Destination '${{ parameters.repoRoot }}/src/Modules'
+      New-NugetConfigFile -NugetFeedUrl $(AzDevOpsFeed) -UserName $(AzDevOpsFeedUserName) -ClearTextPAT $(AzDevOpsFeedPAT2) -FeedName AzDevOpsFeed -Destination "${env:NugetConfigDir}"
 
-      if(-not (Test-Path "${{ parameters.repoRoot }}/src/Modules/nuget.config"))
+      if(-not (Test-Path $configPath))
       {
           throw "nuget.config is not created"
       }
+      Get-Content $configPath | Write-Verbose -Verbose
   displayName: 'Add nuget.config for Azure DevOps feed for PSGallery modules'
   condition: and(succeededOrFailed(), ne(variables['AzDevOpsFeed'], ''))
+  env:
+    NugetConfigDir: ${{ parameters.repoRoot }}/src/Modules
+
 - pwsh: |
+      $configPath = "${env:NugetConfigDir}/nuget.config"
       Import-Module ${{ parameters.repoRoot }}/build.psm1 -Force
-      New-NugetConfigFile -NugetFeedUrl $(PSInternalNugetFeed) -UserName $(PSInternalNugetFeedUserName) -ClearTextPAT $(PSInternalNugetFeedPAT) -FeedName AzDevOpsFeed -Destination '${{ parameters.repoRoot }}'
+      New-NugetConfigFile -NugetFeedUrl $(PSInternalNugetFeed) -UserName $(PSInternalNugetFeedUserName) -ClearTextPAT $(PSInternalNugetFeedPAT) -FeedName AzDevOpsFeed -Destination "${env:NugetConfigDir}"
 
-      if(-not (Test-Path "${{ parameters.repoRoot }}/nuget.config"))
+      if(-not (Test-Path $configPath))
       {
           throw "nuget.config is not created"
       }
+      Get-Content $configPath | Write-Verbose -Verbose
   displayName: 'Add nuget.config for Azure DevOps feed for packages'
   condition: and(succeededOrFailed(), ne(variables['PSInternalNugetFeed'], ''))
+  env:
+    NugetConfigDir: ${{ parameters.repoRoot }}
 
 - task: nuget-security-analysis@0
   displayName: 'Run Secure Supply Chain analysis'