Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

XS✔ ◾ Pipeline Compliance: Adding PoliCheck & Removing Superfluous Elements #441

Merged
merged 3 commits into from Nov 2, 2023
Merged

XS✔ ◾ Pipeline Compliance: Adding PoliCheck & Removing Superfluous Elements #441

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b81d0a2
Adding PoliCheck to pipeline
muiriswoulfe Nov 2, 2023
623aab2
Removing superfluous variables
muiriswoulfe Nov 2, 2023
5cb6399
Removing more superfluous variables
muiriswoulfe Nov 2, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
6 changes: 6 additions & 0 deletions .github/azure-devops/PoliCheckExclusions.xml
View file
Open in desktop
@@ -0,0 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<PoliCheckExclusions>
<Exclusion Type="FileName">LICENSE.txt|PACKAGE-LOCK.JSON</Exclusion>
<Exclusion Type="FolderPathStart">\DIST\</Exclusion><PoliCheckExclusions>
</PoliCheckExclusions>
</PoliCheckExclusions>
3 changes: 0 additions & 3 deletions .github/azure-devops/prod.yml
View file
Open in desktop
Expand Up @@ -49,9 +49,6 @@ extends:
name: Azure-Pipelines-1ESPT-ExDShared
os: linux
image: ubuntu-latest
variables:
- name: skipComponentGovernanceDetection
value: true
steps:
- checkout: none
displayName: Checkout
Expand Down
33 changes: 27 additions & 6 deletions .github/azure-devops/template.yml
View file
Open in desktop
Expand Up @@ -32,8 +32,6 @@ stages:
os: macOS
image: macos-latest
variables:
- name: skipComponentGovernanceDetection
value: true
- name: System.Debug
value: true
steps:
Expand Down Expand Up @@ -63,8 +61,6 @@ stages:
os: linux
image: ubuntu-latest
variables:
- name: skipComponentGovernanceDetection
value: true
- name: System.Debug
value: true
steps:
Expand Down Expand Up @@ -94,8 +90,6 @@ stages:
os: windows
image: windows-latest
variables:
- name: skipComponentGovernanceDetection
value: true
- name: System.Debug
value: true
steps:
Expand All @@ -114,4 +108,31 @@ stages:
!dist/*
!package-lock.json

- job: Validation
displayName: Validation
pool:
${{ if parameters.testInstance }}:
vmImage: windows-latest
${{ else }}:
name: Azure-Pipelines-1ESPT-ExDShared
os: windows
image: windows-latest
steps:
- task: PoliCheck@2
displayName: PoliCheck
inputs:
targetType: F
optionsFC: 1
optionsUEPATH: $(Build.SourcesDirectory)/.github/azure-devops/PoliCheckExclusions.xml

- task: PublishSecurityAnalysisLogs@3
displayName: Guardian – Publish Artifacts

- task: PostAnalysis@2
displayName: Guardian – Perform Analysis
inputs:
GdnBreakPolicyMinSev: Note
GdnBreakGdnToolGosecSeverity: Default
GdnBreakPolicy: M365

...