forked from microsoft/fluentui-android
-
Notifications
You must be signed in to change notification settings - Fork 2
/
fluentui-android-compliance.yml
44 lines (40 loc) · 1.7 KB
/
fluentui-android-compliance.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
jobs:
- job: compliance
displayName: Compliance checks
pool: microsoftdesign-windows-2019-small
steps:
- task: UseDotNet@2
condition: succeededOrFailed()
displayName: 'Use .NET Core sdk 3.x'
inputs:
version: 3.x
steps:
- task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@3
condition: succeededOrFailed()
displayName: '🧭 Run Credential Scanner'
inputs:
debugMode: false
SuppressionsPath: '.\\CredScanSuppressions.json'
- task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@3
displayName: '🧭 Publish Guardian Artifacts - All Tools'
inputs:
ArtifactType: M365
condition: succeededOrFailed()
- task: AssetRetention@3
displayName: 🧭 Arrow Retention
inputs:
ArrowServiceConnection: 'Arrow_uifabric_uifabric_PROD'
AssetGroupName: '$(System.TeamProject)_$(Build.DefinitionName)'
AssetNumber: '$(Build.BuildId)'
IsShipped: false
DropsToRetain: 'CodeAnalysisLogs'
condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/master'))
- task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@2
displayName: '🧭 Guardian Break'
inputs:
GdnBreakPolicyMinSev: Warning
GdnBreakAllTools: true
GdnBreakGdnToolESLint: true
GdnBreakGdnToolESLintSeverity: Warning
GdnBreakPolicy: M365
condition: succeededOrFailed()