From d243db7ba0c7366e4a570df18b5af0fc10a3076c Mon Sep 17 00:00:00 2001
From: cheng-tan <chengtan2013@gmail.com>
Date: Tue, 23 Jan 2024 11:00:23 -0500
Subject: [PATCH] Add policheck to azure pipeline (#1371)

* Add policheck to azure pipeline

* policheck only runs on windows

* try without exclusions arg
---
 azure-pipelines.yml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 azure-pipelines.yml

diff --git a/azure-pipelines.yml b/azure-pipelines.yml
new file mode 100644
index 000000000000..219b6f3915a8
--- /dev/null
+++ b/azure-pipelines.yml
@@ -0,0 +1,24 @@
+# Starter pipeline
+# Start with a minimal pipeline that you can customize to build and deploy your code.
+# Add steps that build, run tests, deploy, and more:
+# https://aka.ms/yaml
+
+trigger:
+- main
+
+pool:
+  vmImage: 'windows-latest'
+
+steps:
+- task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@2
+  displayName: 'Run PoliCheck'
+  inputs:
+    targetType: F
+    optionsPE: '1|2|3|4'
+
+- task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@2
+  displayName: 'Policheck Break Build'
+  inputs:
+    GdnBreakAllTools: false
+    GdnBreakGdnToolPoliCheck: true
+    GdnBreakGdnToolPoliCheckSeverity: Warning