development/vscode
development/vscode
1
0
Fork 0
mirror of https://github.com/Microsoft/vscode synced 2024-08-27 13:00:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add steps to SDL pipeline (#195304)

Browse source 
* Add recommended publish logs task

* Add PS script analyzer
This commit is contained in:
Raymond Zhao 2023-10-10 14:37:56 -07:00 committed by GitHub
parent 52d845ac5c
commit 32ddc9b714
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
build/azure-pipelines/sdl-scan.yml
View file

@ -144,6 +144,12 @@ stages:
GITHUB_TOKEN: "$(github-distro-mixin-password)"
displayName: Download Symbols
- task: PSScriptAnalyzer@1
inputs:
Path: '$(Build.SourcesDirectory)'
Settings: required
Recurse: true
- task: BinSkim@4
inputs:
InputType: "Basic"
@ -164,6 +170,13 @@ stages:
SignatureFreshness: 'OneDay'
TreatStaleSignatureAs: 'Error'
- task: PublishSecurityAnalysisLogs@3
inputs:
ArtifactName: CodeAnalysisLogs
ArtifactType: Container
PublishProcessedResults: false
AllTools: true
- task: TSAUpload@2
inputs:
GdnPublishTsaOnboard: true