Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added credscan steps for python #16136

Merged
merged 9 commits into from
Jan 20, 2021
Merged

Added credscan steps for python #16136

Changes from 2 commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
cd27470
Added credscan steps for python
sima-zhu Jan 13, 2021
35a334b
Update aggregate-reports.yml for Azure Pipelines
sima-zhu Jan 13, 2021
b409889
Added suppression files
sima-zhu Jan 13, 2021
48713e2
Merge branch 'credscan' of https://github.com/Azure/azure-sdk-for-pyt…
sima-zhu Jan 13, 2021
97a170f
generate the baseline file first
sima-zhu Jan 15, 2021
4694a32
Using baseline files
sima-zhu Jan 15, 2021
1d008f4
Added credscan steps for python
sima-zhu Jan 15, 2021
c54b1d6
Merge branch 'credscan' of https://github.com/Azure/azure-sdk-for-pyt…
sima-zhu Jan 15, 2021
faf6cf1
Added suppression files
sima-zhu Jan 20, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions eng/pipelines/aggregate-reports.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,24 @@ jobs:
vmImage: 'windows-2019'

steps:
- task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2
displayName: 'Run CredScan'
inputs:
toolMajorVersion: V2
outputFormat: sarif
suppressionsFile: eng/CredScanSuppression.json
- task: ms-codeanalysis.vss-microsoft-security-code-analysis-devops.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@2
displayName: 'Publish Security Analysis Logs'
inputs:
CredScan: true
- task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@1
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this the step that fails if there are issues or is it the Run step.

displayName: 'Post Analysis'
inputs:
CredScan: true
- template: ../common/pipelines/templates/steps/verify-links.yml
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why did you duplicate the link checking?

parameters:
Directory: ""
CheckLinkGuidance: $true
- template: /eng/pipelines/templates/steps/analyze_dependency.yml

- task: AzureFileCopy@2
Expand Down