136 lines
4.2 KiB
YAML
136 lines
4.2 KiB
YAML
name: $(TeamProject)_$(BuildDefinitionName)_$(SourceBranchName)_$(Date:yyyyMMdd)$(Rev:.r)
|
|
|
|
trigger:
|
|
# Set batch to true, it means to let system waits to run until current run is completed,
|
|
# Then starts another run with all changes.
|
|
batch: true
|
|
branches:
|
|
include:
|
|
- master
|
|
|
|
# Pull request (PR) triggers
|
|
pr:
|
|
- master
|
|
|
|
pool:
|
|
vmImage: 'windows-latest'
|
|
|
|
variables:
|
|
buildPlatform: 'Any CPU'
|
|
buildConfiguration: 'Release'
|
|
snExe: 'C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools\sn.exe'
|
|
snExe64: 'C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools\x64\sn.exe'
|
|
ProductBinPath: '$(Build.SourcesDirectory)\bin\$(BuildConfiguration)'
|
|
mainDll: 'Microsoft.OpenApi.OData.Reader.dll'
|
|
testDll: 'Microsoft.OpenApi.OData.Reader.Tests.dll'
|
|
skipComponentGovernanceDetection: true
|
|
|
|
steps:
|
|
|
|
- task: UseDotNet@2
|
|
displayName: 'Use .NET 6'
|
|
inputs:
|
|
version: 6.x
|
|
|
|
- task: PoliCheck@1
|
|
displayName: 'Run PoliCheck ".\src"'
|
|
inputs:
|
|
inputType: CmdLine
|
|
cmdLineArgs: '/F:$(Build.SourcesDirectory)/src /T:9 /Sev:"1|2" /PE:2 /O:poli_result_src.xml'
|
|
|
|
- task: PoliCheck@1
|
|
displayName: 'Run PoliCheck ".\test"'
|
|
inputs:
|
|
inputType: CmdLine
|
|
cmdLineArgs: '/F:$(Build.SourcesDirectory)/test /T:9 /Sev:"1|2" /PE:2 /O:poli_result_test.xml'
|
|
|
|
# Install the nuget tooler.
|
|
- task: NuGetToolInstaller@0
|
|
displayName: 'Use NuGet >=5.2.0'
|
|
inputs:
|
|
versionSpec: '>=5.2.0'
|
|
checkLatest: true
|
|
|
|
# Build the Product project
|
|
- task: DotNetCoreCLI@2
|
|
displayName: 'build Microsoft.OpenAPI.OData.Reader.csproj '
|
|
inputs:
|
|
projects: '$(Build.SourcesDirectory)\src\Microsoft.OpenApi.OData.Reader\Microsoft.OpenAPI.OData.Reader.csproj'
|
|
arguments: '--configuration $(BuildConfiguration) --no-incremental'
|
|
|
|
# Build the Unit test project
|
|
- task: DotNetCoreCLI@2
|
|
displayName: 'build Microsoft.OpenAPI.OData.Reader.Tests.csproj'
|
|
inputs:
|
|
projects: '$(Build.SourcesDirectory)\test\Microsoft.OpenAPI.OData.Reader.Tests\Microsoft.OpenApi.OData.Reader.Tests.csproj'
|
|
arguments: '--configuration $(BuildConfiguration) --no-incremental'
|
|
|
|
# because the assemblies are delay-signed, we need to disable
|
|
# strong name validation so that the tests may run,
|
|
# otherwise our assemblies will fail to load
|
|
- task: Powershell@2
|
|
displayName: 'Skip strong name validation'
|
|
inputs:
|
|
targetType: 'inline'
|
|
script: |
|
|
& "$(snExe)" /Vr $(ProductBinPath)\net472\$(mainDll)
|
|
& "$(snExe64)" /Vr $(ProductBinPath)\net472\$(mainDll)
|
|
& "$(snExe)" /Vr $(ProductBinPath)\test\net472\$(testDll)
|
|
& "$(snExe64)" /Vr $(ProductBinPath)\test\net472\$(testDll)
|
|
|
|
# Run the Unit test
|
|
- task: DotNetCoreCLI@2
|
|
displayName: 'Run Microsoft.OpenApi.OData.Reader.Tests.csproj'
|
|
inputs:
|
|
command: test
|
|
projects: '$(Build.SourcesDirectory)\test\Microsoft.OpenAPI.OData.Reader.Tests\Microsoft.OpenApi.OData.Reader.Tests.csproj'
|
|
arguments: '--configuration $(BuildConfiguration) --no-build'
|
|
|
|
|
|
# CredScan
|
|
- task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2
|
|
displayName: 'Run CredScan - Src'
|
|
inputs:
|
|
toolMajorVersion: 'V2'
|
|
scanFolder: '$(Build.SourcesDirectory)\src'
|
|
debugMode: false
|
|
|
|
- task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2
|
|
displayName: 'Run CredScan - Test'
|
|
inputs:
|
|
toolMajorVersion: 'V2'
|
|
scanFolder: '$(Build.SourcesDirectory)\test'
|
|
debugMode: false
|
|
|
|
# Microsoft.CodeAnalysis.FxCopAnalyzers is added into the project.
|
|
# Typically, .NET Standard (.NET Core) project doesn't need the FxCop.
|
|
|
|
# Needn't the AntiMalware@3 task?
|
|
- task: AntiMalware@3
|
|
displayName: 'Run MpCmdRun.exe - ProductBinPath'
|
|
inputs:
|
|
FileDirPath: '$(ProductBinPath)'
|
|
enabled: false
|
|
|
|
- task: BinSkim@3
|
|
displayName: 'Run BinSkim - Product Binaries'
|
|
inputs:
|
|
InputType: Basic
|
|
AnalyzeTarget: '$(ProductBinPath)\**\Microsoft.OpenApi.OData.Reader.dll'
|
|
AnalyzeSymPath: '$(ProductBinPath)'
|
|
AnalyzeVerbose: true
|
|
AnalyzeHashes: true
|
|
AnalyzeEnvironment: true
|
|
|
|
- task: PublishSecurityAnalysisLogs@2
|
|
displayName: 'Publish Security Analysis Logs'
|
|
inputs:
|
|
ArtifactName: SecurityLogs
|
|
|
|
- task: PostAnalysis@1
|
|
displayName: 'Post Analysis'
|
|
inputs:
|
|
BinSkim: true
|
|
CredScan: true
|
|
PoliCheck: true
|