-
Notifications
You must be signed in to change notification settings - Fork 341
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Make CodeQL Clean (release/6.0) (#8536)
Resolve remaining CodeQL errors. This also brings in #8247 to get the same template arrangement as the main branch. Co-authored-by: Michelle McDaniel <michelm@microsoft.com> Co-authored-by: Matt Mitchell <mmitche@microsoft.com>
- Loading branch information
1 parent
7215d82
commit 41a914d
Showing
18 changed files
with
112 additions
and
82 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
parameters: | ||
overrideGuardianVersion: '' | ||
executeAllSdlToolsScript: '' | ||
overrideParameters: '' | ||
additionalParameters: '' | ||
publishGuardianDirectoryToPipeline: false | ||
sdlContinueOnError: false | ||
condition: '' | ||
|
||
steps: | ||
- ${{ if ne(parameters.overrideGuardianVersion, '') }}: | ||
- powershell: | | ||
$content = Get-Content $(GuardianPackagesConfigFile) | ||
Write-Host "packages.config content was:`n$content" | ||
$content = $content.Replace('$(DefaultGuardianVersion)', '$(GuardianVersion)') | ||
$content | Set-Content $(GuardianPackagesConfigFile) | ||
Write-Host "packages.config content updated to:`n$content" | ||
displayName: Use overridden Guardian version ${{ parameters.overrideGuardianVersion }} | ||
- task: NuGetToolInstaller@1 | ||
displayName: 'Install NuGet.exe' | ||
|
||
- task: NuGetCommand@2 | ||
displayName: 'Install Guardian' | ||
inputs: | ||
restoreSolution: $(Build.SourcesDirectory)\eng\common\sdl\packages.config | ||
feedsToUse: config | ||
nugetConfigPath: $(Build.SourcesDirectory)\eng\common\sdl\NuGet.config | ||
externalFeedCredentials: GuardianConnect | ||
restoreDirectory: $(Build.SourcesDirectory)\.packages | ||
|
||
- ${{ if ne(parameters.overrideParameters, '') }}: | ||
- powershell: ${{ parameters.executeAllSdlToolsScript }} ${{ parameters.overrideParameters }} | ||
displayName: Execute SDL | ||
continueOnError: ${{ parameters.sdlContinueOnError }} | ||
condition: ${{ parameters.condition }} | ||
|
||
- ${{ if eq(parameters.overrideParameters, '') }}: | ||
- powershell: ${{ parameters.executeAllSdlToolsScript }} | ||
-GuardianPackageName Microsoft.Guardian.Cli.$(GuardianVersion) | ||
-NugetPackageDirectory $(Build.SourcesDirectory)\.packages | ||
-AzureDevOpsAccessToken $(dn-bot-dotnet-build-rw-code-rw) | ||
${{ parameters.additionalParameters }} | ||
displayName: Execute SDL | ||
continueOnError: ${{ parameters.sdlContinueOnError }} | ||
condition: ${{ parameters.condition }} | ||
|
||
- ${{ if ne(parameters.publishGuardianDirectoryToPipeline, 'false') }}: | ||
# We want to publish the Guardian results and configuration for easy diagnosis. However, the | ||
# '.gdn' dir is a mix of configuration, results, extracted dependencies, and Guardian default | ||
# tooling files. Some of these files are large and aren't useful during an investigation, so | ||
# exclude them by simply deleting them before publishing. (As of writing, there is no documented | ||
# way to selectively exclude a dir from the pipeline artifact publish task.) | ||
- task: DeleteFiles@1 | ||
displayName: Delete Guardian dependencies to avoid uploading | ||
inputs: | ||
SourceFolder: $(Agent.BuildDirectory)/.gdn | ||
Contents: | | ||
c | ||
i | ||
condition: succeededOrFailed() | ||
- publish: $(Agent.BuildDirectory)/.gdn | ||
artifact: GuardianConfiguration | ||
displayName: Publish GuardianConfiguration | ||
condition: succeededOrFailed() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
variables: | ||
# The Guardian version specified in 'eng/common/sdl/packages.config'. This value must be kept in | ||
# sync with the packages.config file. | ||
- name: DefaultGuardianVersion | ||
value: 0.110.1 | ||
- name: GuardianPackagesConfigFile | ||
value: $(Build.SourcesDirectory)\eng\common\sdl\packages.config |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters