mirror of
https://github.com/Microsoft/calculator.git
synced 2025-08-21 13:53:11 -07:00
replace the manual prefast with policheck (#2350)
Some checks are pending
Windows Calculator Continuous Integration Pipeline / Define builds (push) Waiting to run
Windows Calculator Continuous Integration Pipeline / Build (push) Blocked by required conditions
Windows Calculator Continuous Integration Pipeline / Run unit tests (push) Blocked by required conditions
Windows Calculator Continuous Integration Pipeline / Run UI tests (x64) (push) Blocked by required conditions
Some checks are pending
Windows Calculator Continuous Integration Pipeline / Define builds (push) Waiting to run
Windows Calculator Continuous Integration Pipeline / Build (push) Blocked by required conditions
Windows Calculator Continuous Integration Pipeline / Run unit tests (push) Blocked by required conditions
Windows Calculator Continuous Integration Pipeline / Run UI tests (x64) (push) Blocked by required conditions
This commit is contained in:
Tian L.
GitHub
parent
0e6d669352
commit
3b62a1856d
7 changed files with 12 additions and 439 deletions
5
build/config/PoliCheckExclusions.xml
Normal file
5
build/config/PoliCheckExclusions.xml
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
<?xml version="1.0" encoding="utf-8" ?>
|
||||
<PoliCheckExclusions>
|
||||
<!-- Skip app and PDP localization folders except the en-US one -->
|
||||
<Exclusion Type="FolderPathFull">AF-ZA|AM-ET|AR-SA|AS-IN|AZ-LATN-AZ|BG-BG|BN-IN|BS-LATN-BA|CA-ES|CA-ES-VALENCIA|CS-CZ|CY-GB|DA-DK|DE-DE|EL-GR|EN-GB|ES-ES|ES-MX|ET-EE|EU-ES|FA-IR|FI-FI|FIL-PH|FR-CA|FR-FR|GA-IE|GD-GB|GL-ES|GU-IN|HE-IL|HI-IN|HR-HR|HU-HU|HY-AM|ID-ID|IS-IS|IT-IT|JA-JP|KA-GE|KK-KZ|KM-KH|KN-IN|KO-KR|KOK-IN|LB-LU|LO-LA|LT-LT|LV-LV|MI-NZ|MK-MK|ML-IN|MR-IN|MS-MY|MT-MT|NB-NO|NE-NP|NL-NL|NN-NO|OR-IN|PA-IN|PL-PL|PT-BR|PT-PT|QUZ-PE|RO-RO|RU-RU|SK-SK|SL-SI|SQ-AL|SR-CYRL-BA|SR-CYRL-RS|SR-LATN-RS|SV-SE|TA-IN|TE-IN|TH-TH|TR-TR|TT-RU|UG-CN|UK-UA|UR-PK|UZ-LATN-UZ|VI-VN|ZH-CN|ZH-TW</Exclusion>
|
||||
</PoliCheckExclusions>
|
||||
|
|
@ -26,6 +26,10 @@ extends:
|
|||
name: EssentialExperiences-windows-2022
|
||||
image: MMSWindows2022-Secure
|
||||
os: windows
|
||||
sdl:
|
||||
policheck:
|
||||
enabled: true
|
||||
exclusionsFile: '$(Build.SourcesDirectory)\build\config\PoliCheckExclusions.xml'
|
||||
|
||||
stages:
|
||||
- stage:
|
||||
|
|
|
|||
|
|
@ -1,77 +0,0 @@
|
|||
#
|
||||
# Continuous Integration (CI)
|
||||
# This pipeline builds and validate the app for all supported architectures, in a public
|
||||
# configuration. If the build was queued to validate a pull request, we build and test only x64.
|
||||
#
|
||||
|
||||
trigger:
|
||||
- main
|
||||
- release/*
|
||||
- feature/*
|
||||
pr:
|
||||
- main
|
||||
- release/*
|
||||
- feature/*
|
||||
|
||||
name: 0.$(Date:yyMM).$(DayOfMonth)$(Rev:rr).0
|
||||
|
||||
resources:
|
||||
repositories:
|
||||
- repository: 1esPipelines
|
||||
type: git
|
||||
name: 1ESPipelineTemplates/1ESPipelineTemplates
|
||||
ref: refs/tags/release
|
||||
|
||||
extends:
|
||||
template: v1/1ES.Unofficial.PipelineTemplate.yml@1esPipelines
|
||||
parameters:
|
||||
pool:
|
||||
name: EssentialExperiencesOpenSource-windows-2022
|
||||
image: MMSWindows2022-Secure
|
||||
os: windows
|
||||
|
||||
sdl:
|
||||
binskim:
|
||||
enabled: false
|
||||
|
||||
stages:
|
||||
- stage: Calculator
|
||||
jobs:
|
||||
- template: /build/pipelines/templates/build-single-architecture.yaml@self
|
||||
parameters:
|
||||
platform: x64
|
||||
isOSSBuild: true
|
||||
|
||||
- template: /build/pipelines/templates/build-single-architecture.yaml@self
|
||||
parameters:
|
||||
platform: x86
|
||||
condition: not(eq(variables['Build.Reason'], 'PullRequest'))
|
||||
isOSSBuild: true
|
||||
|
||||
- template: /build/pipelines/templates/build-single-architecture.yaml@self
|
||||
parameters:
|
||||
platform: ARM
|
||||
condition: not(eq(variables['Build.Reason'], 'PullRequest'))
|
||||
isOSSBuild: true
|
||||
|
||||
- template: /build/pipelines/templates/build-single-architecture.yaml@self
|
||||
parameters:
|
||||
platform: ARM64
|
||||
condition: not(eq(variables['Build.Reason'], 'PullRequest'))
|
||||
isOSSBuild: true
|
||||
|
||||
- template: /build/pipelines/templates/run-ui-tests.yaml@self
|
||||
parameters:
|
||||
platform: x64
|
||||
isOSSBuild: true
|
||||
runsettingsFileName: CalculatorUITests.ci.runsettings
|
||||
|
||||
- template: /build/pipelines/templates/run-unit-tests.yaml@self
|
||||
parameters:
|
||||
platform: x64
|
||||
|
||||
- template: /build/pipelines/templates/run-unit-tests.yaml@self
|
||||
parameters:
|
||||
platform: x86
|
||||
|
||||
- template: /build/pipelines/templates/package-msixbundle.yaml@self
|
||||
|
|
@ -58,6 +58,9 @@ extends:
|
|||
allTools: true
|
||||
codeql:
|
||||
tsaEnabled: true
|
||||
policheck:
|
||||
enabled: true
|
||||
exclusionsFile: '$(Build.SourcesDirectory)\build\config\PoliCheckExclusions.xml'
|
||||
|
||||
stages:
|
||||
- stage: Calculator
|
||||
|
|
@ -89,8 +92,6 @@ extends:
|
|||
useReleaseAppxmanifest: true
|
||||
condition: not(eq(variables['Build.Reason'], 'PullRequest'))
|
||||
|
||||
- template: /build/pipelines/templates/run-compliance-checks.yaml@self
|
||||
|
||||
- template: /build/pipelines/templates/run-ui-tests.yaml@self
|
||||
parameters:
|
||||
platform: x64
|
||||
|
|
|
|||
|
|
@ -32,9 +32,6 @@ jobs:
|
|||
sdl:
|
||||
binskim:
|
||||
analyzeTargetGlob: +:f|$(Agent.BuildDirectory)\binskim\**\*
|
||||
prefast:
|
||||
enable: true
|
||||
|
||||
outputs:
|
||||
- output: pipelineArtifact
|
||||
displayName: Publish drop artifact
|
||||
|
|
|
|||
|
|
@ -1,47 +0,0 @@
|
|||
jobs:
|
||||
- job: ComplianceChecks
|
||||
displayName: Run compliance checks
|
||||
timeoutInMinutes: 60
|
||||
pool:
|
||||
name: EssentialExperiences-windows-2022
|
||||
steps:
|
||||
- checkout: self
|
||||
|
||||
- task: UniversalPackages@0
|
||||
displayName: Download internals package
|
||||
inputs:
|
||||
command: download
|
||||
downloadDirectory: $(Build.SourcesDirectory)
|
||||
vstsFeed: WindowsInboxApps
|
||||
vstsFeedPackage: calculator-internals
|
||||
vstsPackageVersion: 0.0.117
|
||||
|
||||
- task: NuGetToolInstaller@0
|
||||
displayName: Use NuGet 6.x
|
||||
inputs:
|
||||
versionSpec: 6.x
|
||||
|
||||
- task: NuGetCommand@2
|
||||
displayName: NuGet restore src/Calculator.sln
|
||||
inputs:
|
||||
command: custom
|
||||
arguments: restore src/Calculator.sln -Verbosity Detailed -NonInteractive
|
||||
|
||||
- task: PowerShell@2
|
||||
displayName: Set version number in AppxManifest
|
||||
inputs:
|
||||
filePath: $(Build.SourcesDirectory)\build\scripts\UpdateAppxManifestVersion.ps1
|
||||
arguments: '-AppxManifest $(Build.SourcesDirectory)\src\Calculator\Package.appxmanifest -Version $(Build.BuildNumber)'
|
||||
|
||||
- task: securedevelopmentteam.vss-secure-development-tools.build-task-prefast.SDLNativeRules@3
|
||||
displayName: 'Run the PREfast SDL Native Rules'
|
||||
inputs:
|
||||
userProvideBuildInfo: msBuildInfo
|
||||
setupCommandlines: '"%ProgramFiles%\Microsoft Visual Studio\2022\Enterprise\Common7\Tools\VsMSBuildCmd.bat"'
|
||||
msBuildArchitecture: 'amd64'
|
||||
msBuildCommandline: 'msbuild.exe $(Build.SourcesDirectory)\src\Calculator.sln /p:AppVersion=$(Build.BuildNumber) /p:OutDir=$(Build.BinariesDirectory)\ /p:Configuration=Release /p:Platform=x64 /m /p:IsStoreBuild=true'
|
||||
rulesetName: Custom
|
||||
customRuleset: $(Build.SourcesDirectory)\.config\tvs.ruleset
|
||||
|
||||
- task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@3
|
||||
displayName: 'Publish Guardian Artifacts'
|
||||
Loading…
Add table
Add a link
Reference in a new issue