TailwindTraders/tailwindtraders-codescanning.yml at master · akshay-online/TailwindTraders · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
trigger:
- main

variables:
  resource-group: "ghazdo-workshops"
  BuildConfiguration: "Release"
  BuildPlatform: "any cpu"
  Parameters.RestoreBuildProjects: "**/*.csproj"
  Parameters.TestProjects: "**/*[Tt]ests/*.csproj"
  webapp_name: tailwind-github-demo
  advancedsecurity.submittoadvancedsecurity: true

pool:
  vmImage: windows-latest

stages:
- stage: 'AdvancedSecurityScan'
  displayName: 'Advanced Security'
  jobs:
  - job:
    displayName: 'Advanced Security Scanning'
    steps:

    # Setup Node.js environment
    - task: NodeTool@0
      displayName: 'Use Node 10.16.3'
      inputs:
        versionSpec: 10.16.3

    # Initializes the CodeQL tools for scanning.
    - task: AdvancedSecurity-Codeql-Init@1
      inputs:
        languages: 'csharp'
        querysuite: 'code-scanning'
    - task: AdvancedSecurity-Codeql-Autobuild@1
    - task: AdvancedSecurity-Codeql-Analyze@1
    - task: AdvancedSecurity-Dependency-Scanning@1
    - task: AdvancedSecurity-Publish@1

    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).

    # Performs CodeQL Analysis

    # Publish Results to Advance Security Dashboard