Skip to content

Add SecurityTools (CredScan, BinSkim, PoliCheck) to PR builds in ADO #9035

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 34 commits into from
May 1, 2019
Merged

Add SecurityTools (CredScan, BinSkim, PoliCheck) to PR builds in ADO #9035

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
34 commits
Select commit Hold shift + click to select a range
4894222
Added release build job.
MiYanni Apr 9, 2019
2a94ba7
Initial attempt at release process.
MiYanni Apr 9, 2019
e910017
Update release pipeline to (hopefully) work.
MiYanni Apr 9, 2019
7a862e7
Merge branch 'master' into ado-v2-release
MiYanni Apr 9, 2019
9142477
Changed condition for certain processes to use Release configuration …
MiYanni Apr 10, 2019
f8d1372
Space fix
MiYanni Apr 11, 2019
246c04f
Removed release yaml since it is not used to do releases.
MiYanni Apr 11, 2019
c7531d2
Merge branch 'master' into ado-v2-release
MiYanni Apr 11, 2019
8cd180d
Added package config for getting security tools.
MiYanni Apr 13, 2019
ab54daf
Merge branch 'master' into ado-v2-release
MiYanni Apr 13, 2019
3112aa7
Merge branch 'ado-v2-release' into securitytools-changes
MiYanni Apr 13, 2019
1b12d25
Updated packages config for SecurityTools. Added nuget config for Sec…
MiYanni Apr 13, 2019
3d14471
Apparently, the names need to be in a specific format.
MiYanni Apr 13, 2019
5a6158f
Added PoliCheck list of file extensions.
MiYanni Apr 15, 2019
7db9822
Added CredScan suppressions for non-test files.
MiYanni Apr 16, 2019
eba02f3
Trying back slashes for suppressions.
MiYanni Apr 16, 2019
ef9d894
Fixed suppressions files to have correct paths and removal of duplica…
MiYanni Apr 17, 2019
f6bc4b1
Added verified suppressions (or adjusted code) for CredScan.
MiYanni Apr 18, 2019
e188450
Added missing suppression.
MiYanni Apr 18, 2019
a67dc44
Added scripts for running security tools. Added security tools tasks …
MiYanni Apr 18, 2019
b61428f
Removed travis yml.
MiYanni Apr 18, 2019
a991036
Change to retrigger CI.
MiYanni Apr 18, 2019
c2857c1
Cannot download the SecurityTools from the nuget feed. Attempting to …
MiYanni Apr 18, 2019
89405cd
Changed package info to correct GUIDs.
MiYanni Apr 19, 2019
cbe183a
Changed feed for accessing tools.
MiYanni Apr 19, 2019
9fa3aad
Removed CredScan and PoliCheck scripts and tasks from yml.
MiYanni Apr 26, 2019
e728ea6
Test file to retrigger CI
MiYanni Apr 26, 2019
91711cc
Changed folder from SecurityToolsScripts to SecurityTools.
MiYanni Apr 26, 2019
adc4506
Removed legacy security tools scripts. Moved security tools assets to…
MiYanni Apr 26, 2019
7a97c79
Removed unused suppressions file. Additional suppression for BinSkim.
MiYanni Apr 26, 2019
3f22cf5
Updated BinSkim script path.
MiYanni Apr 26, 2019
299d85d
Merge branch 'master' into securitytools-changes
MiYanni Apr 26, 2019
54dfed1
Added suppression for generated test resource group.
MiYanni Apr 26, 2019
b2bf167
Removed temp file from CI testing.
MiYanni Apr 27, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 30 additions & 0 deletions .azure-pipelines/windows-powershell.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,36 @@ jobs:
testFramework: ${{ variables.TestFramework }}
configuration: ${{ variables.Configuration }}

- job: Analyze
displayName: Analyze
dependsOn: Build
condition: succeeded()
pool:
vmImage: ${{ variables.WindowsImage }}

steps:
- template: util/analyze-steps.yml
parameters:
osName: ${{ variables.WindowsName }}
configuration: ${{ variables.Configuration }}
- task: PowerShell@2
displayName: 'Cleanup Build'
inputs:
targetType: filePath
filePath: tools/CleanupBuild.ps1
pwsh: true
- task: NuGetCommand@2
displayName: 'Download BinSkim'
inputs:
command: custom
arguments: 'install Microsoft.CodeAnalysis.BinSkim -OutputDirectory $(System.DefaultWorkingDirectory)/tools/SecurityTools'
- task: PowerShell@2
displayName: 'Run BinSkim'
inputs:
targetType: filePath
filePath: tools/SecurityTools/RunBinSkim.ps1
pwsh: true

- job: Test
displayName: Test
dependsOn: Build
Expand Down
3 changes: 0 additions & 3 deletions src/HDInsight/HDInsight.Test/UnitTests/DataLakeStoreTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,9 +29,6 @@ namespace Commands.HDInsight.Test.UnitTests
public class DataLakeStoreTests : HDInsightTestBase
{
private NewAzureHDInsightClusterCommand cmdlet;
private const string StorageName = "dummystorage.blob.core.windows.net";
private const string StorageKey = "O9EQvp3A3AjXq/W27rst1GQfLllhp01qlJMJfSU1hVW2K42gUeiUUn2D8zX2lU3taiXSSfqkZlcPv+nQcYYwUx==";
private const int ClusterSize = 4;
Copy link
Contributor Author

@MiYanni MiYanni Apr 27, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These variables were unused in this class and were flagged by CredScan. Made more sense to remove unused creds than to suppress them.

private Guid ObjectId = new Guid("11111111-1111-1111-1111-111111111111");
private Guid AadTenantId = new Guid("11111111-1111-1111-1111-111111111111");
private string Certificate = "";
Expand Down
39 changes: 0 additions & 39 deletions tools/CheckBinScope.ps1
View file
Open in desktop

This file was deleted.

55 changes: 0 additions & 55 deletions tools/CheckCredScan.ps1
View file
Open in desktop

This file was deleted.

27 changes: 0 additions & 27 deletions tools/CheckPoliCheck.ps1
View file
Open in desktop

This file was deleted.

Loading