-
Notifications
You must be signed in to change notification settings - Fork 22
Expand file tree
/
Copy pathtask.json
More file actions
125 lines (125 loc) · 4.97 KB
/
task.json
File metadata and controls
125 lines (125 loc) · 4.97 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
{
"id": "8d616517-6390-454f-b369-6fd038d8fe96",
"name": "MicrosoftSecurityDevOps",
"friendlyName": "Microsoft Security DevOps",
"description": "Run the Microsoft Security DevOps CLI for static analysis.",
"helpMarkDown": "Runs the [Microsoft Security DevOps CLI](https://aka.ms/msdo-nuget) for security analysis. Effective September 20th 2023, the Secret Scanning option (CredScan) within Microsoft Security DevOps (MSDO) Extension for Azure DevOps is deprecated. MSDO Secret Scanning is replaced by the [Configure GitHub Advanced Security for Azure DevOps features](https://learn.microsoft.com/en-us/azure/devops/repos/security/configure-github-advanced-security-features#set-up-secret-scanning) offering.",
"category": "Utility",
"visibility": [
"Build"
],
"author": "Microsoft Corporation",
"version": {
"Major": 1,
"Minor": 11,
"Patch": 0
},
"preview": true,
"minimumAgentVersion": "1.83.0",
"groups": [
{
"name": "advanced",
"displayName": "Advanced",
"isExpanded": false
}
],
"inputs": [
{
"name": "command",
"label": "Command",
"type": "pickList",
"required": false,
"helpMarkDown": "The command to run. Default: run",
"default": "run",
"options": {
"run": "Run (Default)",
"pre-job": "Pre-Job",
"post-job": "Post-Job"
}
},
{
"name": "config",
"label": "Config",
"type": "string",
"required": false,
"helpMarkDown": "A file path to an MSDO configuration file (`*.gdnconfig`).",
"defaultValue": ""
},
{
"name": "policy",
"label": "Policy",
"type": "pickList",
"required": false,
"helpMarkDown": "The name of a well known Microsoft policy. If no configuration is provided, the policy may instruct MSDO what tools to run. Default: microsoft",
"defaultValue": "azuredevops",
"options": {
"azuredevops": "azuredevops",
"microsoft": "microsoft",
"none": "none"
}
},
{
"name": "categories",
"label": "Categories",
"type": "string",
"required": false,
"helpMarkDown": "A comma separated list of analyzer categories to run. Values: `secrets`, `code`, `artifacts`, `IaC`, `containers`. Example: `IaC,secrets`. Defaults to all.",
"groupName": "advanced"
},
{
"name": "languages",
"label": "Languages",
"type": "string",
"required": false,
"helpMarkDown": "A comma separated list of languages to analyze. Example: `javascript,typescript`. Defaults to all.",
"groupName": "advanced"
},
{
"name": "tools",
"label": "Tools",
"type": "string",
"required": false,
"helpMarkDown": "A comma separated list of analyzer tools to run. Values: `bandit`, `binskim`, `eslint`, `templateanalyzer`, `terrascan`, `trivy`.",
"groupName": "advanced"
},
{
"name": "break",
"label": "Break",
"type": "boolean",
"required": false,
"helpMarkDown": "If checked, will fail this build step if any error level results are found.",
"defaultValue": "false",
"groupName": "advanced"
},
{
"name": "publish",
"label": "Publish",
"type": "boolean",
"required": false,
"helpMarkDown": "If checked, will publish the output SARIF results file to the chosen pipeline artifact. Default: true",
"defaultValue": "true",
"groupName": "advanced"
},
{
"name": "artifactName",
"label": "Artifact Name",
"type": "string",
"required": false,
"helpMarkDown": "The name of the pipeline artifact to publish the SARIF result file to. Default: CodeAnalysisLogs</br>\"CodeAnalysisLogs\" is required for integration with [Defender for DevOps](https://aka.ms/defender-for-devops).</br>If left as \"CodeAnalysisLogs\", it integrates with the [SARIF Scans Tab](https://marketplace.visualstudio.com/items?itemName=sariftools.scans) viewing experience.",
"defaultValue": "CodeAnalysisLogs",
"groupName": "advanced"
}
],
"instanceNameFormat": "Run Microsoft Defender for DevOps",
"execution": {
"Node16": {
"target": "index.js"
},
"Node10": {
"target": "index.js"
},
"Node": {
"target": "index.js"
}
}
}