forked from ShiftLeftSecurity/shiftleft-csharp-demo
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathazure-pipelines.yml
More file actions
53 lines (43 loc) · 2.28 KB
/
azure-pipelines.yml
File metadata and controls
53 lines (43 loc) · 2.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
# ASP.NET Core (.NET Framework)
# Build and test ASP.NET Core projects targeting the full .NET Framework.
# Add steps that publish symbols, save build artifacts, and more:
# https://docs.microsoft.com/azure/devops/pipelines/languages/dotnet-core
trigger:
- master
pool:
vmImage: 'windows-latest'
variables:
group: shiftleft-token
solution: '**/*.sln'
buildPlatform: 'Any CPU'
buildConfiguration: 'Release'
steps:
- task: NuGetToolInstaller@1
- task: NuGetCommand@2
inputs:
restoreSolution: '$(solution)'
- task: VSBuild@1
inputs:
solution: '$(solution)'
msbuildArgs: '/p:DeployOnBuild=true /p:WebPublishMethod=Package /p:PackageAsSingleFile=true /p:SkipInvalidConfigurations=true /p:DesktopBuildPackageLocation="$(build.artifactStagingDirectory)\WebApp.zip" /p:DeployIisAppPath="Default Web Site"'
platform: '$(buildPlatform)'
configuration: '$(buildConfiguration)'
- task: VSTest@2
inputs:
platform: '$(buildPlatform)'
configuration: '$(buildConfiguration)'
- task: PowerShell@2
displayName: Download ShiftLeft cli
inputs:
targetType: 'inline'
script: |
Invoke-WebRequest -Uri 'https://cdn.shiftleft.io/download/sl-latest-windows-x64.zip' -OutFile $(Agent.HomeDirectory)\sl.zip
Expand-Archive -Path $(Agent.HomeDirectory)\sl.zip -DestinationPath $(Agent.HomeDirectory)\
- task: CmdLine@2
displayName: Analyze with NG SAST
inputs:
script: |
$(Agent.HomeDirectory)\sl.exe analyze --force --app ShiftLeftJavaAzWin --tag branch=$(Build.SourceBranchName) --csharp --cpg --dotnet [shiftleft-chuck/shiftleft-csharp-demo/netcoreWebapi/netcoreWebapi.csproj]
workingDirectory: '$(Build.SourcesDirectory)'
env:
SHIFTLEFT_ACCESS_TOKEN: eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJhcGl2NCIsImlhdCI6MTY0ODU4NTIyMCwiaXNzIjoiU2hpZnRMZWZ0Iiwib3JnSUQiOiJlNmM3NGUxOC1kZmMyLTRhM2QtYmQ3YS0zNTJhMmU2YTA0NTYiLCJ0b2tlbklEIjoiZTg0OTVjNDEtMGQyZi00NDU1LThkMzEtZTNhZTMzMmFhYjNjIiwic2NvcGVzIjpbImV4dGVuZGVkIl19.VBqewhH4e5H3pAr3jb8r7HSc_fGKL0A2B2XdWllKUEMWw4eqjUlW2g5j5zVTmSKdLReP9FNFfGTM-L5CE98Nis2P5FiMkQ0WPwa1JwuL5DLEPmovIDEiSYUzg7gnJ9Il0-1UxoGNhecmxt74o0_BWs3_2r_U_y9dpjTt5fAIZWNFuwAfAGcSo2YwqJf-9V9zQIRm_T80hE6V_CoTjkrl63qunXF6DAdR7f92jw2lC8Mqab_znMQSrR6AaFCM5ErupnR66kBrrBK9TNWwXm5y0GVsGNs30lJjzDNHbuLESb-DSrhmZ15tPSFN5MNBZKU_U_cTjaH-T19CK8GRiIu9QQ