saymrwulf/onnxruntime
1
0
Fork 0
mirror of https://github.com/saymrwulf/onnxruntime.git synced 2026-06-01 23:30:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
onnxruntime/tools/ci_build/github/azure-pipelines/templates/compliance.yml
Changming Sun 9b755dce9f
Delete all Prefast tasks (#17522) 
### Description
Delete all Prefast tasks because the new VS 17.7 version crashes every
time when we run the task on our CI build servers. However, we cannot
reproduce it locally. And this problem blocks us installing security
patches to our CI build machines.

Will use [CodeQL](https://codeql.github.com/) instead. 

### Motivation and Context
Address some security alerts.
2023-09-12 17:40:49 -07:00

36 lines
936 B
YAML
Raw Blame History

parameters:
- name: msbuildPlatform
displayName: msbuildPlatform
type: string
default: x64
steps:
- task: CredScan@2
displayName: 'Run CredScan'
inputs:
toolMajorVersion: V2
debugMode: false
continueOnError: true
- task: BinSkim@4
displayName: 'Run BinSkim'
inputs:
AnalyzeTargetGlob: '+:file|$(Build.ArtifactStagingDirectory)\**\*.dll;-:file|$(Build.ArtifactStagingDirectory)\**\DirectML.dll'
continueOnError: true
- task: SdtReport@2
displayName: 'Create Security Analysis Report'
inputs:
SDLNativeRules: true
- task: PublishSecurityAnalysisLogs@3
displayName: 'Publish Security Analysis Logs'
continueOnError: true
- task: TSAUpload@2
displayName: 'TSA upload'
condition: and (succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/main'))
inputs:
GdnPublishTsaOnboard: false
GdnPublishTsaConfigFile: '$(Build.sourcesDirectory)\.gdn\.gdntsa'
continueOnError: true
Reference in a new issue View git blame Copy permalink