mirror of
https://github.com/saymrwulf/onnxruntime.git
synced 2026-06-15 01:23:42 +00:00
58 lines
No EOL
2.2 KiB
YAML
58 lines
No EOL
2.2 KiB
YAML
parameters:
|
|
- name: msbuildPlatform
|
|
displayName: msbuildPlatform
|
|
type: string
|
|
default: x64
|
|
|
|
steps:
|
|
- task: CredScan@2
|
|
displayName: 'Run CredScan'
|
|
inputs:
|
|
toolMajorVersion: V2
|
|
debugMode: false
|
|
continueOnError: true
|
|
|
|
- task: BinSkim@3
|
|
displayName: 'Run BinSkim'
|
|
inputs:
|
|
arguments: 'analyze $(Build.BinariesDirectory)\RelWithDebInfo\RelWithDebInfo\*.dll --recurse --verbose'
|
|
continueOnError: true
|
|
|
|
- task: DeleteFiles@1
|
|
displayName: 'Delete files from $(Build.BinariesDirectory)\RelWithDebInfo'
|
|
inputs:
|
|
SourceFolder: '$(Build.BinariesDirectory)\RelWithDebInfo'
|
|
Contents: |
|
|
**/*.obj
|
|
**/*.pdb
|
|
**/*.dll
|
|
|
|
#Manually set msBuildCommandline so that we can also set CAExcludePath
|
|
- task: securedevelopmentteam.vss-secure-development-tools.build-task-prefast.SDLNativeRules@2
|
|
displayName: 'Run the PREfast SDL Native Rules for MSBuild'
|
|
inputs:
|
|
userProvideBuildInfo: msBuildInfo
|
|
msBuildVersion: 16.0
|
|
msBuildArchitecture: x64
|
|
msBuildCommandline: '"C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\MSBuild\Current\Bin\amd64\msbuild.exe" "$(Build.BinariesDirectory)\RelWithDebInfo\onnxruntime.sln" /p:platform="${{parameters.msbuildPlatform}}" /p:configuration="RelWithDebInfo" /p:CAExcludePath="$(Build.BinariesDirectory);$(Build.SourcesDirectory)\cmake;C:\program files (x86)" /p:VisualStudioVersion="16.0" /m /p:PreferredToolArchitecture=x64'
|
|
continueOnError: true
|
|
|
|
- task: securedevelopmentteam.vss-secure-development-tools.build-task-report.SdtReport@1
|
|
displayName: 'Create Security Analysis Report'
|
|
inputs:
|
|
BinSkim: true
|
|
BinSkimBreakOn: WarningAbove
|
|
CredScan: true
|
|
SDLNativeRules: true
|
|
|
|
- task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@2
|
|
displayName: 'Publish Security Analysis Logs'
|
|
continueOnError: true
|
|
|
|
- task: securedevelopmentteam.vss-secure-development-tools.build-task-uploadtotsa.TSAUpload@1
|
|
condition: and (succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/main'))
|
|
displayName: 'TSA Upload'
|
|
inputs:
|
|
tsaVersion: TsaV2
|
|
codeBaseName: 'onnxruntime_master'
|
|
continueOnError: true |