forked from PowerShell/Compliance
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathassembly-module-compliance.yml
64 lines (53 loc) · 1.71 KB
/
assembly-module-compliance.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
parameters:
# apiscan
softwareFolder: ''
softwareName: ''
softwareVersion: ''
# binskim
AnalyzeTarget: ''
AnalyzeSymPath: 'SRV*'
# component-governance
sourceScanPath: '$(Build.SourcesDirectory)'
# credscan
suppressionsFile: ''
# TermCheck
optionsRulesDBPath: ''
optionsFTPath: ''
# tsa-upload
codeBaseName: ''
# selections
APIScan: true # set to false when not using Windows APIs.
steps:
- template: template-compliance/apiscan.yml
parameters:
softwareFolder: ${{ parameters.softwareFolder }}
softwareName: ${{ parameters.softwareName }}
softwareVersion: ${{ parameters.softwareVersion }}
APIScanEnable: ${{ parameters.APIScan }}
- template: template-compliance/auto-applicability.yml
- template: template-compliance/binskim.yml
parameters:
AnalyzeTarget: ${{ parameters.AnalyzeTarget }}
AnalyzeSymPath: ${{ parameters.AnalyzeSymPath }}
- template: template-compliance/component-governance.yml
parameters:
sourceScanPath: ${{ parameters.sourceScanPath }}
- template: template-compliance/credscan.yml
parameters:
suppressionsFile: ${{ parameters.suppressionsFile }}
- template: template-compliance/defender.yml
- template: template-compliance/TermCheck.yml
parameters:
optionsRulesDBPath: ${{ parameters.optionsRulesDBPath }}
optionsFTPath: ${{ parameters.optionsFTPath }}
- template: template-compliance/vulnerability-assessment.yml
- template: template-compliance/publish-security-logs.yml
- template: template-compliance/tsa-upload.yml
parameters:
codeBaseName: ${{ parameters.codeBaseName }}
- template: template-compliance/sdtreport.yml
parameters:
APIScan: ${{ parameters.APIScan }}
BinSkim: true
CredScan: true
TermCheck: true