Sync tools folder from main branch to generation branch (#25439)

Co-authored-by: azurepowershell <[email protected]>
Azure · Jul 4, 2024 · 4914639 · 4914639
1 parent 21a6cb1
commit 4914639
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 6 deletions.
diff --git a/.azure-pipelines/security-tools.yml b/.azure-pipelines/security-tools.yml
@@ -53,7 +53,6 @@ jobs:
       outputFormat: sarif
       scanFolder: SecurityTmp
       suppressionsFile: tools/SecurityTools/CredScanSuppressions.json
-
   - task: PowerShell@2
     displayName: Generate a response text file for BinSkim
     inputs:
@@ -88,3 +87,19 @@ jobs:
     inputs:
       artifactName: artifacts
       targetPath: artifacts
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@3
+    # see https://eng.ms/docs/microsoft-security/microsoft-threat-protection-mtp/cloud-and-enterprise-security-cesec/security-integration/guardian-wiki/sdl-azdo-extension/publish-security-analysis-logs
+    displayName: 'Publish Security Analysis Logs'
+    inputs:
+      ArtifactName: CodeAnalysisLogs
+      ArtifactType: Container
+      PublishProcessedResults: false
+      AllTools: true
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@2
+    # see https://eng.ms/docs/microsoft-security/microsoft-threat-protection-mtp/cloud-and-enterprise-security-cesec/security-integration/guardian-wiki/sdl-azdo-extension/secure-development-tools-extension-for-azure-devops#post-analysis-build-break:~:text=To%20introduce%20a%20build%20break
+    displayName: Analyze Results (may block build)
+    inputs:
+      GdnBreakAllTools: false
+      GdnBreakGdnToolBinSkim: true
+      GdnBreakGdnToolCredScan: true
+      GdnBreakGdnToolPoliCheck: true
diff --git a/.azure-pipelines/util/live-test-steps.yml b/.azure-pipelines/util/live-test-steps.yml
@@ -70,8 +70,9 @@ jobs:
       definition: $(SignPipelineDefinitionId)
       buildVersionToDownload: 'latestFromBranch'
       branchName: 'refs/heads/internal/release'
-      artifactName: 'artifacts'
+      artifactName: $(ArtifactName)
       targetPath: $(Pipeline.Workspace)
+      itemPattern: '**/artifacts/**'
 
   - task: DownloadPipelineArtifact@2
     condition: and(succeeded(), ne(variables['skipLatest'], 'true'), eq(variables['GalleryName'], 'Sign'), ne(variables['PipelineBuildId'], ''))
@@ -82,9 +83,9 @@ jobs:
       definition: $(SignPipelineDefinitionId)
       buildVersionToDownload: 'specific'
       pipelineId: $(PipelineBuildId)
-      artifactName: 'artifacts'
+      artifactName: $(ArtifactName)
       targetPath: $(Pipeline.Workspace)
-
+      itemPattern: '**/artifacts/**'
   - task: PowerShell@2
     condition: and(succeeded(), ne(variables['skipLatest'], 'true'), ne(variables['GalleryName'], 'PSGallery'))
     displayName: Copy artifacts to local repository
@@ -93,7 +94,7 @@ jobs:
       targetType: inline
       script: |
         $azPackagesDir = New-Item -Name AzPreviewPackages -Path $(DataLocation) -ItemType Directory -Force
-        $azPackagesFiles = Join-Path -Path $(Pipeline.Workspace) -ChildPath *.nupkg
+        $azPackagesFiles =  Get-ChildItem -Path "$(Pipeline.Workspace)" -Recurse -Filter "*.nupkg" 
         Move-Item -Path $azPackagesFiles -Destination $azPackagesDir
         Get-ChildItem -LiteralPath $azPackagesDir
 

diff --git a/.azure-pipelines/util/smoke-test-steps.yml b/.azure-pipelines/util/smoke-test-steps.yml
@@ -54,6 +54,7 @@ jobs:
       buildVersionToDownload: 'latest'
       artifactName: $(ArtifactName)
       targetPath: $(Pipeline.Workspace)
+      itemPattern: '**/artifacts/**'
 
   - task: DownloadPipelineArtifact@2
     condition: and(succeeded(), eq(variables['GalleryName'], 'LocalRepo'), ne(variables['PipelineId'], ''))
@@ -66,6 +67,7 @@ jobs:
       pipelineId: $(PipelineId)
       artifactName: '$(ArtifactName)'
       targetPath: '$(Pipeline.Workspace)'
+      itemPattern: '**/artifacts/**'
 
   - task: PowerShell@2
     condition: and(succeeded(), eq(variables['GalleryName'], 'LocalRepo'))
@@ -74,7 +76,8 @@ jobs:
       targetType: 'inline'
       script: |
        New-Item -Path "$(Pipeline.Workspace)" -Name "LocalRepo" -ItemType "directory"
-       Copy-Item -Path "$(Pipeline.Workspace)\\*.nupkg" -Destination "$(Pipeline.Workspace)\\LocalRepo\\"
+       $fileList = Get-ChildItem -Path "$(Pipeline.Workspace)" -Recurse -Filter "*.nupkg" 
+       $fileList | ForEach-Object { Copy-Item -Path $_.FullName -Destination "$(Pipeline.Workspace)\LocalRepo\" -Force }
        Write-Host "List artifacts..."
        Get-ChildItem "$(Pipeline.Workspace)\\LocalRepo\\"