Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bug 1374419: Address static analysis requirements for MIEngine #1305

Merged
merged 54 commits into from
Apr 20, 2022
Merged

Bug 1374419: Address static analysis requirements for MIEngine #1305

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
54 commits
Select commit Hold shift + click to select a range
9ef9b83
Template BinSkim
Apr 12, 2022
05c9a61
Sample code BinSkim
Apr 12, 2022
64b07b2
Fix BinSkim artifactName
Apr 12, 2022
322ac0a
Fix BinSkim artifactName
Apr 12, 2022
61c299b
Fix BinSkim artifactName
Apr 12, 2022
509aa21
Use PipelineArtifact instead of BuildArtifact
Apr 13, 2022
2b31a49
Add APIScan
Apr 13, 2022
743a90f
Add softwareVersionNum to APIScan
Apr 13, 2022
4c3a34e
Fix path for APIScan
Apr 13, 2022
49c4ae4
Copy files before APIScan
Apr 13, 2022
97c839b
Copy files before APIScan
Apr 13, 2022
937f9f1
Copy files before APIScan
Apr 13, 2022
a0f289c
Copy files before APIScan
Apr 13, 2022
d45b2ed
Copy files before APIScan
Apr 13, 2022
2dc2a95
Copy files before APIScan - fixing indentation
Apr 13, 2022
1f513a2
Remove APIScan env
Apr 13, 2022
67654e6
Fix APIScan issues
Apr 13, 2022
ca8f5e0
Modify APIScan TenantId
Apr 14, 2022
cc7ea62
Increase APIScan timeout
Apr 14, 2022
33b266b
Modify APIScan TenantId
Apr 14, 2022
09c32c3
Increase timeout
Apr 14, 2022
72a40c2
Add Roslyn analyzers
Apr 14, 2022
41043fc
Roslyn Analyzer
Apr 15, 2022
59ba2b1
Roslyn Analyzer
Apr 15, 2022
0ba2969
Roslyn Analyzer
Apr 15, 2022
5bfd611
Roslyn Analyzer
Apr 15, 2022
c8aede4
Roslyn Analyzer
Apr 15, 2022
44de31d
Roslyn Analyzer
Apr 15, 2022
7cd7ccb
Roslyn Analyzer
Apr 15, 2022
d666351
Roslyn Analyzer
Apr 15, 2022
fa2c426
Roslyn Analyzer
Apr 15, 2022
d4158a9
Roslyn Analyzer
Apr 15, 2022
00d234f
Roslyn Analyzer: Fix NuGet file path
Apr 15, 2022
d7888f3
Roslyn Analyzer
Apr 15, 2022
e65e5a7
Move tasks from Code Analysis to Build
Apr 18, 2022
b9d95ff
Addressed some PR comments
Apr 18, 2022
b50ee04
Addressed PR comments
Apr 18, 2022
cb4c6a5
Checking customRuleset for Roslyn Analyzers
Apr 18, 2022
2f9f489
Stuck on ruleset for Roslyn Analyzers...
Apr 19, 2022
d34fa37
Stuck on ruleset for Roslyn Analyzers...
Apr 19, 2022
65ba487
Stuck on ruleset for Roslyn Analyzers...
Apr 19, 2022
b8654dc
Stuck on ruleset for Roslyn Analyzers...
Apr 19, 2022
03fd64b
Stuck on ruleset for Roslyn Analyzers...
Apr 19, 2022
863aae5
Stuck on ruleset for Roslyn Analyzers...
Apr 19, 2022
43ec270
Stuck on ruleset for Roslyn Analyzers...
Apr 19, 2022
220ecfd
Stuck on ruleset for Roslyn Analyzers...
Apr 19, 2022
86b43b8
Addressing PR comments
Apr 19, 2022
6fb9f4f
Addressing PR comments
Apr 19, 2022
fc5c055
Addressing PR comments
Apr 19, 2022
d863615
Addressing PR comments
Apr 19, 2022
03addc3
Address PR comments
Apr 20, 2022
99ae956
Address PR comments
Apr 20, 2022
499cfd0
Address PR comments
Apr 20, 2022
7b60ba7
Remove extraneous comment
Apr 20, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion eng/pipelines/DebuggerTesting-release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ variables:
- name: TeamName
value: MDDDebugger
jobs:
- template: ./jobs/VSEngSS-MicroBuild2019-1ES.job.yml
- template: ./jobs/VSEngSS-MicroBuild2022-1ES.job.yml
parameters:
DisplayName: DebuggerTesting
JobTemplate:
Expand Down
26 changes: 13 additions & 13 deletions eng/pipelines/MIDebugEngine-CI.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,17 +1,6 @@
---
name: $(Date:yyyMMdd).$(Rev:r)
stages:
- stage: CodeAnalysis
dependsOn: []
jobs:
- template: ./jobs/MSHosted-Windows.job.yml
parameters:
DisplayName: 'CodeAnalysis'
JobTemplate:
- template: ../templates/CodeAnalysis.template.yml
parameters:
Configuration: 'Lab.Debug'

- stage: CI
dependsOn: []
variables:
Expand All @@ -20,19 +9,30 @@ stages:
- name: TeamName
value: MDDDebugger
jobs:
- template: ./jobs/VSEngSS-MicroBuild2019-1ES.job.yml
- template: ./jobs/VSEngSS-MicroBuild2022-1ES.job.yml
parameters:
DisplayName: 'Lab.Debug'
JobTemplate:
- template: ../templates/Build.template.yml
parameters:
Configuration: 'Lab.Debug'

- template: ./jobs/VSEngSS-MicroBuild2019-1ES.job.yml
- template: ./jobs/VSEngSS-MicroBuild2022-1ES.job.yml
parameters:
DisplayName: 'Lab.Release'
JobTemplate:
- template: ../templates/Build.template.yml
parameters:
Configuration: 'Lab.Release'

- stage: CodeAnalysis
dependsOn: [CI]
jobs:
- template: ./jobs/MSHosted-Windows.job.yml
parameters:
DisplayName: 'CodeAnalysis'
JobTemplate:
- template: ../templates/CodeAnalysis.template.yml
parameters:
Configuration: 'Lab.Debug'
...
2 changes: 1 addition & 1 deletion eng/pipelines/VS-release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ name: $(Date:yyyMMdd).$(Rev:r)
variables:
- group: TSDTUSR
jobs:
- template: ./jobs/VSEngSS-MicroBuild2019-1ES.job.yml
- template: ./jobs/VSEngSS-MicroBuild2022-1ES.job.yml
parameters:
DisplayName: 'VS_Release'
JobTemplate:
Expand Down
4 changes: 2 additions & 2 deletions eng/pipelines/VSCode-release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ stages:
- stage: Windows
dependsOn: []
jobs:
- template: ./jobs/VSEngSS-MicroBuild2019-1ES.job.yml
- template: ./jobs/VSEngSS-MicroBuild2022-1ES.job.yml
parameters:
DisplayName: 'VSCode_Release'
JobTemplate:
Expand All @@ -24,7 +24,7 @@ stages:
- stage: OSX_ESRPSign
dependsOn: [OSX_CodeSign]
jobs:
- template: ./jobs/VSEngSS-MicroBuild2019-1ES.job.yml
- template: ./jobs/VSEngSS-MicroBuild2022-1ES.job.yml
parameters:
DisplayName: 'OSX Sign/Harden'
JobTemplate:
Expand Down
1 change: 1 addition & 0 deletions eng/pipelines/jobs/MSHosted-Windows.job.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ parameters:
jobs:
- job:
displayName: ${{ parameters.DisplayName }}
timeoutInMinutes: 360
pool:
vmImage: 'windows-latest'
steps:
Expand Down
2 changes: 1 addition & 1 deletion ...s/jobs/VSEngSS-MicroBuild2019-1ES.job.yml → ...s/jobs/VSEngSS-MicroBuild2022-1ES.job.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ jobs:
- job:
displayName: ${{ parameters.DisplayName }}
pool:
name: VSEngSS-MicroBuild2019-1ES
name: VSEngSS-MicroBuild2022-1ES
demands:
- msbuild
- visualstudio
Expand Down
29 changes: 29 additions & 0 deletions eng/pipelines/steps/APIScan.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
parameters:
FolderToScan: '$(Pipeline.Workspace)\Lab.Release'

steps:
- task: CopyFiles@2
displayName: 'Copy Files to: $(Pipeline.Workspace)\ApiScanFiles'
inputs:
SourceFolder: ${{ parameters.FolderToScan }}
Contents: |
**\*Microsoft@(*.dll|*.pdb|*.exe)
**\*Newtonsoft@(*.dll|*.pdb|*.exe)
**\*OpenDebugAD7@(*.dll|*.pdb|*.exe)
**\*WindowsDebugLauncher@(*.dll|*.pdb|*.exe)
!**\*.resources.dll
TargetFolder: '$(Pipeline.Workspace)\ApiScanFiles'
CleanTargetFolder: true
OverWrite: true

- task: securedevelopmentteam.vss-secure-development-tools.build-task-apiscan.APIScan@2
displayName: 'Run APIScan'
inputs:
softwareFolder: '$(Pipeline.Workspace)\ApiScanFiles'
softwareName: MIEngine
softwareVersionNum: '$(Build.BuildNumber)'
symbolsFolder: 'SRV*http://symweb;$(Pipeline.Workspace)\ApiScanFiles'
isLargeApp: false
continueOnError: true
env:
AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId);TenantId=$(ApiScanTenant);AppKey=$(MIEngineApiScan)
9 changes: 9 additions & 0 deletions eng/pipelines/tasks/BinSkim.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
steps:
- task: securedevelopmentteam.vss-secure-development-tools.build-task-binskim.BinSkim@3
displayName: 'Run BinSkim'
inputs:
InputType: Basic
AnalyzeTarget: '$(Pipeline.Workspace)\**\*.dll;$(Pipeline.Workspace)\**\*.exe'
AnalyzeVerbose: true
AnalyzeHashes: true
AnalyzeEnvironment: true
11 changes: 11 additions & 0 deletions eng/pipelines/tasks/CSharp.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
steps:
- task: securedevelopmentteam.vss-secure-development-tools.build-task-roslynanalyzers.RoslynAnalyzers@3
displayName: 'Run Roslyn Analyzers'
inputs:
continueOnError: true
msBuildVersion: 17.0
msBuildArchitecture: amd64
setupCommandLine: |
"%ProgramFiles%\Microsoft Visual Studio\2022\Enterprise\Common7\Tools\VsMSBuildCmd.bat"
msBuildCommandline: |
msbuild $(Build.SourcesDirectory)\src\MIDebugEngine.sln /p:Platform="Any CPU" /p:Configuration="Release"
2 changes: 2 additions & 0 deletions eng/pipelines/templates/Build.template.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ steps:
parameters:
Configuration: ${{ parameters.Configuration }}

- template: ../tasks/CSharp.yml

# Used for localization
- template: ../steps/CollectAndPublishBinaries.yml
parameters:
Expand Down
12 changes: 12 additions & 0 deletions eng/pipelines/templates/CodeAnalysis.template.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,18 @@ steps:

- template: ../tasks/CredScan.yml

- task: DownloadPipelineArtifact@2
displayName: Download Pipeline Artifact
inputs:
source: "current"
path: "$(Pipeline.Workspace)"

- template: ../steps/APIScan.yml
parameters:
FolderToScan: $(Pipeline.Workspace)\Lab.Release

- template: ../tasks/BinSkim.yml

- template: ../tasks/PoliCheck.yml

- template: ../tasks/SdtReport.yml
Expand Down