From f9738f564b3a360cdb6e17de4f4d761eea94538f Mon Sep 17 00:00:00 2001
From: Alex Soto <alex@alexsoto.me>
Date: Mon, 8 Jun 2020 13:24:55 -0400
Subject: [PATCH] [devops] Add Policheck tool to our pipeline

New commits in xamarin/maccore:

* xamarin/maccore@d2ef9d7ee0 Add PoliCheckExclusions.xml (#2228)

Diff: https://github.com/xamarin/maccore/compare/4bfce648475f8db1d93b8a9f51a69ad0b8b55930..d2ef9d7ee008e1a07a29396c68df33cc4f02de18
---
 mk/xamarin.mk                    |  2 +-
 tools/devops/azure-pipelines.yml | 14 +++++++++++---
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/mk/xamarin.mk b/mk/xamarin.mk
index 8736c060a929..e08ccff8c0ce 100644
--- a/mk/xamarin.mk
+++ b/mk/xamarin.mk
@@ -7,7 +7,7 @@ MONO_BRANCH    := $(shell cd $(MONO_PATH) 2> /dev/null && git symbolic-ref --sho
 endif
 
 ifdef ENABLE_XAMARIN
-NEEDED_MACCORE_VERSION := 4bfce648475f8db1d93b8a9f51a69ad0b8b55930
+NEEDED_MACCORE_VERSION := d2ef9d7ee008e1a07a29396c68df33cc4f02de18
 NEEDED_MACCORE_BRANCH := master
 
 MACCORE_DIRECTORY := maccore
diff --git a/tools/devops/azure-pipelines.yml b/tools/devops/azure-pipelines.yml
index 9deb980634cd..9a99af8ba5b3 100644
--- a/tools/devops/azure-pipelines.yml
+++ b/tools/devops/azure-pipelines.yml
@@ -82,13 +82,21 @@ jobs:
       git clone -b $branch $repo $SYSTEM_DEFAULTWORKINGDIRECTORY/../maccore
     displayName: "Setting up maccore..."
 
-  - task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2
+  - task: CredScan@3
     displayName: "Run CredScan"
     inputs:
-      suppressionsFile: "$(System.DefaultWorkingDirectory)/../maccore/tools/devops/CredScanSuppressions.json"
-      debugMode: false
+      suppressionsFile: '$(System.DefaultWorkingDirectory)/../maccore/tools/devops/CredScanSuppressions.json'
+
+  - task: PoliCheck@1
+    inputs:
+      inputType: 'Basic'
+      targetType: 'F'
+      targetArgument: '$(Build.SourcesDirectory)'
+      result: 'PoliCheck.xml'
+      optionsUEPATH: '$(System.DefaultWorkingDirectory)/../maccore/tools/devops/PoliCheckExclusions.xml'
 
   - task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@1
     displayName: 'Post Analysis'
     inputs:
       CredScan: true
+      PoliCheck: true