diff --git a/builds/TSAConfig.gdntsa b/.config/tsaoptions.json similarity index 100% rename from builds/TSAConfig.gdntsa rename to .config/tsaoptions.json diff --git a/.vscode/settings.json b/.vscode/settings.json index 29ee08933..8984440d4 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -8,6 +8,6 @@ "omnisharp.enableEditorConfigSupport": true, "omnisharp.enableRoslynAnalyzers": true, "yaml.schemas": { - "https://raw.githubusercontent.com/microsoft/azure-pipelines-vscode/master/service-schema.json": "builds/azure-pipelines/**/*.yml" - }, -} + "https://raw.githubusercontent.com/microsoft/azure-pipelines-vscode/master/service-schema.json": "builds/azure-pipelines/**/*.yml" + }, +} \ No newline at end of file diff --git a/builds/azure-pipelines/build-release-java.yml b/builds/azure-pipelines/build-release-java.yml index 5a2901dc6..d839fa0eb 100644 --- a/builds/azure-pipelines/build-release-java.yml +++ b/builds/azure-pipelines/build-release-java.yml @@ -1,4 +1,5 @@ steps: + - task: Maven@3 displayName: Build library inputs: @@ -8,19 +9,6 @@ steps: options: --batch-mode --define=org.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn --update-snapshots checkStyleRunAnalysis: true - - task: Semmle@1 - env: - SYSTEM_ACCESSTOKEN: $(System.AccessToken) - inputs: - toolVersion: 'Latest' - sourceCodeDirectory: '$(Build.SourcesDirectory)/java-library' - language: 'java' - buildCommandsString: 'mvn clean package' - querySuite: 'Recommended' - timeout: '1800' - ram: '16384' - addProjectDirToScanningExclusionList: true - - powershell: | $source = 'java-library' $destination = '$(Build.ArtifactStagingDirectory)/java-library' @@ -43,6 +31,4 @@ steps: - publish: $(Build.ArtifactStagingDirectory) displayName: Publish library package - artifact: drop-java-library - - + artifact: drop-java-library \ No newline at end of file diff --git a/builds/azure-pipelines/build-release.yml b/builds/azure-pipelines/build-release.yml index e5c35c6d7..94b7cd9c8 100644 --- a/builds/azure-pipelines/build-release.yml +++ b/builds/azure-pipelines/build-release.yml @@ -30,7 +30,9 @@ variables: nugetVersion: $[replace(replace('True', eq('${{ parameters.ReleaseType }}', 'full'), '$(binariesVersion)'),'True','$(binariesVersion)-preview')] # This will set the preview tag to the version based on the ReleaseType parameter. oopWorkerSupportedExtensionVersion: $[replace(replace('True', eq('${{ parameters.ReleaseType }}', 'full'), '$(binariesVersion)'),'True','$(binariesVersion)-preview')] # This will set the expression to pull the preview vs full version based on the ReleaseType parameter. LGTM.UploadSnapshot: true - Semmle.SkipAnalysis: true + Codeql.Enabled: true + Codeql.TSAEnabled: true + stages: - stage: BuildPublish diff --git a/builds/azure-pipelines/performance.yml b/builds/azure-pipelines/performance.yml index c0c94a3ec..0894e1dc9 100644 --- a/builds/azure-pipelines/performance.yml +++ b/builds/azure-pipelines/performance.yml @@ -15,7 +15,7 @@ variables: serverPassword: '' nodeModulesPath: '' LGTM.UploadSnapshot: true - Semmle.SkipAnalysis: true + Codeql.Enabled: false stages: - stage: BuildPublish diff --git a/builds/azure-pipelines/template-steps-build-test.yml b/builds/azure-pipelines/template-steps-build-test.yml index 764d77e84..ec1c7c6cc 100644 --- a/builds/azure-pipelines/template-steps-build-test.yml +++ b/builds/azure-pipelines/template-steps-build-test.yml @@ -417,7 +417,7 @@ steps: displayName: 'TSA upload to Codebase: Sql Bindings Stamp: TSA' inputs: GdnPublishTsaOnboard: true - GdnPublishTsaConfigFile: '$(Build.SourcesDirectory)\builds\TSAConfig.gdntsa' + GdnPublishTsaConfigFile: '$(Build.SourcesDirectory)\.config\tsaoptions.json' condition: and(succeeded(), eq(variables['Agent.OS'], 'Windows_NT'), eq(variables['TSA_UPLOAD'], 'true')) - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0