User/masudars/cg pipeline migration to 1 es pipeline (#123623)

* [WinGet-Pkgs] WinGet-Pkgs cg-pipeline.yaml migration to 1ESPipeline

This PR migrates the following  WinGet-Pkgs cg-pipeline pipelines to 1ESPipeline
- cg-pipeline.yaml

* Bring back ComponentGovernanceComponentDetection task.

- The previous pipeline run, which can be found at the provided Azure DevOps link:
  https://dev.azure.com/ms/winget-pkgs/_build/results?buildId=507609&view=logs&j=bc38e8b8-e027-53cb-48e7-2adbd1070eca&t=dda153aa-3164-5f35-5796-224fc6cb32ec

  includes

      sdl:
      componentgovernance:
        failOnAlert: true

This indicates that Component Detection is auto-injected, but there is no indication of a Component Governance run.
Therefore, the ComponentGovernanceComponentDetection task is being brought back to maintain parity with old pipeline runs.

* Fix 'Stage' property value to meet naming restrictions

---------

Co-authored-by: Madhusudhan Gumbalapura Sudarshan <Madhusudhan.Sudarshan@microsoft.com>
This commit is contained in:
Madhusudhan-MSFT
2023-10-24 14:43:04 -07:00
committed by GitHub
parent 126accefd1
commit ca04e2f404
+29 -10
View File
@@ -5,16 +5,35 @@
trigger: none
pr: none
pool:
vmImage: windows-latest
variables:
runCodesignValidationInjection: ${{ false }}
steps:
- task: ComponentGovernanceComponentDetection@0
displayName: Component Governance
inputs:
scanType: 'Register'
verbosity: 'Verbose'
alertWarningLevel: 'High'
resources:
repositories:
- repository: 1ESPipelineTemplates
type: git
name: 1ESPipelineTemplates/1ESPipelineTemplates
ref: refs/tags/release
extends:
template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates
parameters:
pool:
name: Azure-Pipelines-1ESPT-ExDShared
image: windows-2022
os: windows
customBuildTags:
# This is added by 1ES migration tool and it is okay to remove in the future.
- ES365AIMigrationTooling
stages:
- stage: Component_Governance
jobs:
- job: Job
steps:
- task: ComponentGovernanceComponentDetection@0
displayName: Component Governance
inputs:
scanType: 'Register'
verbosity: 'Verbose'
alertWarningLevel: 'High'