From ce3d6a5f75a6f7c4c1798a42a2b2ac66c59cb3cb Mon Sep 17 00:00:00 2001 From: Ruben Guerrero Date: Fri, 15 Oct 2021 16:59:29 -0700 Subject: [PATCH] Add component governance pipeline (#30274) * Add component governance pipeline * Update DevOpsPipelineDefinitions/cg-pipeline.yaml Co-authored-by: JohnMcPMS Co-authored-by: denelon Co-authored-by: JohnMcPMS --- DevOpsPipelineDefinitions/cg-pipeline.yaml | 20 ++++++++++++++++++++ Tools/cgmanifest.json | 13 +++++++++++++ 2 files changed, 33 insertions(+) create mode 100644 DevOpsPipelineDefinitions/cg-pipeline.yaml create mode 100644 Tools/cgmanifest.json diff --git a/DevOpsPipelineDefinitions/cg-pipeline.yaml b/DevOpsPipelineDefinitions/cg-pipeline.yaml new file mode 100644 index 00000000000..507432f004f --- /dev/null +++ b/DevOpsPipelineDefinitions/cg-pipeline.yaml @@ -0,0 +1,20 @@ +# Component Governance pipeline. +# This pipeline is configured to run on weekly basis. +# Uses Tools\cgmanifest.json + +trigger: none +pr: none + +pool: + vmImage: windows-latest + +variables: + runCodesignValidationInjection: ${{ false }} + +steps: + - task: ComponentGovernanceComponentDetection@0 + displayName: Component Governance + inputs: + scanType: 'Register' + verbosity: 'Verbose' + alertWarningLevel: 'High' diff --git a/Tools/cgmanifest.json b/Tools/cgmanifest.json new file mode 100644 index 00000000000..7166f21919b --- /dev/null +++ b/Tools/cgmanifest.json @@ -0,0 +1,13 @@ +{ + "Registrations": [ + { + "Component": { + "Type": "git", + "git": { + "RepositoryUrl": "https://github.com/cloudbase/powershell-yaml", + "CommitHash": "03663c66e57ce2d0422077dc073bdb92e4d374b0" + } + }, + }, + ] +} \ No newline at end of file