Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

{CI} Switch CredScan task #7692

Merged
merged 4 commits into from
Jun 16, 2024
Merged

{CI} Switch CredScan task #7692

merged 4 commits into from
Jun 16, 2024

Conversation

Pan-Qi
Copy link
Contributor

@Pan-Qi Pan-Qi commented Jun 7, 2024

Last Saturday, this task ms-codeanalysis.vss-microsoft-security-code-analysis-devops.build-task-credscan.CredScan@2 began failing unexpectedly with the following error message:
image
We have sent an email and created an ICM.
But progress is very slow, and many users' PRs have been blocked by this CI task.
And I found out that these two tasks have been deprecated.

  • ms-codeanalysis.vss-microsoft-security-code-analysis-devops.build-task-credscan.CredScan@2
  • ms-codeanalysis.vss-microsoft-security-code-analysis-devops.build-task-postanalysis.PostAnalysis@1
    image
    image
    image

So we decided to switch to the securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@3 and securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@2
Test screenshot:
image

Related documents:
credscan
post analysis

This checklist is used to make sure that common guidelines for a pull request are followed.

Related command

General Guidelines

  • Have you run azdev style <YOUR_EXT> locally? (pip install azdev required)
  • Have you run python scripts/ci/test_index.py -q locally? (pip install wheel==0.30.0 required)
  • My extension version conforms to the Extension version schema

For new extensions:

About Extension Publish

There is a pipeline to automatically build, upload and publish extension wheels.
Once your pull request is merged into main branch, a new pull request will be created to update src/index.json automatically.
You only need to update the version information in file setup.py and historical information in file HISTORY.rst in your PR but do not modify src/index.json.

@azure-client-tools-bot-prd azure-client-tools-bot-prd
Copy link

Hi @Pan-Qi,
Please write the description of changes which can be perceived by customers into HISTORY.rst.
If you want to release a new extension version, please update the version in setup.py as well.

@azure-client-tools-bot-prd azure-client-tools-bot-prd
Copy link

azure-client-tools-bot-prd bot commented Jun 7, 2024
edited
Loading

️✔️Azure CLI Extensions Breaking Change Test
️✔️Non Breaking Changes

@yonzhan
Copy link
Collaborator

yonzhan commented Jun 7, 2024

CI

@Pan-Qi Pan-Qi marked this pull request as ready for review June 11, 2024 05:00
@wangzelin007 wangzelin007 merged commit 6cfe300 into Azure:main Jun 16, 2024
15 checks passed
liorstauber pushed a commit to liorstauber/azure-cli-extensions that referenced this pull request Jul 14, 2024
@Pan-Qi @t-lstauber
{CI} Enable Credential Scan (Azure#7692)
6fa84c0 
* fix credentials scan

* tool version

* add suppression file

* ending line
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wangzelin007 wangzelin007 wangzelin007 approved these changes

@yonzhan yonzhan Awaiting requested review from yonzhan

@jiasli jiasli Awaiting requested review from jiasli

@kairu-ms kairu-ms Awaiting requested review from kairu-ms

@jsntcy jsntcy Awaiting requested review from jsntcy

@bebound bebound Awaiting requested review from bebound

Assignees

@wangzelin007 wangzelin007

Labels
Auto-Assign Auto assign by bot CI
Projects
None yet
Milestone
June 2024 (2024-07-09)
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@Pan-Qi @yonzhan @wangzelin007