OfficeDev · wenytang-ms · Jul 30, 2024 · Jul 30, 2024
diff --git a/.azure-pipelines/codeql.yml b/.azure-pipelines/codeql.yml
@@ -1,58 +1,88 @@
-trigger: none
+#################################################################################
+#                               OneBranch Pipelines                             #
+# This pipeline was created by EasyStart from a sample located at:              #
+#   https://aka.ms/obpipelines/easystart/samples                                #
+# Documentation:  https://aka.ms/obpipelines                                    #
+# Yaml Schema:    https://aka.ms/obpipelines/yaml/schema                        #
+# Retail Tasks:   https://aka.ms/obpipelines/tasks                              #
+# Support:        https://aka.ms/onebranchsup                                   #
+#################################################################################
 
-schedules:
-- cron: '0 0 * * Mon'
-  displayName: Weekly Monday build
-  branches:
-    include:
-      - main
-  always: true
-  batch: true
+trigger: none  # https://aka.ms/obpipelines/triggers
+
+# global parameteres are configured here and show up in AzDO UI in build queue time. Required for MSBuild and .NET.
+# learn more at https://aka.ms/obpipelines/parameters
+# parameters:
+# - name: 'debug'
+#  displayName: 'Enable debug output'
+#  type: boolean
+#  default: false
 
 variables:
-  buildConfiguration: 'Release'
-  WindowsContainerImage: onebranch.azurecr.io/windows/ltsc2019/vse2022:latest # for Windows jobs
+  CDP_DEFINITION_BUILD_COUNT: $[counter('', 0)]  # needed for onebranch.pipeline.version task https://aka.ms/obpipelines/versioning
+  WindowsContainerImage: 'onebranch.azurecr.io/windows/ltsc2019/vse2019:latest' # Docker image which is used to build the project https://aka.ms/obpipelines/containers
+
+  ### Specify container image and other global variables in this section! ###
+  # https://aka.ms/obpipelines/variables
 
 resources:
-  repositories: 
-    - repository: templates
-      type: git
-      name: OneBranch.Pipelines/GovernedTemplates
-      ref: refs/heads/main
+  repositories:
+  - repository: templates
+    type: git
+    name: OneBranch.Pipelines/GovernedTemplates
+    ref: refs/heads/main
 
 extends:
-  template: v2/OneBranch.Official.CrossPlat.yml@templates
+  template: v2/OneBranch.NonOfficial.CrossPlat.yml@templates  # https://aka.ms/obpipelines/templates
   parameters:
-    globalSdl: # https://aka.ms/obpipelines/sdl
+    cloudvault:  # https://aka.ms/obpipelines/cloudvault
+      enabled: false
+      ### Linux Pipelines can uncomment the following to run CloudVault update as a seperate stage. ###
+      # runmode: stage
+      # dependsOn: linux_build
+      # artifacts:
+      #  - drop_linux_stage_linux_job
+    globalSdl:  # https://aka.ms/obpipelines/sdl
       tsa:
-        enabled: true # SDL results of non-official builds aren't uploaded to TSA by default.
+        enabled: false  # onebranch publish all SDL results to TSA. If TSA is disabled all SDL tools will forced into 'break' build mode.
+      credscan:
+        suppressionsFile: $(Build.SourcesDirectory)\.azure-pipelines\CredScanSuppressions.json
       binskim:
-        break: true # always break the build on binskim issues. You can disable it by setting to 'false'
+        break: true  # always break the build on binskim issues in addition to TSA upload
       policheck:
-        break: true # always break the build on policheck issues. You can disable it by setting to 'false'
+        break: true  # always break the build on policheck issues. You can disable it by setting to 'false'
       codeql: # https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/codeql/configuring-codeql3000-ado-pipelines
         tsaEnabled: true
         compiled: 
           enabled: true
-
+      # suppression:
+      #   suppressionFile: $(Build.SourcesDirectory)\.gdn\global.gdnsuppress
+
     stages:
-#############################################################################################################
-# build stage
+    # The file contains an example HelloWorld script. For more info and examples, see the links below
+    # https://aka.ms/obpipelines/containerbuildexamples
+    # https://aka.ms/obpipelines/containerprojectypes
     - stage: build
       jobs:
-        - job:
-          pool:
-            type: windows
-          steps:
-            - task: UseDotNet@2
-              displayName: 'Use .NET 6.0'
-              inputs:
-                version: 6.0.x
-
-            - task: DotNetCoreCLI@2
-              displayName: 'dotnet build'
-              inputs:
-                projects: |
-                  packages/function-extension
-                  packages/dotnet-sdk
-                arguments: '/p:Configuration=Release'
+      - job:
+        pool:
+          type: windows
+        variables:
+        - name: ob_outputDirectory
+          value: '$(Build.SourcesDirectory)\out' # this directory is uploaded to pipeline artifacts, reddog and cloudvault. More info at https://aka.ms/obpipelines/artifacts
+
+        steps:
+          - task: UseDotNet@2
+            displayName: 'Use .NET 6.0'
+            inputs:
+              version: 6.0.x
+
+          - task: DotNetCoreCLI@2
+            displayName: 'dotnet build'
+            inputs:
+              projects: |
+                packages/function-extension
+                packages/dotnet-sdk
+              arguments: '/p:Configuration=Release'
+
+## For info and instructions on CloudTest, see https://aka.ms/obpipelines/cloudtest
diff --git a/.config/tsaoptions.json b/.config/tsaoptions.json