e768098d0e
Flake8 Lint / flake8 (push) Waiting to run
Publish Promptflow Doc / Build (push) Waiting to run
Publish Promptflow Doc / Deploy (push) Blocked by required conditions
Spell check CI / Spell_Check (push) Waiting to run
tools_continuous_delivery / Private PyPI non-main branch release (push) Has been skipped
tools_continuous_delivery / Private PyPI main branch release (push) Failing after 2m42s
75 lines
2.6 KiB
YAML
75 lines
2.6 KiB
YAML
# Pipeline link: https://dev.azure.com/msdata/Vienna/_build?definitionId=26179&_a=summary
|
|
parameters:
|
|
- name: policyCulture
|
|
displayName: "Policy Culture"
|
|
type: string
|
|
# The culture used to run policy check scan, can be region codes separated by comma, e.g. 'en-US,de-DE'
|
|
default: 'en-US'
|
|
|
|
name: $(BuildDefinitionName)_$(Date:yyyyMMdd)$(Rev:.r) # Configure run or build numbers
|
|
|
|
variables:
|
|
- name: sourceLocation
|
|
value: $(System.DefaultWorkingDirectory)
|
|
|
|
trigger:
|
|
- main
|
|
- releases/*
|
|
|
|
pool:
|
|
name: promptflow-1ES-win
|
|
|
|
steps:
|
|
- checkout: self
|
|
|
|
- task: PowerShell@2
|
|
inputs:
|
|
targetType: inline
|
|
script: |
|
|
Remove-Item -Recurse -Force $(sourceLocation)/benchmark/promptflow-serve/result-archive
|
|
Remove-Item -Path $(sourceLocation)/src/promptflow-azure/promptflow/azure/_restclient/flow_service_caller.py -Force
|
|
displayName: 'Delete benchmark HTML files, and files to avoid PoliCheck scan'
|
|
|
|
# https://eng.ms/docs/microsoft-security/cloud-ecosystem-security/azure-security/cloudai-security-fundamentals-engineering/security-integration/guardian-wiki/sdl-azdo-extension/PoliCheck-build-task
|
|
- task: PoliCheck@2
|
|
inputs:
|
|
targetType: 'F'
|
|
targetArgument: '$(sourceLocation)'
|
|
optionsPE: '1'
|
|
optionsUEPATH: '$(sourceLocation)\scripts\compliance-check\user_exclusion.xml'
|
|
result: '$(sourceLocation)\scripts\compliance-check\result.tsv'
|
|
optionsXCLASS: 'Geopolitical'
|
|
|
|
- task: PowerShell@2
|
|
inputs:
|
|
targetType: inline
|
|
script: |
|
|
if (-Not (Test-Path "$(sourceLocation)/scripts/compliance-check/result.tsv")) {
|
|
Write-Host "PoliCheck@2 (previous step) is not supported for forked GitHub repository, which will break the following step."
|
|
Write-Host "So as a workaround, this step will create an empty result.tsv file."
|
|
New-Item -ItemType Directory -Force -Path "$(sourceLocation)/scripts/compliance-check"
|
|
Set-Location "$(sourceLocation)/scripts/compliance-check"
|
|
New-Item -ItemType File -Name "result.tsv"
|
|
}
|
|
displayName: 'Workaround for fork repository'
|
|
|
|
- task: PowerShell@2
|
|
inputs:
|
|
targetType: 'filePath'
|
|
filePath: '$(sourceLocation)\scripts\compliance-check\Check-PolicheckScan.ps1'
|
|
arguments: >
|
|
-policheckResult $(sourceLocation)\scripts\compliance-check\result.tsv
|
|
displayName: 'Check result'
|
|
|
|
- task: PublishPipelineArtifact@1
|
|
condition: failed()
|
|
inputs:
|
|
targetPath: '$(sourceLocation)\scripts\compliance-check\result.tsv'
|
|
artifactName: 'compliance-check-result'
|
|
publishLocation: 'pipeline'
|
|
|
|
- task: CredScan@3
|
|
displayName: 'CredScan'
|
|
inputs:
|
|
scanFolder: '$(sourceLocation)'
|