chad/ToonTanks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
32dacbe27bf50b85013816e707eeae27049d1664
ToonTanks/Plugins/VisualStudioTools/azure-pipelines/compliance.yml
Chad Doty 32dacbe27b IntialCommit
2025-07-14 00:29:30 -04:00

124 lines
4.4 KiB
YAML
Raw Blame History

# IMPORTANT:
# Do not run BinSkim because we do not control producing the binaries. That process is owned by
# Epic. We just provide source code. Since we do not control the build, BinSkim is not needed.
variables:
Codeql.Enabled: true
Codeql.SourceRoot: '$(Build.SourcesDirectory)'
trigger:
- main
pr:
autoCancel: true
branches:
include:
- main
- dev/*
schedules:
- cron: "0 12 * * Sun"
displayName: Weekly run
branches:
include:
- main
always: true
resources:
repositories:
- repository: 1ESPipelineTemplates
type: git
name: 1ESPipelineTemplates/1ESPipelineTemplates
ref: refs/tags/release
extends:
template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates
parameters:
pool:
name: VSEngSS-MicroBuild2022-1ES
os: windows
customBuildTags:
- ES365AIMigrationTooling
stages:
- stage: stage
jobs:
- job: 'UnrealEngine_VisualStudioTools_Compliance'
timeoutInMinutes: 1440
steps:
- task: CmdLine@2
displayName: 'Clone Unreal Engine Repository'
inputs:
script: 'git clone "https://$(token)@github.com/EpicGames/UnrealEngine" --single-branch --branch $(ue_branch) --depth 1 ue'
workingDirectory: '$(Agent.BuildDirectory)'
- task: CmdLine@2
displayName: 'Apply patch to allow us to pass linker flags to the build'
inputs:
script: 'git apply --ignore-whitespace $(Build.SourcesDirectory)/azure-pipelines/Support-extra-UBT-args-in-UAT.BuildPlugin.patch'
workingDirectory: '$(Agent.BuildDirectory)\ue'
- task: PowerShell@2
displayName: '[UE] Append /unattended option'
inputs:
targetType: 'inline'
script:
$filePath = "$(Agent.BuildDirectory)/ue/Setup.bat";
(Get-Content $filePath).Replace("/register", "/register /unattended") | Set-Content $filePath
- task: CmdLine@2
displayName: '[UE] Run Setup.bat'
inputs:
script: 'ue\Setup.bat --force'
workingDirectory: '$(Agent.BuildDirectory)'
- task: MSBuild@1
displayName: 'Build Plugin'
timeoutInMinutes: 300
inputs:
solution: '$(Build.SourcesDirectory)/build.proj'
msbuildArguments: '/p:UnrealEngine=$(Agent.BuildDirectory)\ue /p:OutputPath=$(Build.ArtifactStagingDirectory)\drop /p:VulkanReadyBinaries=true'
createLogFile: true
- task: CopyFiles@2
displayName: 'Collect binaries to analyze'
inputs:
SourceFolder: '$(Build.ArtifactStagingDirectory)\drop'
Contents: '**\unrealeditor-visualstudiotools.*'
TargetFolder: '$(Build.ArtifactStagingDirectory)\binariesToAnalyze'
CleanTargetFolder: true
OverWrite: true
- task: PoliCheck@2
inputs:
targetType: 'F'
targetArgument: '$(Build.SourcesDirectory)'
- task: ComponentGovernanceComponentDetection@0
inputs:
ignoreDirectories: '$(Agent.BuildDirectory)\ue'
displayName: 'Component Detection'
- task: APIScan@2
displayName: 'Run APIScan'
inputs:
softwareFolder: '$(Build.ArtifactStagingDirectory)/binariesToAnalyze'
softwareName: 'Visual Studio Tools for Unreal Engine'
softwareVersionNum: '2.4'
softwareBuildNum: '$(Build.BuildId)'
toolVersion: 'Latest'
env:
AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId)
- task: SDLNativeRules@3
displayName: 'Run the PREfast SDL Native Rules for MSBuild'
env:
SYSTEM_ACCESSTOKEN: $(System.AccessToken)
inputs:
publishXML: true
userProvideBuildInfo: auto
rulesetName: Recommended
setupCommandlinePicker: 'vs2022'
- task: PublishSecurityAnalysisLogs@3
displayName: 'Publish security analysis logs'
inputs:
ArtifactName: 'CodeAnalysisLogs'
ArtifactType: 'Container'
AllTools: true
ToolLogsNotFoundAction: 'Standard'
- task: TSAUpload@2
displayName: 'TSA upload'
inputs:
GdnPublishTsaOnboard: True
GdnPublishTsaConfigFile: '$(Build.SourcesDirectory)/azure-pipelines/TSAOptions.json'
Reference in New Issue View Git Blame Copy Permalink