release: enable TSA and remove our baselines file (#32664)

There are two ways to handle policy (binskim, policheck, etc.) failure: put them in one giant JSON file full of hashes, or let an internal process called "TSA" turn them into bugs.

This moves us to the latter.
This commit is contained in:
Dustin L. Howett 2024-04-30 22:14:30 -05:00 committed by GitHub
parent 00e6af8f9b
commit 6bd9a70c29
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 12 additions and 9090 deletions

View File

@ -1614,6 +1614,7 @@ triaging
TRK TRK
trl trl
trx trx
tsa
Tsd Tsd
TServer TServer
TStr TStr

View File

@ -33,6 +33,10 @@ extends:
name: SHINE-INT-S name: SHINE-INT-S
image: SHINE-VS17-Latest image: SHINE-VS17-Latest
os: windows os: windows
sdl:
tsa:
enabled: true
configFile: '$(Build.SourcesDirectory)\.pipelines\tsa.json'
stages: stages:
- stage: build - stage: build
@ -55,9 +59,6 @@ extends:
- output: pipelineArtifact - output: pipelineArtifact
artifactName: setup-$(BuildPlatform) artifactName: setup-$(BuildPlatform)
targetPath: $(Build.ArtifactStagingDirectory) targetPath: $(Build.ArtifactStagingDirectory)
sdl:
baseline:
baselineFile: $(Build.SourcesDirectory)\.pipelines\sdl.gdnbaselines
displayName: Build displayName: Build
timeoutInMinutes: 240 # Some of the 1ES Pipeline stuff and Loc take a very long time timeoutInMinutes: 240 # Some of the 1ES Pipeline stuff and Loc take a very long time
cancelTimeoutInMinutes: 1 cancelTimeoutInMinutes: 1

File diff suppressed because it is too large Load Diff

7
.pipelines/tsa.json Normal file
View File

@ -0,0 +1,7 @@
{
"codebaseName": "PowerToys_main",
"notificationAliases": ["powertoys@microsoft.com"],
"instanceUrl": "https://microsoft.visualstudio.com",
"projectName": "OS",
"areaPath": "OS\\Windows Client and Services\\ADEPT\\E4D-Engineered for Developers\\SHINE\\PowerToys"
}