PowerShell/.vsts-ci/templates/credscan.yml
Travis Plunk 14980aa943
Add secret scanning to CI (#9249)
Add secret scanning to CI

## PR Context

This should prevent us from having any secrets in our history
2019-03-30 10:17:25 -07:00

29 lines
866 B
YAML

parameters:
pool: 'Hosted VS2017'
jobName: 'credscan'
displayName: Secret Scan
jobs:
- job: ${{ parameters.jobName }}
pool:
name: ${{ parameters.pool }}
displayName: ${{ parameters.displayName }}
steps:
- task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2
displayName: 'Scan for secrets'
inputs:
suppressionsFile: tools/credScan/suppress.json
debugMode: false
- task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@2
displayName: 'Publish Secret Scan Logs to Build Artifacts'
continueOnError: true
- task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@1
displayName: 'Check for failures'
inputs:
CredScan: true
ToolLogsNotFoundAction: Error