Couple APIScan and TSAUpload under the same switch

AArnott · Feb 20, 2024 · be63359 · be63359
1 parent 9651284
commit be63359
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 20 deletions.
diff --git a/azure-pipelines/official.yml b/azure-pipelines/official.yml
@@ -39,7 +39,7 @@ parameters:
 - name: EnableAPIScan
   displayName: Include APIScan with Compliance tools
   type: boolean
-  default: true
+  default: false # enable in individual repos only AFTER updating TSAOptions.json with your own values
 
 resources:
   repositories:

diff --git a/azure-pipelines/secure-development-tools.yml b/azure-pipelines/secure-development-tools.yml
@@ -1,5 +1,7 @@
 parameters:
-  EnableAPIScan:
+- name: EnableAPIScan
+  type: boolean
+  default: false
 
 steps:
 
@@ -19,22 +21,21 @@ steps:
       !**/osx*/**
     TargetFolder: $(Build.ArtifactStagingDirectory)/APIScanInputs
 
-- task: APIScan@2
-  displayName: 🔍 Run APIScan
-  inputs:
-    softwareFolder: $(Build.ArtifactStagingDirectory)/APIScanInputs
-    softwareName: $(SymbolsFeatureName)
-    softwareVersionNum: $(NBGV_MajorMinorVersion)
-    isLargeApp: false
-    toolVersion: Latest
-  condition: and(succeeded(), ${{ parameters.EnableAPIScan }}, ne(variables.ApiScanClientId, ''))
-  env:
-    AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId);TenantId=$(ApiScanTenant);AppKey=$(ApiScanSecret)
+- ${{ if parameters.EnableAPIScan }}:
+  - task: APIScan@2
+    displayName: 🔍 Run APIScan
+    inputs:
+      softwareFolder: $(Build.ArtifactStagingDirectory)/APIScanInputs
+      softwareName: $(SymbolsFeatureName)
+      softwareVersionNum: $(NBGV_MajorMinorVersion)
+      isLargeApp: false
+      toolVersion: Latest
+    env:
+      AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId);TenantId=$(ApiScanTenant);AppKey=$(ApiScanSecret)
 
-# File bugs when APIScan finds issues
-- task: TSAUpload@2
-  displayName: 🪳 TSA upload
-  inputs:
-    GdnPublishTsaOnboard: True
-    GdnPublishTsaConfigFile: $(Build.SourcesDirectory)\azure-pipelines\TSAOptions.json
-  condition: false # enable in individual repos only AFTER updating TSAOptions.json with your own values
+  # File bugs when APIScan finds issues
+  - task: TSAUpload@2
+    displayName: 🪳 TSA upload
+    inputs:
+      GdnPublishTsaOnboard: True
+      GdnPublishTsaConfigFile: $(Build.SourcesDirectory)\azure-pipelines\TSAOptions.json