Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable BinSkim scan in nightly validation #2098

Closed
wants to merge 2 commits into from
Closed

Enable BinSkim scan in nightly validation #2098

wants to merge 2 commits into from

Conversation

MilenaHristova
Copy link
Member

@MilenaHristova MilenaHristova commented Jul 11, 2023
edited by ghost
Loading

Enabling BinSkim scan over build artifacts in Validate-DotNet pipeline and the .NET staging pipeline based on company requirements.

We are required to run SDL tools on official builds and implement automated bug filling for the tools output. Currently we are running SDL checks over the source code in the nightly builds and in the .NET staging pipeline, but to be compliant we need to also run BinSkim over the produced artifacts.

This PRs is enabling BinSkim checks in the nightly run of Validate-DotNet pipeline.

More information is in the Automate BinSkim runs over official builds issue

Microsoft Reviewers: Open in CodeFlow

@MilenaHristova MilenaHristova mentioned this pull request Jul 11, 2023
Closed
16 tasks
@pgrawehr
Copy link
Contributor

Do you have an example of how the result looks like? I'm just curious about what this new test does.

@MilenaHristova
Copy link
Member Author

MilenaHristova commented Jul 13, 2023
edited
Loading

Do you have an example of how the result looks like? I'm just curious about what this new test does.

This is an example work item that got created for windowsdesktop
https://devdiv.visualstudio.com/DevDiv/_workitems/edit/1848201/ (that's just a missing pdb file)
this too: https://devdiv.visualstudio.com/DevDiv/_workitems/edit/1850145/

@krwq
Copy link
Member

krwq commented Jul 14, 2023
edited
Loading

@MilenaHristova non Microsoft employees don't have access to these issues and that's large part of our maintainers. Are results of this going to be publicly visible? If this is MS specific policy can this be added outside of the repo?

@MilenaHristova
Copy link
Member Author

@MilenaHristova non Microsoft employees don't have access to these issues and that's large part of our maintainers. Are results of this going to be publicly visible? If this is MS specific policy can this be added outside of the repo?

I am not aware of an other way to add this, bugs are filed automatically by the SDL tool. On the other hand, I couldn't find any validation runs for his repo, @mmitche do we need to run SDL on dotnet/iot ?

@mmitche
Copy link
Member

mmitche commented Jul 14, 2023

@MilenaHristova Nope. This is a .NET Foundation project.

@MilenaHristova
Copy link
Member Author

@MilenaHristova Nope. This is a .NET Foundation project.

ok, thanks. I'll remove it from the list and close this.

@github-actions github-actions bot locked and limited conversation to collaborators Dec 8, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@andriipatsula andriipatsula Awaiting requested review from andriipatsula

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@MilenaHristova @pgrawehr @krwq @mmitche