Редактиране

Споделяне чрез


AdvancedSecurity-Codeql-Autobuild@1 - Advanced Security AutoBuild v1 task

Attempts to automatically build your project for CodeQL analysis by finding and building project files in the source folder. This task is not required if you have your own custom build steps, or if you are not using cpp, java, csharp, or swift. You must have GitHub Advanced Security for Azure DevOps enabled for the repository being scanned.

Syntax

# Advanced Security AutoBuild v1
# Attempts to build the repository by finding and building project files in the source folder.
- task: AdvancedSecurity-Codeql-Autobuild@1
  inputs: # none

Inputs

None.

Task control options

All tasks have control options in addition to their task inputs. For more information, see Control options and common task properties.

Output variables

None.

Remarks

Important

This task is supported with Azure Repos Git repositories only.

The AdvancedSecurity-Codeql-Autobuild@1 task attempts to build the project file in your repository. If AdvancedSecurity-Codeql-Autobuild@1 cannot build your project, remove the AdvancedSecurity-Codeql-Autobuild@1 task and replace it with your custom build steps.

This task is not required if you have your own custom build steps, or if you are not using cpp, java, csharp, or swift. You must have GitHub Advanced Security for Azure DevOps enabled for the repository being scanned.

The pipeline must call the tasks in the following order.

  1. Initialize CodeQL
  2. AutoBuild (or your custom build tasks)
  3. Perform CodeQL analysis

The AutoBuild task is optional and may be replaced with your custom build tasks. Either AutoBuild or your custom build tasks must be run for your project to be analyzed.

The AdvancedSecurity-Codeql-Autobuild@1 task must appear after the initialize step for successful completion.

# Initialize CodeQL database 
- task: AdvancedSecurity-Codeql-Init@1
  inputs: 
    languages: 'csharp' 
  displayName: 'Advanced Security Initialize CodeQL' 

# Build project using Autobuild or your own custom build steps 
- task: AdvancedSecurity-Codeql-Autobuild@1
  displayName: 'Advanced Security Autobuild' 

# Run analysis 
- task: AdvancedSecurity-Codeql-Analyze@1
  displayName: 'Advanced Security Code Scanning' 

Requirements

Requirement Description
Pipeline types YAML, Classic build, Classic release
Runs on Agent, DeploymentGroup
Demands None
Capabilities This task does not satisfy any demands for subsequent tasks in the job.
Command restrictions Any
Settable variables Any
Agent version All supported agent versions.
Task category Build

See also