8000 v1 - update msdo links by davidknise · Pull Request #40 · github/ossar-action · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

v1 - update msdo links #40

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Mar 11, 2022
Merged

v1 - update msdo links #40

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
075d1a2
Update msdo links
davidknise Mar 11, 2022
786a16a
Merge pull request #39 from github/msdoLinks
davidknise Mar 11, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 7 additions & 6 deletions .github/workflows/on-push-verification.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,14 +16,15 @@ jobs:
# Checkout your code repository to scan
- uses: actions/checkout@v2

# Ensure a compatible version of dotnet is installed.
# The [Microsoft Security Code Analysis CLI](https://aka.ms/msca-nuget) is built with dotnet v3.1.201.
# A version greater than or equal to v3.1.201 of dotnet must be installed on the agent in order to run this action.
# Remote agents already have a compatible version of dotnet installed and this step may be skipped.
# For local agents, ensure dotnet version 3.1.201 or later is installed by including this action:
# Ensure a compatible version of dotnet is installed.
# The [Microsoft Security DevOps CLI](https://aka.ms/msdo-nuget) is built with net6.0
# A version greater than or equal to net6.0 of dotnet must be installed on the agent in order to run this action.
# GitHub hosted runners already have a compatible version of dotnet installed and this step may be skipped.

# For self-hosted runners, ensure dotnet version 3.1.201 or later is installed by including this action:
# - uses: actions/setup-dotnet@v1
# with:
# dotnet-version: '3.1.x'
# dotnet-version: '6.0.x'

# Run open source static analysis tools
- name: Run OSSAR
Expand Down
7 changes: 4 additions & 3 deletions .github/workflows/sample-workflow-ubuntu-latest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,13 +22,14 @@ jobs:
- uses: actions/checkout@v2

# Ensure a compatible version of dotnet is installed.
# The [Microsoft Security Code Analysis CLI](https://aka.ms/msca-nuget) is built with dotnet v3.1.201.
# A version greater than or equal to v3.1.201 of dotnet must be installed on the agent in order to run this action.
# The [Microsoft Security DevOps CLI](https://aka.ms/msdo-nuget) is built with net6.0
# A version greater than or equal to net6.0 of dotnet must be installed on the agent in order to run this action.
# GitHub hosted runners already have a compatible version of dotnet installed and this step may be skipped.

# For self-hosted runners, ensure dotnet version 3.1.201 or later is installed by including this action:
# - uses: actions/setup-dotnet@v1
# with:
# dotnet-version: '3.1.x'
# dotnet-version: '6.0.x'

# Run open source static analysis tools
- name: Run OSSAR
Expand Down
7 changes: 4 additions & 3 deletions .github/workflows/sample-workflow-windows-latest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,13 +22,14 @@ jobs:
- uses: actions/checkout@v2

# Ensure a compatible version of dotnet is installed.
# The [Microsoft Security Code Analysis CLI](https://aka.ms/msca-nuget) is built with dotnet v3.1.201.
# A version greater than or equal to v3.1.201 of dotnet must be installed on the agent in order to run this action.
# The [Microsoft Security DevOps CLI](https://aka.ms/msdo-nuget) is built with net6.0
# A version greater than or equal to net6.0 of dotnet must be installed on the agent in order to run this action.
# GitHub hosted runners already have a compatible version of dotnet installed and this step may be skipped.

# For self-hosted runners, ensure dotnet version 3.1.201 or later is installed by including this action:
# - uses: actions/setup-dotnet@v1
# with:
# dotnet-version: '3.1.x'
# dotnet-version: '6.0.x'

# Run open source static analysis tools
- name: Run OSSAR
Expand Down
8 changes: 4 additions & 4 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,9 @@ The OSSAR action is currently in beta and runs on the `windows-latest` queue, as

# Overview

This action runs the [Microsoft Security Code Analysis CLI](https://aka.ms/msca-nuget) for security analysis by:
This action runs the [Microsoft Security DevOps CLI](https://aka.ms/msdo-nuget) for security analysis by:

* Installing the Microsoft Security Code Analysis CLI
* Installing the Microsoft Security DevOps CLI
* Installing the latest policy or referencing the local `policy/github.gdnpolicy` file
* Installing the latest open source tools
* Automatic or user-provided configuration of static analysis tools
Expand Down Expand Up @@ -53,12 +53,12 @@ steps:
sarif_file: ${{ steps.ossar.outputs.sarifFile }}
```

**Note:** The [Microsoft Security Code Analysis CLI](https://aka.ms/msca-nuget) is built with dotnet v3.1.201. A version greater than or equal to v3.1.201 of dotnet must be installed on the runner in order to run this action. GitHub hosted runners already have a compatible version of dotnet installed. To ensure a compatible version of dotnet is installed on a self-hosted runner, please configure the [actions/setup-dotnet](https://github.com/actions/setup-dotnet) action.
**Note:** The [Microsoft Security DevOps CLI](https://aka.ms/msdo-nuget) is built with net6.0. A version greater than or equal to net6.0 of dotnet must be installed on the runner in order to run this action. GitHub hosted runners already have a compatible version of dotnet installed. To ensure a compatible version of dotnet is installed on a self-hosted runner, please configure the [actions/setup-dotnet](https://github.com/actions/setup-dotnet) action.

```
- uses: actions/setup-dotnet@v1
with:
dotnet-version: '3.1.x'
# dotnet-version: '6.0.x'
```

## Upload Results to the Security tab
Expand Down
4 changes: 2 additions & 2 deletions policy/github.nuspec
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@
<metadata>
<id>Microsoft.Security.CodeAnalysis.Policy.GitHub</id>
<version>1.1.0</version>
<description>Microsoft Security Code Analysis Policy for GitHub.</description>
<description>Microsoft Security DevOps Policy for GitHub.</description>
<authors>Microsoft</authors>
<projectUrl>https://aka.ms/msca-nuget</projectUrl>
<projectUrl>https://aka.ms/msdo-nuget</projectUrl>
<language>en-US</language>
<license type="expression">MS-PL</license>
<requireLicenseAcceptance>false</requireLicenseAcceptance>
Expand Down
0