diff --git a/build/UVAtlas-GitHub-SDK-prerelease.yml b/build/UVAtlas-GitHub-SDK-prerelease.yml index a0ad078..b6f12e8 100644 --- a/build/UVAtlas-GitHub-SDK-prerelease.yml +++ b/build/UVAtlas-GitHub-SDK-prerelease.yml @@ -28,6 +28,7 @@ variables: EXTRACTED_FOLDER: $(ExtractedFolder) WSDKEnableBWOI: true URL_FEED: $(ADOFeedURL) + skipNugetSecurityAnalysis: true # We explicitly call this task so we don't need it to be auto-injected pool: vmImage: windows-2022 @@ -50,7 +51,7 @@ jobs: displayName: 'NuGet set package source to ADO feed' inputs: command: custom - arguments: sources add -Name xboxgdk-DirectXMesh -Source $(URL_FEED) -ConfigFile $(Build.SourcesDirectory)\NuGet.config + arguments: sources add -Name xboxgdk -Source $(URL_FEED) -ConfigFile $(Build.SourcesDirectory)\NuGet.config - task: PowerShell@2 displayName: 'Set nuget.config to single source' inputs: @@ -62,6 +63,8 @@ jobs: $clearadd = $doc.configuration.packageSources.PrependChild($newelement) $doc.OuterXml | Set-Content $file + - task: nuget-security-analysis@0 + displayName: 'Secure Supply Chain Analysis' - task: NuGetCommand@2 displayName: NuGet Install WSDK x64 inputs: @@ -148,7 +151,7 @@ jobs: displayName: NuGet set package source to ADO feed inputs: command: custom - arguments: sources add -Name xboxgdk-DirectXMesh -Source $(URL_FEED) -ConfigFile $(Build.SourcesDirectory)\NuGet.config + arguments: sources add -Name xboxgdk -Source $(URL_FEED) -ConfigFile $(Build.SourcesDirectory)\NuGet.config - task: PowerShell@2 displayName: 'Set nuget.config to single source' inputs: @@ -160,6 +163,8 @@ jobs: $clearadd = $doc.configuration.packageSources.PrependChild($newelement) $doc.OuterXml | Set-Content $file + - task: nuget-security-analysis@0 + displayName: 'Secure Supply Chain Analysis' - task: NuGetCommand@2 displayName: NuGet Install WSDK x64 inputs: diff --git a/build/UVAtlas-GitHub-SDK-release.yml b/build/UVAtlas-GitHub-SDK-release.yml index c4591d8..838c934 100644 --- a/build/UVAtlas-GitHub-SDK-release.yml +++ b/build/UVAtlas-GitHub-SDK-release.yml @@ -28,6 +28,7 @@ variables: EXTRACTED_FOLDER: $(ExtractedFolder) WSDKEnableBWOI: true URL_FEED: $(ADOFeedURL) + skipNugetSecurityAnalysis: true # We explicitly call this task so we don't need it to be auto-injected pool: vmImage: windows-2022 @@ -50,7 +51,7 @@ jobs: displayName: 'NuGet set package source to ADO feed' inputs: command: custom - arguments: sources add -Name xboxgdk-DirectXMesh -Source $(URL_FEED) -ConfigFile $(Build.SourcesDirectory)\NuGet.config + arguments: sources add -Name xboxgdk -Source $(URL_FEED) -ConfigFile $(Build.SourcesDirectory)\NuGet.config - task: PowerShell@2 displayName: 'Set nuget.config to single source' inputs: @@ -62,6 +63,8 @@ jobs: $clearadd = $doc.configuration.packageSources.PrependChild($newelement) $doc.OuterXml | Set-Content $file + - task: nuget-security-analysis@0 + displayName: 'Secure Supply Chain Analysis' - task: NuGetCommand@2 displayName: NuGet Install WSDK x64 inputs: @@ -148,7 +151,7 @@ jobs: displayName: NuGet set package source to ADO feed inputs: command: custom - arguments: sources add -Name xboxgdk-DirectXMesh -Source $(URL_FEED) -ConfigFile $(Build.SourcesDirectory)\NuGet.config + arguments: sources add -Name xboxgdk -Source $(URL_FEED) -ConfigFile $(Build.SourcesDirectory)\NuGet.config - task: PowerShell@2 displayName: 'Set nuget.config to single source' inputs: @@ -160,6 +163,8 @@ jobs: $clearadd = $doc.configuration.packageSources.PrependChild($newelement) $doc.OuterXml | Set-Content $file + - task: nuget-security-analysis@0 + displayName: 'Secure Supply Chain Analysis' - task: NuGetCommand@2 displayName: NuGet Install WSDK x64 inputs: diff --git a/build/UVAtlas-SDL.yml b/build/UVAtlas-SDL.yml index 85730ba..2107ae0 100644 --- a/build/UVAtlas-SDL.yml +++ b/build/UVAtlas-SDL.yml @@ -27,8 +27,10 @@ variables: VS_GENERATOR: 'Visual Studio 17 2022' VCPKG_CMAKE_DIR: '$(VCPKG_ROOT)/scripts/buildsystems/vcpkg.cmake' GITHUB_PAT: $(GITHUBPUBLICTOKEN) + URL_FEED: $(ADOFeedURL) Codeql.Language: cpp Codeql.ExcludePathPatterns: vcpkg + skipNugetSecurityAnalysis: true # We explicitly call this task so we don't need it to be auto-injected pool: vmImage: windows-2022 @@ -42,6 +44,24 @@ jobs: - checkout: self clean: true fetchTags: false + - task: NuGetCommand@2 + displayName: 'NuGet set package source to ADO feed' + inputs: + command: custom + arguments: sources add -Name xboxgdk -Source $(URL_FEED) -ConfigFile $(Build.SourcesDirectory)\NuGet.config + - task: PowerShell@2 + displayName: 'Set nuget.config to single source' + inputs: + targetType: inline + script: | + $file = '.\NuGet.Config' + $doc = [xml](Get-Content $file) + $newelement = $doc.CreateElement("clear") + $clearadd = $doc.configuration.packageSources.PrependChild($newelement) + $doc.OuterXml | Set-Content $file + + - task: nuget-security-analysis@0 + displayName: 'Secure Supply Chain Analysis' - task: NodeTool@0 displayName: 'NPM install' inputs: @@ -80,9 +100,9 @@ jobs: @if ERRORLEVEL 1 goto error call vcpkg install directx-headers @if ERRORLEVEL 1 goto error - call vcpkg install directxmesh + call vcpkg install directxmesh[spectre] @if ERRORLEVEL 1 goto error - call vcpkg install directxtex + call vcpkg install directxtex[spectre] @if ERRORLEVEL 1 goto error :finish @echo --- VCPKG COMPLETE ---