Skip to content

chore: add DevOps build pipeline for S360 security vulnerability scanning#1116

Merged
ramsessanchez merged 3 commits into
mainfrom
chore/addBuildPipeline
May 15, 2026
Merged

chore: add DevOps build pipeline for S360 security vulnerability scanning#1116
ramsessanchez merged 3 commits into
mainfrom
chore/addBuildPipeline

Conversation

@ramsessanchez
Copy link
Copy Markdown
Contributor

@ramsessanchez ramsessanchez commented May 14, 2026
edited by microsoft-github-policy-service Bot
Loading

Summary

Adds a DevOps build pipeline to build this SDK so that we may surface any S360 security vulnerabilities early and on a consistent basis.

Changes

  • Added a build pipeline configuration to enable regular SDK builds
  • Enables early detection of S360 security vulnerabilities through consistent automated builds

Motivation

Proactive security scanning helps catch vulnerabilities before they reach production, aligning with S360 compliance requirements.

Microsoft Reviewers: Open in CodeFlow

@ramsessanchez
chore: add DevOps build pipeline for S360 security vulnerability scan…
aa3e3f4 
…ning

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@ramsessanchez ramsessanchez requested a review from a team as a code owner May 14, 2026 20:38
ramsessanchez and others added 2 commits May 14, 2026 14:47
@ramsessanchez
chore: update build pipeline schedule to daily
6ca5872 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@ramsessanchez
chore: enable SDL security scanning in build pipeline
48d871a 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@ramsessanchez ramsessanchez requested a review from Copilot May 15, 2026 21:22
@ramsessanchez ramsessanchez merged commit 3b53586 into main May 15, 2026
7 checks passed
@ramsessanchez ramsessanchez deleted the chore/addBuildPipeline branch May 15, 2026 21:23
Copilot AI reviewed May 15, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

Adds an Azure DevOps pipeline that builds and tests the .NET Beta SDK on a daily schedule to surface S360/security issues earlier.

Changes:

  • Introduces a scheduled (daily) pipeline definition under .azurepipelines/
  • Builds the solution with dotnet build and runs tests with dotnet test
  • Enables SDL tooling (CredScan/PoliCheck/BinSkim) via 1ES pipeline template parameters

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .azurepipelines/build.yml
displayName: Set up .NET
inputs:
packageType: 'sdk'
version: '10.x'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@MIchaelMainer MIchaelMainer MIchaelMainer approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ramsessanchez @MIchaelMainer