{CI} Re-enable credscan

azure-pipelines.yml

@@ -13,25 +13,25 @@ pr:
       - '*'
 
 jobs:
-# - job: CredScan
-#   displayName: "Credential Scan"
-#   pool:
-#     vmImage: "windows-2019"
-#   steps:
-#     - task: ms-codeanalysis.vss-microsoft-security-code-analysis.build-task-credscan.CredScan@2
-#       displayName: 'CredScan'
-#       inputs:
-#         toolVersion: 'Latest'
-#         suppressionsFile: './scripts/ci/credscan/CredScanSuppressions.json'
-#     - task: ms-codeanalysis.vss-microsoft-security-code-analysis.build-task-postanalysis.PostAnalysis@1
-#       displayName: 'Post Analysis'
-#       inputs:
-#         AllTools: false
-#         BinSkim: false
-#         CredScan: true
-#         RoslynAnalyzers: false
-#         TSLint: false
-#         ToolLogsNotFoundAction: 'Standard'
+- job: CredScan
+  displayName: "Credential Scan"
+  pool:
+    vmImage: "windows-2019"
+  steps:
+  - task: ms-codeanalysis.vss-microsoft-security-code-analysis-devops.build-task-credscan.CredScan@2
+    displayName: 'Run Credential Scanner'
+    inputs:
+      toolMajorVersion: V2
+      suppressionsFile: './scripts/ci/credscan/CredScanSuppressions.json'
+  - task: ms-codeanalysis.vss-microsoft-security-code-analysis-devops.build-task-postanalysis.PostAnalysis@1
+    displayName: 'Post Analysis'
+    inputs:
+      AllTools: false
+      BinSkim: false
+      CredScan: true
+      RoslynAnalyzers: false
+      TSLint: false
+      ToolLogsNotFoundAction: 'Standard'
 
 - job: CheckLicenseHeader
   displayName: "Check License"

scripts/ci/credscan/CredScanSuppressions.json

@@ -37,6 +37,41 @@
     {
       "placeholder": "Ovg+o0K/0/2V8upg7AwlyAPCriEcOSXKuBu2Gv/PU70Y7aWDW3C2ZRmw6kYWqPWBaM1GosLkcSZkgsobAlT+Sw==",
       "_justification": "[ADLS] false alarm on sign value"
+    },
+    {
+      "placeholder": "4CTlhouPm0c3PWuTQ8t6Myh/FYegVUPqXUmdtL2byRytFPlt98L/pw==",
+      "_justification": "verification code in test_eventgrid_commands.py"
+    },
+    {
+      "placeholder": "7jTiaEBVeYjC8X6gPDUhIhAnFRjaxZaGyS3hBbr09bmj3heQNhvrbA==",
+      "_justification": "verification code in test_eventgrid_commands.py"
+    },
+    {
+      "placeholder": "Password123!",
+      "_justification": "dummy password in test_synapse_scenario.py"
+    },
+    {
+      "file": [
+        "src\\timeseriesinsights\\azext_timeseriesinsights\\tests\\latest\\recordings\\test_timeseriesinsights_environment_longterm.yaml",
+        "src\\timeseriesinsights\\azext_timeseriesinsights\\tests\\latest\\recordings\\test_timeseriesinsights_event_source_eventhub.yaml",
+        "src\\timeseriesinsights\\azext_timeseriesinsights\\tests\\latest\\recordings\\test_timeseriesinsights_event_source_iothub.yaml"
+      ],
+      "_justification": "Azure storgae access key"
+    },
+    {
+      "file": [
+        "src\\maintenance\\azext_maintenance\\tests\\latest\\recordings\\test_maintenance_commands.yaml",
+        "src\\maintenance\\azext_maintenance\\tests\\latest\\recordings\\test_maintenance_configuration_create.yaml",
+        "src\\maintenance\\azext_maintenance\\tests\\latest\\recordings\\test_signalr_commands.yaml",
+        "src\\notification-hub\\azext_notification_hub\\tests\\latest\\recordings\\test_notificationhubs.yaml"
+      ],
+      "_justification": "Azure Shared Access Key / Web Hook Token"
+    },
+    {
+      "file": [
+        "src\\eventgrid\\azext_eventgrid\\tests\\latest\\recordings\\test_Partner_scenarios.yaml"
+      ],
+      "_justification": "Found General Symmetric Key"
     }
   ]
-}
+}