From 3377e7b53ece8d6997f4d4590813fd4bdcd7d0e2 Mon Sep 17 00:00:00 2001
From: ZelinWang <zelinwang@microsoft.com>
Date: Wed, 23 Nov 2022 16:32:39 +0800
Subject: [PATCH] {CI} Add policy check to Security Tools (#5552)

---
 azure-pipelines.yml | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/azure-pipelines.yml b/azure-pipelines.yml
index 51b8921f631..19998317e35 100644
--- a/azure-pipelines.yml
+++ b/azure-pipelines.yml
@@ -34,6 +34,23 @@ jobs:
       TSLint: false
       ToolLogsNotFoundAction: 'Standard'
 
+- job: PolicyCheck
+  displayName: "Policy Check"
+  pool:
+    name: 'pool-windows-2019'
+  steps:
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@2
+    displayName: 'Run Policy Check'
+    inputs:
+      targetType: F
+      result: PoliCheckResult.xml
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@2
+    displayName: 'Post Analysis'
+    inputs:
+      GdnBreakAllTools: false
+      GdnBreakGdnToolPoliCheck: true
+      GdnBreakGdnToolPoliCheckSeverity: Error
+
 - job: CheckLicenseHeader
   displayName: "Check License"
   pool: