Skip to content

Commit a1c5111

Browse files
pjcollinspjcollins
authored
[ci] Migrate to the 1ES template (#8747)
Context: https://aka.ms/1espt The build pipeline has been updated to extend the 1ES pipeline template, which will keep the pipeline up to date with the latest compliance and security requirements. Most compliance tasks and scans will now run automatically as part of artifact upload steps. API Scan and policheck scans against multiple languages are not supported and will continue to run separately.
1 parent 5205a5f commit a1c5111

35 files changed

+1104
-1487
lines changed

.gdn/.gdnsettings

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
{
2+
"files": { },
3+
"folders": { },
4+
"overwriteLogs": true,
5+
"telemetryFlushTimeout": 10,
6+
"variables": { }
7+
}

.gdn/.gdnsuppress

Lines changed: 62 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,62 @@
1+
{
2+
"hydrated": false,
3+
"properties": {
4+
"helpUri": "https://eng.ms/docs/microsoft-security/security/azure-security/cloudai-security-fundamentals-engineering/security-integration/guardian-wiki/microsoft-guardian/general/suppressions",
5+
"hydrationStatus": "This file does not contain identifying data. It is safe to check into your repo. To hydrate this file with identifying data, run `guardian hydrate --help` and follow the guidance."
6+
},
7+
"version": "1.0.0",
8+
"suppressionSets": {
9+
"default": {
10+
"name": "default",
11+
"createdDate": "2024-02-21 20:58:02Z",
12+
"lastUpdatedDate": "2024-02-22 21:40:38Z"
13+
}
14+
},
15+
"results": {
16+
"28e1a7a1157c8739dce8ac1bbd828a471e477444ec50d2656d0440948b58a274": {
17+
"signature": "28e1a7a1157c8739dce8ac1bbd828a471e477444ec50d2656d0440948b58a274",
18+
"alternativeSignatures": [],
19+
"memberOf": [
20+
"default"
21+
],
22+
"justification": "FillEventHistory+Event API documentation with generic example password.",
23+
"createdDate": "2024-02-21 20:58:02Z"
24+
},
25+
"0b7cc0b28f27b0eeb2a415f10e62c32675dd2d4edcffe35600eae35f8064004e": {
26+
"signature": "0b7cc0b28f27b0eeb2a415f10e62c32675dd2d4edcffe35600eae35f8064004e",
27+
"alternativeSignatures": [],
28+
"memberOf": [
29+
"default"
30+
],
31+
"justification": "Android.Service.Autofill.FillEventHistory+Event API documentation with generic example password.",
32+
"createdDate": "2024-02-21 20:58:02Z"
33+
},
34+
"e57727a14a28f6fd8f4aa87cd3c4b33401dfea1078ce32fb3cbdf342e8adf63d": {
35+
"signature": "e57727a14a28f6fd8f4aa87cd3c4b33401dfea1078ce32fb3cbdf342e8adf63d",
36+
"alternativeSignatures": [],
37+
"memberOf": [
38+
"default"
39+
],
40+
"justification": "Javax.Crypto.ISecretKey API documentation with generic example password.",
41+
"createdDate": "2024-02-21 20:58:02Z"
42+
},
43+
"15c51590a2e2bb503a7277448e05357f5fd8d4cb2f9b9b7446e41c872cceaac4": {
44+
"signature": "15c51590a2e2bb503a7277448e05357f5fd8d4cb2f9b9b7446e41c872cceaac4",
45+
"alternativeSignatures": [],
46+
"memberOf": [
47+
"default"
48+
],
49+
"justification": "Javax.Security.Auth.Callback.PasswordCallback API documentation with generic example password.",
50+
"createdDate": "2024-02-21 20:58:02Z"
51+
},
52+
"1ccf925aa704efd1035bac38e94d2e629fb5b0d1784d5473e4a52e6d13db16ee": {
53+
"signature": "1ccf925aa704efd1035bac38e94d2e629fb5b0d1784d5473e4a52e6d13db16ee",
54+
"alternativeSignatures": [],
55+
"memberOf": [
56+
"default"
57+
],
58+
"justification": "Dummy test.keystore file used for testing.",
59+
"createdDate": "2024-02-21 20:58:02Z"
60+
}
61+
}
62+
}

.gdn/.gitignore

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
## Ignore Guardian internal files
2+
.r/
3+
rc/
4+
rs/
5+
i/
6+
p/
7+
c/
8+
o/
9+
10+
## Ignore Guardian Local settings
11+
LocalSettings.gdn.json

.gdn/policheck/CHT.gdnsuppress

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
{
2+
"hydrated": false,
3+
"properties": {
4+
"helpUri": "https://eng.ms/docs/microsoft-security/security/azure-security/cloudai-security-fundamentals-engineering/security-integration/guardian-wiki/microsoft-guardian/general/suppressions",
5+
"hydrationStatus": "This file does not contain identifying data. It is safe to check into your repo. To hydrate this file with identifying data, run `guardian hydrate --help` and follow the guidance."
6+
},
7+
"version": "1.0.0",
8+
"suppressionSets": {
9+
"default": {
10+
"name": "default",
11+
"createdDate": "2023-02-24 00:05:39Z",
12+
"lastUpdatedDate": "2024-02-22 21:40:38Z"
13+
}
14+
},
15+
"results": {
16+
"04910d714a13bf4523ffa77350f654f52114fa4fa3d760c9f63186d41716c019": {
17+
"signature": "04910d714a13bf4523ffa77350f654f52114fa4fa3d760c9f63186d41716c019",
18+
"alternativeSignatures": [],
19+
"memberOf": [
20+
"default"
21+
],
22+
"justification": "Reference to the Android package format APK.",
23+
"createdDate": "2023-02-24 00:05:39Z"
24+
}
25+
}
26+
}

build-tools/automation/guardian/PoliCheck.Exclusions.xml renamed to .gdn/policheck/PoliCheck.Exclusions.xml

File renamed without changes.

.gdn/policheck/source.gdnsuppress

Lines changed: 171 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,171 @@
1+
{
2+
"hydrated": false,
3+
"properties": {
4+
"helpUri": "https://eng.ms/docs/microsoft-security/security/azure-security/cloudai-security-fundamentals-engineering/security-integration/guardian-wiki/microsoft-guardian/general/suppressions",
5+
"hydrationStatus": "This file does not contain identifying data. It is safe to check into your repo. To hydrate this file with identifying data, run `guardian hydrate --help` and follow the guidance."
6+
},
7+
"version": "1.0.0",
8+
"suppressionSets": {
9+
"default": {
10+
"name": "default",
11+
"createdDate": "2023-02-22 23:55:29Z",
12+
"lastUpdatedDate": "2024-02-22 21:40:38Z"
13+
}
14+
},
15+
"results": {
16+
"6789cab1bdc97b0cc3ad057b7fdd21d63cdf8bc2679391923803fa240ef81292": {
17+
"signature": "6789cab1bdc97b0cc3ad057b7fdd21d63cdf8bc2679391923803fa240ef81292",
18+
"alternativeSignatures": [
19+
"b5041e3ec6776af49d6d69148e4db480f366b559299d19ec8ea3e095295b39a8"
20+
],
21+
"memberOf": [
22+
"default"
23+
],
24+
"justification": "Reference to an ISCII term.",
25+
"createdDate": "2023-02-22 23:55:29Z"
26+
},
27+
"bbaf5f946cb72748567e41f0df5f1bae05550f4ba7381e21ec6b26d6c3ecec9f": {
28+
"signature": "bbaf5f946cb72748567e41f0df5f1bae05550f4ba7381e21ec6b26d6c3ecec9f",
29+
"alternativeSignatures": [
30+
"739cb5e6ee2409515900652ca668f819f697f23834becece8d2f9f9236723c1b"
31+
],
32+
"memberOf": [
33+
"default"
34+
],
35+
"justification": "Reference to an ISCII term.",
36+
"createdDate": "2023-02-22 23:55:29Z"
37+
},
38+
"db8916a0f0cdca4082c540921dd362e09a9ff413862ab826308411b76ee35789": {
39+
"signature": "db8916a0f0cdca4082c540921dd362e09a9ff413862ab826308411b76ee35789",
40+
"alternativeSignatures": [
41+
"a755747462567003e5aa2b7bf01aa72af5143714e427ad043747b1fb54b1c440"
42+
],
43+
"memberOf": [
44+
"default"
45+
],
46+
"justification": "Reference to an Android logging function.",
47+
"createdDate": "2023-02-22 23:55:29Z"
48+
},
49+
"6d1fb3a483eb491710d6a09ed0b4bab47f13942d0c6fc744e6683614a66604ab": {
50+
"signature": "6d1fb3a483eb491710d6a09ed0b4bab47f13942d0c6fc744e6683614a66604ab",
51+
"alternativeSignatures": [
52+
"a755747462567003e5aa2b7bf01aa72af5143714e427ad043747b1fb54b1c440"
53+
],
54+
"memberOf": [
55+
"default"
56+
],
57+
"justification": "Reference to an Android logging function.",
58+
"createdDate": "2023-02-22 23:55:29Z"
59+
},
60+
"b07e75fc8a506b94690dbd06877da06c1228e40e7deda3967f6b882b842f726d": {
61+
"signature": "b07e75fc8a506b94690dbd06877da06c1228e40e7deda3967f6b882b842f726d",
62+
"alternativeSignatures": [
63+
"a755747462567003e5aa2b7bf01aa72af5143714e427ad043747b1fb54b1c440"
64+
],
65+
"memberOf": [
66+
"default"
67+
],
68+
"justification": "Reference to an Android logging function.",
69+
"createdDate": "2023-02-22 23:55:29Z"
70+
},
71+
"87d8313310c2dd42021844b95bdcb9121bf10036fea5b212b945e0732a456e5a": {
72+
"signature": "87d8313310c2dd42021844b95bdcb9121bf10036fea5b212b945e0732a456e5a",
73+
"alternativeSignatures": [
74+
"a755747462567003e5aa2b7bf01aa72af5143714e427ad043747b1fb54b1c440"
75+
],
76+
"memberOf": [
77+
"default"
78+
],
79+
"justification": "Reference to an Android logging function.",
80+
"createdDate": "2023-02-22 23:55:29Z"
81+
},
82+
"8e5400e0233c8d887ad48bd8a48e8a7be5a579f9eefad521419b6df0828bbfac": {
83+
"signature": "8e5400e0233c8d887ad48bd8a48e8a7be5a579f9eefad521419b6df0828bbfac",
84+
"alternativeSignatures": [
85+
"a755747462567003e5aa2b7bf01aa72af5143714e427ad043747b1fb54b1c440"
86+
],
87+
"memberOf": [
88+
"default"
89+
],
90+
"justification": "Reference to an Android logging function.",
91+
"createdDate": "2023-02-22 23:55:29Z"
92+
},
93+
"1b38e026fae90da4ae2fe9151c9c1ebd73c8b3c2c5f072ceae390a3ceec2fb97": {
94+
"signature": "1b38e026fae90da4ae2fe9151c9c1ebd73c8b3c2c5f072ceae390a3ceec2fb97",
95+
"alternativeSignatures": [
96+
"a755747462567003e5aa2b7bf01aa72af5143714e427ad043747b1fb54b1c440"
97+
],
98+
"memberOf": [
99+
"default"
100+
],
101+
"justification": "Reference to an Android logging function.",
102+
"createdDate": "2023-02-22 23:55:29Z"
103+
},
104+
"a2b4d032c59a9d1211d218c3cd550cf8febb369941d70284d07d03ebee855bc0": {
105+
"signature": "a2b4d032c59a9d1211d218c3cd550cf8febb369941d70284d07d03ebee855bc0",
106+
"alternativeSignatures": [
107+
"9feaec8a73b72e0d212c0e18d863e4fe16ff010c5d33cf8d47d8b0f465cc4c5e"
108+
],
109+
"memberOf": [
110+
"default"
111+
],
112+
"justification": "Reference to find first set bit function.",
113+
"createdDate": "2023-02-22 23:55:29Z"
114+
},
115+
"1c87b45a6044d205dc3f3562f349c238f7cabe22b4609da762df9dc44151e9fb": {
116+
"signature": "1c87b45a6044d205dc3f3562f349c238f7cabe22b4609da762df9dc44151e9fb",
117+
"alternativeSignatures": [
118+
"9feaec8a73b72e0d212c0e18d863e4fe16ff010c5d33cf8d47d8b0f465cc4c5e"
119+
],
120+
"memberOf": [
121+
"default"
122+
],
123+
"justification": "Reference to find first set bit function.",
124+
"createdDate": "2023-02-22 23:55:29Z"
125+
},
126+
"a6639098c4785509a4215c9e2fc10f82c06fce461915dc11a00227ddec558845": {
127+
"signature": "a6639098c4785509a4215c9e2fc10f82c06fce461915dc11a00227ddec558845",
128+
"alternativeSignatures": [
129+
"9feaec8a73b72e0d212c0e18d863e4fe16ff010c5d33cf8d47d8b0f465cc4c5e"
130+
],
131+
"memberOf": [
132+
"default"
133+
],
134+
"justification": "Reference to find first set bit function.",
135+
"createdDate": "2023-02-22 23:55:29Z"
136+
},
137+
"f94ede7b396cb54934db2084f0879cd31a17ce2584eb01e0bfcd35324a724c31": {
138+
"signature": "f94ede7b396cb54934db2084f0879cd31a17ce2584eb01e0bfcd35324a724c31",
139+
"alternativeSignatures": [
140+
"9feaec8a73b72e0d212c0e18d863e4fe16ff010c5d33cf8d47d8b0f465cc4c5e"
141+
],
142+
"memberOf": [
143+
"default"
144+
],
145+
"justification": "Reference to find first set bit function.",
146+
"createdDate": "2024-02-22 21:40:38Z"
147+
},
148+
"b34b42aa41018376a31460c142f2ae910704725d9e9a4470f92b587df682369b": {
149+
"signature": "b34b42aa41018376a31460c142f2ae910704725d9e9a4470f92b587df682369b",
150+
"alternativeSignatures": [
151+
"3901d031f3ac168bb1a84d06bb234355af514c59a0ed9da325b11a8861ff0b05"
152+
],
153+
"memberOf": [
154+
"default"
155+
],
156+
"justification": "Reference to output from an external tool.",
157+
"createdDate": "2023-02-22 23:55:29Z"
158+
},
159+
"243e199c7aec22377e0363bdca82384278cc36b0674f35697935fde6c45cfd0e": {
160+
"signature": "243e199c7aec22377e0363bdca82384278cc36b0674f35697935fde6c45cfd0e",
161+
"alternativeSignatures": [
162+
"cf02f44873b25336e01a1fa294bd858d2ea69ae734f08c6db40d4b83d17ccf76"
163+
],
164+
"memberOf": [
165+
"default"
166+
],
167+
"justification": "Reference to a proper name.",
168+
"createdDate": "2023-10-26 21:20:54Z"
169+
}
170+
}
171+
}

build-tools/automation/guardian/tsaoptions-v2.json renamed to .gdn/tsaoptions-v2.json

File renamed without changes.

0 commit comments

Comments
 (0)