Merge pull request #274376 from laragoldstein13/main

Modifying templates to comment out specific configurations

Author: rmca14

articles/defender-for-cloud/azure-devops-extension.yml

@@ -104,17 +104,17 @@ procedureSection:
           steps:
           - task: MicrosoftSecurityDevOps@1
             displayName: 'Microsoft Security DevOps'
-            inputs:    
-            # command: 'run' | 'pre-job' | 'post-job'. Optional. The command to run. Default: run
-            # config: string. Optional. A file path to an MSDO configuration file ('*.gdnconfig').
-            # policy: 'azuredevops' | 'microsoft' | 'none'. Optional. The name of a well-known Microsoft policy. If no configuration file or list of tools is provided, the policy may instruct MSDO which tools to run. Default: azuredevops.
-            # categories: string. Optional. A comma-separated list of analyzer categories to run. Values: 'code', 'artifacts', 'IaC', 'containers'. Example: 'IaC, containers'. Defaults to all.
-            # languages: string. Optional. A comma-separated list of languages to analyze. Example: 'javascript,typescript'. Defaults to all.
-            # tools: string. Optional. A comma-separated list of analyzer tools to run. Values: 'bandit', 'binskim', 'eslint', 'templateanalyzer', 'terrascan', 'trivy'.
-            # break: boolean. Optional. If true, will fail this build step if any error level results are found. Default: false.
-            # publish: boolean. Optional. If true, will publish the output SARIF results file to the chosen pipeline artifact. Default: true.
-            # artifactName: string. Optional. The name of the pipeline artifact to publish the SARIF result file to. Default: CodeAnalysisLogs*.
-          
+            # inputs:    
+              # command: 'run' | 'pre-job' | 'post-job'. Optional. The command to run. Default: run
+              # config: string. Optional. A file path to an MSDO configuration file ('*.gdnconfig').
+              # policy: 'azuredevops' | 'microsoft' | 'none'. Optional. The name of a well-known Microsoft policy. If no configuration file or list of tools is provided, the policy may instruct MSDO which tools to run. Default: azuredevops.
+              # categories: string. Optional. A comma-separated list of analyzer categories to run. Values: 'code', 'artifacts', 'IaC', 'containers'. Example: 'IaC, containers'. Defaults to all.
+              # languages: string. Optional. A comma-separated list of languages to analyze. Example: 'javascript,typescript'. Defaults to all.
+              # tools: string. Optional. A comma-separated list of analyzer tools to run. Values: 'bandit', 'binskim', 'eslint', 'templateanalyzer', 'terrascan', 'trivy'.
+              # break: boolean. Optional. If true, will fail this build step if any error level results are found. Default: false.
+              # publish: boolean. Optional. If true, will publish the output SARIF results file to the chosen pipeline artifact. Default: true.
+              # artifactName: string. Optional. The name of the pipeline artifact to publish the SARIF result file to. Default: CodeAnalysisLogs*.
+            
           ```
 
         > [!NOTE]  

articles/defender-for-cloud/github-action.md

@@ -86,7 +86,7 @@ Microsoft Security DevOps uses the following Open Source tools:
         - name: Run Microsoft Security DevOps Analysis
           uses: microsoft/security-devops-action@latest
           id: msdo
-          with:
+        # with:
           # config: string. Optional. A file path to an MSDO configuration file ('*.gdnconfig').
           # policy: 'GitHub' | 'microsoft' | 'none'. Optional. The name of a well-known Microsoft policy. If no configuration file or list of tools is provided, the policy may instruct MSDO which tools to run. Default: GitHub.
           # categories: string. Optional. A comma-separated list of analyzer categories to run. Values: 'code', 'artifacts', 'IaC', 'containers'. Example: 'IaC, containers'. Defaults to all.