forked from Azure/PyRIT
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcomponent-governance.yml
More file actions
33 lines (24 loc) · 880 Bytes
/
component-governance.yml
File metadata and controls
33 lines (24 loc) · 880 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# Run Component Governance to register all dependencies.
trigger:
- main
# There are additional PR triggers for this that are configurable in ADO.
pool:
vmImage: "ubuntu-latest"
steps:
# Component Governance does not support pyproject.toml yet.
# For that reason, use toml-to-requirements to export the
# dependencies into a requirements.txt file.
- script: pip install --upgrade setuptools pip
name: UpgradePip
- script: pip install toml-to-requirements
- script: toml-to-req --toml-file pyproject.toml
- task: ComponentGovernanceComponentDetection@0
env:
PIP_INDEX_URL: https://pypi.python.org/simple
- task: notice@0
displayName: Generate NOTICE file
inputs:
outputfile: $(System.DefaultWorkingDirectory)/obj/NOTICE
outputformat: text
- publish: $(System.DefaultWorkingDirectory)/obj/NOTICE
artifact: NOTICE