Add SDL pipeline (#170)

* Add SDL pipeline

* YAML fix

Author: walbourn

build/DirectXMath-SDL.yml

@@ -0,0 +1,85 @@
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+#
+# http://go.microsoft.com/fwlink/?LinkID=615560
+
+# Runs various SDL recommended tools on the code.
+
+schedules:
+- cron: "0 3 * * 0,3,5"
+  displayName: 'Three times a week'
+  branches:
+    include:
+    - main
+
+trigger: none
+pr: none
+
+resources:
+  repositories:
+  - repository: self
+    type: git
+    ref: refs/heads/main
+
+name: $(Year:yyyy).$(Month).$(DayOfMonth)$(Rev:.r)
+
+variables:
+  VS_GENERATOR: 'Visual Studio 17 2022'
+  GITHUB_PAT: $(GITHUBPUBLICTOKEN)
+
+pool:
+  vmImage: windows-2022
+
+jobs:
+- job: SDL_BUILD
+  displayName: 'Build using required SDL tools'
+  workspace:
+    clean: all
+  steps:
+  - checkout: self
+    clean: true
+    fetchTags: false
+  - task: NodeTool@0
+    displayName: 'NPM install'
+    inputs:
+      versionSpec: 14.x
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@3
+    displayName: 'Run Credential Scanner'
+    inputs:
+      debugMode: false
+      folderSuppression: false
+  - task: PoliCheck@2
+    displayName: 'Run PoliCheck'
+    inputs:
+      result: PoliCheck.xml
+  - task: CmdLine@2
+    displayName: Fetch Tests
+    inputs:
+      script: git clone --quiet https://%GITHUB_PAT%@github.com/walbourn/directxmathtest.git Tests
+  - task: Armory@2
+    displayName: Run ARMory
+  - task: CMake@1
+    displayName: 'CMake (MSVC): Config x64'
+    inputs:
+      cwd: '$(Build.SourcesDirectory)/Tests/headertest'
+      cmakeArgs: '-G "$(VS_GENERATOR)" -A x64 -B out'
+  - task: Semmle@1
+    displayName: 'Run CodeQL (Semmle) (C++)'
+    env:
+      SYSTEM_ACCESSTOKEN: $(System.AccessToken)
+    inputs:
+      sourceCodeDirectory: '$(Build.SourcesDirectory)'
+      language: 'cpp'
+      querySuite: 'Recommended'
+      timeout: '1800'
+      ram: '16384'
+      addProjectDirToScanningExclusionList: true
+      buildCommandsString: '"%ProgramFiles%\Microsoft Visual Studio\2022\Enterprise\Common7\Tools\VsMSBuildCmd.bat" && msbuild $(Build.SourcesDirectory)/Tests/headertest/out/headertest.sln /p:Configuration=Release'
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@2
+    displayName: 'Post Analysis'
+    inputs:
+      GdnBreakAllTools: true
+      GdnBreakPolicy: 'Microsoft'
+      GdnBreakPolicyMinSev: 'Error'
+  - task: ComponentGovernanceComponentDetection@0
+    displayName: Component Detection