Add some internal CI checks

Redth · web-flow · commit a1ccd2e7eb01 · 2019-03-11T21:06:43.000-04:00
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
@@ -47,6 +47,21 @@ jobs:
         inputs:
           pathToPublish: '$(Build.SourcesDirectory)/output'
           artifactName: 'windows_output'
+      # Run some internal auditing
+      - ${{ if eq(variables['System.TeamProject'], 'devdiv') }}:
+        - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
+          condition: not(startsWith(variables['Build.SourceBranch'], 'refs/tags/'))
+          displayName: Component Detection - Log
+          inputs:
+            scanType: LogOnly
+        - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
+          condition: startsWith(variables['Build.SourceBranch'], 'refs/tags/')
+          displayName: Component Detection - Report
+        - task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@1
+          condition: eq(variables['System.TeamProject'], 'devdiv')
+          displayName: 'PoliCheck'
+          inputs:
+            targetType: F
 
   # only sign the packages when running on Windows, and using the private server which has the certificates
   - ${{ if eq(variables['System.TeamProject'], 'devdiv') }}:
