Add CodeQL3000 run to aspnetcore-ci-official (#44688) · adamzest/aspnetcore@b35b7ac

Commit

Add CodeQL3000 run to aspnetcore-ci-official (dotnet#44688)

* Add CodeQL3000 run to aspnetcore-ci-official
- add new schedule for a weekly run
- add top-level parameter enabling CodeQL3000 in manual builds
- add `enableSBOM` and `variables` parameters in default-build.yml
- add a separate job w/ CodeQL3000 tasks included in build steps; run this job alone
  - use the new default-build.yml parameters
  - set `$(UseSharedCompilation)` to `false` to ease analysis
- tag CodeQL3000 runs
- add a tsaoptions.json file
  - cribbed values from our eng/sdl-tsa-vars.config file

nit: Unconditionally disable the auto-injected component governance build step
- job.yml inserts the task where we need (unless overridden)

Loading branch information

dougbu authored Oct 24, 2022

1 parent d3259f9 commit b35b7ac

0 comments on commit `b35b7ac`

Please sign in to comment.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit

There are no files selected for viewing

0 comments on commit `b35b7ac`

Commit

There are no files selected for viewing

0 comments on commit b35b7ac

0 comments on commit `b35b7ac`