Onboard repo to Secure Development Tools Azure DevOps

sdl-compliance-pipeline.yml

@@ -0,0 +1,49 @@
+trigger:
+  batch: 'true'
+  branches:
+    include:
+    - main
+  paths:
+    exclude:
+    - '*README.md'
+    - 'docs/*'
+
+pool:
+  vmImage: 'windows-2022'
+
+variables:
+  LGTM.UploadSnapshot: true
+  solution: '**/*.sln'
+  msbuildPath: '"%ProgramFiles(x86)%\Microsoft Visual Studio\2022\Enterprise\MSBuild\Current\Bin\MSBuild.exe"'
+  BuildPlatform: x64
+  BuildConfiguration: Release
+
+jobs:
+  - job: SDLCompliance
+    displayName: 'Running SDL Compliance Policy checks'
+    continueOnError: true
+    steps:
+    - task: Semmle@1
+      displayName: 'Run CodeQL (Semmle)'
+      env:
+        SYSTEM_ACCESSTOKEN: $(System.AccessToken)
+      inputs:
+        sourceCodeDirectory: '$(Build.SourcesDirectory)\LogMonitor'
+        language: 'cpp'
+        buildCommands: '$(msbuildPath) $(BUILD.SourcesDirectory)\$(solution) /t:clean #
+                        $(msbuildPath) $(BUILD.SourcesDirectory)\$(solution) /p:platform=$(BuildPlatform) /p:configuration=$(BuildConfiguration)'
+        querySuite: 'Recommended'
+        timeout: '1800'
+        ram: '8192'
+        addProjectDirToScanningExclusionList: true
+
+    - task: PublishSecurityAnalysisLogs@3
+      displayName: 'Publish Security Analysis Logs'
+      continueOnError: true
+      inputs:
+        ArtifactName: 'CodeAnalysisLogs'
+        ArtifactType: 'Container'
+        PublishProcessedResults: false
+        AllTools: false
+        Semmle: true
+        ToolLogsNotFoundAction: 'Standard'