From d506d6d4ef62b5d286f3f807183f6ca0fe681a1b Mon Sep 17 00:00:00 2001 From: ramsessanchez <63934382+ramsessanchez@users.noreply.github.com> Date: Thu, 14 May 2026 12:33:21 -0700 Subject: [PATCH 1/5] add devops build pipeline to surface security vulenaribilites sooner --- .azurepipelines/build.yml | 49 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 .azurepipelines/build.yml diff --git a/.azurepipelines/build.yml b/.azurepipelines/build.yml new file mode 100644 index 0000000000..1e646e9f1f --- /dev/null +++ b/.azurepipelines/build.yml @@ -0,0 +1,49 @@ +trigger: none +pr: none + +schedules: + - cron: '0 0 * * 1,3' + displayName: Monday and Wednesday builds + branches: + include: + - main + always: true + +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release + +extends: + template: v1/1ES.Unofficial.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + pool: + name: Azure-Pipelines-1ESPT-ExDShared + os: linux + stages: + - stage: Build + jobs: + - job: Build + displayName: Build Go SDK + steps: + - checkout: self + submodules: recursive + + - task: GoTool@0 + displayName: Set up Go + inputs: + version: '1.24' + + - script: go install + displayName: Install dependencies + workingDirectory: $(Build.SourcesDirectory) + + - script: go build ./... + displayName: Build SDK + workingDirectory: $(Build.SourcesDirectory) + + - script: go test ./... + displayName: Run unit tests + workingDirectory: $(Build.SourcesDirectory)/tests From 24c17bddcc6f18c76f123bfc630a00918eefaeef Mon Sep 17 00:00:00 2001 From: ramsessanchez <63934382+ramsessanchez@users.noreply.github.com> Date: Thu, 14 May 2026 15:38:12 -0700 Subject: [PATCH 2/5] chore: update to daily schedule and enable SDL security scanning Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .azurepipelines/build.yml | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/.azurepipelines/build.yml b/.azurepipelines/build.yml index 1e646e9f1f..509f98557c 100644 --- a/.azurepipelines/build.yml +++ b/.azurepipelines/build.yml @@ -2,8 +2,8 @@ trigger: none pr: none schedules: - - cron: '0 0 * * 1,3' - displayName: Monday and Wednesday builds + - cron: '0 0 * * *' + displayName: Daily builds branches: include: - main @@ -22,6 +22,17 @@ extends: pool: name: Azure-Pipelines-1ESPT-ExDShared os: linux + sdl: + sourceAnalysisPool: + name: Azure-Pipelines-1ESPT-ExDShared + image: windows-2022 + os: windows + credscan: + enabled: true + policheck: + enabled: true + binskim: + enabled: true stages: - stage: Build jobs: From 608484b6b770742b843aafaa57c6055f7b0d0357 Mon Sep 17 00:00:00 2001 From: Ramses Sanchez-Hernandez <63934382+ramsessanchez@users.noreply.github.com> Date: Fri, 15 May 2026 14:16:20 -0700 Subject: [PATCH 3/5] Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --- .azurepipelines/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azurepipelines/build.yml b/.azurepipelines/build.yml index 509f98557c..dab53f2c6b 100644 --- a/.azurepipelines/build.yml +++ b/.azurepipelines/build.yml @@ -45,7 +45,7 @@ extends: - task: GoTool@0 displayName: Set up Go inputs: - version: '1.24' + version: '1.25' - script: go install displayName: Install dependencies From 4068e70b8235c1d3624eafb2f0590fe1d7ee1061 Mon Sep 17 00:00:00 2001 From: Ramses Sanchez-Hernandez <63934382+ramsessanchez@users.noreply.github.com> Date: Fri, 15 May 2026 14:16:45 -0700 Subject: [PATCH 4/5] Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --- .azurepipelines/build.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.azurepipelines/build.yml b/.azurepipelines/build.yml index dab53f2c6b..656a097b7a 100644 --- a/.azurepipelines/build.yml +++ b/.azurepipelines/build.yml @@ -47,7 +47,9 @@ extends: inputs: version: '1.25' - - script: go install + - script: | + go mod download + go mod verify displayName: Install dependencies workingDirectory: $(Build.SourcesDirectory) From 33c4a681533698e0a36f975f8b5dba443e67f239 Mon Sep 17 00:00:00 2001 From: Ramses Sanchez-Hernandez <63934382+ramsessanchez@users.noreply.github.com> Date: Fri, 15 May 2026 14:17:27 -0700 Subject: [PATCH 5/5] Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --- .azurepipelines/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azurepipelines/build.yml b/.azurepipelines/build.yml index 656a097b7a..cd4e319962 100644 --- a/.azurepipelines/build.yml +++ b/.azurepipelines/build.yml @@ -59,4 +59,4 @@ extends: - script: go test ./... displayName: Run unit tests - workingDirectory: $(Build.SourcesDirectory)/tests + workingDirectory: $(Build.SourcesDirectory)